Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/NFBgNX8-bIPERYjzqpm9d5h8jSE.roa
File:                     NFBgNX8-bIPERYjzqpm9d5h8jSE.roa (raw, json)
Hash identifier:          WnR0uWWvAPpG6GraqHp35Y6Gxrnk07mA5wshNKXe/bU=
Subject key identifier:   34:50:60:35:7F:3E:6C:83:C4:45:88:F3:AA:99:BD:77:98:7C:8D:21
Certificate issuer:       /CN=363769f8644a5a718ae62b058dd1fb62cb5a3c20
Certificate serial:       01856D3865ABECD36B8FFE3276C339E06614
Authority key identifier: 36:37:69:F8:64:4A:5A:71:8A:E6:2B:05:8D:D1:FB:62:CB:5A:3C:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Njdp-GRKWnGK5isFjdH7YstaPCA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/NFBgNX8-bIPERYjzqpm9d5h8jSE.roa
Signing time:             Sun 01 Jan 2023 12:04:50 +0000
ROA not before:           Sun 01 Jan 2023 12:04:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     14576
IP address blocks:        95.181.148.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:31:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:38:65:ab:ec:d3:6b:8f:fe:32:76:c3:39:e0:66:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=363769f8644a5a718ae62b058dd1fb62cb5a3c20
        Validity
            Not Before: Jan  1 12:04:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=345060357f3e6c83c44588f3aa99bd77987c8d21
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:7c:56:94:2e:19:5a:d9:8a:a6:d0:b7:80:92:
                    c7:04:f5:6a:f9:28:df:fb:0a:f7:d8:b5:7d:25:0c:
                    70:01:c9:4b:03:16:66:b2:70:ee:0f:77:3f:32:dc:
                    a8:22:93:2a:66:12:97:bf:75:54:9b:4e:63:b8:80:
                    30:8b:41:a3:62:fd:84:89:b1:3a:a0:96:54:ee:55:
                    bc:34:03:a5:eb:e9:fe:76:fe:b2:99:20:3d:03:b3:
                    5d:7a:18:b2:ec:50:94:5d:f9:ba:ce:2d:62:74:f1:
                    55:f4:43:15:bf:ed:58:52:8b:50:85:1e:0a:1c:76:
                    a8:c6:8c:24:68:c1:93:01:37:9a:67:12:44:1a:fd:
                    a1:79:6a:8a:e0:ce:e2:9d:57:ee:7b:9f:ee:fe:3f:
                    27:8b:f7:1a:7f:3a:1d:e4:35:64:12:53:3a:55:da:
                    e8:e7:dc:41:1a:74:b8:1c:3e:8e:26:08:bb:a7:c9:
                    23:2c:6c:88:c4:b0:fe:59:ee:6c:66:8b:77:89:54:
                    1c:3f:15:cd:0a:8f:7d:96:76:98:08:f7:31:73:f7:
                    2e:d8:93:c8:22:10:a4:5f:53:0a:8f:2f:e4:13:38:
                    d5:b3:a0:b6:04:b6:9b:51:34:fd:a8:e5:4b:09:bc:
                    46:c2:d5:18:60:eb:b9:18:f0:c5:97:30:e7:75:bc:
                    32:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:50:60:35:7F:3E:6C:83:C4:45:88:F3:AA:99:BD:77:98:7C:8D:21
            X509v3 Authority Key Identifier:
                keyid:36:37:69:F8:64:4A:5A:71:8A:E6:2B:05:8D:D1:FB:62:CB:5A:3C:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Njdp-GRKWnGK5isFjdH7YstaPCA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/NFBgNX8-bIPERYjzqpm9d5h8jSE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/Njdp-GRKWnGK5isFjdH7YstaPCA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  95.181.148.0/22

