Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/d55dc1-7604-4c8d-a1b4-39f8e2b4675d/1/nJEV41aIUQyXx8UTcq8MVk4Picc.roa
File:                     nJEV41aIUQyXx8UTcq8MVk4Picc.roa (raw, json)
Hash identifier:          eRzhvVWNP9XG26yxpqIM5VmvTTJGdF0cVGM8thY4IwQ=
Subject key identifier:   9C:91:15:E3:56:88:51:0C:97:C7:C5:13:72:AF:0C:56:4E:0F:89:C7
Certificate issuer:       /CN=496b0058971d2993a57a5b1cb6cdff5d2eb44e3f
Certificate serial:       01856F42C80F0B9C8C98764DFF80C82652E2
Authority key identifier: 49:6B:00:58:97:1D:29:93:A5:7A:5B:1C:B6:CD:FF:5D:2E:B4:4E:3F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SWsAWJcdKZOlelscts3_XS60Tj8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/d55dc1-7604-4c8d-a1b4-39f8e2b4675d/1/nJEV41aIUQyXx8UTcq8MVk4Picc.roa
Signing time:             Sun 01 Jan 2023 21:35:25 +0000
ROA not before:           Sun 01 Jan 2023 21:35:25 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     59472
IP address blocks:        5.152.160.0/21 maxlen: 24
                          185.94.68.0/22 maxlen: 24
                          2a01:8f40::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:42:c8:0f:0b:9c:8c:98:76:4d:ff:80:c8:26:52:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=496b0058971d2993a57a5b1cb6cdff5d2eb44e3f
        Validity
            Not Before: Jan  1 21:35:25 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9c9115e35688510c97c7c51372af0c564e0f89c7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f3:3e:46:e9:29:9e:b0:65:12:3f:2b:88:63:21:
                    64:8d:1a:22:58:b3:e4:ff:0f:cc:e3:c2:a1:b3:e8:
                    a7:08:c4:2b:b5:be:7f:e8:7f:56:aa:27:f6:e6:99:
                    88:fc:a2:00:7c:15:51:e7:ea:9f:8e:c5:27:d0:f6:
                    c4:e9:0e:ce:8e:e2:a0:6e:80:cf:6f:e3:dd:55:d7:
                    cd:d9:7d:d1:98:ae:3e:17:93:34:b6:dc:52:4b:14:
                    42:f7:34:f8:c1:10:5b:6c:3b:1f:a9:58:3a:d3:6b:
                    05:31:aa:b2:f7:2a:68:a7:ea:bb:3d:16:02:28:a0:
                    94:33:e5:6e:94:f7:61:fa:f8:8f:c5:97:10:33:42:
                    6a:f5:fc:ba:e0:f7:e6:54:b1:8f:9a:d5:e6:31:78:
                    e9:35:be:54:d9:6f:cd:27:83:ae:c7:2d:68:a3:2e:
                    94:10:76:92:1a:ee:96:95:99:29:00:06:ad:bb:ba:
                    81:62:45:3d:c4:84:c5:f5:68:0f:79:9b:c9:cd:51:
                    3d:4a:45:b4:12:58:2c:90:26:2c:03:82:96:a1:60:
                    87:5e:d7:f7:68:ec:d3:73:44:cd:7b:b7:d1:f1:ce:
                    fe:61:17:14:6f:30:c8:a9:89:99:a5:3c:d6:0f:35:
                    56:98:fa:33:96:24:11:f6:ba:72:bd:b4:a9:8e:24:
                    32:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:91:15:E3:56:88:51:0C:97:C7:C5:13:72:AF:0C:56:4E:0F:89:C7
            X509v3 Authority Key Identifier:
                keyid:49:6B:00:58:97:1D:29:93:A5:7A:5B:1C:B6:CD:FF:5D:2E:B4:4E:3F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SWsAWJcdKZOlelscts3_XS60Tj8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/d55dc1-7604-4c8d-a1b4-39f8e2b4675d/1/nJEV41aIUQyXx8UTcq8MVk4Picc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/d55dc1-7604-4c8d-a1b4-39f8e2b4675d/1/SWsAWJcdKZOlelscts3_XS60Tj8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.152.160.0/21
