Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/3555e0-9443-4e63-a89b-dd17bfd67cd3/1/hWA36Ig2272zE0Kqamfk4lM2vtc.roa
File:                     hWA36Ig2272zE0Kqamfk4lM2vtc.roa (raw, json)
Hash identifier:          Nb5OukGUnqWgPvmjgVZ8PSwTUFGJm3MYhuh021p7FIo=
Subject key identifier:   85:60:37:E8:88:36:DB:BD:B3:13:42:AA:6A:67:E4:E2:53:36:BE:D7
Certificate issuer:       /CN=36e7cfdd129193e219c370121ca16250e429b58b
Certificate serial:       01857082C746AE9E37A07232692C8573B04C
Authority key identifier: 36:E7:CF:DD:12:91:93:E2:19:C3:70:12:1C:A1:62:50:E4:29:B5:8B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NufP3RKRk-IZw3ASHKFiUOQptYs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/33/3555e0-9443-4e63-a89b-dd17bfd67cd3/1/hWA36Ig2272zE0Kqamfk4lM2vtc.roa
Signing time:             Mon 02 Jan 2023 03:24:56 +0000
ROA not before:           Mon 02 Jan 2023 03:24:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     14618
IP address blocks:        185.206.228.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:32:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:82:c7:46:ae:9e:37:a0:72:32:69:2c:85:73:b0:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36e7cfdd129193e219c370121ca16250e429b58b
        Validity
            Not Before: Jan  2 03:24:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=856037e88836dbbdb31342aa6a67e4e25336bed7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:fd:05:c8:ce:9f:12:32:80:09:d2:d7:b8:6f:
                    57:e8:86:94:da:cf:fc:3e:07:b8:34:a1:1e:11:7c:
                    0b:61:3c:db:32:ca:b7:34:74:bb:99:af:c9:ea:0d:
                    87:c0:30:bc:ee:a2:64:6d:3d:e0:7e:cc:0d:45:ca:
                    20:2e:32:e9:60:15:84:38:b3:54:62:bf:a5:19:78:
                    67:33:a0:e1:6d:5b:e3:5a:9c:32:bc:57:81:ce:41:
                    78:f8:51:7f:d4:1e:2a:51:a5:a3:96:b0:18:8c:9e:
                    67:49:3a:7b:3a:77:89:d5:f9:07:80:0b:cc:01:8b:
                    6f:f8:c0:e5:73:71:f0:b4:ed:ff:25:0b:6c:cd:7a:
                    0c:11:85:76:8c:bc:05:06:58:3d:fb:03:7e:8d:e8:
                    5c:1a:5a:dc:ef:85:8e:99:25:c3:c7:ef:c6:65:29:
                    56:55:1f:3a:48:4c:ed:58:bc:89:d8:1e:63:4c:7e:
                    00:6b:06:4e:aa:b5:bb:2c:e7:7f:44:55:01:82:0f:
                    f3:e1:c4:6e:63:94:43:a2:30:5b:53:22:97:d2:51:
                    f7:69:51:83:cf:97:0b:f8:60:87:9a:7c:6b:af:84:
                    56:e5:72:09:3d:74:96:9c:f2:aa:c0:5e:76:07:3d:
                    f1:3e:d6:b7:87:ce:38:bb:69:11:b0:79:af:0b:b3:
                    52:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:60:37:E8:88:36:DB:BD:B3:13:42:AA:6A:67:E4:E2:53:36:BE:D7
            X509v3 Authority Key Identifier:
