Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/4992b6-fdae-4c9f-bf3e-95c8942df724/1/NI0glUjAp3aWDGXz-VWjMh4QpA0.roa
File:                     NI0glUjAp3aWDGXz-VWjMh4QpA0.roa (raw, json)
Hash identifier:          8zuEkI7CBGY7ZMMUl1vtBFBazfkB99Ol0anqRAZyklM=
Subject key identifier:   34:8D:20:95:48:C0:A7:76:96:0C:65:F3:F9:55:A3:32:1E:10:A4:0D
Certificate issuer:       /CN=bc9f0b9ac1d5652f3dca1ef1623bf99ab29647df
Certificate serial:       0187B567A67EFA658D9EE2CD0B68D3772A71
Authority key identifier: BC:9F:0B:9A:C1:D5:65:2F:3D:CA:1E:F1:62:3B:F9:9A:B2:96:47:DF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vJ8LmsHVZS89yh7xYjv5mrKWR98.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/4992b6-fdae-4c9f-bf3e-95c8942df724/1/NI0glUjAp3aWDGXz-VWjMh4QpA0.roa
Signing time:             Mon 24 Apr 2023 22:34:41 +0000
ROA not before:           Mon 24 Apr 2023 22:34:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     47674
IP address blocks:        185.38.140.0/22 maxlen: 24
                          185.236.230.0/24 maxlen: 24
                          185.236.231.0/24 maxlen: 24
                          185.236.229.0/24 maxlen: 24
                          185.236.228.0/24 maxlen: 24
                          188.93.232.0/21 maxlen: 24
                          5.206.224.0/21 maxlen: 24
                          2a00:1c60::/32 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:31:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:b5:67:a6:7e:fa:65:8d:9e:e2:cd:0b:68:d3:77:2a:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bc9f0b9ac1d5652f3dca1ef1623bf99ab29647df
        Validity
            Not Before: Apr 24 22:34:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=348d209548c0a776960c65f3f955a3321e10a40d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:af:9c:0f:e0:da:cd:3a:5e:9b:bc:f7:ab:c5:
                    4d:97:64:68:ff:d4:66:1d:73:c2:1a:3c:f0:12:a7:
                    c3:a2:82:15:97:1e:83:8f:91:77:50:6a:18:27:35:
                    c3:47:6b:88:15:fb:cc:4d:60:b0:5f:ef:10:6a:1c:
                    65:0b:17:f8:b4:98:2f:b7:35:b2:62:8e:63:72:b2:
                    5d:64:f1:b6:5a:28:7b:af:01:09:b6:1b:31:01:65:
                    2d:1f:0a:f3:26:62:a8:16:6e:1f:bf:63:55:9f:6d:
                    1d:83:a7:74:72:69:b6:f9:cb:73:77:c4:84:98:37:
                    5c:bf:9e:8d:a1:72:e9:e4:6e:5d:9a:d8:63:40:13:
                    51:5b:c7:17:31:b5:eb:a4:e0:ce:b0:fd:03:57:1e:
                    0e:9d:a3:1e:59:bf:f8:7d:59:cf:ee:31:df:7f:ba:
                    d2:ef:55:d1:0a:a6:9c:30:15:ad:a1:78:a4:50:23:
                    83:74:5c:cc:32:41:16:d6:fb:c3:7f:4a:b3:25:e6:
                    67:d6:76:e5:8f:9c:5e:42:ed:c4:45:60:6a:da:01:
                    13:11:54:03:ad:05:7b:57:a7:e2:15:84:18:c1:c7:
                    8f:4d:0b:7a:40:f8:77:fd:a0:a2:c4:75:a8:04:dc:
                    95:7e:73:68:14:d7:2b:0a:d3:20:ac:e5:d8:24:ef:
                    ac:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:8D:20:95:48:C0:A7:76:96:0C:65:F3:F9:55:A3:32:1E:10:A4:0D
            X509v3 Authority Key Identifier:
