Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/a41898-da08-469d-be1a-8bbc226e6c45/1/Nyf9zHvZ4FQiHrWe3uYPRQLetPA.roa
File:                     Nyf9zHvZ4FQiHrWe3uYPRQLetPA.roa (raw, json)
Hash identifier:          lnrbhjzfN4Hi+EhDPZXllNp4TQpWc+Jrp36WLG43DTY=
Subject key identifier:   37:27:FD:CC:7B:D9:E0:54:22:1E:B5:9E:DE:E6:0F:45:02:DE:B4:F0
Certificate issuer:       /CN=b3dd11d346b63bb1eb22a07c26cc1291a2a06895
Certificate serial:       01875A9C4119D783434B71903B1D9FED2ED5
Authority key identifier: B3:DD:11:D3:46:B6:3B:B1:EB:22:A0:7C:26:CC:12:91:A2:A0:68:95
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/s90R00a2O7HrIqB8JswSkaKgaJU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/47/a41898-da08-469d-be1a-8bbc226e6c45/1/Nyf9zHvZ4FQiHrWe3uYPRQLetPA.roa
Signing time:             Fri 07 Apr 2023 07:26:42 +0000
ROA not before:           Fri 07 Apr 2023 07:26:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        185.63.35.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 28 May 2023 03:26:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:5a:9c:41:19:d7:83:43:4b:71:90:3b:1d:9f:ed:2e:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b3dd11d346b63bb1eb22a07c26cc1291a2a06895
        Validity
            Not Before: Apr  7 07:26:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3727fdcc7bd9e054221eb59edee60f4502deb4f0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:21:f4:21:be:a0:7a:52:a8:46:e8:98:be:c6:
                    db:98:37:af:85:4b:c5:60:f8:56:82:fd:d7:6b:ad:
                    4e:34:01:ae:34:e0:89:c3:62:9d:57:99:62:f0:2e:
                    53:0c:ef:44:9e:5b:8d:f7:a8:b4:40:e7:75:48:5d:
                    d0:38:63:da:98:d5:3a:90:b8:2b:d7:93:6c:08:34:
                    e4:46:e9:aa:bb:b3:92:00:7a:0c:52:28:23:5d:0b:
                    5b:54:cd:b8:6f:01:6a:33:42:94:90:6d:a8:ac:49:
                    e8:50:44:76:72:6a:86:bd:04:87:58:95:26:08:5d:
                    b8:04:89:1e:3c:66:6d:f4:3a:b6:5d:fe:98:dd:62:
                    c9:06:44:0f:07:fb:1a:24:d4:ef:f6:8c:0e:8f:74:
                    1c:d3:b1:5a:b3:e3:af:b1:7c:3d:19:0a:2f:af:99:
                    c9:80:ce:c3:a1:92:c2:6d:34:af:74:98:87:cf:fc:
                    ea:f5:2c:1a:df:5e:cd:6e:69:24:8e:3a:46:64:98:
                    e8:b3:4a:ba:26:f4:7e:8c:3a:e3:a8:b6:fd:ee:0d:
                    e5:fe:27:ab:4f:45:bc:0e:8e:8b:1f:ca:bc:f3:a8:
                    01:1b:f5:a7:88:16:69:bd:55:fb:19:f1:d6:98:22:
                    1e:f3:b9:62:5c:d2:48:d9:cf:02:4d:3f:6e:21:fb:
                    11:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:27:FD:CC:7B:D9:E0:54:22:1E:B5:9E:DE:E6:0F:45:02:DE:B4:F0
            X509v3 Authority Key Identifier:
                keyid:B3:DD:11:D3:46:B6:3B:B1:EB:22:A0:7C:26:CC:12:91:A2:A0:68:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s90R00a2O7HrIqB8JswSkaKgaJU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/a41898-da08-469d-be1a-8bbc226e6c45/1/Nyf9zHvZ4FQiHrWe3uYPRQLetPA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/47/a41898-da08-469d-be1a-8bbc226e6c45/1/s90R00a2O7HrIqB8JswSkaKgaJU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.63.35.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b0:ae:f0:11:28:77:dc:13:3f:4c:65:7f:74:02:1d:df:12:65:
         15:fa:b3:d5:a7:f9:32:a0:0a:f8:90:e6:4f:ed:fc:3f:3c:c6:
         29:07:a5:73:1f:5f:1e:ce:d7:fb:1f:c0:70:76:2e:07:37:b7:
         f8:37:ea:8f:d0:54:1e:42:eb:a3:b0:2c:ef:20:46:0f:16:e2:
         f7:3e:50:64:d2:6b:f9:0d:e0:c6:df:97:8c:40:8c:ca:37:17:
         96:27:04:7f:fc:00:0a:d8:5f:36:b6:6d:13:14:94:2b:ee:97:
         3f:d8:ce:c6:df:a3:32:ff:de:25:d1:e9:75:5b:51:4a:4b:c0:
         b9:d9:89:61:f1:1c:6d:6a:dd:b4:af:48:a4:cf:f8:fd:46:c4:
         6b:9d:a8:c6:24:fb:2f:b9:3f:10:c4:85:8e:37:73:53:20:47:
         ad:3f:e2:ff:9c:f7:91:0d:4b:55:09:69:e5:3a:39:6d:d8:3e:
         c9:7f:c1:d9:17:75:9c:2d:f7:0b:2b:08:47:99:ed:ac:99:aa:
         bc:2d:94:7b:f3:5d:63:9b:84:bf:2c:87:e6:4a:62:3f:10:be:
         37:4b:55:63:0d:00:67:18:9e:cd:e4:15:3d:70:d2:2d:9f:f6:
         06:5c:78:7f:d8:00:78:47:75:c0:72:93:e4:e3:74:bf:50:b9:
         38:ba:fd:e9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYdanEEZ14NDS3GQOx2f7S7VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzZGQxMWQzNDZiNjNiYjFlYjIyYTA3YzI2Y2MxMjkxYTJh
MDY4OTUwHhcNMjMwNDA3MDcyNjQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzI3ZmRjYzdiZDllMDU0MjIxZWI1OWVkZWU2MGY0NTAyZGViNGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiSH0Ib6gelKoRuiYvsbbmDevhUvF
YPhWgv3Xa61ONAGuNOCJw2KdV5li8C5TDO9EnluN96i0QOd1SF3QOGPamNU6kLgr
15NsCDTkRumqu7OSAHoMUigjXQtbVM24bwFqM0KUkG2orEnoUER2cmqGvQSHWJUm
CF24BIkePGZt9Dq2Xf6Y3WLJBkQPB/saJNTv9owOj3Qc07Fas+OvsXw9GQovr5nJ
gM7DoZLCbTSvdJiHz/zq9Swa317NbmkkjjpGZJjos0q6JvR+jDrjqLb97g3l/ier
T0W8Do6LH8q886gBG/WniBZpvVX7GfHWmCIe87liXNJI2c8CTT9uIfsRcwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDcn/cx72eBUIh61nt7mD0UC3rTwMB8GA1UdIwQY
MBaAFLPdEdNGtjux6yKgfCbMEpGioGiVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczkwUjAwYTJPN0hySXFCOEpzd1NrYUtnYUpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hNDE4OTgtZGEwOC00NjlkLWJlMWEt
OGJiYzIyNmU2YzQ1LzEvTnlmOXpIdlo0RlFpSHJXZTN1WVBSUUxldFBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hNDE4OTgtZGEwOC00NjlkLWJlMWEtOGJiYzIyNmU2YzQ1
LzEvczkwUjAwYTJPN0hySXFCOEpzd1NrYUtnYUpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuT8jMA0G
CSqGSIb3DQEBCwUAA4IBAQCwrvARKHfcEz9MZX90Ah3fEmUV+rPVp/kyoAr4kOZP
7fw/PMYpB6VzH18eztf7H8Bwdi4HN7f4N+qP0FQeQuujsCzvIEYPFuL3PlBk0mv5
DeDG35eMQIzKNxeWJwR//AAK2F82tm0TFJQr7pc/2M7G36My/94l0el1W1FKS8C5
2Ylh8Rxtat20r0ikz/j9RsRrnajGJPsvuT8QxIWON3NTIEetP+L/nPeRDUtVCWnl
Ojlt2D7Jf8HZF3WcLfcLKwhHme2smaq8LZR7811jm4S/LIfmSmI/EL43S1VjDQBn
GJ7N5BU9cNItn/YGXHh/2AB4R3XAcpPk43S/ULk4uv3p
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:23 2024 by rpki-client on console-ams.rpki-client.org