Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/nmwLLL-1roQRAFgbficFeFXISFY.roa
File:                     nmwLLL-1roQRAFgbficFeFXISFY.roa (raw, json)
Hash identifier:          yHhje6pk/CPq2cF4zrvK6G+x2rQ9s1PSBJoGSd4e6ZI=
Subject key identifier:   9E:6C:0B:2C:BF:B5:AE:84:11:00:58:1B:7E:27:05:78:55:C8:48:56
Certificate issuer:       /CN=f75d8b52815f3f2613e948992ec9fe660f6949b4
Certificate serial:       018F0C43005529F92BD555AD52F7D59E1B93
Authority key identifier: F7:5D:8B:52:81:5F:3F:26:13:E9:48:99:2E:C9:FE:66:0F:69:49:B4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/912LUoFfPyYT6UiZLsn-Zg9pSbQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/nmwLLL-1roQRAFgbficFeFXISFY.roa
Signing time:             Tue 23 Apr 2024 18:41:08 +0000
ROA not before:           Tue 23 Apr 2024 18:41:08 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     213220
IP address blocks:        2a11:5a42::/32 maxlen: 32
                          2a11:5a46::/32 maxlen: 32
                          2a12:1541::/32 maxlen: 32
                          2a12:7301::/32 maxlen: 32
                          2a12:7304::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 24 Jun 2024 11:47:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:0c:43:00:55:29:f9:2b:d5:55:ad:52:f7:d5:9e:1b:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f75d8b52815f3f2613e948992ec9fe660f6949b4
        Validity
            Not Before: Apr 23 18:41:08 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=9e6c0b2cbfb5ae841100581b7e27057855c84856
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:8a:7e:e1:df:b3:ad:e7:b5:81:50:ed:2e:9b:
                    54:25:f8:10:43:f5:37:7d:e2:2f:cc:d7:ff:28:4c:
                    95:ff:37:c1:08:60:38:ce:07:4b:1a:4c:46:e5:8e:
                    5b:cf:4b:a5:87:c7:44:b2:e4:7a:ef:76:01:07:4b:
                    dc:09:64:4a:0b:2c:3b:90:59:3b:f1:53:44:46:d7:
                    54:8f:7d:6c:25:1c:90:1f:4c:f6:46:3c:7b:2b:84:
                    07:1a:83:99:e5:1f:00:f5:d9:32:73:14:90:d9:2f:
                    0a:7e:fd:b4:6c:9b:ba:e1:6f:b3:64:41:b1:04:67:
                    b8:9b:5d:5d:5e:4a:15:84:71:cf:63:7e:9f:86:99:
                    c5:f7:92:bd:33:ba:64:48:51:7d:4f:fb:ac:1b:a4:
                    64:d0:60:55:12:33:97:c1:ae:d0:84:29:70:ca:2a:
                    0a:31:8a:b6:f5:4d:b3:fb:34:35:8d:e7:26:15:2e:
                    6e:a1:0f:d2:6d:26:ef:61:23:47:ac:a2:21:b5:57:
                    f7:08:3e:d3:58:47:1e:76:83:90:06:eb:fd:20:e6:
                    9f:ab:e8:a3:de:38:35:12:92:d0:e5:0a:53:63:e5:
                    81:ef:b3:61:e3:95:80:b7:a6:66:10:7d:49:5d:34:
                    e1:f3:5b:4c:cb:a8:86:2d:f9:f2:1c:64:50:95:13:
                    b3:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:6C:0B:2C:BF:B5:AE:84:11:00:58:1B:7E:27:05:78:55:C8:48:56
            X509v3 Authority Key Identifier:
                keyid:F7:5D:8B:52:81:5F:3F:26:13:E9:48:99:2E:C9:FE:66:0F:69:49:B4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/912LUoFfPyYT6UiZLsn-Zg9pSbQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/nmwLLL-1roQRAFgbficFeFXISFY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/912LUoFfPyYT6UiZLsn-Zg9pSbQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a11:5a42::/32