                keyid:BC:9F:0B:9A:C1:D5:65:2F:3D:CA:1E:F1:62:3B:F9:9A:B2:96:47:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vJ8LmsHVZS89yh7xYjv5mrKWR98.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/4992b6-fdae-4c9f-bf3e-95c8942df724/1/NI0glUjAp3aWDGXz-VWjMh4QpA0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/4992b6-fdae-4c9f-bf3e-95c8942df724/1/vJ8LmsHVZS89yh7xYjv5mrKWR98.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.206.224.0/21
                  185.38.140.0/22
                  185.236.228.0/22
                  188.93.232.0/21
                IPv6:
                  2a00:1c60::/32

    Signature Algorithm: sha256WithRSAEncryption
         d7:40:d0:3b:d4:c2:58:f9:f2:25:ee:bd:a3:61:09:f4:8f:8b:
         07:e6:b6:c0:a7:7f:cf:6d:8e:8b:2a:5b:2e:0d:76:3b:28:c3:
         a1:03:ff:51:90:2a:4f:88:54:e9:bb:96:88:a9:a7:f3:f6:c1:
         52:5a:25:c2:9b:d2:a1:0c:eb:1d:0e:71:15:f5:52:98:42:54:
         05:a8:ce:19:19:a9:82:9b:4f:1d:0a:b1:2e:a0:03:bf:0f:31:
         23:fc:68:c8:c6:ef:65:d6:67:11:7b:e4:7a:be:d9:f8:4c:07:
         dd:a9:4a:50:48:86:80:30:24:97:e4:83:e8:b6:42:ca:fa:72:
         d1:90:4d:14:cf:81:97:cd:da:04:4c:30:be:b1:ec:66:4b:98:
         d0:42:1d:4c:69:97:c7:25:6b:ff:b8:12:60:2d:5f:75:40:3a:
         35:a4:1f:18:37:b1:5d:ca:c4:01:5e:00:d8:dd:af:00:88:24:
         7b:33:c6:cf:d6:a8:2a:0a:ef:cc:dd:63:3f:29:1d:3f:85:cb:
         09:7c:6a:a8:5e:c4:19:71:2a:50:2e:81:d9:94:87:09:e0:78:
         02:be:a8:8c:92:4d:72:4a:e1:78:4c:ef:8c:09:90:c0:0d:e0:
         84:c9:b1:bc:24:77:5a:59:21:73:e9:5e:27:b7:87:26:22:4b:
         66:b4:76:b8
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYe1Z6Z++mWNnuLNC2jTdypxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjOWYwYjlhYzFkNTY1MmYzZGNhMWVmMTYyM2JmOTlhYjI5
NjQ3ZGYwHhcNMjMwNDI0MjIzNDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDhkMjA5NTQ4YzBhNzc2OTYwYzY1ZjNmOTU1YTMzMjFlMTBhNDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtq+cD+DazTpem7z3q8VNl2Ro/9Rm
HXPCGjzwEqfDooIVlx6Dj5F3UGoYJzXDR2uIFfvMTWCwX+8QahxlCxf4tJgvtzWy
Yo5jcrJdZPG2Wih7rwEJthsxAWUtHwrzJmKoFm4fv2NVn20dg6d0cmm2+ctzd8SE
mDdcv56NoXLp5G5dmthjQBNRW8cXMbXrpODOsP0DVx4OnaMeWb/4fVnP7jHff7rS
71XRCqacMBWtoXikUCODdFzMMkEW1vvDf0qzJeZn1nblj5xeQu3ERWBq2gETEVQD
rQV7V6fiFYQYwcePTQt6QPh3/aCixHWoBNyVfnNoFNcrCtMgrOXYJO+sfwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFDSNIJVIwKd2lgxl8/lVozIeEKQNMB8GA1UdIwQY
MBaAFLyfC5rB1WUvPcoe8WI7+ZqylkffMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdko4TG1zSFZaUzg5eWg3eFlqdjVtcktXUjk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS80OTkyYjYtZmRhZS00YzlmLWJmM2Ut
OTVjODk0MmRmNzI0LzEvTkkwZ2xVakFwM2FXREdYei1WV2pNaDRRcEEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS80OTkyYjYtZmRhZS00YzlmLWJmM2UtOTVjODk0MmRmNzI0
LzEvdko4TG1zSFZaUzg5eWg3eFlqdjVtcktXUjk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDBc7gAwQC
uSaMAwQCuezkAwQDvF3oMA0EAgACMAcDBQAqABxgMA0GCSqGSIb3DQEBCwUAA4IB
AQDXQNA71MJY+fIl7r2jYQn0j4sH5rbAp3/PbY6LKlsuDXY7KMOhA/9RkCpPiFTp
u5aIqafz9sFSWiXCm9KhDOsdDnEV9VKYQlQFqM4ZGamCm08dCrEuoAO/DzEj/GjI
xu9l1mcRe+R6vtn4TAfdqUpQSIaAMCSX5IPotkLK+nLRkE0Uz4GXzdoETDC+sexm
S5jQQh1MaZfHJWv/uBJgLV91QDo1pB8YN7FdysQBXgDY3a8AiCR7M8bP1qgqCu/M
3WM/KR0/hcsJfGqoXsQZcSpQLoHZlIcJ4HgCvqiMkk1ySuF4TO+MCZDADeCEybG8
JHdaWSFz6V4nt4cmIktmtHa4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:34 2024 by rpki-client on console-fra.rpki-client.org