Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/ff7d33-e4f7-43c0-924b-6b2d46924c6f/1/NjeJTpz9qZiu48vlNMmZUS8xc2g.roa
File:                     NjeJTpz9qZiu48vlNMmZUS8xc2g.roa (raw, json)
Hash identifier:          asBgimaasT8kXiCD2wVkEY4/1pkOFAYLoRmJ4SeAoeE=
Subject key identifier:   36:37:89:4E:9C:FD:A9:98:AE:E3:CB:E5:34:C9:99:51:2F:31:73:68
Certificate issuer:       /CN=9e4b3281b08e6b5ec1fdeb0d0440528ed934dc3f
Certificate serial:       018AFEF9CC640AD5A6BD1EB7E7DC1979FBC3
Authority key identifier: 9E:4B:32:81:B0:8E:6B:5E:C1:FD:EB:0D:04:40:52:8E:D9:34:DC:3F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nksygbCOa17B_esNBEBSjtk03D8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/ff7d33-e4f7-43c0-924b-6b2d46924c6f/1/NjeJTpz9qZiu48vlNMmZUS8xc2g.roa
Signing time:             Thu 05 Oct 2023 08:34:58 +0000
ROA not before:           Thu 05 Oct 2023 08:34:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     29447
IP address blocks:        78.208.0.0/12 maxlen: 12
                          81.56.0.0/15 maxlen: 17
                          2a01:e10::/30 maxlen: 30
                          2a01:e11::/32 maxlen: 32
                          2a01:e09::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:30:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:fe:f9:cc:64:0a:d5:a6:bd:1e:b7:e7:dc:19:79:fb:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9e4b3281b08e6b5ec1fdeb0d0440528ed934dc3f
        Validity
            Not Before: Oct  5 08:34:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3637894e9cfda998aee3cbe534c999512f317368
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:c3:2b:f5:32:ea:92:16:25:ed:d6:b2:9c:86:
                    fa:46:c8:ed:45:bd:d3:d1:7d:f2:5c:73:b9:d2:bf:
                    62:0d:6e:35:70:ee:3e:4a:a9:bc:3a:ca:e3:a5:03:
                    ab:f7:7a:bc:5c:95:fa:95:a6:16:4c:48:93:ae:d2:
                    8c:ac:69:39:c6:f9:e5:a1:f3:ed:ea:90:be:6f:46:
                    e7:cf:0a:b3:b3:78:cb:97:9b:5e:fa:ba:b9:c3:48:
                    66:2a:d4:70:11:1f:b8:1a:96:6a:4b:7c:4b:b4:f1:
                    4b:4c:ad:d3:77:7c:ba:d1:b9:c3:c8:45:55:34:be:
                    49:7d:b7:39:fe:74:dc:a9:ac:94:27:7b:8c:4f:67:
                    b0:6b:e0:25:50:25:7b:f8:ea:2f:b2:1d:7d:8c:7d:
                    a6:62:fc:17:67:3e:32:d4:e9:fe:af:8d:b4:5b:c0:
                    16:80:41:85:93:4d:03:91:86:d7:8a:93:3d:0e:96:
                    20:ed:8a:9b:30:dc:59:c5:8a:69:d8:12:7c:be:4b:
                    c5:fd:07:9c:fd:d9:c0:38:22:28:91:d9:54:88:47:
                    73:98:7e:45:12:e8:55:e1:80:c0:18:4d:78:55:f8:
                    e6:f6:53:f1:0f:5e:3c:ba:fb:c8:e2:ef:7d:a5:43:
                    7f:51:eb:12:d6:e2:4e:ef:30:c9:c2:22:f1:93:dc:
                    e1:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:37:89:4E:9C:FD:A9:98:AE:E3:CB:E5:34:C9:99:51:2F:31:73:68
            X509v3 Authority Key Identifier:
