Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/2ddd58-6037-494b-992f-ab8e97d855cc/1/nleERHVDJaAvfYr4jdOF7T09XK8.roa
File:                     nleERHVDJaAvfYr4jdOF7T09XK8.roa (raw, json)
Hash identifier:          IfF6m3NWW33S/xL4OTn6YTdRbXg9o+jJrvJaBsNpd10=
Subject key identifier:   9E:57:84:44:75:43:25:A0:2F:7D:8A:F8:8D:D3:85:ED:3D:3D:5C:AF
Certificate issuer:       /CN=459b2fd0053bdd7e7775398db163bee8772478a5
Certificate serial:       01857102D8DD5F3532A4F2DFAF2329FB3298
Authority key identifier: 45:9B:2F:D0:05:3B:DD:7E:77:75:39:8D:B1:63:BE:E8:77:24:78:A5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RZsv0AU73X53dTmNsWO-6HckeKU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/2ddd58-6037-494b-992f-ab8e97d855cc/1/nleERHVDJaAvfYr4jdOF7T09XK8.roa
Signing time:             Mon 02 Jan 2023 05:44:50 +0000
ROA not before:           Mon 02 Jan 2023 05:44:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     174
IP address blocks:        209.127.202.0/24 maxlen: 24
                          2a01:4ce0:50::/48 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:02:d8:dd:5f:35:32:a4:f2:df:af:23:29:fb:32:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=459b2fd0053bdd7e7775398db163bee8772478a5
        Validity
            Not Before: Jan  2 05:44:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9e578444754325a02f7d8af88dd385ed3d3d5caf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:57:22:c9:fc:76:df:b4:d4:2b:c1:92:11:9d:
                    e8:ac:dc:4d:de:26:cd:d0:28:d2:a7:ce:af:c4:59:
                    81:ef:a0:3b:c7:30:df:e6:92:e6:5a:3c:d4:8c:68:
                    e4:05:c5:c9:dc:34:f1:3c:70:a3:d2:82:8c:e8:e5:
                    4e:f6:34:97:77:69:13:29:0a:53:8e:f1:9c:07:79:
                    18:ad:87:ab:cd:d4:35:00:20:1b:5f:9d:cb:ff:a5:
                    55:08:e6:09:d1:18:a8:b1:73:8a:a6:8e:23:da:da:
                    0a:0f:d3:28:6b:ba:df:1f:c1:ea:c9:45:3d:ca:69:
                    99:65:49:06:26:51:2f:97:bf:61:ca:a0:36:72:19:
                    57:2e:19:52:ef:28:d6:4f:1e:58:8f:f4:a0:91:81:
                    25:08:58:4a:b4:65:1d:af:e3:6f:14:89:d6:a9:0b:
                    2b:72:ca:a4:a6:81:0d:58:61:b4:05:03:d1:3a:28:
                    9a:27:46:e3:02:58:a9:49:18:95:c7:90:10:d1:82:
                    68:2d:22:74:ea:f0:63:90:e1:3b:32:60:48:49:1f:
                    81:15:d9:b6:df:45:a3:37:32:83:0a:ec:e9:cd:e6:
                    93:74:0f:90:de:54:27:e5:e2:a9:df:9e:77:fc:03:
                    55:69:5b:b7:1d:1d:6f:70:b5:1f:0a:f2:04:33:3f:
                    53:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:57:84:44:75:43:25:A0:2F:7D:8A:F8:8D:D3:85:ED:3D:3D:5C:AF
            X509v3 Authority Key Identifier:
                keyid:45:9B:2F:D0:05:3B:DD:7E:77:75:39:8D:B1:63:BE:E8:77:24:78:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RZsv0AU73X53dTmNsWO-6HckeKU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/2ddd58-6037-494b-992f-ab8e97d855cc/1/nleERHVDJaAvfYr4jdOF7T09XK8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/2ddd58-6037-494b-992f-ab8e97d855cc/1/RZsv0AU73X53dTmNsWO-6HckeKU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  209.127.202.0/24
