Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/nkE6OmV8U6vK0PUsUolMoqvF6d0.roa
File:                     nkE6OmV8U6vK0PUsUolMoqvF6d0.roa (raw, json)
Hash identifier:          /1YZN3Zt/Uef9KKbamJDim2Yw4Jf9kE3eX4x6kMGKSs=
Subject key identifier:   9E:41:3A:3A:65:7C:53:AB:CA:D0:F5:2C:52:89:4C:A2:AB:C5:E9:DD
Certificate issuer:       /CN=eea02b197dbaf7deb74e0a27d9d4ecd3fae1e8ed
Certificate serial:       018CC500F17D9ABFFC59DAFCC6C0C031CAE7
Authority key identifier: EE:A0:2B:19:7D:BA:F7:DE:B7:4E:0A:27:D9:D4:EC:D3:FA:E1:E8:ED
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/7qArGX269963Tgon2dTs0_rh6O0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/nkE6OmV8U6vK0PUsUolMoqvF6d0.roa
Signing time:             Mon 01 Jan 2024 12:30:22 +0000
ROA not before:           Mon 01 Jan 2024 12:30:22 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     205196
IP address blocks:        104.247.181.0/24 maxlen: 24
                          104.247.187.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 23 Mar 2024 19:06:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:00:f1:7d:9a:bf:fc:59:da:fc:c6:c0:c0:31:ca:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eea02b197dbaf7deb74e0a27d9d4ecd3fae1e8ed
        Validity
            Not Before: Jan  1 12:30:22 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=9e413a3a657c53abcad0f52c52894ca2abc5e9dd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:51:5a:37:62:2e:25:1f:be:21:1d:21:1a:08:
                    21:0a:88:4b:61:cd:74:4f:a5:28:c7:bb:40:97:d0:
                    ef:13:5d:08:69:4a:a5:b6:0f:c7:03:db:72:65:c0:
                    a6:1e:1c:b4:97:5d:8a:5b:2f:2e:79:e2:9f:66:51:
                    6c:c6:09:0c:40:4e:5b:be:82:ae:70:be:d4:eb:83:
                    89:25:35:d3:88:18:54:b7:e2:e6:5a:37:d8:61:5c:
                    f6:ae:b7:cf:ff:d7:eb:ed:c7:b5:03:06:12:94:0c:
                    33:93:79:c8:3e:7d:0f:8e:11:d9:d1:95:b0:94:2c:
                    47:24:a8:3c:e7:c9:f3:2f:fe:6c:19:a4:7e:66:d0:
                    e1:26:02:60:c5:61:d5:c3:7f:e4:4d:2f:05:22:92:
                    bc:7f:ca:d5:63:a1:2d:74:e2:87:54:41:7f:de:f7:
                    aa:8f:e0:8d:21:d5:c7:da:c9:d5:2b:ba:34:a5:42:
                    5e:3e:5b:7e:96:e1:61:a3:e5:3c:f6:ba:f6:42:9f:
                    46:34:95:a7:4b:39:43:0d:29:b5:29:41:9e:4d:93:
                    15:ce:38:2b:5d:93:e0:e5:50:ad:41:d4:33:36:4c:
                    fb:27:7a:56:a0:3f:1d:e6:f6:0b:d5:dc:0b:7e:02:
                    df:52:9f:56:a5:a5:ce:94:ba:11:86:71:0d:70:14:
                    b1:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:41:3A:3A:65:7C:53:AB:CA:D0:F5:2C:52:89:4C:A2:AB:C5:E9:DD
            X509v3 Authority Key Identifier:
                keyid:EE:A0:2B:19:7D:BA:F7:DE:B7:4E:0A:27:D9:D4:EC:D3:FA:E1:E8:ED

