Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/18c498-2171-4e1c-8d80-a6c49eb28287/1/pnmiEtchHJ0CUawFiPnPZ3gt6nw.roa
File:                     pnmiEtchHJ0CUawFiPnPZ3gt6nw.roa (raw, json)
Hash identifier:          phnsq3JXBrsXsII2g6xUnWnmWMGm+V6UcVGzAvgt5yM=
Subject key identifier:   A6:79:A2:12:D7:21:1C:9D:02:51:AC:05:88:F9:CF:67:78:2D:EA:7C
Certificate issuer:       /CN=74e3c336972094b1a8c13d41816857d197a3aae9
Certificate serial:       01856E38A3B4D4AA70F9983B25535EAB2286
Authority key identifier: 74:E3:C3:36:97:20:94:B1:A8:C1:3D:41:81:68:57:D1:97:A3:AA:E9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dOPDNpcglLGowT1BgWhX0Zejquk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/18c498-2171-4e1c-8d80-a6c49eb28287/1/pnmiEtchHJ0CUawFiPnPZ3gt6nw.roa
Signing time:             Sun 01 Jan 2023 16:44:43 +0000
ROA not before:           Sun 01 Jan 2023 16:44:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     201920
IP address blocks:        194.183.186.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:31:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:38:a3:b4:d4:aa:70:f9:98:3b:25:53:5e:ab:22:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=74e3c336972094b1a8c13d41816857d197a3aae9
        Validity
            Not Before: Jan  1 16:44:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a679a212d7211c9d0251ac0588f9cf67782dea7c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:5f:cb:ed:06:62:e2:56:f2:9b:52:77:50:d9:
                    82:9f:48:80:4f:11:8f:02:da:46:48:0b:ea:21:ab:
                    09:2d:d6:de:30:95:62:71:7d:de:6e:08:70:64:f1:
                    06:75:1f:1b:e4:b1:34:df:9e:d4:f3:7e:b7:1c:30:
                    20:d2:9b:33:e8:76:cf:7d:d8:bf:7f:18:5d:46:ae:
                    b4:9b:25:85:ee:ca:ca:04:2a:d9:87:6c:27:18:14:
                    53:73:ab:c3:03:67:be:a4:41:46:e5:11:7e:3d:87:
                    0a:38:41:82:06:8c:a8:8c:e5:c0:9a:6e:03:64:f9:
                    48:e0:c9:6e:9a:6e:68:e7:25:fc:44:48:02:7b:ac:
                    5f:d8:bb:70:b2:21:dd:da:77:65:0f:7a:46:a2:fc:
                    73:29:d7:88:3e:3b:58:9c:85:9b:e8:25:36:38:b5:
                    8d:bc:66:2a:b4:24:38:2a:36:d8:8b:64:45:d6:37:
                    51:67:ff:24:62:3a:a4:46:d7:1d:08:b3:75:42:1d:
                    9b:84:41:0a:2f:69:71:7f:a9:97:23:67:ed:c4:e3:
                    4b:45:76:6f:50:bc:2c:b4:28:5b:8d:8f:c4:51:7b:
                    c5:68:95:f1:3c:ee:9c:e7:af:5b:19:88:e9:d6:b8:
                    8d:30:46:25:9f:6f:c5:32:e8:f3:e6:bc:08:05:82:
                    d1:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:79:A2:12:D7:21:1C:9D:02:51:AC:05:88:F9:CF:67:78:2D:EA:7C
            X509v3 Authority Key Identifier:
                keyid:74:E3:C3:36:97:20:94:B1:A8:C1:3D:41:81:68:57:D1:97:A3:AA:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dOPDNpcglLGowT1BgWhX0Zejquk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/18c498-2171-4e1c-8d80-a6c49eb28287/1/pnmiEtchHJ0CUawFiPnPZ3gt6nw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/18c498-2171-4e1c-8d80-a6c49eb28287/1/dOPDNpcglLGowT1BgWhX0Zejquk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.183.186.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2e:b2:21:10:b7:20:cd:67:b4:7a:0f:60:7e:d1:9f:e7:74:72:
         72:e0:8c:52:42:cd:46:49:31:66:94:94:c5:ad:50:7a:87:81:
         c4:d1:dd:18:25:e9:af:f6:7f:bc:8e:88:1d:ad:94:c6:40:b7:
         c0:73:96:4a:67:3e:84:5a:2c:4d:dc:f9:03:bf:10:2d:2d:ff:
         0e:36:5a:ae:24:05:aa:86:f9:ef:73:80:4c:57:72:69:85:09:
         ba:d4:b6:2b:ec:12:9f:6b:e5:90:73:72:79:3f:ab:f7:6d:68:
         48:79:31:b1:b9:75:f8:32:3a:1b:0d:26:3d:03:e7:49:db:3a:
         7c:d7:60:c6:dc:ab:07:0b:4d:14:7c:0f:d7:ff:41:2d:a8:44:
         8b:68:57:61:4f:ed:0f:02:89:20:46:7f:d7:14:d5:a4:1c:90:
         f2:f5:77:5e:1e:df:11:9c:6f:1a:da:96:d2:d3:7a:14:bc:f4:
         ae:cd:73:db:46:7e:d9:c0:58:93:fb:38:56:2e:05:32:11:4a:
         bb:77:b0:a3:1b:4b:63:f2:4d:4d:37:0a:a8:3a:07:37:73:d7:
         86:f4:a0:47:6d:34:d0:cd:5c:9c:8d:bb:d1:37:fc:73:51:e1:
         33:00:6b:e0:1f:e6:c9:ba:fb:af:65:a2:8f:ce:20:96:63:b7:
         dc:d0:42:71
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuOKO01Kpw+Zg7JVNeqyKGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0ZTNjMzM2OTcyMDk0YjFhOGMxM2Q0MTgxNjg1N2QxOTdh
M2FhZTkwHhcNMjMwMTAxMTY0NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjc5YTIxMmQ3MjExYzlkMDI1MWFjMDU4OGY5Y2Y2Nzc4MmRlYTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkV/L7QZi4lbym1J3UNmCn0iATxGP
AtpGSAvqIasJLdbeMJVicX3ebghwZPEGdR8b5LE0357U8363HDAg0psz6HbPfdi/
fxhdRq60myWF7srKBCrZh2wnGBRTc6vDA2e+pEFG5RF+PYcKOEGCBoyojOXAmm4D
ZPlI4Mlumm5o5yX8REgCe6xf2LtwsiHd2ndlD3pGovxzKdeIPjtYnIWb6CU2OLWN
vGYqtCQ4KjbYi2RF1jdRZ/8kYjqkRtcdCLN1Qh2bhEEKL2lxf6mXI2ftxONLRXZv
ULwstChbjY/EUXvFaJXxPO6c569bGYjp1riNMEYln2/FMujz5rwIBYLRBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKZ5ohLXIRydAlGsBYj5z2d4Lep8MB8GA1UdIwQY
MBaAFHTjwzaXIJSxqME9QYFoV9GXo6rpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZE9QRE5wY2dsTEdvd1QxQmdXaFgwWmVqcXVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8xOGM0OTgtMjE3MS00ZTFjLThkODAt
YTZjNDllYjI4Mjg3LzEvcG5taUV0Y2hISjBDVWF3RmlQblBaM2d0Nm53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi8xOGM0OTgtMjE3MS00ZTFjLThkODAtYTZjNDllYjI4Mjg3
LzEvZE9QRE5wY2dsTEdvd1QxQmdXaFgwWmVqcXVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwre6MA0G
CSqGSIb3DQEBCwUAA4IBAQAusiEQtyDNZ7R6D2B+0Z/ndHJy4IxSQs1GSTFmlJTF
rVB6h4HE0d0YJemv9n+8jogdrZTGQLfAc5ZKZz6EWixN3PkDvxAtLf8ONlquJAWq
hvnvc4BMV3JphQm61LYr7BKfa+WQc3J5P6v3bWhIeTGxuXX4MjobDSY9A+dJ2zp8
12DG3KsHC00UfA/X/0EtqESLaFdhT+0PAokgRn/XFNWkHJDy9XdeHt8RnG8a2pbS
03oUvPSuzXPbRn7ZwFiT+zhWLgUyEUq7d7CjG0tj8k1NNwqoOgc3c9eG9KBHbTTQ
zVycjbvRN/xzUeEzAGvgH+bJuvuvZaKPziCWY7fc0EJx
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:36 2024 by rpki-client on console-ams.rpki-client.org