                IPv6:
                  2a01:4ce0:50::/48

    Signature Algorithm: sha256WithRSAEncryption
         6c:97:b4:91:cc:0e:b7:19:aa:18:7a:a3:9b:af:f6:79:00:86:
         71:ed:0f:06:e8:36:5c:5c:8b:b2:cc:7d:7b:85:67:41:96:29:
         7c:09:d6:f5:ca:62:93:1e:d8:c2:1f:45:0a:31:02:c9:5c:6c:
         f3:64:6a:78:4e:ed:c1:f6:a5:c1:fd:c0:f8:3a:81:c1:e2:40:
         48:15:2e:8f:af:8b:ee:08:37:22:86:5b:d6:f4:3f:05:29:59:
         6c:57:28:33:b0:f3:68:ba:bd:f5:d9:2d:cd:76:11:f8:9a:6e:
         ac:f6:9f:7e:28:00:08:bd:43:2c:2f:57:79:15:03:96:71:10:
         8f:1f:d6:e6:5d:2a:a0:e3:78:63:e8:40:c7:94:a2:44:e3:2b:
         8b:bd:6a:08:7e:40:e5:13:f6:da:04:af:54:a7:f1:8b:e4:25:
         5a:85:e7:b9:06:1c:7c:04:8a:ef:1e:24:ad:34:47:14:e4:7b:
         2a:3f:78:26:42:8d:71:d5:67:fe:3e:8e:5e:bb:2f:99:90:c6:
         be:d5:8c:8a:9b:69:35:13:37:aa:e6:67:c6:03:7e:8b:ff:e9:
         cc:09:74:af:de:cb:74:e2:73:83:5b:69:d8:38:54:cb:eb:87:
         0a:cd:de:0c:17:e5:fb:7c:84:a0:5d:5f:a3:fc:98:f9:c7:e0:
         30:fb:5e:38
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVxAtjdXzUypPLfryMp+zKYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1OWIyZmQwMDUzYmRkN2U3Nzc1Mzk4ZGIxNjNiZWU4Nzcy
NDc4YTUwHhcNMjMwMTAyMDU0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTU3ODQ0NDc1NDMyNWEwMmY3ZDhhZjg4ZGQzODVlZDNkM2Q1Y2FmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqFciyfx237TUK8GSEZ3orNxN3ibN
0CjSp86vxFmB76A7xzDf5pLmWjzUjGjkBcXJ3DTxPHCj0oKM6OVO9jSXd2kTKQpT
jvGcB3kYrYerzdQ1ACAbX53L/6VVCOYJ0RiosXOKpo4j2toKD9Moa7rfH8HqyUU9
ymmZZUkGJlEvl79hyqA2chlXLhlS7yjWTx5Yj/SgkYElCFhKtGUdr+NvFInWqQsr
csqkpoENWGG0BQPROiiaJ0bjAlipSRiVx5AQ0YJoLSJ06vBjkOE7MmBISR+BFdm2
30WjNzKDCuzpzeaTdA+Q3lQn5eKp3553/ANVaVu3HR1vcLUfCvIEMz9T2QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJ5XhER1QyWgL32K+I3The09PVyvMB8GA1UdIwQY
MBaAFEWbL9AFO91+d3U5jbFjvuh3JHilMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlpzdjBBVTczWDUzZFRtTnNXTy02SGNrZUtVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8yZGRkNTgtNjAzNy00OTRiLTk5MmYt
YWI4ZTk3ZDg1NWNjLzEvbmxlRVJIVkRKYUF2ZllyNGpkT0Y3VDA5WEs4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy8yZGRkNTgtNjAzNy00OTRiLTk5MmYtYWI4ZTk3ZDg1NWNj
LzEvUlpzdjBBVTczWDUzZFRtTnNXTy02SGNrZUtVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQA0X/KMA8E
AgACMAkDBwAqAUzgAFAwDQYJKoZIhvcNAQELBQADggEBAGyXtJHMDrcZqhh6o5uv
9nkAhnHtDwboNlxci7LMfXuFZ0GWKXwJ1vXKYpMe2MIfRQoxAslcbPNkanhO7cH2
pcH9wPg6gcHiQEgVLo+vi+4INyKGW9b0PwUpWWxXKDOw82i6vfXZLc12Efiabqz2
n34oAAi9QywvV3kVA5ZxEI8f1uZdKqDjeGPoQMeUokTjK4u9agh+QOUT9toEr1Sn
8YvkJVqF57kGHHwEiu8eJK00RxTkeyo/eCZCjXHVZ/4+jl67L5mQxr7VjIqbaTUT
N6rmZ8YDfov/6cwJdK/ey3Tic4Nbadg4VMvrhwrN3gwX5ft8hKBdX6P8mPnH4DD7
Xjg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:23 2024 by rpki-client on console-fra.rpki-client.org