Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/592d4f-d71e-4e8b-a632-1ecde1791511/1/Nb-FZaPWE2KWelabAfJnY1-s8wo.roa
File:                     Nb-FZaPWE2KWelabAfJnY1-s8wo.roa (raw, json)
Hash identifier:          jMmtwoT49LAP5Dk7tn3G1gZIjvtpOOjaJpwSbQEc9wo=
Subject key identifier:   35:BF:85:65:A3:D6:13:62:96:7A:56:9B:01:F2:67:63:5F:AC:F3:0A
Certificate issuer:       /CN=aecd64c97837d7bfac06637dd952bdede0c25d85
Certificate serial:       01856EC1FC160A9186857CE355505551EEA4
Authority key identifier: AE:CD:64:C9:78:37:D7:BF:AC:06:63:7D:D9:52:BD:ED:E0:C2:5D:85
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rs1kyXg317-sBmN92VK97eDCXYU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/592d4f-d71e-4e8b-a632-1ecde1791511/1/Nb-FZaPWE2KWelabAfJnY1-s8wo.roa
Signing time:             Sun 01 Jan 2023 19:14:44 +0000
ROA not before:           Sun 01 Jan 2023 19:14:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     39918
IP address blocks:        85.112.73.0/24 maxlen: 24
                          212.98.128.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:29:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:c1:fc:16:0a:91:86:85:7c:e3:55:50:55:51:ee:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aecd64c97837d7bfac06637dd952bdede0c25d85
        Validity
            Not Before: Jan  1 19:14:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=35bf8565a3d61362967a569b01f267635facf30a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:5f:a7:74:5e:f6:33:1d:f1:96:44:fa:34:d4:
                    e6:54:10:5c:e2:36:eb:04:75:fa:61:f0:e4:cb:29:
                    6a:eb:0f:7b:fc:a6:4f:0a:55:00:50:8f:5f:76:ab:
                    ae:82:9c:4a:8e:74:e6:94:01:76:6c:f6:aa:91:a0:
                    df:19:26:1f:91:e8:71:38:d3:3d:d3:f8:ba:ab:63:
                    d0:4b:f8:67:b9:72:c4:e4:4d:32:b2:8a:f6:0b:6a:
                    8e:0c:22:02:9c:93:fc:08:1e:f0:35:81:0c:54:3f:
                    b8:23:75:f2:55:39:5d:09:f0:b0:5a:3b:7b:a9:e2:
                    e7:6e:22:e0:33:38:4b:0e:ac:9f:19:4a:ad:ba:92:
                    01:dc:ba:c7:c5:69:e7:09:6f:12:80:26:f2:92:86:
                    3e:a2:e0:91:1a:c9:e1:bc:39:6a:3a:8a:bf:a2:16:
                    d8:7d:1b:b0:4f:83:77:67:e5:46:d5:64:54:45:13:
                    8b:68:89:b8:02:c7:a9:f7:d6:c3:d4:51:4f:1b:ff:
                    04:35:3c:1d:cc:2d:bc:90:94:74:1b:70:9f:67:71:
                    13:53:07:0a:0f:46:0d:48:58:2a:73:0f:c1:d6:ab:
                    53:6e:85:45:b7:92:b6:44:1b:3a:04:37:19:96:2c:
                    63:49:e8:2c:e7:f7:f9:f9:73:ba:b5:c3:7b:20:10:
                    43:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:BF:85:65:A3:D6:13:62:96:7A:56:9B:01:F2:67:63:5F:AC:F3:0A
            X509v3 Authority Key Identifier:
                keyid:AE:CD:64:C9:78:37:D7:BF:AC:06:63:7D:D9:52:BD:ED:E0:C2:5D:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rs1kyXg317-sBmN92VK97eDCXYU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/592d4f-d71e-4e8b-a632-1ecde1791511/1/Nb-FZaPWE2KWelabAfJnY1-s8wo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/592d4f-d71e-4e8b-a632-1ecde1791511/1/rs1kyXg317-sBmN92VK97eDCXYU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.112.73.0/24
                  212.98.128.0/24

    Signature Algorithm: sha256WithRSAEncryption
         94:f0:14:53:6d:df:1c:0a:bd:19:d6:25:51:82:b8:3a:9a:d8:
         4b:4e:c6:fe:fa:98:00:22:be:d0:10:cc:ee:2d:16:ca:9b:a5:
         73:a2:5c:ce:b3:36:29:cc:df:72:a9:08:f7:52:69:58:fb:24:
         c5:df:bd:5f:70:fa:d2:10:9b:5d:72:b4:da:f8:99:70:44:35:
         d9:03:60:36:38:dc:6a:9b:b5:ad:1a:5a:ae:84:0d:2b:1b:72:
         e8:96:89:5e:c2:8a:c1:30:24:52:34:27:4d:bc:a0:2b:5e:27:
         2c:85:6d:16:c7:9e:7a:a9:9c:61:b3:6a:cc:76:9e:2d:c1:9f:
         9d:16:28:6f:53:42:08:ea:c3:47:e5:61:ca:16:10:db:84:ce:
         7f:89:41:48:5b:99:c9:a6:62:31:6c:a1:5a:10:d3:c4:a0:18:
         b3:3b:eb:3f:68:e5:ae:2e:8a:59:64:ec:fe:a8:ae:ac:62:6b:
         9e:0d:6a:d1:4c:7f:27:42:3e:6b:06:8d:86:ff:68:bc:83:8b:
         f6:c7:ad:68:2b:95:90:18:ad:1a:19:de:63:fb:68:bd:68:53:
         0f:c3:87:85:c3:ce:2c:75:39:4c:52:4c:bd:25:c2:c7:40:c7:
         ae:59:9d:3f:3f:22:7c:30:2d:1d:2a:e2:df:97:bf:6a:f4:89:
         20:df:f2:dc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVuwfwWCpGGhXzjVVBVUe6kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlY2Q2NGM5NzgzN2Q3YmZhYzA2NjM3ZGQ5NTJiZGVkZTBj
MjVkODUwHhcNMjMwMTAxMTkxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWJmODU2NWEzZDYxMzYyOTY3YTU2OWIwMWYyNjc2MzVmYWNmMzBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi1+ndF72Mx3xlkT6NNTmVBBc4jbr
BHX6YfDkyylq6w97/KZPClUAUI9fdquugpxKjnTmlAF2bPaqkaDfGSYfkehxONM9
0/i6q2PQS/hnuXLE5E0ysor2C2qODCICnJP8CB7wNYEMVD+4I3XyVTldCfCwWjt7
qeLnbiLgMzhLDqyfGUqtupIB3LrHxWnnCW8SgCbykoY+ouCRGsnhvDlqOoq/ohbY
fRuwT4N3Z+VG1WRURROLaIm4Asep99bD1FFPG/8ENTwdzC28kJR0G3CfZ3ETUwcK
D0YNSFgqcw/B1qtTboVFt5K2RBs6BDcZlixjSegs5/f5+XO6tcN7IBBD/wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDW/hWWj1hNilnpWmwHyZ2NfrPMKMB8GA1UdIwQY
MBaAFK7NZMl4N9e/rAZjfdlSve3gwl2FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnMxa3lYZzMxNy1zQm1OOTJWSzk3ZURDWFlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi81OTJkNGYtZDcxZS00ZThiLWE2MzIt
MWVjZGUxNzkxNTExLzEvTmItRlphUFdFMktXZWxhYkFmSm5ZMS1zOHdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi81OTJkNGYtZDcxZS00ZThiLWE2MzItMWVjZGUxNzkxNTEx
LzEvcnMxa3lYZzMxNy1zQm1OOTJWSzk3ZURDWFlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVXBJAwQA
1GKAMA0GCSqGSIb3DQEBCwUAA4IBAQCU8BRTbd8cCr0Z1iVRgrg6mthLTsb++pgA
Ir7QEMzuLRbKm6VzolzOszYpzN9yqQj3UmlY+yTF371fcPrSEJtdcrTa+JlwRDXZ
A2A2ONxqm7WtGlquhA0rG3LololeworBMCRSNCdNvKArXicshW0Wx556qZxhs2rM
dp4twZ+dFihvU0II6sNH5WHKFhDbhM5/iUFIW5nJpmIxbKFaENPEoBizO+s/aOWu
LopZZOz+qK6sYmueDWrRTH8nQj5rBo2G/2i8g4v2x61oK5WQGK0aGd5j+2i9aFMP
w4eFw84sdTlMUky9JcLHQMeuWZ0/PyJ8MC0dKuLfl79q9Ikg3/Lc
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:24 2024 by rpki-client on console-ams.rpki-client.org