                  2a11:5a46::/32
                  2a12:1541::/32
                  2a12:7301::/32
                  2a12:7304::/32

    Signature Algorithm: sha256WithRSAEncryption
         45:56:45:14:58:d6:dd:9f:4d:04:d1:d0:d4:4f:07:9e:42:43:
         94:e0:91:ab:c5:cc:2c:43:b4:60:32:b4:ac:27:80:dc:a6:b8:
         f2:da:81:cd:7d:e8:92:22:36:88:a4:4f:5d:77:64:34:90:4c:
         ef:d6:5d:f4:af:85:3c:af:49:c4:6b:1d:98:6c:21:24:c6:31:
         07:55:c8:f3:d4:af:e7:cc:bd:ef:7f:35:00:6a:78:f3:44:0f:
         f1:59:af:5b:e0:52:87:82:22:94:99:25:f6:73:fb:eb:e3:58:
         d3:15:da:e8:ee:a0:e7:c3:fe:42:98:f2:bc:f0:c8:41:0f:06:
         90:14:22:13:11:3e:01:12:c4:a5:b6:61:2a:e4:a8:99:64:71:
         ef:7f:20:66:b7:4c:55:5d:0f:f7:ec:76:d0:55:87:18:e0:e6:
         c7:fc:63:d1:13:48:89:0d:12:43:26:ea:20:84:d8:d0:ec:24:
         21:8b:c9:42:7f:4f:46:65:89:9e:8b:3a:59:c7:01:ff:3c:4f:
         85:c2:30:a0:48:2e:16:73:d8:91:77:b3:69:42:b2:e0:a5:e5:
         56:a5:24:57:0c:ed:b8:a9:5d:4a:0c:45:05:6c:85:e5:a8:38:
         01:6c:e6:4f:1b:1f:07:65:3f:ce:05:c5:d5:73:45:41:2e:09:
         bc:e6:f8:9c
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAY8MQwBVKfkr1VWtUvfVnhuTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NWQ4YjUyODE1ZjNmMjYxM2U5NDg5OTJlYzlmZTY2MGY2
OTQ5YjQwHhcNMjQwNDIzMTg0MTA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTZjMGIyY2JmYjVhZTg0MTEwMDU4MWI3ZTI3MDU3ODU1Yzg0ODU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhIp+4d+zree1gVDtLptUJfgQQ/U3
feIvzNf/KEyV/zfBCGA4zgdLGkxG5Y5bz0ulh8dEsuR673YBB0vcCWRKCyw7kFk7
8VNERtdUj31sJRyQH0z2Rjx7K4QHGoOZ5R8A9dkycxSQ2S8Kfv20bJu64W+zZEGx
BGe4m11dXkoVhHHPY36fhpnF95K9M7pkSFF9T/usG6Rk0GBVEjOXwa7QhClwyioK
MYq29U2z+zQ1jecmFS5uoQ/SbSbvYSNHrKIhtVf3CD7TWEcedoOQBuv9IOafq+ij
3jg1EpLQ5QpTY+WB77Nh45WAt6ZmEH1JXTTh81tMy6iGLfnyHGRQlROzTwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFJ5sCyy/ta6EEQBYG34nBXhVyEhWMB8GA1UdIwQY
MBaAFPddi1KBXz8mE+lImS7J/mYPaUm0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTEyTFVvRmZQeVlUNlVpWkxzbi1aZzlwU2JRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC85NTE0ZWQtMjc2ZS00YWJhLTg5N2Ut
YTQ0MTBlMTBiNmY1LzEvbm13TExMLTFyb1FSQUZnYmZpY0ZlRlhJU0ZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC85NTE0ZWQtMjc2ZS00YWJhLTg5N2UtYTQ0MTBlMTBiNmY1
LzEvOTEyTFVvRmZQeVlUNlVpWkxzbi1aZzlwU2JRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUAKhFaQgMF
ACoRWkYDBQAqEhVBAwUAKhJzAQMFACoScwQwDQYJKoZIhvcNAQELBQADggEBAEVW
RRRY1t2fTQTR0NRPB55CQ5TgkavFzCxDtGAytKwngNymuPLagc196JIiNoikT113
ZDSQTO/WXfSvhTyvScRrHZhsISTGMQdVyPPUr+fMve9/NQBqePNED/FZr1vgUoeC
IpSZJfZz++vjWNMV2ujuoOfD/kKY8rzwyEEPBpAUIhMRPgESxKW2YSrkqJlkce9/
IGa3TFVdD/fsdtBVhxjg5sf8Y9ETSIkNEkMm6iCE2NDsJCGLyUJ/T0ZliZ6LOlnH
Af88T4XCMKBILhZz2JF3s2lCsuCl5ValJFcM7bipXUoMRQVsheWoOAFs5k8bHwdl
P84FxdVzRUEuCbzm+Jw=
-----END CERTIFICATE-----
Generated at Mon Jun 24 15:20:46 2024 by rpki-client on console-fra.rpki-client.org