Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/3bGpuMQ48YohQoK6LNyuM0tvToQ.roa
File:                     3bGpuMQ48YohQoK6LNyuM0tvToQ.roa (raw, json)
Hash identifier:          EKeQO3yZyNnzBvboG8ue+J/IklT5CXVCwukXqzCLE/0=
Subject key identifier:   DD:B1:A9:B8:C4:38:F1:8A:21:42:82:BA:2C:DC:AE:33:4B:6F:4E:84
Certificate issuer:       /CN=9f0743496c7ff3effb870601139cad9d2f271e10
Certificate serial:       0188D8DF7B0DE2BC22114DCFEED3A0348C9F
Authority key identifier: 9F:07:43:49:6C:7F:F3:EF:FB:87:06:01:13:9C:AD:9D:2F:27:1E:10
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nwdDSWx_8-_7hwYBE5ytnS8nHhA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/3bGpuMQ48YohQoK6LNyuM0tvToQ.roa
Signing time:             Tue 20 Jun 2023 12:55:04 +0000
ROA not before:           Tue 20 Jun 2023 12:55:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     210636
IP address blocks:        193.228.224.0/24 maxlen: 24
                          185.89.249.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:30:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:d8:df:7b:0d:e2:bc:22:11:4d:cf:ee:d3:a0:34:8c:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9f0743496c7ff3effb870601139cad9d2f271e10
        Validity
            Not Before: Jun 20 12:55:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ddb1a9b8c438f18a214282ba2cdcae334b6f4e84
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:db:17:c4:f6:ba:f2:86:b2:47:e8:f5:72:f8:
                    70:ce:41:62:0f:93:ba:06:6e:f3:c5:26:59:c3:54:
                    47:82:8d:0a:93:bc:0e:bc:5c:d6:9b:6c:f7:1c:7a:
                    b5:c6:44:b0:df:f4:84:8d:e3:95:11:bb:f2:5a:34:
                    3b:cc:5f:ed:d0:b9:c8:60:d4:de:54:3a:59:b4:ef:
                    d7:f7:7d:d7:6a:95:6c:03:0a:a4:19:73:cc:88:2b:
                    11:f0:f9:20:50:b5:44:ea:2a:df:cf:e8:97:c8:95:
                    15:4c:ab:ac:e6:4e:40:3b:ff:53:ce:07:62:e9:b1:
                    5d:a5:c0:13:d3:c0:23:de:ae:dc:93:cc:b1:b5:e7:
                    2f:5c:1e:cc:c1:86:b1:18:9f:98:76:cf:1d:ab:12:
                    d4:6a:66:42:ca:5f:6f:1d:b8:22:1b:4b:43:1e:77:
                    b2:29:0f:d2:02:bf:89:9c:0f:e6:d5:a9:b9:b6:ea:
                    e1:ac:aa:20:35:2a:dc:ff:63:d1:43:ca:41:f3:51:
                    1d:6b:06:d3:0e:f7:89:74:b0:f2:ad:31:35:8e:df:
                    96:8a:7b:31:af:9d:9c:d2:63:c8:bb:3f:c5:93:77:
                    f5:2b:24:2c:bf:2d:73:d9:11:3c:ea:44:15:ba:ea:
                    0a:5e:40:e4:a6:ed:e3:f3:6c:5b:74:36:a2:96:23:
                    94:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:B1:A9:B8:C4:38:F1:8A:21:42:82:BA:2C:DC:AE:33:4B:6F:4E:84
            X509v3 Authority Key Identifier:
                keyid:9F:07:43:49:6C:7F:F3:EF:FB:87:06:01:13:9C:AD:9D:2F:27:1E:10