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7qArGX269963Tgon2dTs0_rh6O0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/nkE6OmV8U6vK0PUsUolMoqvF6d0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/7qArGX269963Tgon2dTs0_rh6O0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  104.247.181.0/24
                  104.247.187.0/24

    Signature Algorithm: sha256WithRSAEncryption
         86:40:55:92:cd:9b:e5:db:43:e3:9f:3b:19:41:fe:84:c7:54:
         0b:ac:1f:be:58:3c:2b:4a:13:37:ff:5e:05:33:02:d3:e6:ab:
         3e:de:e0:06:c4:10:2d:3e:d0:80:8a:b4:10:61:7a:55:f8:04:
         1a:76:e0:5b:a9:f7:7e:77:6f:37:54:23:5a:39:d7:9f:03:ae:
         53:ec:9f:30:8f:8b:0c:8b:63:e1:38:9a:51:01:7a:38:d7:f6:
         31:ac:de:ea:dd:4b:4a:1c:70:54:47:11:05:f0:aa:e6:b2:1e:
         3d:b1:af:87:17:9f:51:70:19:3b:28:16:7f:ba:45:d6:cf:b5:
         ce:4f:53:ba:26:cc:38:77:c4:18:e5:c1:54:d3:7f:dc:c5:db:
         54:5e:45:b8:8b:4b:42:3b:1e:d0:72:60:34:8d:d7:ca:80:f8:
         70:ff:b3:d2:05:4f:56:72:48:65:84:14:ec:50:e2:8e:48:63:
         f1:80:e6:c5:e8:4f:85:14:b6:59:f8:71:18:66:95:ed:c7:c6:
         de:47:f1:63:58:47:b8:1c:d6:cc:5f:c4:0e:89:43:f0:d9:16:
         ce:df:9a:1c:ff:95:f6:d4:14:8b:d6:b0:2a:91:3b:af:5a:f5:
         a8:2b:b0:81:7a:75:fa:12:c7:ff:64:fd:35:57:92:6f:e3:e4:
         9c:c8:b5:81
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzFAPF9mr/8Wdr8xsDAMcrnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYTAyYjE5N2RiYWY3ZGViNzRlMGEyN2Q5ZDRlY2QzZmFl
MWU4ZWQwHhcNMjQwMTAxMTIzMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTQxM2EzYTY1N2M1M2FiY2FkMGY1MmM1Mjg5NGNhMmFiYzVlOWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAslFaN2IuJR++IR0hGgghCohLYc10
T6Uox7tAl9DvE10IaUqltg/HA9tyZcCmHhy0l12KWy8ueeKfZlFsxgkMQE5bvoKu
cL7U64OJJTXTiBhUt+LmWjfYYVz2rrfP/9fr7ce1AwYSlAwzk3nIPn0PjhHZ0ZWw
lCxHJKg858nzL/5sGaR+ZtDhJgJgxWHVw3/kTS8FIpK8f8rVY6EtdOKHVEF/3veq
j+CNIdXH2snVK7o0pUJePlt+luFho+U89rr2Qp9GNJWnSzlDDSm1KUGeTZMVzjgr
XZPg5VCtQdQzNkz7J3pWoD8d5vYL1dwLfgLfUp9WpaXOlLoRhnENcBSxSQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJ5BOjplfFOrytD1LFKJTKKrxendMB8GA1UdIwQY
MBaAFO6gKxl9uvfet04KJ9nU7NP64ejtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3FBckdYMjY5OTYzVGdvbjJkVHMwX3JoNk8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS85NzFiMTEtMjgwZS00Y2VkLWI5OWMt
YmJjY2FiOTEzYjVkLzEvbmtFNk9tVjhVNnZLMFBVc1VvbE1vcXZGNmQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS85NzFiMTEtMjgwZS00Y2VkLWI5OWMtYmJjY2FiOTEzYjVk
LzEvN3FBckdYMjY5OTYzVGdvbjJkVHMwX3JoNk8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAaPe1AwQA
aPe7MA0GCSqGSIb3DQEBCwUAA4IBAQCGQFWSzZvl20PjnzsZQf6Ex1QLrB++WDwr
ShM3/14FMwLT5qs+3uAGxBAtPtCAirQQYXpV+AQaduBbqfd+d283VCNaOdefA65T
7J8wj4sMi2PhOJpRAXo41/YxrN7q3UtKHHBURxEF8Krmsh49sa+HF59RcBk7KBZ/
ukXWz7XOT1O6Jsw4d8QY5cFU03/cxdtUXkW4i0tCOx7QcmA0jdfKgPhw/7PSBU9W
ckhlhBTsUOKOSGPxgObF6E+FFLZZ+HEYZpXtx8beR/FjWEe4HNbMX8QOiUPw2RbO
35oc/5X21BSL1rAqkTuvWvWoK7CBenX6Esf/ZP01V5Jv4+ScyLWB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:09 2024 by rpki-client on console-fra.rpki-client.org