                keyid:36:E7:CF:DD:12:91:93:E2:19:C3:70:12:1C:A1:62:50:E4:29:B5:8B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NufP3RKRk-IZw3ASHKFiUOQptYs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/3555e0-9443-4e63-a89b-dd17bfd67cd3/1/hWA36Ig2272zE0Kqamfk4lM2vtc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/33/3555e0-9443-4e63-a89b-dd17bfd67cd3/1/NufP3RKRk-IZw3ASHKFiUOQptYs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.206.228.0/24

    Signature Algorithm: sha256WithRSAEncryption
         76:12:dc:79:22:c1:90:22:f6:bf:08:0f:65:3c:44:f5:58:ef:
         03:65:fd:85:12:c8:e1:c2:e7:4e:bf:ab:88:c7:6a:6e:97:7d:
         92:a5:99:25:92:25:6a:18:d1:98:af:79:89:29:d7:06:79:f2:
         d0:37:11:3c:85:cc:cf:00:52:05:05:71:7c:c7:c5:a2:8f:71:
         e1:58:12:fe:5a:9a:8b:a8:7f:78:d1:fa:07:b2:2b:e1:39:57:
         f0:7e:ef:cf:5f:91:eb:e4:ca:cf:61:9c:5c:ad:bd:cd:77:8b:
         9b:23:7b:0f:fe:ba:bd:1c:70:67:35:ae:1a:40:8a:57:28:49:
         c8:8f:ae:61:ba:28:91:35:2c:7b:65:eb:70:de:d7:84:42:50:
         6b:b6:8f:02:10:c7:2a:44:c8:3b:21:c9:6e:7d:e4:7b:57:05:
         4f:25:81:a7:15:de:e6:10:e5:0b:3f:0a:d9:64:c4:1c:08:6e:
         d2:5a:1b:61:01:fe:91:d7:f0:30:6a:c7:a4:f8:d3:51:46:a0:
         aa:a3:6f:a6:44:41:fa:a3:21:59:1e:65:a2:cb:bd:9a:4d:c8:
         d0:16:84:06:b8:28:aa:9b:d1:43:d1:e3:d1:66:1c:9f:ef:a2:
         46:26:07:e4:f0:71:e8:3a:dd:92:38:b6:92:cb:a6:d7:e0:88:
         8b:e3:eb:68
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwgsdGrp43oHIyaSyFc7BMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2ZTdjZmRkMTI5MTkzZTIxOWMzNzAxMjFjYTE2MjUwZTQy
OWI1OGIwHhcNMjMwMTAyMDMyNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTYwMzdlODg4MzZkYmJkYjMxMzQyYWE2YTY3ZTRlMjUzMzZiZWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkv0FyM6fEjKACdLXuG9X6IaU2s/8
Pge4NKEeEXwLYTzbMsq3NHS7ma/J6g2HwDC87qJkbT3gfswNRcogLjLpYBWEOLNU
Yr+lGXhnM6DhbVvjWpwyvFeBzkF4+FF/1B4qUaWjlrAYjJ5nSTp7OneJ1fkHgAvM
AYtv+MDlc3HwtO3/JQtszXoMEYV2jLwFBlg9+wN+jehcGlrc74WOmSXDx+/GZSlW
VR86SEztWLyJ2B5jTH4AawZOqrW7LOd/RFUBgg/z4cRuY5RDojBbUyKX0lH3aVGD
z5cL+GCHmnxrr4RW5XIJPXSWnPKqwF52Bz3xPta3h844u2kRsHmvC7NScwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIVgN+iINtu9sxNCqmpn5OJTNr7XMB8GA1UdIwQY
MBaAFDbnz90SkZPiGcNwEhyhYlDkKbWLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnVmUDNSS1JrLUladzNBU0hLRmlVT1FwdFlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8zNTU1ZTAtOTQ0My00ZTYzLWE4OWIt
ZGQxN2JmZDY3Y2QzLzEvaFdBMzZJZzIyNzJ6RTBLcWFtZms0bE0ydnRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8zNTU1ZTAtOTQ0My00ZTYzLWE4OWItZGQxN2JmZDY3Y2Qz
LzEvTnVmUDNSS1JrLUladzNBU0hLRmlVT1FwdFlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuc7kMA0G
CSqGSIb3DQEBCwUAA4IBAQB2Etx5IsGQIva/CA9lPET1WO8DZf2FEsjhwudOv6uI
x2pul32SpZklkiVqGNGYr3mJKdcGefLQNxE8hczPAFIFBXF8x8Wij3HhWBL+WpqL
qH940foHsivhOVfwfu/PX5Hr5MrPYZxcrb3Nd4ubI3sP/rq9HHBnNa4aQIpXKEnI
j65huiiRNSx7Zetw3teEQlBrto8CEMcqRMg7IclufeR7VwVPJYGnFd7mEOULPwrZ
ZMQcCG7SWhthAf6R1/Awasek+NNRRqCqo2+mREH6oyFZHmWiy72aTcjQFoQGuCiq
m9FD0ePRZhyf76JGJgfk8HHoOt2SOLaSy6bX4IiL4+to
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:49 2024 by rpki-client on console-fra.rpki-client.org