                  185.94.68.0/22
                IPv6:
                  2a01:8f40::/32

    Signature Algorithm: sha256WithRSAEncryption
         5d:0c:15:3c:42:9b:7a:47:d8:ea:d3:36:74:89:b6:c0:ae:a6:
         f2:6d:7b:f5:95:51:1a:30:f0:4e:67:3e:5a:fe:90:f4:1b:70:
         49:d2:f7:b9:f9:64:6b:39:de:10:ed:02:d1:83:ca:d3:c1:ac:
         9d:fa:13:a6:d2:e7:ea:23:16:ce:37:51:81:81:7b:27:96:0c:
         be:56:a1:02:8e:df:66:0a:9c:c4:53:b6:1a:95:ec:c0:ee:12:
         50:b5:43:64:c3:07:37:e0:fa:78:db:be:af:fa:17:d1:41:5e:
         cb:2f:34:5b:c3:35:5e:7a:52:78:83:75:fa:24:a0:08:33:6c:
         75:6c:96:f7:df:5d:19:12:20:96:9f:70:e0:56:ae:46:54:73:
         a3:2d:a5:7a:b4:fe:19:a1:0f:b1:51:04:59:4d:40:81:73:89:
         2f:87:65:6d:be:65:01:f9:9a:6b:f5:1e:82:b9:bd:f3:8b:19:
         7d:7b:b1:02:2a:87:b3:2d:f2:35:c6:2d:4c:30:08:ff:d6:c1:
         02:ce:eb:70:8e:4e:aa:00:33:8f:f1:43:38:98:ab:fb:d7:bc:
         d9:12:d2:05:50:a6:76:99:04:ca:eb:ed:68:21:b7:b0:35:2f:
         ce:ca:d0:48:89:77:9d:2c:4f:15:ff:6b:f6:f8:37:e6:32:8b:
         17:05:ab:5f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVvQsgPC5yMmHZN/4DIJlLiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5NmIwMDU4OTcxZDI5OTNhNTdhNWIxY2I2Y2RmZjVkMmVi
NDRlM2YwHhcNMjMwMTAxMjEzNTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzkxMTVlMzU2ODg1MTBjOTdjN2M1MTM3MmFmMGM1NjRlMGY4OWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8z5G6SmesGUSPyuIYyFkjRoiWLPk
/w/M48Khs+inCMQrtb5/6H9Wqif25pmI/KIAfBVR5+qfjsUn0PbE6Q7OjuKgboDP
b+PdVdfN2X3RmK4+F5M0ttxSSxRC9zT4wRBbbDsfqVg602sFMaqy9ypop+q7PRYC
KKCUM+VulPdh+viPxZcQM0Jq9fy64PfmVLGPmtXmMXjpNb5U2W/NJ4Ouxy1ooy6U
EHaSGu6WlZkpAAatu7qBYkU9xITF9WgPeZvJzVE9SkW0ElgskCYsA4KWoWCHXtf3
aOzTc0TNe7fR8c7+YRcUbzDIqYmZpTzWDzVWmPozliQR9rpyvbSpjiQyhQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJyRFeNWiFEMl8fFE3KvDFZOD4nHMB8GA1UdIwQY
MBaAFElrAFiXHSmTpXpbHLbN/10utE4/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1dzQVdKY2RLWk9sZWxzY3RzM19YUzYwVGo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9kNTVkYzEtNzYwNC00YzhkLWExYjQt
MzlmOGUyYjQ2NzVkLzEvbkpFVjQxYUlVUXlYeDhVVGNxOE1WazRQaWNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9kNTVkYzEtNzYwNC00YzhkLWExYjQtMzlmOGUyYjQ2NzVk
LzEvU1dzQVdKY2RLWk9sZWxzY3RzM19YUzYwVGo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDBZigAwQC
uV5EMA0EAgACMAcDBQAqAY9AMA0GCSqGSIb3DQEBCwUAA4IBAQBdDBU8Qpt6R9jq
0zZ0ibbArqbybXv1lVEaMPBOZz5a/pD0G3BJ0ve5+WRrOd4Q7QLRg8rTwayd+hOm
0ufqIxbON1GBgXsnlgy+VqECjt9mCpzEU7YalezA7hJQtUNkwwc34Pp4276v+hfR
QV7LLzRbwzVeelJ4g3X6JKAIM2x1bJb3310ZEiCWn3DgVq5GVHOjLaV6tP4ZoQ+x
UQRZTUCBc4kvh2VtvmUB+Zpr9R6Cub3zixl9e7ECKoezLfI1xi1MMAj/1sECzutw
jk6qADOP8UM4mKv717zZEtIFUKZ2mQTK6+1oIbewNS/OytBIiXedLE8V/2v2+Dfm
MosXBatf
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:36 2024 by rpki-client on console-fra.rpki-client.org