Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/nWHfHxoweUK9Nh0WpXiSVBDXiG4.roa
File:                     nWHfHxoweUK9Nh0WpXiSVBDXiG4.roa (raw, json)
Hash identifier:          bbjLHA2Id23n2zlqSB9rGqLBHwuxI/7CFGFZdU4+1Sg=
Subject key identifier:   9D:61:DF:1F:1A:30:79:42:BD:36:1D:16:A5:78:92:54:10:D7:88:6E
Certificate issuer:       /CN=363769f8644a5a718ae62b058dd1fb62cb5a3c20
Certificate serial:       018A50763EC45A1926D1EBA408E392B026D1
Authority key identifier: 36:37:69:F8:64:4A:5A:71:8A:E6:2B:05:8D:D1:FB:62:CB:5A:3C:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Njdp-GRKWnGK5isFjdH7YstaPCA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/nWHfHxoweUK9Nh0WpXiSVBDXiG4.roa
Signing time:             Fri 01 Sep 2023 11:17:21 +0000
ROA not before:           Fri 01 Sep 2023 11:17:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     50214
IP address blocks:        185.12.124.0/24 maxlen: 24
                          185.12.125.0/24 maxlen: 24
                          185.12.126.0/24 maxlen: 24
                          185.12.127.0/24 maxlen: 24
                          95.181.152.0/24 maxlen: 24
                          95.181.171.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 13 Nov 2023 10:28:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:50:76:3e:c4:5a:19:26:d1:eb:a4:08:e3:92:b0:26:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=363769f8644a5a718ae62b058dd1fb62cb5a3c20
        Validity
            Not Before: Sep  1 11:17:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9d61df1f1a307942bd361d16a578925410d7886e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:24:a0:46:d2:51:65:22:34:b0:78:87:58:c1:
                    c5:e1:73:d6:73:91:ea:b3:99:7b:50:58:60:13:8b:
                    1b:14:73:db:b2:05:5d:b5:66:db:f2:1c:5a:9a:bb:
                    9f:da:8e:59:42:25:00:b2:28:23:f3:d4:7a:33:8e:
                    c1:ca:0e:ca:df:32:e1:1c:48:60:21:90:14:fa:a2:
                    82:27:01:95:36:8e:7b:bd:c8:1f:22:f4:5f:1d:df:
                    14:5f:ec:25:a2:0e:9e:91:66:2b:3a:cc:05:11:20:
                    64:56:81:d9:d0:d0:e2:4c:ec:cf:aa:29:92:df:a4:
                    aa:73:a2:23:6c:d0:6f:50:76:02:c6:a6:6c:8e:7e:
                    1a:24:34:e7:00:1b:e1:38:cb:fc:54:02:16:6f:be:
                    eb:50:ba:77:8b:3a:02:d1:02:af:17:6a:54:1c:3d:
                    a2:3a:4c:29:19:ff:f2:39:ce:bf:c8:3a:42:83:01:
                    05:56:86:c7:54:59:0e:73:70:70:6f:e1:b1:4e:cc:
                    9a:ee:f1:80:fa:59:08:d0:34:38:b2:98:a0:7f:dd:
                    0b:b4:bb:ec:b1:df:a7:ac:ba:c3:33:9b:95:dd:21:
                    b1:0a:09:69:0e:a8:84:4b:9a:10:ab:96:73:e6:f5:
                    7c:62:96:b7:91:bf:b1:cc:a0:3b:0d:a0:8a:05:5f:
                    d2:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:61:DF:1F:1A:30:79:42:BD:36:1D:16:A5:78:92:54:10:D7:88:6E
            X509v3 Authority Key Identifier:
                keyid:36:37:69:F8:64:4A:5A:71:8A:E6:2B:05:8D:D1:FB:62:CB:5A:3C:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Njdp-GRKWnGK5isFjdH7YstaPCA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/nWHfHxoweUK9Nh0WpXiSVBDXiG4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/Njdp-GRKWnGK5isFjdH7YstaPCA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  95.181.152.0/24
                  95.181.171.0/24
                  185.12.124.0/22

    Signature Algorithm: sha256WithRSAEncryption
         84:a7:22:76:1d:4d:68:1e:dd:48:31:b1:9e:68:73:1f:b0:94:
         dc:58:5b:e2:a9:2a:4c:b7:c1:df:fd:dd:2c:77:34:2a:2d:b2:
         3e:87:59:67:e9:73:1f:9f:3a:2a:5b:17:61:1d:40:c3:8a:d7:
         3f:65:04:d6:5f:09:3f:dd:82:3b:fa:8c:f8:b0:da:55:7e:2c:
         35:9c:cd:69:dd:dc:0d:22:93:65:21:31:35:29:57:de:5c:f2:
         88:10:a0:1d:b5:c4:0e:fb:c1:60:ff:31:70:5a:c0:c8:66:72:
         8a:84:7a:66:4e:c3:10:fc:97:7a:57:bd:48:74:86:f3:b6:4c:
         7a:ab:53:b4:13:f1:ec:99:e4:40:a4:d6:56:e8:ce:24:a8:aa:
         9c:3b:dc:4f:f4:16:ed:d7:9f:6e:60:e2:79:a9:cb:f3:25:88:
         2f:0a:bc:a3:73:4a:06:18:54:79:cb:14:4a:e2:ea:6c:0a:e2:
         d2:a1:67:0d:f4:cd:4d:6a:95:e3:7f:a8:d4:7d:bf:b5:ca:87:
         c8:de:f6:a4:c9:01:33:98:93:fc:4f:f7:3e:6e:7b:e6:41:e5:
         71:a7:9b:e4:da:a7:21:26:1d:b5:a4:30:db:5b:2a:c4:e5:b0:
         d3:27:f1:9b:b2:52:9e:b6:c1:f8:df:3f:5a:9c:54:79:12:4f:
         11:6f:84:45
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYpQdj7EWhkm0eukCOOSsCbRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2Mzc2OWY4NjQ0YTVhNzE4YWU2MmIwNThkZDFmYjYyY2I1
YTNjMjAwHhcNMjMwOTAxMTExNzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDYxZGYxZjFhMzA3OTQyYmQzNjFkMTZhNTc4OTI1NDEwZDc4ODZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmCSgRtJRZSI0sHiHWMHF4XPWc5Hq
s5l7UFhgE4sbFHPbsgVdtWbb8hxamruf2o5ZQiUAsigj89R6M47Byg7K3zLhHEhg
IZAU+qKCJwGVNo57vcgfIvRfHd8UX+wlog6ekWYrOswFESBkVoHZ0NDiTOzPqimS
36Sqc6IjbNBvUHYCxqZsjn4aJDTnABvhOMv8VAIWb77rULp3izoC0QKvF2pUHD2i
OkwpGf/yOc6/yDpCgwEFVobHVFkOc3Bwb+GxTsya7vGA+lkI0DQ4spigf90LtLvs
sd+nrLrDM5uV3SGxCglpDqiES5oQq5Zz5vV8Ypa3kb+xzKA7DaCKBV/SVQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJ1h3x8aMHlCvTYdFqV4klQQ14huMB8GA1UdIwQY
MBaAFDY3afhkSlpxiuYrBY3R+2LLWjwgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmpkcC1HUktXbkdLNWlzRmpkSDdZc3RhUENBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8wZjhmZWEtZjAwYS00NDE1LWIzOTYt
Mzk5ZmM5NjkzYjIyLzEvbldIZkh4b3dlVUs5TmgwV3BYaVNWQkRYaUc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi8wZjhmZWEtZjAwYS00NDE1LWIzOTYtMzk5ZmM5NjkzYjIy
LzEvTmpkcC1HUktXbkdLNWlzRmpkSDdZc3RhUENBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAX7WYAwQA
X7WrAwQCuQx8MA0GCSqGSIb3DQEBCwUAA4IBAQCEpyJ2HU1oHt1IMbGeaHMfsJTc
WFviqSpMt8Hf/d0sdzQqLbI+h1ln6XMfnzoqWxdhHUDDitc/ZQTWXwk/3YI7+oz4
sNpVfiw1nM1p3dwNIpNlITE1KVfeXPKIEKAdtcQO+8Fg/zFwWsDIZnKKhHpmTsMQ
/Jd6V71IdIbztkx6q1O0E/HsmeRApNZW6M4kqKqcO9xP9Bbt159uYOJ5qcvzJYgv
Cryjc0oGGFR5yxRK4upsCuLSoWcN9M1NapXjf6jUfb+1yofI3vakyQEzmJP8T/c+
bnvmQeVxp5vk2qchJh21pDDbWyrE5bDTJ/GbslKetsH43z9anFR5Ek8Rb4RF
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:35 2024 by rpki-client on console-ams.rpki-client.org