Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/NGFndjPaF02it2rEQzP6zjoveqc.roa
File:                     NGFndjPaF02it2rEQzP6zjoveqc.roa (raw, json)
Hash identifier:          qn/ub33yvBKmOkJ82IPAF7HOhtotnh5juP2w3QDVY54=
Subject key identifier:   34:61:67:76:33:DA:17:4D:A2:B7:6A:C4:43:33:FA:CE:3A:2F:7A:A7
Certificate issuer:       /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial:       01856ED4BDC2D1C1FC9D3E72BE2D0A6079E0
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/NGFndjPaF02it2rEQzP6zjoveqc.roa
Signing time:             Sun 01 Jan 2023 19:35:13 +0000
ROA not before:           Sun 01 Jan 2023 19:35:13 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209260
IP address blocks:        45.65.114.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Tue 10 Jan 2023 00:34:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:d4:bd:c2:d1:c1:fc:9d:3e:72:be:2d:0a:60:79:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
        Validity
            Not Before: Jan  1 19:35:13 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3461677633da174da2b76ac44333face3a2f7aa7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:46:97:2a:ca:ec:f2:d4:74:60:d1:82:ae:e6:
                    77:b5:46:f2:76:e2:ea:9d:06:0a:21:ad:71:d9:a2:
                    50:81:92:86:46:f5:45:4c:20:94:90:1c:48:4f:bb:
                    c4:c1:b1:7c:94:d9:e0:5b:08:31:89:68:a3:3d:da:
                    26:ad:2a:5c:4b:61:32:f5:2d:cb:b1:e1:2b:c3:a3:
                    21:2c:cc:b6:bb:ef:3c:12:91:a1:92:64:47:a1:1f:
                    e1:01:73:eb:09:da:f8:db:17:7b:a6:ef:28:64:8c:
                    39:a4:f0:1f:49:05:76:c6:28:68:84:8e:36:9b:5d:
                    4e:65:58:8f:e3:54:38:c4:c6:b1:5c:28:09:ae:fd:
                    d7:b7:05:9a:18:f2:ea:c9:36:1d:cb:8f:00:55:8f:
                    ff:6a:a6:da:77:ee:8e:b4:e8:4a:10:43:b0:19:71:
                    d1:ea:23:25:3c:8e:f7:e0:3c:30:04:8a:ab:c8:49:
                    31:ed:e7:4c:ab:ae:92:a3:0c:e4:8b:8c:e2:32:f3:
                    45:a6:e0:12:7c:9a:f3:ba:d1:ae:c0:36:9d:f2:78:
                    f8:dc:fc:af:6c:14:2f:55:b7:21:01:7e:0e:10:3a:
                    4d:ea:dc:a7:ea:79:99:b2:f6:3a:da:ef:b3:b5:81:
                    e8:45:18:ce:8f:07:61:91:a8:72:d5:43:13:e2:69:
                    7f:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:61:67:76:33:DA:17:4D:A2:B7:6A:C4:43:33:FA:CE:3A:2F:7A:A7
            X509v3 Authority Key Identifier:
                keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/NGFndjPaF02it2rEQzP6zjoveqc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.65.114.0/23

    Signature Algorithm: sha256WithRSAEncryption
         04:3e:10:eb:c2:57:a4:ae:99:54:2f:91:eb:f8:6d:30:98:e8:
         84:60:60:b7:c5:8d:a5:9b:7d:4a:22:17:aa:cd:07:89:f2:c7:
         82:5b:3b:0d:af:6b:3c:e8:e6:93:5b:e2:c2:a8:20:e6:c3:7d:
         51:9a:35:80:49:01:f1:02:1b:e9:94:7f:3f:17:49:fd:3a:c1:
         0c:89:f7:e4:ef:cd:47:5e:47:ca:96:80:04:d0:7d:75:15:bf:
         d7:19:fe:0a:a2:a8:fd:05:e4:ab:36:15:61:5c:94:b0:8f:ac:
         d9:03:0a:0b:9a:75:e0:c2:ab:d6:11:2c:31:d1:a0:34:26:16:
         c2:b5:80:57:a0:d5:be:0a:35:56:65:9d:51:4d:3e:f8:80:1a:
         74:b7:5d:a7:cd:e8:53:37:c8:0c:3f:ca:12:b0:54:e5:84:ed:
         0b:e1:08:b5:32:a6:3c:4f:f9:be:24:8b:0f:fe:fb:8d:a1:c0:
         64:80:46:44:0a:99:1e:b4:8d:67:26:30:2f:d1:ce:e2:e3:99:
         86:f2:da:e4:6f:cf:a8:54:4f:41:7a:83:57:d3:bb:5c:51:97:
         4c:ec:a1:86:c6:bc:66:63:d1:f5:22:32:27:91:e8:11:ac:70:
         1c:e3:6c:cd:7d:02:b0:19:66:0e:7f:72:0c:2e:c3:35:86:b4:
         7c:b7:e0:fa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVu1L3C0cH8nT5yvi0KYHngMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjMwMTAxMTkzNTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDYxNjc3NjMzZGExNzRkYTJiNzZhYzQ0MzMzZmFjZTNhMmY3YWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoUaXKsrs8tR0YNGCruZ3tUbyduLq
nQYKIa1x2aJQgZKGRvVFTCCUkBxIT7vEwbF8lNngWwgxiWijPdomrSpcS2Ey9S3L
seErw6MhLMy2u+88EpGhkmRHoR/hAXPrCdr42xd7pu8oZIw5pPAfSQV2xihohI42
m11OZViP41Q4xMaxXCgJrv3XtwWaGPLqyTYdy48AVY//aqbad+6OtOhKEEOwGXHR
6iMlPI734DwwBIqryEkx7edMq66Sowzki4ziMvNFpuASfJrzutGuwDad8nj43Pyv
bBQvVbchAX4OEDpN6tyn6nmZsvY62u+ztYHoRRjOjwdhkahy1UMT4ml/bQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDRhZ3Yz2hdNordqxEMz+s46L3qnMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvTkdGbmRqUGFGMDJpdDJyRVF6UDZ6am92ZXFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLUFyMA0G
CSqGSIb3DQEBCwUAA4IBAQAEPhDrwlekrplUL5Hr+G0wmOiEYGC3xY2lm31KIheq
zQeJ8seCWzsNr2s86OaTW+LCqCDmw31RmjWASQHxAhvplH8/F0n9OsEMiffk781H
XkfKloAE0H11Fb/XGf4Koqj9BeSrNhVhXJSwj6zZAwoLmnXgwqvWESwx0aA0JhbC
tYBXoNW+CjVWZZ1RTT74gBp0t12nzehTN8gMP8oSsFTlhO0L4Qi1MqY8T/m+JIsP
/vuNocBkgEZECpketI1nJjAv0c7i45mG8trkb8+oVE9BeoNX07tcUZdM7KGGxrxm
Y9H1IjInkegRrHAc42zNfQKwGWYOf3IMLsM1hrR8t+D6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:41 2024 by rpki-client on console-fra.rpki-client.org