Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/nMxkiUuwghBD2V0W0NkhJm1lPwc.roa
File:                     nMxkiUuwghBD2V0W0NkhJm1lPwc.roa (raw, json)
Hash identifier:          AjhkqZhtJyDJRgMsYb18Y6P9XzYw1qrq3nGCubFa5oQ=
Subject key identifier:   9C:CC:64:89:4B:B0:82:10:43:D9:5D:16:D0:D9:21:26:6D:65:3F:07
Certificate issuer:       /CN=568fe35cc962633a2757af10a0e6e8ab6d01f4c9
Certificate serial:       0185700284F7DF955AEA5AE515356C8B7146
Authority key identifier: 56:8F:E3:5C:C9:62:63:3A:27:57:AF:10:A0:E6:E8:AB:6D:01:F4:C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Vo_jXMliYzonV68QoOboq20B9Mk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/nMxkiUuwghBD2V0W0NkhJm1lPwc.roa
Signing time:             Mon 02 Jan 2023 01:04:51 +0000
ROA not before:           Mon 02 Jan 2023 01:04:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49563
IP address blocks:        212.15.24.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:31:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:02:84:f7:df:95:5a:ea:5a:e5:15:35:6c:8b:71:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=568fe35cc962633a2757af10a0e6e8ab6d01f4c9
        Validity
            Not Before: Jan  2 01:04:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9ccc64894bb0821043d95d16d0d921266d653f07
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:06:34:e0:0f:35:17:24:80:66:fe:df:a3:f3:
                    2e:2b:b6:ff:ae:0a:1f:f1:34:2a:d4:71:28:cd:ee:
                    90:70:31:80:36:3c:ba:0e:bd:20:6e:49:8c:c2:28:
                    a5:cb:a0:7f:29:dd:a8:dc:59:4f:1c:56:6c:57:4e:
                    61:c8:b5:c4:e4:bb:52:cd:90:69:2e:d6:7e:cd:46:
                    de:63:11:59:9c:36:ca:bc:ca:84:cf:ae:b0:c5:78:
                    86:f3:17:61:8b:a1:4d:67:7e:df:88:f4:6e:4b:72:
                    0c:32:86:ba:9c:ab:31:ec:f4:b4:87:19:31:8c:ef:
                    46:63:4f:33:e4:d7:3a:01:0d:10:de:12:ea:2b:f4:
                    34:89:d9:df:a2:49:5c:86:c8:fe:bd:f7:6f:27:eb:
                    b5:aa:ff:cc:f9:f5:76:38:07:ca:63:53:fd:7b:b6:
                    5c:3f:bc:e7:40:bd:db:26:7b:b1:5a:23:c6:c6:7d:
                    9f:5e:84:3e:a4:95:7e:82:c9:e4:13:f5:03:cb:1f:
                    f3:dc:e5:62:6c:95:65:26:4d:9f:1a:9b:0d:5d:1d:
                    bd:40:f9:5d:f7:bb:9f:6e:9b:34:7c:f2:bd:fa:c5:
                    37:da:05:3b:87:45:4c:00:ca:ac:7f:dd:8e:37:0f:
                    c4:04:17:00:84:8a:af:58:fd:21:34:33:ed:df:d2:
                    93:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:CC:64:89:4B:B0:82:10:43:D9:5D:16:D0:D9:21:26:6D:65:3F:07
            X509v3 Authority Key Identifier:
                keyid:56:8F:E3:5C:C9:62:63:3A:27:57:AF:10:A0:E6:E8:AB:6D:01:F4:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vo_jXMliYzonV68QoOboq20B9Mk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/nMxkiUuwghBD2V0W0NkhJm1lPwc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/Vo_jXMliYzonV68QoOboq20B9Mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.15.24.0/24

