Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/NKUfkSy86Z8bDN1ySqhTIrxXcKE.roa
File:                     NKUfkSy86Z8bDN1ySqhTIrxXcKE.roa (raw, json)
Hash identifier:          fPc7EEtgcEX6HxrhpIdfaK9RslmDfu5QT/pahgAbb30=
Subject key identifier:   34:A5:1F:91:2C:BC:E9:9F:1B:0C:DD:72:4A:A8:53:22:BC:57:70:A1
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       0189DE8B9FD27B6A7654B80EBFDC21CD2205
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/NKUfkSy86Z8bDN1ySqhTIrxXcKE.roa
Signing time:             Thu 10 Aug 2023 08:23:59 +0000
ROA not before:           Thu 10 Aug 2023 08:23:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49316
IP address blocks:        45.128.235.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 05 Sep 2023 16:32:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:de:8b:9f:d2:7b:6a:76:54:b8:0e:bf:dc:21:cd:22:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Aug 10 08:23:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=34a51f912cbce99f1b0cdd724aa85322bc5770a1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:1a:f6:d5:25:a5:ed:85:2a:ce:e8:b9:ca:44:
                    4e:b8:cf:cd:5b:bc:44:58:f1:78:85:6d:26:2d:e9:
                    f3:54:91:86:ee:8d:91:71:35:62:40:f1:a9:d1:bd:
                    d6:55:dd:c2:25:62:2c:59:59:b9:11:d2:d5:d0:80:
                    ec:1e:9b:6b:fc:98:52:76:13:2e:55:64:d5:b3:5b:
                    74:c9:b3:d6:02:2c:fc:fa:40:a5:fc:97:0c:35:87:
                    45:ce:6d:81:23:cc:52:c0:c4:e9:de:7d:21:70:2b:
                    a5:9a:41:d2:0a:46:cf:ac:d3:d9:b8:7c:a9:f5:5a:
                    93:c1:cf:b4:cc:11:4c:9c:c9:7c:f9:34:07:34:2d:
                    e5:a5:d1:a2:73:f0:72:c6:6b:a1:2e:c4:6f:46:15:
                    e0:e2:75:a3:30:2d:18:f9:ba:4d:85:c3:aa:cd:1a:
                    51:ef:12:38:c5:5c:b9:c6:5e:a4:65:7a:bf:63:c0:
                    39:52:cb:2c:94:84:63:1b:0a:57:bd:6d:ba:53:ed:
                    bf:86:9c:9b:6e:e7:be:1e:fc:6e:41:5e:97:80:ae:
                    2b:e0:2a:68:e8:d7:30:3c:fb:06:ca:30:ce:e2:cc:
                    4e:5a:cb:ae:aa:ee:1a:bc:14:8c:72:7a:ef:d4:8f:
                    3e:19:4a:36:25:c2:36:ab:6f:1c:31:19:cc:b0:92:
                    26:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:A5:1F:91:2C:BC:E9:9F:1B:0C:DD:72:4A:A8:53:22:BC:57:70:A1
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/NKUfkSy86Z8bDN1ySqhTIrxXcKE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.128.235.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5f:b9:05:76:5f:98:84:60:cd:6d:ab:d4:c8:3d:fa:0c:c6:2f:
         de:1d:f2:dc:60:d3:af:76:b8:b7:5a:57:0f:6f:5c:c2:67:7c:
         2c:4c:8b:bf:05:a5:66:78:8e:0c:69:31:39:7a:41:fb:1b:05:
         b1:55:ff:a7:9f:78:b0:4b:0c:1f:19:fc:ce:86:18:01:7a:83:
         b8:0e:48:52:79:67:07:31:09:62:9e:0d:dd:5e:00:29:5e:2f:
         6d:9c:18:72:32:49:23:63:08:28:4c:ed:e3:14:18:6c:08:97:
         4b:34:c5:a0:79:df:9b:a6:34:b5:f2:3f:d9:37:8b:f1:9d:ae:
         8f:f4:8b:61:3e:bc:c1:85:e7:d4:16:b8:b5:4e:05:df:7f:e3:
         b0:b1:83:32:27:e6:4a:09:5f:7a:50:61:be:88:89:c2:84:e9:
         20:0e:c6:4f:f5:7c:3b:9b:5a:98:1f:30:d2:4d:13:3c:a4:cd:
         f3:0f:40:ec:63:92:57:a3:4b:97:c4:bb:3b:3a:72:12:cf:87:
         b1:cc:9d:e6:83:db:89:2b:b5:2b:3d:22:b7:70:98:22:35:cc:
         2a:90:27:d3:44:05:be:d4:03:f1:51:a9:1f:21:af:27:6f:90:
         7b:a7:45:b0:34:cd:18:82:67:46:a9:69:29:00:5e:7a:31:03:
         8c:08:6c:62
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYnei5/Se2p2VLgOv9whzSIFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwODEwMDgyMzU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGE1MWY5MTJjYmNlOTlmMWIwY2RkNzI0YWE4NTMyMmJjNTc3MGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoBr21SWl7YUqzui5ykROuM/NW7xE
WPF4hW0mLenzVJGG7o2RcTViQPGp0b3WVd3CJWIsWVm5EdLV0IDsHptr/JhSdhMu
VWTVs1t0ybPWAiz8+kCl/JcMNYdFzm2BI8xSwMTp3n0hcCulmkHSCkbPrNPZuHyp
9VqTwc+0zBFMnMl8+TQHNC3lpdGic/ByxmuhLsRvRhXg4nWjMC0Y+bpNhcOqzRpR
7xI4xVy5xl6kZXq/Y8A5UssslIRjGwpXvW26U+2/hpybbue+HvxuQV6XgK4r4Cpo
6NcwPPsGyjDO4sxOWsuuqu4avBSMcnrv1I8+GUo2JcI2q28cMRnMsJImgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDSlH5EsvOmfGwzdckqoUyK8V3ChMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvTktVZmtTeTg2WjhiRE4xeVNxaFRJcnhYY0tFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYDrMA0G
CSqGSIb3DQEBCwUAA4IBAQBfuQV2X5iEYM1tq9TIPfoMxi/eHfLcYNOvdri3WlcP
b1zCZ3wsTIu/BaVmeI4MaTE5ekH7GwWxVf+nn3iwSwwfGfzOhhgBeoO4DkhSeWcH
MQling3dXgApXi9tnBhyMkkjYwgoTO3jFBhsCJdLNMWged+bpjS18j/ZN4vxna6P
9IthPrzBhefUFri1TgXff+OwsYMyJ+ZKCV96UGG+iInChOkgDsZP9Xw7m1qYHzDS
TRM8pM3zD0DsY5JXo0uXxLs7OnISz4exzJ3mg9uJK7UrPSK3cJgiNcwqkCfTRAW+
1APxUakfIa8nb5B7p0WwNM0YgmdGqWkpAF56MQOMCGxi
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:05 2024 by rpki-client on console-fra.rpki-client.org