Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/685232-f5e9-41d6-b94e-1a6ce5faf916/1/NpnteCZ3j7_TT5XTF_E_K98lzjU.roa
File:                     NpnteCZ3j7_TT5XTF_E_K98lzjU.roa (raw, json)
Hash identifier:          oluI7P6AH/0OAy+V4fcDJpdAT6ljpZ+MXKypYXMIJSs=
Subject key identifier:   36:99:ED:78:26:77:8F:BF:D3:4F:95:D3:17:F1:3F:2B:DF:25:CE:35
Certificate issuer:       /CN=c9c02d4234f4bc4e87555e41c03779d5620a5155
Certificate serial:       018CC9BC261BD6500C64B4F5CAAD4DD6C548
Authority key identifier: C9:C0:2D:42:34:F4:BC:4E:87:55:5E:41:C0:37:79:D5:62:0A:51:55
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ycAtQjT0vE6HVV5BwDd51WIKUVU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/685232-f5e9-41d6-b94e-1a6ce5faf916/1/NpnteCZ3j7_TT5XTF_E_K98lzjU.roa
Signing time:             Tue 02 Jan 2024 10:33:20 +0000
ROA not before:           Tue 02 Jan 2024 10:33:20 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     49775
IP address blocks:        185.194.252.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 13:44:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c9:bc:26:1b:d6:50:0c:64:b4:f5:ca:ad:4d:d6:c5:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c9c02d4234f4bc4e87555e41c03779d5620a5155
        Validity
            Not Before: Jan  2 10:33:20 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=3699ed7826778fbfd34f95d317f13f2bdf25ce35
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:d8:b6:f9:5e:97:b7:c9:eb:10:32:9f:1d:16:
                    c0:29:d8:1b:f2:80:88:79:b9:54:c6:a8:e8:37:68:
                    04:60:53:81:1c:12:e7:9e:82:19:90:fe:de:74:63:
                    63:b4:79:a2:c2:bc:ce:12:c9:4e:ff:10:f4:6c:86:
                    5d:f1:21:b1:00:77:3e:90:50:6a:83:1c:8f:90:67:
                    29:73:b4:13:a4:f9:7c:24:fb:6f:01:51:22:0e:31:
                    99:5d:d3:40:44:c7:48:ce:23:4d:5c:8c:1c:a3:33:
                    4b:3c:3b:15:5b:19:02:f8:d4:e6:50:07:7c:e1:f9:
                    53:1b:b4:64:f7:7e:57:fd:d7:96:78:40:4d:d4:fb:
                    40:5c:4a:4b:33:00:2f:3c:a7:0e:cf:ce:44:a6:00:
                    44:14:b1:8b:1d:c2:88:23:1d:de:97:f0:f2:bc:6b:
                    19:78:bc:ec:11:dd:c9:9b:8d:52:75:a0:2e:50:32:
                    91:0f:7f:0e:d3:05:49:3a:7e:a9:b6:63:fd:53:5f:
                    3b:b7:f6:16:7d:da:ab:87:5c:d4:2f:5c:08:40:6f:
                    46:81:f2:85:58:80:55:07:d7:41:a3:db:31:8a:78:
                    6d:b6:e9:16:1d:64:8b:a9:72:de:2d:f3:f6:cc:b2:
                    5b:23:51:f1:14:86:15:95:ae:9c:92:4d:05:b2:f2:
                    b0:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:99:ED:78:26:77:8F:BF:D3:4F:95:D3:17:F1:3F:2B:DF:25:CE:35
            X509v3 Authority Key Identifier:
                keyid:C9:C0:2D:42:34:F4:BC:4E:87:55:5E:41:C0:37:79:D5:62:0A:51:55

