Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/NhxJF46Wz4gIc8z-tPLzFRdpiIQ.roa
File:                     NhxJF46Wz4gIc8z-tPLzFRdpiIQ.roa (raw, json)
Hash identifier:          JZfVH6qCisM7+6ZSXWtKmMmuWENhG3gwVdpHR/4hxBQ=
Subject key identifier:   36:1C:49:17:8E:96:CF:88:08:73:CC:FE:B4:F2:F3:15:17:69:88:84
Certificate issuer:       /CN=f4d08a1e1cbc909254e9e6b9c939fd85a268b1e1
Certificate serial:       01856EA68BAA2CAB190C784113977334AF11
Authority key identifier: F4:D0:8A:1E:1C:BC:90:92:54:E9:E6:B9:C9:39:FD:85:A2:68:B1:E1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/9NCKHhy8kJJU6ea5yTn9haJoseE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/NhxJF46Wz4gIc8z-tPLzFRdpiIQ.roa
Signing time:             Sun 01 Jan 2023 18:44:46 +0000
ROA not before:           Sun 01 Jan 2023 18:44:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     399641
IP address blocks:        193.160.8.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:30:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:a6:8b:aa:2c:ab:19:0c:78:41:13:97:73:34:af:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f4d08a1e1cbc909254e9e6b9c939fd85a268b1e1
        Validity
            Not Before: Jan  1 18:44:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=361c49178e96cf880873ccfeb4f2f31517698884
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:26:d0:82:9c:d1:87:40:3e:01:83:e9:fb:2d:
                    d2:da:d2:85:51:e8:2b:99:e0:dd:4d:2a:30:1d:dd:
                    4e:c1:50:f7:ee:1d:58:d3:07:76:18:f2:f6:46:54:
                    0a:1f:6b:dc:fb:ba:fd:97:f1:2b:44:1d:3f:51:83:
                    7c:31:40:5e:3d:54:8e:5b:1e:47:4a:5b:51:42:e7:
                    a2:1e:43:d7:ee:a4:2d:6f:d6:31:c8:fc:da:58:09:
                    d5:9b:6b:9f:23:35:7c:6f:da:56:7b:d9:c4:8e:10:
                    4b:15:26:69:79:ee:93:bd:8e:5a:13:c9:be:4a:3e:
                    12:cc:bd:21:69:ae:99:e7:3b:30:90:3e:3b:cd:19:
                    f8:ed:fa:32:ae:33:5e:d0:af:03:fe:3b:32:df:85:
                    e7:16:f8:e0:43:bd:06:89:b0:97:62:24:c2:19:0f:
                    d9:23:3d:d5:ad:88:70:0c:27:fc:59:0a:43:98:43:
                    f8:19:60:c2:4b:24:2d:9d:fa:35:43:b4:bd:46:43:
                    df:d3:4f:a9:82:88:47:71:58:66:47:2e:e7:c6:2a:
                    e5:a4:74:93:33:b0:8e:c7:f7:08:09:4c:1a:32:b3:
                    27:1e:98:4c:72:40:af:65:3a:27:8d:67:7a:6f:3f:
                    fa:84:8f:6a:05:b3:41:3b:95:ef:89:0d:de:97:fe:
                    ea:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:1C:49:17:8E:96:CF:88:08:73:CC:FE:B4:F2:F3:15:17:69:88:84
            X509v3 Authority Key Identifier:
                keyid:F4:D0:8A:1E:1C:BC:90:92:54:E9:E6:B9:C9:39:FD:85:A2:68:B1:E1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9NCKHhy8kJJU6ea5yTn9haJoseE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/NhxJF46Wz4gIc8z-tPLzFRdpiIQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/649fdc-0d3a-41ec-a1ce-dce947e294b6/1/9NCKHhy8kJJU6ea5yTn9haJoseE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.160.8.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9f:ca:70:c4:11:9f:4c:0c:c5:51:34:32:75:ea:64:4b:36:35:
         08:6c:b7:d5:4b:4e:1f:2f:8e:f7:d8:6e:ae:ef:1f:1f:ca:3b:
         9b:06:55:f2:a1:ae:e0:ca:98:be:0e:1e:2b:c6:c6:bc:dd:e7:
         93:fd:f5:46:04:39:25:83:a4:ea:ac:93:57:e4:1e:6d:f2:a6:
         f3:99:cb:fc:f3:e6:fb:e3:c4:9c:51:20:4b:35:0f:2b:d4:96:
         83:14:67:18:bd:50:f6:78:eb:99:a1:4e:98:33:d9:e6:af:84:
         bf:6a:bc:5f:af:5c:70:c2:e0:19:84:c1:40:86:e3:0d:ac:cd:
         1c:b6:4f:fb:c5:9d:76:9f:76:69:c4:db:84:90:d9:5d:1a:f0:
         ca:d1:22:74:47:1a:2b:ac:63:84:96:3f:63:af:83:89:6e:47:
         fa:fd:ce:95:7f:62:26:2b:2f:43:81:59:2e:48:38:c3:3b:7a:
         9c:c3:3a:d9:1c:fc:89:84:24:6d:2c:69:18:95:2f:34:2c:f0:
         00:59:26:4e:6d:af:14:25:3c:1a:bd:db:2c:2f:84:74:4a:b1:
         5b:79:eb:07:b9:17:c0:86:8f:f0:15:de:89:56:1b:29:b6:d3:
         e6:55:33:9e:5e:25:33:1b:d3:75:0f:06:79:87:09:a8:8e:2f:
         9f:9a:56:8b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVupouqLKsZDHhBE5dzNK8RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0ZDA4YTFlMWNiYzkwOTI1NGU5ZTZiOWM5MzlmZDg1YTI2
OGIxZTEwHhcNMjMwMTAxMTg0NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjFjNDkxNzhlOTZjZjg4MDg3M2NjZmViNGYyZjMxNTE3Njk4ODg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsybQgpzRh0A+AYPp+y3S2tKFUegr
meDdTSowHd1OwVD37h1Y0wd2GPL2RlQKH2vc+7r9l/ErRB0/UYN8MUBePVSOWx5H
SltRQueiHkPX7qQtb9YxyPzaWAnVm2ufIzV8b9pWe9nEjhBLFSZpee6TvY5aE8m+
Sj4SzL0haa6Z5zswkD47zRn47foyrjNe0K8D/jsy34XnFvjgQ70GibCXYiTCGQ/Z
Iz3VrYhwDCf8WQpDmEP4GWDCSyQtnfo1Q7S9RkPf00+pgohHcVhmRy7nxirlpHST
M7COx/cICUwaMrMnHphMckCvZTonjWd6bz/6hI9qBbNBO5XviQ3el/7qqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDYcSReOls+ICHPM/rTy8xUXaYiEMB8GA1UdIwQY
MBaAFPTQih4cvJCSVOnmuck5/YWiaLHhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOU5DS0hoeThrSkpVNmVhNXlUbjloYUpvc2VFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NDlmZGMtMGQzYS00MWVjLWExY2Ut
ZGNlOTQ3ZTI5NGI2LzEvTmh4SkY0Nld6NGdJYzh6LXRQTHpGUmRwaUlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NDlmZGMtMGQzYS00MWVjLWExY2UtZGNlOTQ3ZTI5NGI2
LzEvOU5DS0hoeThrSkpVNmVhNXlUbjloYUpvc2VFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwaAIMA0G
CSqGSIb3DQEBCwUAA4IBAQCfynDEEZ9MDMVRNDJ16mRLNjUIbLfVS04fL4732G6u
7x8fyjubBlXyoa7gypi+Dh4rxsa83eeT/fVGBDklg6TqrJNX5B5t8qbzmcv88+b7
48ScUSBLNQ8r1JaDFGcYvVD2eOuZoU6YM9nmr4S/arxfr1xwwuAZhMFAhuMNrM0c
tk/7xZ12n3ZpxNuEkNldGvDK0SJ0RxorrGOElj9jr4OJbkf6/c6Vf2ImKy9DgVku
SDjDO3qcwzrZHPyJhCRtLGkYlS80LPAAWSZOba8UJTwavdssL4R0SrFbeesHuRfA
ho/wFd6JVhspttPmVTOeXiUzG9N1DwZ5hwmoji+fmlaL
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:30 2024 by rpki-client on console-fra.rpki-client.org