    Signature Algorithm: sha256WithRSAEncryption
         0b:4a:e7:a1:85:af:90:71:8a:8c:25:02:ab:92:05:81:be:17:
         1f:4c:d4:5f:e6:9a:d7:04:6a:7d:8e:71:18:62:bf:5f:89:75:
         b3:34:a7:d9:12:c7:bc:67:bf:ab:27:e0:57:ea:65:75:d1:fc:
         c7:22:d8:2e:a5:2f:4b:ed:71:97:c4:71:8b:20:82:ac:46:1b:
         07:35:3d:8e:49:73:87:f7:44:8e:32:a5:46:89:2b:e4:c3:86:
         05:5f:f1:aa:07:54:63:06:95:5c:d2:50:f5:26:50:99:4a:8b:
         f3:59:8a:e0:55:2f:98:f9:29:5b:75:8a:cd:3b:21:5b:50:1a:
         c4:79:fd:0f:26:ea:9b:ca:87:5f:0d:b8:dd:02:3c:40:d1:0b:
         c4:e9:65:58:99:05:06:c3:2b:bb:95:38:43:51:eb:ac:b5:67:
         1e:fd:49:38:1b:30:cf:64:f6:bc:3f:dd:37:40:61:ac:90:de:
         06:8d:15:81:f5:f3:39:af:c4:f6:50:10:7b:1b:db:ed:af:4b:
         2a:91:35:a7:ba:f2:df:40:cb:e0:a6:8b:0e:19:43:3b:7c:d7:
         60:13:a3:08:ef:c9:2a:55:f4:8c:78:28:b2:4f:a5:cc:e3:98:
         29:53:4e:16:dd:c7:ac:fb:e4:20:0e:0d:c2:cb:56:6d:47:06:
         9c:8a:c9:b6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtOGWr7NNrj/4ydsM54GYUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2Mzc2OWY4NjQ0YTVhNzE4YWU2MmIwNThkZDFmYjYyY2I1
YTNjMjAwHhcNMjMwMTAxMTIwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDUwNjAzNTdmM2U2YzgzYzQ0NTg4ZjNhYTk5YmQ3Nzk4N2M4ZDIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqHxWlC4ZWtmKptC3gJLHBPVq+Sjf
+wr32LV9JQxwAclLAxZmsnDuD3c/MtyoIpMqZhKXv3VUm05juIAwi0GjYv2EibE6
oJZU7lW8NAOl6+n+dv6ymSA9A7Ndehiy7FCUXfm6zi1idPFV9EMVv+1YUotQhR4K
HHaoxowkaMGTATeaZxJEGv2heWqK4M7inVfue5/u/j8ni/cafzod5DVkElM6Vdro
59xBGnS4HD6OJgi7p8kjLGyIxLD+We5sZot3iVQcPxXNCo99lnaYCPcxc/cu2JPI
IhCkX1MKjy/kEzjVs6C2BLabUTT9qOVLCbxGwtUYYOu5GPDFlzDndbwyYwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDRQYDV/PmyDxEWI86qZvXeYfI0hMB8GA1UdIwQY
MBaAFDY3afhkSlpxiuYrBY3R+2LLWjwgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmpkcC1HUktXbkdLNWlzRmpkSDdZc3RhUENBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8wZjhmZWEtZjAwYS00NDE1LWIzOTYt
Mzk5ZmM5NjkzYjIyLzEvTkZCZ05YOC1iSVBFUllqenFwbTlkNWg4alNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi8wZjhmZWEtZjAwYS00NDE1LWIzOTYtMzk5ZmM5NjkzYjIy
LzEvTmpkcC1HUktXbkdLNWlzRmpkSDdZc3RhUENBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCX7WUMA0G
CSqGSIb3DQEBCwUAA4IBAQALSuehha+QcYqMJQKrkgWBvhcfTNRf5prXBGp9jnEY
Yr9fiXWzNKfZEse8Z7+rJ+BX6mV10fzHItgupS9L7XGXxHGLIIKsRhsHNT2OSXOH
90SOMqVGiSvkw4YFX/GqB1RjBpVc0lD1JlCZSovzWYrgVS+Y+SlbdYrNOyFbUBrE
ef0PJuqbyodfDbjdAjxA0QvE6WVYmQUGwyu7lThDUeustWce/Uk4GzDPZPa8P903
QGGskN4GjRWB9fM5r8T2UBB7G9vtr0sqkTWnuvLfQMvgposOGUM7fNdgE6MI78kq
VfSMeCiyT6XM45gpU04W3ces++QgDg3Cy1ZtRwacism2
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:34 2024 by rpki-client on console-fra.rpki-client.org