                keyid:9E:4B:32:81:B0:8E:6B:5E:C1:FD:EB:0D:04:40:52:8E:D9:34:DC:3F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nksygbCOa17B_esNBEBSjtk03D8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/ff7d33-e4f7-43c0-924b-6b2d46924c6f/1/NjeJTpz9qZiu48vlNMmZUS8xc2g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/ff7d33-e4f7-43c0-924b-6b2d46924c6f/1/nksygbCOa17B_esNBEBSjtk03D8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  78.208.0.0/12
                  81.56.0.0/15
                IPv6:
                  2a01:e09::/32
                  2a01:e10::/30

    Signature Algorithm: sha256WithRSAEncryption
         68:4a:e3:63:a4:b2:b7:ed:6f:fb:bc:ea:fe:1d:a5:25:87:99:
         9d:d1:9c:15:d6:ce:28:5d:00:5f:e7:5b:67:6b:cc:43:34:a3:
         69:73:a2:4f:ff:18:9a:98:31:4f:32:c7:cb:40:84:81:f3:4b:
         35:9e:56:c5:36:ce:e9:ca:33:52:cf:33:58:17:78:bb:e1:02:
         32:48:13:51:43:1e:60:a4:28:0b:7f:88:7b:cd:a4:a5:a5:29:
         81:17:91:3f:9f:02:88:6e:73:27:c8:ad:c6:c9:12:e7:1f:66:
         69:3f:15:99:c5:df:c4:97:a2:56:41:11:11:ab:50:51:97:f3:
         8f:3f:f5:bb:4d:d3:d4:6c:7f:06:b3:77:ed:ba:0c:98:84:84:
         a0:45:14:19:bc:36:43:4d:45:06:04:cc:0c:cb:dc:e1:b2:22:
         e6:41:03:f4:58:17:f0:da:bb:8a:5a:37:65:32:17:81:68:f6:
         17:ef:83:2c:55:59:31:9f:f5:f6:c7:e0:2c:da:17:39:2d:e9:
         6f:49:17:80:48:e9:c9:fe:66:55:06:85:20:7a:e9:d1:c6:fa:
         cd:58:eb:c8:5f:4b:1b:9c:70:db:14:9e:01:78:bc:55:52:02:
         77:71:67:cc:be:5f:a0:86:e6:85:b0:37:bd:d0:d3:e4:af:6b:
         55:39:ca:92
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYr++cxkCtWmvR6359wZefvDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllNGIzMjgxYjA4ZTZiNWVjMWZkZWIwZDA0NDA1MjhlZDkz
NGRjM2YwHhcNMjMxMDA1MDgzNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjM3ODk0ZTljZmRhOTk4YWVlM2NiZTUzNGM5OTk1MTJmMzE3MzY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh8Mr9TLqkhYl7daynIb6RsjtRb3T
0X3yXHO50r9iDW41cO4+Sqm8OsrjpQOr93q8XJX6laYWTEiTrtKMrGk5xvnlofPt
6pC+b0bnzwqzs3jLl5te+rq5w0hmKtRwER+4GpZqS3xLtPFLTK3Td3y60bnDyEVV
NL5Jfbc5/nTcqayUJ3uMT2ewa+AlUCV7+Oovsh19jH2mYvwXZz4y1On+r420W8AW
gEGFk00DkYbXipM9DpYg7YqbMNxZxYpp2BJ8vkvF/Qec/dnAOCIokdlUiEdzmH5F
EuhV4YDAGE14Vfjm9lPxD148uvvI4u99pUN/UesS1uJO7zDJwiLxk9zhAQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFDY3iU6c/amYruPL5TTJmVEvMXNoMB8GA1UdIwQY
MBaAFJ5LMoGwjmtewf3rDQRAUo7ZNNw/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmtzeWdiQ09hMTdCX2VzTkJFQlNqdGswM0Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9mZjdkMzMtZTRmNy00M2MwLTkyNGIt
NmIyZDQ2OTI0YzZmLzEvTmplSlRwejlxWml1NDh2bE5NbVpVUzh4YzJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9mZjdkMzMtZTRmNy00M2MwLTkyNGItNmIyZDQ2OTI0YzZm
LzEvbmtzeWdiQ09hMTdCX2VzTkJFQlNqdGswM0Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAQBAIAATAKAwMETtADAwFR
ODAUBAIAAjAOAwUAKgEOCQMFAioBDhAwDQYJKoZIhvcNAQELBQADggEBAGhK42Ok
srftb/u86v4dpSWHmZ3RnBXWzihdAF/nW2drzEM0o2lzok//GJqYMU8yx8tAhIHz
SzWeVsU2zunKM1LPM1gXeLvhAjJIE1FDHmCkKAt/iHvNpKWlKYEXkT+fAohucyfI
rcbJEucfZmk/FZnF38SXolZBERGrUFGX848/9btN09Rsfwazd+26DJiEhKBFFBm8
NkNNRQYEzAzL3OGyIuZBA/RYF/Dau4paN2UyF4Fo9hfvgyxVWTGf9fbH4CzaFzkt
6W9JF4BI6cn+ZlUGhSB66dHG+s1Y68hfSxuccNsUngF4vFVSAndxZ8y+X6CG5oWw
N73Q0+Sva1U5ypI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:41 2024 by rpki-client on console-ams.rpki-client.org