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nwdDSWx_8-_7hwYBE5ytnS8nHhA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/3bGpuMQ48YohQoK6LNyuM0tvToQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/nwdDSWx_8-_7hwYBE5ytnS8nHhA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.89.249.0/24
                  193.228.224.0/24

    Signature Algorithm: sha256WithRSAEncryption
         78:c3:c9:ad:81:48:82:c5:69:1c:cf:69:a7:8a:5c:dc:56:37:
         41:a1:e9:66:80:44:21:03:ce:69:71:6b:98:f1:95:da:14:89:
         d6:68:57:d5:c6:5b:4e:1b:1a:a3:76:69:9b:b4:41:89:85:0e:
         b0:af:ff:21:18:cc:11:c2:1d:04:0c:72:46:ee:2f:59:fe:c9:
         4b:59:03:0d:b2:3e:bc:12:96:da:7d:c0:6a:01:42:2d:aa:c9:
         1a:f1:43:66:7d:1a:c4:fb:dc:25:8d:63:90:2b:f1:18:d7:4d:
         63:4f:66:b9:a9:f2:43:67:96:56:fc:4d:7c:23:ae:9c:35:71:
         c9:b5:60:dc:f2:fc:22:28:17:d1:07:7e:76:4d:c3:8f:64:e1:
         42:cc:dc:fe:8e:a6:96:5e:c2:a3:4b:b0:29:23:b9:18:85:d8:
         b8:5f:d1:f8:1e:d1:48:82:92:c3:f2:88:1e:aa:63:c5:16:52:
         88:5b:56:1b:24:11:d9:06:f1:9f:2b:6e:db:f2:fb:bf:fd:ac:
         49:c6:7b:3c:3a:ac:0a:8d:16:b2:2f:7b:27:be:f6:30:fb:52:
         6a:bd:30:ab:52:a6:c6:bf:6d:4c:19:5e:10:e4:ca:d3:13:af:
         1d:57:3f:52:eb:f8:48:ae:0d:95:26:52:4c:dc:17:ed:00:14:
         72:82:de:8f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYjY33sN4rwiEU3P7tOgNIyfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMDc0MzQ5NmM3ZmYzZWZmYjg3MDYwMTEzOWNhZDlkMmYy
NzFlMTAwHhcNMjMwNjIwMTI1NTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGIxYTliOGM0MzhmMThhMjE0MjgyYmEyY2RjYWUzMzRiNmY0ZTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn9sXxPa68oayR+j1cvhwzkFiD5O6
Bm7zxSZZw1RHgo0Kk7wOvFzWm2z3HHq1xkSw3/SEjeOVEbvyWjQ7zF/t0LnIYNTe
VDpZtO/X933XapVsAwqkGXPMiCsR8PkgULVE6irfz+iXyJUVTKus5k5AO/9Tzgdi
6bFdpcAT08Aj3q7ck8yxtecvXB7MwYaxGJ+Yds8dqxLUamZCyl9vHbgiG0tDHney
KQ/SAr+JnA/m1am5turhrKogNSrc/2PRQ8pB81EdawbTDveJdLDyrTE1jt+Winsx
r52c0mPIuz/Fk3f1KyQsvy1z2RE86kQVuuoKXkDkpu3j82xbdDailiOU6wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN2xqbjEOPGKIUKCuizcrjNLb06EMB8GA1UdIwQY
MBaAFJ8HQ0lsf/Pv+4cGAROcrZ0vJx4QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbndkRFNXeF84LV83aHdZQkU1eXRuUzhuSGhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8yMmI3YWItZmMxMS00MDdhLWJkM2Mt
NjM0MTEzNjdkOTBhLzEvM2JHcHVNUTQ4WW9oUW9LNkxOeXVNMHR2VG9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS8yMmI3YWItZmMxMS00MDdhLWJkM2MtNjM0MTEzNjdkOTBh
LzEvbndkRFNXeF84LV83aHdZQkU1eXRuUzhuSGhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuVn5AwQA
weTgMA0GCSqGSIb3DQEBCwUAA4IBAQB4w8mtgUiCxWkcz2mnilzcVjdBoelmgEQh
A85pcWuY8ZXaFInWaFfVxltOGxqjdmmbtEGJhQ6wr/8hGMwRwh0EDHJG7i9Z/slL
WQMNsj68EpbafcBqAUItqska8UNmfRrE+9wljWOQK/EY101jT2a5qfJDZ5ZW/E18
I66cNXHJtWDc8vwiKBfRB352TcOPZOFCzNz+jqaWXsKjS7ApI7kYhdi4X9H4HtFI
gpLD8ogeqmPFFlKIW1YbJBHZBvGfK27b8vu//axJxns8OqwKjRayL3snvvYw+1Jq
vTCrUqbGv21MGV4Q5MrTE68dVz9S6/hIrg2VJlJM3BftABRygt6P
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:00 2024 by rpki-client on console-ams.rpki-client.org