Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/rNNJZ4E_TGg8nvqC8-QuW3EzMhA.roa
File:                     rNNJZ4E_TGg8nvqC8-QuW3EzMhA.roa (raw, json)
Hash identifier:          5LVPWNMBcEttgMFJsl9LuERxEMjanRbAOvB2/d6ZW2I=
Subject key identifier:   AC:D3:49:67:81:3F:4C:68:3C:9E:FA:82:F3:E4:2E:5B:71:33:32:10
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       01856F66EAFA503E521878F081598AF645C4
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/rNNJZ4E_TGg8nvqC8-QuW3EzMhA.roa
Signing time:             Sun 01 Jan 2023 22:14:53 +0000
ROA not before:           Sun 01 Jan 2023 22:14:53 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     14618
IP address blocks:        212.192.221.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 07 Nov 2023 15:29:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:66:ea:fa:50:3e:52:18:78:f0:81:59:8a:f6:45:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Jan  1 22:14:53 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=acd34967813f4c683c9efa82f3e42e5b71333210
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:a2:86:1d:40:84:4c:67:5e:d7:31:a0:6e:86:
                    6f:1e:67:05:5b:cb:be:6f:b2:a9:00:ba:f3:c7:09:
                    e1:ac:95:e9:9a:27:01:fe:6e:a0:ef:a8:f2:8e:1f:
                    ed:97:1f:20:ac:65:1b:62:dd:50:79:7e:57:7b:e2:
                    ed:40:ca:82:32:d8:61:d7:63:d1:f6:47:06:33:cb:
                    d8:3e:1a:3d:32:c7:06:b0:b3:8d:a2:10:eb:8c:f3:
                    a2:af:78:52:cb:7b:3c:f3:56:aa:56:ee:7e:87:77:
                    0c:23:14:9b:85:0d:ef:24:b0:77:68:89:9e:40:43:
                    bc:5a:c1:41:19:51:72:19:1e:66:a4:8a:9e:38:c1:
                    43:2a:5b:2c:9d:02:66:da:8a:a3:6a:08:50:05:1e:
                    95:8f:73:1b:42:b9:f6:8a:c4:ee:89:b9:6d:c0:25:
                    28:87:24:96:82:fe:cd:67:77:8c:31:d4:14:6d:82:
                    fa:51:26:61:48:01:5b:4d:ff:32:d1:6f:44:43:00:
                    0a:ec:56:e7:db:ff:c7:33:f4:9e:a8:70:40:90:f3:
                    b4:99:29:e4:6d:46:52:db:aa:52:df:15:31:c7:0b:
                    a9:7d:a7:15:65:8b:54:c8:67:1e:29:84:f5:71:ab:
                    ce:a8:23:90:f7:02:8c:65:81:80:9a:35:d6:ec:3f:
                    f2:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:D3:49:67:81:3F:4C:68:3C:9E:FA:82:F3:E4:2E:5B:71:33:32:10
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/rNNJZ4E_TGg8nvqC8-QuW3EzMhA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.192.221.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4a:7c:ee:91:3c:7f:f8:9a:ce:d3:32:da:9a:db:b9:10:a7:1f:
         a7:f1:d9:df:74:80:b5:99:b9:10:ce:59:7a:4a:8b:82:a5:8f:
         1f:6a:38:bb:91:1d:9f:44:88:9b:7c:ae:44:1c:da:c8:48:3e:
         f8:ba:84:82:38:82:fe:4b:b9:93:f8:41:8a:27:5c:68:30:b7:
         3f:ba:01:87:3c:cf:b6:af:30:5e:94:14:3d:69:4f:fc:88:48:
         a7:6f:8a:e8:4b:fd:9b:3b:20:b3:c8:c2:98:b5:20:c2:ec:4a:
         43:d5:8e:17:b2:8c:51:aa:62:c6:b1:96:79:13:63:32:be:af:
         7c:08:64:49:62:fc:d8:30:6f:04:c0:a3:c2:90:78:80:a0:0f:
         69:b1:48:d0:d3:04:f5:5d:ae:8a:e1:ae:40:de:d9:a0:27:36:
         bd:75:d6:3f:79:e0:a8:9c:a5:fc:d1:1a:c0:30:df:f7:1c:08:
         3f:9a:cf:65:6d:6a:f6:b7:d4:ce:f7:83:00:17:fb:72:31:8d:
         d7:6c:b7:b1:b9:8f:02:6a:94:88:4b:72:94:98:60:c0:fe:64:
         df:34:34:68:7f:4a:3b:85:b3:c4:a7:ec:f6:25:10:90:af:ab:
         43:96:40:61:6a:87:ac:54:c8:8f:98:65:29:e3:b8:c1:d9:1d:
         a9:d9:3d:1e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvZur6UD5SGHjwgVmK9kXEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTAxMjIxNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2QzNDk2NzgxM2Y0YzY4M2M5ZWZhODJmM2U0MmU1YjcxMzMzMjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAraKGHUCETGde1zGgboZvHmcFW8u+
b7KpALrzxwnhrJXpmicB/m6g76jyjh/tlx8grGUbYt1QeX5Xe+LtQMqCMthh12PR
9kcGM8vYPho9MscGsLONohDrjPOir3hSy3s881aqVu5+h3cMIxSbhQ3vJLB3aIme
QEO8WsFBGVFyGR5mpIqeOMFDKlssnQJm2oqjaghQBR6Vj3MbQrn2isTuibltwCUo
hySWgv7NZ3eMMdQUbYL6USZhSAFbTf8y0W9EQwAK7Fbn2//HM/SeqHBAkPO0mSnk
bUZS26pS3xUxxwupfacVZYtUyGceKYT1cavOqCOQ9wKMZYGAmjXW7D/yyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKzTSWeBP0xoPJ76gvPkLltxMzIQMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvck5OSlo0RV9UR2c4bnZxQzgtUXVXM0V6TWhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1MDdMA0G
CSqGSIb3DQEBCwUAA4IBAQBKfO6RPH/4ms7TMtqa27kQpx+n8dnfdIC1mbkQzll6
SouCpY8faji7kR2fRIibfK5EHNrISD74uoSCOIL+S7mT+EGKJ1xoMLc/ugGHPM+2
rzBelBQ9aU/8iEinb4roS/2bOyCzyMKYtSDC7EpD1Y4XsoxRqmLGsZZ5E2Myvq98
CGRJYvzYMG8EwKPCkHiAoA9psUjQ0wT1Xa6K4a5A3tmgJza9ddY/eeConKX80RrA
MN/3HAg/ms9lbWr2t9TO94MAF/tyMY3XbLexuY8CapSIS3KUmGDA/mTfNDRof0o7
hbPEp+z2JRCQr6tDlkBhaoesVMiPmGUp47jB2R2p2T0e
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:47 2024 by rpki-client on console-ams.rpki-client.org