Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/eaf81d-a9df-4a6a-b610-de05c54045bb/1/NoixOArL1LH2unWxPkwwJvLRhp0.roa
File:                     NoixOArL1LH2unWxPkwwJvLRhp0.roa (raw, json)
Hash identifier:          mjRuy3FnaMVZJpRx4rPwZ8EI36x4+dzxj6OcKGXe+6Y=
Subject key identifier:   36:88:B1:38:0A:CB:D4:B1:F6:BA:75:B1:3E:4C:30:26:F2:D1:86:9D
Certificate issuer:       /CN=52b9b9e256580c4344bb241445b4d52e54fdd50b
Certificate serial:       01856FD5273BBABAE612363B014CBD9207A2
Authority key identifier: 52:B9:B9:E2:56:58:0C:43:44:BB:24:14:45:B4:D5:2E:54:FD:D5:0B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Urm54lZYDENEuyQURbTVLlT91Qs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/18/eaf81d-a9df-4a6a-b610-de05c54045bb/1/NoixOArL1LH2unWxPkwwJvLRhp0.roa
Signing time:             Mon 02 Jan 2023 00:15:18 +0000
ROA not before:           Mon 02 Jan 2023 00:15:18 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     41350
IP address blocks:        85.223.143.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 16:29:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:d5:27:3b:ba:ba:e6:12:36:3b:01:4c:bd:92:07:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=52b9b9e256580c4344bb241445b4d52e54fdd50b
        Validity
            Not Before: Jan  2 00:15:18 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3688b1380acbd4b1f6ba75b13e4c3026f2d1869d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:09:8b:b2:25:c7:d3:b4:34:00:f7:6d:47:ff:
                    f8:99:f3:91:56:31:6d:0f:99:a1:4c:b7:85:d6:8c:
                    5c:5e:7a:36:03:5b:41:75:74:5b:fb:03:f3:3e:6b:
                    2d:d5:c6:ee:31:e2:35:9f:19:eb:bf:e5:55:7d:3b:
                    b3:d6:ad:d7:87:a5:2a:0a:63:60:7a:95:25:28:8a:
                    10:79:82:ac:6f:f6:5f:3c:65:46:c5:48:b7:27:bc:
                    0b:ba:5d:05:96:b9:3b:06:09:7a:5b:32:94:4f:46:
                    56:26:1d:07:c6:36:3d:91:5c:2c:66:c0:e7:ac:eb:
                    58:41:ec:1c:9f:35:57:eb:0a:88:c1:d9:d4:34:56:
                    7e:b7:9d:4e:b2:31:3f:c6:f8:97:08:0f:7a:d0:fd:
                    e4:83:2f:5c:27:52:f0:4a:70:7d:61:1d:74:7e:35:
                    0e:63:c5:15:79:bc:9a:06:36:71:d1:c7:2c:3d:b8:
                    f4:c8:5c:92:d8:f7:72:e4:b4:6e:ac:0e:cf:de:23:
                    18:32:e4:db:7b:71:58:a7:d1:b7:ce:ca:68:b1:c5:
                    b0:25:22:43:3c:b6:51:6d:15:06:4c:d7:22:1f:3f:
                    12:68:a8:38:b6:52:77:f3:52:4f:38:95:39:89:49:
                    e4:68:01:e5:84:59:b2:14:85:87:61:9d:c0:67:1a:
                    00:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:88:B1:38:0A:CB:D4:B1:F6:BA:75:B1:3E:4C:30:26:F2:D1:86:9D
            X509v3 Authority Key Identifier:
