Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/iNNSF1tqXp6WZwg-4hLx4wAfvms.roa
File:                     iNNSF1tqXp6WZwg-4hLx4wAfvms.roa (raw, json)
Hash identifier:          0I9UxEjPkDnAZrCvIjNq42H1OlghFBP7KbqiIp88l04=
Subject key identifier:   88:D3:52:17:5B:6A:5E:9E:96:67:08:3E:E2:12:F1:E3:00:1F:BE:6B
Certificate issuer:       /CN=88add9b671f7a36eb2367e34fee4bcb13b8f66cc
Certificate serial:       018570CBECEB037610580CBE1A27A7F5751B
Authority key identifier: 88:AD:D9:B6:71:F7:A3:6E:B2:36:7E:34:FE:E4:BC:B1:3B:8F:66:CC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iK3ZtnH3o26yNn40_uS8sTuPZsw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/iNNSF1tqXp6WZwg-4hLx4wAfvms.roa
Signing time:             Mon 02 Jan 2023 04:44:50 +0000
ROA not before:           Mon 02 Jan 2023 04:44:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211885
IP address blocks:        176.103.184.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:30:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:cb:ec:eb:03:76:10:58:0c:be:1a:27:a7:f5:75:1b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=88add9b671f7a36eb2367e34fee4bcb13b8f66cc
        Validity
            Not Before: Jan  2 04:44:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=88d352175b6a5e9e9667083ee212f1e3001fbe6b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f4:94:38:b2:2f:f6:2f:7a:05:11:61:9d:30:7f:
                    25:a0:00:1f:ec:79:20:46:7b:be:51:8a:bd:24:52:
                    cb:10:7d:d4:69:a6:2b:11:8f:24:d0:40:14:14:52:
                    22:e8:1a:26:34:96:31:05:54:b8:4e:6d:9e:f7:67:
                    53:cb:39:93:9a:27:4e:45:5d:9c:67:99:c2:17:52:
                    14:3b:5c:39:6b:d6:d6:a8:6a:ab:41:eb:68:c6:7f:
                    7f:e7:f2:54:b1:44:85:36:e3:55:57:6d:d0:4a:ce:
                    6d:cd:ca:bd:be:4d:51:eb:4c:2f:d8:79:d4:30:9b:
                    1d:23:8c:08:e6:5e:03:75:64:4d:76:69:10:f3:9b:
                    42:56:f6:dc:42:6d:53:21:59:10:ea:83:b9:7e:31:
                    17:0b:36:f9:7f:04:c3:7b:6f:ff:c5:b1:8b:61:7f:
                    d8:ab:6c:43:e3:11:7c:a8:bd:f0:9a:89:f1:87:9f:
                    8d:9d:83:dd:9f:a6:c4:23:37:ce:da:d4:a3:98:43:
                    3c:56:29:08:fb:b9:3a:fc:1b:22:bd:77:52:1d:dc:
                    a0:6e:09:17:d0:d3:3a:17:b1:b1:54:b0:79:fa:11:
                    9d:1d:8c:e4:52:64:1c:c3:df:f2:f3:7e:47:06:ab:
                    2e:4c:be:a7:51:de:5c:2e:5d:81:22:8b:6a:29:63:
                    3a:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:D3:52:17:5B:6A:5E:9E:96:67:08:3E:E2:12:F1:E3:00:1F:BE:6B
            X509v3 Authority Key Identifier:
                keyid:88:AD:D9:B6:71:F7:A3:6E:B2:36:7E:34:FE:E4:BC:B1:3B:8F:66:CC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iK3ZtnH3o26yNn40_uS8sTuPZsw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/iNNSF1tqXp6WZwg-4hLx4wAfvms.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/iK3ZtnH3o26yNn40_uS8sTuPZsw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.103.184.0/24

