Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/NyOqyfmjoS4KqyfbyjMMCN7oIpY.roa
File:                     NyOqyfmjoS4KqyfbyjMMCN7oIpY.roa (raw, json)
Hash identifier:          QDZ8h5fT+mZbKlGsbQdH28xQ1w+k9ivnIpU8wpZdaro=
Subject key identifier:   37:23:AA:C9:F9:A3:A1:2E:0A:AB:27:DB:CA:33:0C:08:DE:E8:22:96
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       018E20BB50DDAC8B3FC0739CCE08323AE268
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/NyOqyfmjoS4KqyfbyjMMCN7oIpY.roa
Signing time:             Sat 09 Mar 2024 01:02:10 +0000
ROA not before:           Sat 09 Mar 2024 01:02:10 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     21859
IP address blocks:        93.123.119.0/24 maxlen: 24
                          185.252.163.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 12 Mar 2024 09:05:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:20:bb:50:dd:ac:8b:3f:c0:73:9c:ce:08:32:3a:e2:68
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Mar  9 01:02:10 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=3723aac9f9a3a12e0aab27dbca330c08dee82296
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:94:d8:df:88:e7:1d:aa:12:98:9d:50:7a:8b:
                    2c:b3:58:67:ff:4e:0e:0d:d6:b1:73:12:8f:d8:f5:
                    c7:cf:3d:41:c3:71:3d:b0:8e:61:24:34:8e:2d:4b:
                    68:09:cc:d3:63:58:9b:d1:48:02:34:33:56:e9:5c:
                    7a:97:99:59:e1:5d:b2:40:b9:df:93:44:f9:c0:18:
                    34:24:ba:fc:d9:24:e7:2b:bc:07:66:65:4d:1d:e0:
                    62:03:b9:dd:1b:bb:3c:cb:4c:b1:94:af:50:67:fa:
                    bf:3e:ab:64:87:55:7e:f8:d2:f3:ec:b7:bd:60:ab:
                    d4:19:16:ce:6d:50:4f:02:cb:de:67:3e:60:b2:81:
                    1c:24:f1:f2:2a:4a:d3:52:3d:a6:45:a4:84:25:62:
                    1c:35:6c:1d:59:6a:8b:4f:38:f0:71:e7:82:44:e8:
                    1d:d6:88:04:19:8f:a4:32:e8:fa:2a:9d:cb:9a:c5:
                    06:db:c1:ca:6a:bb:2d:30:18:a1:bf:68:74:46:6a:
                    ff:99:36:04:ad:15:90:59:90:f0:f2:e2:63:1c:fb:
                    5b:e7:11:e2:87:91:03:97:1c:91:c2:d2:af:63:9f:
                    2d:f9:c2:77:ce:2d:d5:d4:b7:c4:2e:39:39:93:bc:
                    87:da:5a:50:00:e2:08:95:f6:2a:21:cf:08:33:16:
                    99:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:23:AA:C9:F9:A3:A1:2E:0A:AB:27:DB:CA:33:0C:08:DE:E8:22:96
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/NyOqyfmjoS4KqyfbyjMMCN7oIpY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  93.123.119.0/24
                  185.252.163.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6b:3a:dd:76:01:d9:a8:e1:e1:e5:d4:f9:11:65:78:68:3a:72:
         44:39:13:fc:d1:ca:19:ae:de:66:6b:f0:c9:13:23:28:b7:9b:
         cd:14:e7:32:f6:66:3d:85:df:9e:da:51:54:bb:30:2f:e2:0d:
         cb:77:85:0a:d2:c2:0f:73:2d:32:15:eb:d4:c9:47:dc:c0:41:
         09:3d:76:ba:63:a7:7b:e9:fd:63:40:ed:79:da:f8:e9:51:01:
         43:40:68:d3:46:45:3a:6d:d7:62:07:a5:2c:b4:23:f4:60:80:
         d5:47:30:75:78:c5:df:1b:8c:c2:05:52:3c:ce:0f:54:f8:42:
         8e:df:f0:b0:58:0d:74:47:ba:33:24:ee:39:6c:7e:11:01:a1:
         ae:e4:7b:6e:e7:b8:21:73:d5:8a:0f:c9:80:ec:37:1d:f3:f1:
         19:77:1d:78:0b:71:1d:98:5c:48:0c:98:21:41:8d:0c:3a:6b:
         e7:72:d2:dc:7d:1f:3c:39:05:de:a6:dd:3b:17:a4:e2:46:a8:
         4d:6e:13:0f:30:94:a0:7d:77:ab:0d:c1:b8:81:31:f0:d7:f5:
         df:3f:d3:6a:d4:c7:bc:fc:b5:37:7b:4f:d2:5d:33:dd:d0:b2:
         3f:47:19:f8:ab:bc:0b:58:f8:7d:97:37:b1:1d:0d:03:dc:07:
         33:b7:f2:30
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY4gu1DdrIs/wHOczggyOuJoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMzA5MDEwMjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzIzYWFjOWY5YTNhMTJlMGFhYjI3ZGJjYTMzMGMwOGRlZTgyMjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh5TY34jnHaoSmJ1Qeosss1hn/04O
DdaxcxKP2PXHzz1Bw3E9sI5hJDSOLUtoCczTY1ib0UgCNDNW6Vx6l5lZ4V2yQLnf
k0T5wBg0JLr82STnK7wHZmVNHeBiA7ndG7s8y0yxlK9QZ/q/Pqtkh1V++NLz7Le9
YKvUGRbObVBPAsveZz5gsoEcJPHyKkrTUj2mRaSEJWIcNWwdWWqLTzjwceeCROgd
1ogEGY+kMuj6Kp3LmsUG28HKarstMBihv2h0Rmr/mTYErRWQWZDw8uJjHPtb5xHi
h5EDlxyRwtKvY58t+cJ3zi3V1LfELjk5k7yH2lpQAOIIlfYqIc8IMxaZ4wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDcjqsn5o6EuCqsn28ozDAje6CKWMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvTnlPcXlmbWpvUzRLcXlmYnlqTU1DTjdvSXBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXXt3AwQA
ufyjMA0GCSqGSIb3DQEBCwUAA4IBAQBrOt12Admo4eHl1PkRZXhoOnJEORP80coZ
rt5ma/DJEyMot5vNFOcy9mY9hd+e2lFUuzAv4g3Ld4UK0sIPcy0yFevUyUfcwEEJ
PXa6Y6d76f1jQO152vjpUQFDQGjTRkU6bddiB6UstCP0YIDVRzB1eMXfG4zCBVI8
zg9U+EKO3/CwWA10R7ozJO45bH4RAaGu5Htu57ghc9WKD8mA7Dcd8/EZdx14C3Ed
mFxIDJghQY0MOmvnctLcfR88OQXept07F6TiRqhNbhMPMJSgfXerDcG4gTHw1/Xf
P9Nq1Me8/LU3e0/SXTPd0LI/Rxn4q7wLWPh9lzexHQ0D3Aczt/Iw
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:31 2024 by rpki-client on console-ams.rpki-client.org