Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Nnwz-kVRxGt-QddXQ2fneVyvFvw.roa
File:                     Nnwz-kVRxGt-QddXQ2fneVyvFvw.roa (raw, json)
Hash identifier:          ENNzOa7+DAPBu+iK6nTaqHCVYT9zrf7sapYOTOjhi/A=
Subject key identifier:   36:7C:33:FA:45:51:C4:6B:7E:41:D7:57:43:67:E7:79:5C:AF:16:FC
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       01898C0CA5934477DFBD9EB9C34C9AB2CD84
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Nnwz-kVRxGt-QddXQ2fneVyvFvw.roa
Signing time:             Tue 25 Jul 2023 07:56:26 +0000
ROA not before:           Tue 25 Jul 2023 07:56:26 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     213200
IP address blocks:        94.156.177.0/24 maxlen: 24
                          193.37.41.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 31 Jul 2023 06:32:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:8c:0c:a5:93:44:77:df:bd:9e:b9:c3:4c:9a:b2:cd:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Jul 25 07:56:26 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=367c33fa4551c46b7e41d7574367e7795caf16fc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:f6:a8:25:72:a2:50:6b:78:66:26:fe:9f:70:
                    d1:79:46:f4:09:37:12:3b:81:86:66:4d:3c:5a:d5:
                    15:f0:03:90:2b:e4:06:e3:1a:93:1f:e3:60:11:09:
                    e6:b0:ac:bc:ec:87:2e:fb:bb:37:41:77:08:d6:29:
                    ab:fc:52:5a:96:38:c6:90:a1:cd:a7:fc:93:45:6f:
                    c6:84:5d:1d:e8:02:3b:25:dc:1c:fd:33:4a:48:6d:
                    97:1f:23:d8:a5:14:68:76:27:af:3b:31:61:80:d3:
                    af:a0:9c:90:6c:da:77:0d:e9:5d:96:db:48:aa:37:
                    58:67:1f:4e:ee:d4:36:6f:f8:c4:d7:99:e3:28:af:
                    2d:05:cf:de:43:d4:4f:c9:6e:7e:f3:a1:c5:88:da:
                    31:89:f2:37:03:b6:26:06:40:cb:0e:b4:69:07:6b:
                    fb:41:fd:d8:79:d5:ca:24:21:1f:04:ce:7d:3a:e9:
                    67:b5:88:b9:be:7c:75:1a:2a:8a:c6:0e:58:d1:bd:
                    00:ee:cf:23:dd:11:12:9a:27:d8:5a:1e:92:62:af:
                    ce:1e:0e:8f:e6:b7:83:66:9f:ab:f6:41:48:83:41:
                    90:88:66:a3:73:b5:e5:26:71:ee:b3:37:89:09:86:
                    2d:ac:e0:e5:bb:83:98:9d:d2:9f:5b:92:41:4a:fb:
                    81:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:7C:33:FA:45:51:C4:6B:7E:41:D7:57:43:67:E7:79:5C:AF:16:FC
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Nnwz-kVRxGt-QddXQ2fneVyvFvw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.156.177.0/24
                  193.37.41.0/24

    Signature Algorithm: sha256WithRSAEncryption
         03:92:73:c1:49:b6:1f:2b:b8:d6:e0:7a:0b:77:87:1d:fa:c5:
         1d:67:16:f4:d5:18:78:64:ba:3f:7b:dc:02:3f:92:ae:1f:e4:
         3f:1e:2b:f9:a2:11:bd:8b:8b:d6:f1:49:5d:b7:58:80:79:47:
         de:ac:f2:13:04:93:88:8a:c5:39:b9:bc:9e:27:4c:13:b7:93:
         7f:3c:bc:46:89:31:bd:31:e1:d6:59:2a:b0:da:a7:f4:36:3e:
         bc:c7:ce:9b:12:4a:af:bb:ea:a6:2a:3e:8f:e3:8c:a4:c1:ab:
         3f:5f:af:bf:16:9d:51:c9:c0:93:ed:ea:37:83:b6:ce:20:b1:
         09:72:f5:0b:0c:d2:21:5c:04:41:5d:96:72:9d:d5:97:d0:c8:
         e3:43:9b:ad:e4:f4:f1:a5:17:8d:94:0b:f5:94:14:49:b0:c7:
         c1:a7:90:2a:f1:7c:4a:5c:6e:8c:6e:7e:5f:74:71:be:46:1f:
         8c:03:5c:c5:bc:e8:96:dc:f6:bb:fa:1c:43:b5:f4:61:0d:36:
         41:f2:ff:ab:39:4e:30:e7:42:d3:3c:17:6a:2e:0a:21:a5:75:
         fb:32:fa:1a:78:15:46:84:94:6b:4c:da:26:53:f2:48:43:6a:
         f0:04:a0:a2:3d:ee:24:97:74:8f:21:3c:54:a0:73:fa:e0:b7:
         b6:2e:ab:ae
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYmMDKWTRHffvZ65w0yass2EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNzI1MDc1NjI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjdjMzNmYTQ1NTFjNDZiN2U0MWQ3NTc0MzY3ZTc3OTVjYWYxNmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAovaoJXKiUGt4Zib+n3DReUb0CTcS
O4GGZk08WtUV8AOQK+QG4xqTH+NgEQnmsKy87Icu+7s3QXcI1imr/FJaljjGkKHN
p/yTRW/GhF0d6AI7Jdwc/TNKSG2XHyPYpRRodievOzFhgNOvoJyQbNp3DeldlttI
qjdYZx9O7tQ2b/jE15njKK8tBc/eQ9RPyW5+86HFiNoxifI3A7YmBkDLDrRpB2v7
Qf3YedXKJCEfBM59OulntYi5vnx1GiqKxg5Y0b0A7s8j3RESmifYWh6SYq/OHg6P
5reDZp+r9kFIg0GQiGajc7XlJnHuszeJCYYtrODlu4OYndKfW5JBSvuBHQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDZ8M/pFUcRrfkHXV0Nn53lcrxb8MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvTm53ei1rVlJ4R3QtUWRkWFEyZm5lVnl2RnZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXpyxAwQA
wSUpMA0GCSqGSIb3DQEBCwUAA4IBAQADknPBSbYfK7jW4HoLd4cd+sUdZxb01Rh4
ZLo/e9wCP5KuH+Q/Hiv5ohG9i4vW8Uldt1iAeUferPITBJOIisU5ubyeJ0wTt5N/
PLxGiTG9MeHWWSqw2qf0Nj68x86bEkqvu+qmKj6P44ykwas/X6+/Fp1RycCT7eo3
g7bOILEJcvULDNIhXARBXZZyndWX0MjjQ5ut5PTxpReNlAv1lBRJsMfBp5Aq8XxK
XG6Mbn5fdHG+Rh+MA1zFvOiW3Pa7+hxDtfRhDTZB8v+rOU4w50LTPBdqLgohpXX7
MvoaeBVGhJRrTNomU/JIQ2rwBKCiPe4kl3SPITxUoHP64Le2Lquu
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:05 2024 by rpki-client on console-fra.rpki-client.org