                keyid:52:B9:B9:E2:56:58:0C:43:44:BB:24:14:45:B4:D5:2E:54:FD:D5:0B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Urm54lZYDENEuyQURbTVLlT91Qs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/eaf81d-a9df-4a6a-b610-de05c54045bb/1/NoixOArL1LH2unWxPkwwJvLRhp0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/18/eaf81d-a9df-4a6a-b610-de05c54045bb/1/Urm54lZYDENEuyQURbTVLlT91Qs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.223.143.0/24

    Signature Algorithm: sha256WithRSAEncryption
         88:3f:7a:35:76:99:4f:99:b7:1b:6b:ff:30:a0:90:2b:cd:ba:
         3b:0d:bd:9a:be:f1:59:26:c7:f9:e2:39:0a:c9:5d:38:5a:fa:
         55:9c:20:1a:ac:fe:ff:16:7e:89:e4:5e:7b:57:7c:96:2c:81:
         68:bd:f1:59:1d:22:eb:21:39:76:85:2b:40:33:36:fe:91:4c:
         3e:0e:35:e5:33:c3:79:6a:24:db:3e:7d:0a:3b:76:20:0c:44:
         ba:ab:40:92:e9:a0:4f:e1:e6:9c:b4:30:31:cd:dc:81:47:f5:
         71:e6:81:2e:cb:f4:c2:ef:92:64:fb:b3:cd:d6:43:d4:db:6d:
         3f:d3:9e:2e:64:28:2f:73:fa:8e:07:93:b6:8c:99:20:52:65:
         d3:ab:13:47:31:bc:60:cf:02:0d:7e:af:4a:62:17:15:b8:69:
         bf:35:f8:5e:a9:9a:8b:43:c0:f4:87:ba:21:16:6d:bf:29:d4:
         3c:de:dc:a7:34:11:55:0d:1f:ce:6b:8a:36:f5:70:39:bd:2c:
         35:f3:32:fb:92:1c:47:30:70:a2:43:f1:04:be:ea:96:5d:62:
         40:02:77:c4:cb:b3:72:81:ec:80:c2:14:0d:1f:5a:b3:76:68:
         bd:cb:53:7b:f9:96:b4:39:5a:28:07:69:91:4b:e8:e7:fa:03:
         9c:c5:10:23
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv1Sc7urrmEjY7AUy9kgeiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyYjliOWUyNTY1ODBjNDM0NGJiMjQxNDQ1YjRkNTJlNTRm
ZGQ1MGIwHhcNMjMwMTAyMDAxNTE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjg4YjEzODBhY2JkNGIxZjZiYTc1YjEzZTRjMzAyNmYyZDE4NjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmAmLsiXH07Q0APdtR//4mfORVjFt
D5mhTLeF1oxcXno2A1tBdXRb+wPzPmst1cbuMeI1nxnrv+VVfTuz1q3Xh6UqCmNg
epUlKIoQeYKsb/ZfPGVGxUi3J7wLul0Flrk7Bgl6WzKUT0ZWJh0HxjY9kVwsZsDn
rOtYQewcnzVX6wqIwdnUNFZ+t51OsjE/xviXCA960P3kgy9cJ1LwSnB9YR10fjUO
Y8UVebyaBjZx0ccsPbj0yFyS2Pdy5LRurA7P3iMYMuTbe3FYp9G3zsposcWwJSJD
PLZRbRUGTNciHz8SaKg4tlJ381JPOJU5iUnkaAHlhFmyFIWHYZ3AZxoAUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDaIsTgKy9Sx9rp1sT5MMCby0YadMB8GA1UdIwQY
MBaAFFK5ueJWWAxDRLskFEW01S5U/dULMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXJtNTRsWllERU5FdXlRVVJiVFZMbFQ5MVFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9lYWY4MWQtYTlkZi00YTZhLWI2MTAt
ZGUwNWM1NDA0NWJiLzEvTm9peE9BckwxTEgydW5XeFBrd3dKdkxSaHAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9lYWY4MWQtYTlkZi00YTZhLWI2MTAtZGUwNWM1NDA0NWJi
LzEvVXJtNTRsWllERU5FdXlRVVJiVFZMbFQ5MVFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVd+PMA0G
CSqGSIb3DQEBCwUAA4IBAQCIP3o1dplPmbcba/8woJArzbo7Db2avvFZJsf54jkK
yV04WvpVnCAarP7/Fn6J5F57V3yWLIFovfFZHSLrITl2hStAMzb+kUw+DjXlM8N5
aiTbPn0KO3YgDES6q0CS6aBP4eactDAxzdyBR/Vx5oEuy/TC75Jk+7PN1kPU220/
054uZCgvc/qOB5O2jJkgUmXTqxNHMbxgzwINfq9KYhcVuGm/NfheqZqLQ8D0h7oh
Fm2/KdQ83tynNBFVDR/Oa4o29XA5vSw18zL7khxHMHCiQ/EEvuqWXWJAAnfEy7Ny
geyAwhQNH1qzdmi9y1N7+Za0OVooB2mRS+jn+gOcxRAj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:57 2024 by rpki-client on console-fra.rpki-client.org