    Signature Algorithm: sha256WithRSAEncryption
         63:73:1e:2c:28:7c:ea:be:17:6b:16:cd:d7:49:c7:76:6c:df:
         02:7b:22:93:b1:53:fa:31:ea:e5:ba:2d:cb:44:9d:73:f7:6c:
         5e:91:8b:b7:b6:05:70:c6:f7:0d:0f:78:4a:1a:ff:bd:c3:f7:
         72:29:3c:d0:31:b6:70:89:da:6d:1e:b9:e6:f6:db:b7:71:18:
         9c:46:76:19:b4:23:b7:99:97:6e:b8:6c:d3:a9:52:79:21:59:
         0f:2f:2b:1c:b4:84:89:1d:0d:60:15:22:a8:fe:27:e7:4b:20:
         f4:42:70:fb:b2:24:f0:33:23:c0:79:c3:02:8d:26:29:d8:15:
         b2:2d:ab:e4:e8:cc:96:7c:0d:5e:e3:2c:73:4a:d0:4f:e5:10:
         a1:bb:e9:2c:fc:d9:3d:24:2d:99:4b:f2:05:a1:42:e3:00:0b:
         4d:38:43:dd:02:3c:64:f7:16:45:8d:c9:c8:0b:d3:0e:4b:9f:
         83:ad:31:4b:32:85:98:88:ae:2c:a6:48:fd:7e:a6:cb:27:d7:
         7c:a9:14:85:e4:4e:93:a6:ed:05:bd:42:f3:e4:0a:b2:e6:d1:
         66:23:cb:01:94:e9:1c:91:82:82:40:5d:5b:40:c3:d1:4f:12:
         2f:af:48:f9:73:1b:99:a2:b3:30:3a:6b:04:91:d1:c2:ea:b0:
         a7:63:b7:15
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwAoT335Va6lrlFTVsi3FGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2OGZlMzVjYzk2MjYzM2EyNzU3YWYxMGEwZTZlOGFiNmQw
MWY0YzkwHhcNMjMwMTAyMDEwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2NjNjQ4OTRiYjA4MjEwNDNkOTVkMTZkMGQ5MjEyNjZkNjUzZjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQY04A81FySAZv7fo/MuK7b/rgof
8TQq1HEoze6QcDGANjy6Dr0gbkmMwiily6B/Kd2o3FlPHFZsV05hyLXE5LtSzZBp
LtZ+zUbeYxFZnDbKvMqEz66wxXiG8xdhi6FNZ37fiPRuS3IMMoa6nKsx7PS0hxkx
jO9GY08z5Nc6AQ0Q3hLqK/Q0idnfoklchsj+vfdvJ+u1qv/M+fV2OAfKY1P9e7Zc
P7znQL3bJnuxWiPGxn2fXoQ+pJV+gsnkE/UDyx/z3OVibJVlJk2fGpsNXR29QPld
97ufbps0fPK9+sU32gU7h0VMAMqsf92ONw/EBBcAhIqvWP0hNDPt39KToQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJzMZIlLsIIQQ9ldFtDZISZtZT8HMB8GA1UdIwQY
MBaAFFaP41zJYmM6J1evEKDm6KttAfTJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVm9falhNbGlZem9uVjY4UW9PYm9xMjBCOU1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC8zN2ViZTYtOGJmZS00YzFmLWExODMt
ODNkNjQ4Zjc5NzQ2LzEvbk14a2lVdXdnaEJEMlYwVzBOa2hKbTFsUHdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC8zN2ViZTYtOGJmZS00YzFmLWExODMtODNkNjQ4Zjc5NzQ2
LzEvVm9falhNbGlZem9uVjY4UW9PYm9xMjBCOU1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1A8YMA0G
CSqGSIb3DQEBCwUAA4IBAQBjcx4sKHzqvhdrFs3XScd2bN8CeyKTsVP6Merlui3L
RJ1z92xekYu3tgVwxvcND3hKGv+9w/dyKTzQMbZwidptHrnm9tu3cRicRnYZtCO3
mZduuGzTqVJ5IVkPLysctISJHQ1gFSKo/ifnSyD0QnD7siTwMyPAecMCjSYp2BWy
Lavk6MyWfA1e4yxzStBP5RChu+ks/Nk9JC2ZS/IFoULjAAtNOEPdAjxk9xZFjcnI
C9MOS5+DrTFLMoWYiK4spkj9fqbLJ9d8qRSF5E6Tpu0FvULz5Aqy5tFmI8sBlOkc
kYKCQF1bQMPRTxIvr0j5cxuZorMwOmsEkdHC6rCnY7cV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:56 2024 by rpki-client on console-fra.rpki-client.org