    Signature Algorithm: sha256WithRSAEncryption
         29:2c:fb:39:cf:00:28:18:6b:9a:78:af:dd:a5:fa:5c:fb:1c:
         3e:71:1e:79:69:b6:7d:0f:eb:67:16:b2:56:4d:7b:c7:b6:3d:
         be:d9:6a:43:5f:14:5a:51:1f:6f:b3:1d:48:28:b2:e4:32:00:
         6d:92:43:0f:aa:ae:7a:a0:e3:3e:69:dc:90:90:f4:25:fa:63:
         83:39:90:20:fc:8e:2c:63:ba:93:da:75:62:fb:7e:7c:05:70:
         ae:a7:65:c9:5d:03:53:fd:34:f8:86:0d:b1:47:e5:ad:de:06:
         5a:04:be:27:18:fe:96:a1:e0:0b:44:df:86:28:73:c0:e3:f8:
         90:12:87:d9:47:cd:30:09:57:43:3d:fb:e5:40:ce:59:9c:52:
         13:e2:d8:07:77:af:0b:fe:88:6b:c7:24:41:57:82:50:f3:7b:
         f8:74:ed:64:2c:e7:92:02:2b:f5:7c:73:96:1f:86:4c:9b:28:
         38:43:a2:ba:0c:e9:d1:00:c8:6f:94:5c:a4:d2:90:d8:c9:b1:
         b0:73:0b:3e:66:49:3a:e1:20:c5:f9:73:07:09:10:52:f3:71:
         f3:20:43:d2:34:bc:e1:d5:e2:10:38:f5:d1:03:a1:5a:5c:6b:
         d9:4f:f7:9d:06:e7:3f:30:54:97:4c:33:5f:21:33:85:af:7f:
         03:a1:e4:45
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwy+zrA3YQWAy+Gien9XUbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4YWRkOWI2NzFmN2EzNmViMjM2N2UzNGZlZTRiY2IxM2I4
ZjY2Y2MwHhcNMjMwMTAyMDQ0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGQzNTIxNzViNmE1ZTllOTY2NzA4M2VlMjEyZjFlMzAwMWZiZTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9JQ4si/2L3oFEWGdMH8loAAf7Hkg
Rnu+UYq9JFLLEH3UaaYrEY8k0EAUFFIi6BomNJYxBVS4Tm2e92dTyzmTmidORV2c
Z5nCF1IUO1w5a9bWqGqrQetoxn9/5/JUsUSFNuNVV23QSs5tzcq9vk1R60wv2HnU
MJsdI4wI5l4DdWRNdmkQ85tCVvbcQm1TIVkQ6oO5fjEXCzb5fwTDe2//xbGLYX/Y
q2xD4xF8qL3wmonxh5+NnYPdn6bEIzfO2tSjmEM8VikI+7k6/BsivXdSHdygbgkX
0NM6F7GxVLB5+hGdHYzkUmQcw9/y835HBqsuTL6nUd5cLl2BIotqKWM6ewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIjTUhdbal6elmcIPuIS8eMAH75rMB8GA1UdIwQY
MBaAFIit2bZx96NusjZ+NP7kvLE7j2bMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUszWnRuSDNvMjZ5Tm40MF91UzhzVHVQWnN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8zZWQwMGEtMTVlZS00NjY0LWE3ZjEt
YTFiOTZiOWI3MGY4LzEvaU5OU0YxdHFYcDZXWndnLTRoTHg0d0Fmdm1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8zZWQwMGEtMTVlZS00NjY0LWE3ZjEtYTFiOTZiOWI3MGY4
LzEvaUszWnRuSDNvMjZ5Tm40MF91UzhzVHVQWnN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsGe4MA0G
CSqGSIb3DQEBCwUAA4IBAQApLPs5zwAoGGuaeK/dpfpc+xw+cR55abZ9D+tnFrJW
TXvHtj2+2WpDXxRaUR9vsx1IKLLkMgBtkkMPqq56oOM+adyQkPQl+mODOZAg/I4s
Y7qT2nVi+358BXCup2XJXQNT/TT4hg2xR+Wt3gZaBL4nGP6WoeALRN+GKHPA4/iQ
EofZR80wCVdDPfvlQM5ZnFIT4tgHd68L/ohrxyRBV4JQ83v4dO1kLOeSAiv1fHOW
H4ZMmyg4Q6K6DOnRAMhvlFyk0pDYybGwcws+Zkk64SDF+XMHCRBS83HzIEPSNLzh
1eIQOPXRA6FaXGvZT/edBuc/MFSXTDNfITOFr38DoeRF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:49 2024 by rpki-client on console-fra.rpki-client.org