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ycAtQjT0vE6HVV5BwDd51WIKUVU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/685232-f5e9-41d6-b94e-1a6ce5faf916/1/NpnteCZ3j7_TT5XTF_E_K98lzjU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/685232-f5e9-41d6-b94e-1a6ce5faf916/1/ycAtQjT0vE6HVV5BwDd51WIKUVU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.194.252.0/23

    Signature Algorithm: sha256WithRSAEncryption
         79:f7:3b:15:09:98:1d:46:01:dc:4d:5c:07:c7:69:89:4c:8f:
         58:ca:ca:4b:11:69:7c:f9:d4:0d:e9:de:16:cb:1a:50:96:07:
         7b:ea:8a:43:56:cf:f7:3e:e0:d8:65:9c:82:19:bd:e9:a5:4f:
         53:c7:1d:18:9b:b0:cc:91:e4:ff:20:e7:31:d8:9c:56:c7:e9:
         68:2d:6f:18:68:2f:f6:9e:60:48:f1:2c:cd:2b:1f:c1:13:27:
         c2:dd:36:c5:4f:e9:d0:bf:8e:2a:33:df:79:f1:0d:41:e3:6d:
         94:17:78:94:8e:b8:9f:64:5f:af:73:60:7b:41:4e:59:00:82:
         43:a9:47:ee:4f:bc:73:d5:d2:19:0a:a0:db:ba:67:04:e0:59:
         e0:de:d1:d4:62:e2:c4:10:c4:f2:91:c7:10:3b:3c:36:42:97:
         19:a5:62:49:7d:ef:e0:f5:ec:c5:b9:5e:b7:d3:f9:2a:25:13:
         e4:70:a9:71:cc:b8:1f:11:3e:9e:fd:a0:93:a3:1a:d6:72:e3:
         ad:03:43:6d:de:44:1c:1e:11:35:cd:36:9e:bf:12:1c:2a:c4:
         fe:43:ea:e1:ea:8e:f5:23:49:0e:c1:c5:2d:95:61:38:90:0a:
         63:0e:99:6e:1a:fb:aa:6e:f9:c5:17:0d:90:9e:0c:7f:f3:12:
         18:6c:d7:b6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJvCYb1lAMZLT1yq1N1sVIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5YzAyZDQyMzRmNGJjNGU4NzU1NWU0MWMwMzc3OWQ1NjIw
YTUxNTUwHhcNMjQwMTAyMTAzMzIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjk5ZWQ3ODI2Nzc4ZmJmZDM0Zjk1ZDMxN2YxM2YyYmRmMjVjZTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoti2+V6Xt8nrEDKfHRbAKdgb8oCI
eblUxqjoN2gEYFOBHBLnnoIZkP7edGNjtHmiwrzOEslO/xD0bIZd8SGxAHc+kFBq
gxyPkGcpc7QTpPl8JPtvAVEiDjGZXdNARMdIziNNXIwcozNLPDsVWxkC+NTmUAd8
4flTG7Rk935X/deWeEBN1PtAXEpLMwAvPKcOz85EpgBEFLGLHcKIIx3el/DyvGsZ
eLzsEd3Jm41SdaAuUDKRD38O0wVJOn6ptmP9U187t/YWfdqrh1zUL1wIQG9GgfKF
WIBVB9dBo9sxinhttukWHWSLqXLeLfP2zLJbI1HxFIYVla6ckk0FsvKwGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDaZ7Xgmd4+/00+V0xfxPyvfJc41MB8GA1UdIwQY
MBaAFMnALUI09LxOh1VeQcA3edViClFVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWNBdFFqVDB2RTZIVlY1QndEZDUxV0lLVVZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS82ODUyMzItZjVlOS00MWQ2LWI5NGUt
MWE2Y2U1ZmFmOTE2LzEvTnBudGVDWjNqN19UVDVYVEZfRV9LOThsempVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS82ODUyMzItZjVlOS00MWQ2LWI5NGUtMWE2Y2U1ZmFmOTE2
LzEveWNBdFFqVDB2RTZIVlY1QndEZDUxV0lLVVZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBucL8MA0G
CSqGSIb3DQEBCwUAA4IBAQB59zsVCZgdRgHcTVwHx2mJTI9YyspLEWl8+dQN6d4W
yxpQlgd76opDVs/3PuDYZZyCGb3ppU9Txx0Ym7DMkeT/IOcx2JxWx+loLW8YaC/2
nmBI8SzNKx/BEyfC3TbFT+nQv44qM9958Q1B422UF3iUjrifZF+vc2B7QU5ZAIJD
qUfuT7xz1dIZCqDbumcE4Fng3tHUYuLEEMTykccQOzw2QpcZpWJJfe/g9ezFuV63
0/kqJRPkcKlxzLgfET6e/aCToxrWcuOtA0Nt3kQcHhE1zTaevxIcKsT+Q+rh6o71
I0kOwcUtlWE4kApjDpluGvuqbvnFFw2Qngx/8xIYbNe2
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:36 2024 by rpki-client on console-fra.rpki-client.org