Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/682b07-773f-46fd-82e2-b9211e1fc1ac/1/NtXPQ2Lj4arc370EetMzpszQGcQ.roa
File:                     NtXPQ2Lj4arc370EetMzpszQGcQ.roa (raw, json)
Hash identifier:          m6lzlOChyrBeuwk8eyD4UbmfOq+RqtecPVsJ319pkAc=
Subject key identifier:   36:D5:CF:43:62:E3:E1:AA:DC:DF:BD:04:7A:D3:33:A6:CC:D0:19:C4
Certificate issuer:       /CN=c9d6b59a93e324083fbca4237e47e9f5ebf371ab
Certificate serial:       0185DF4E6DC9187708BA2F50211381855EFF
Authority key identifier: C9:D6:B5:9A:93:E3:24:08:3F:BC:A4:23:7E:47:E9:F5:EB:F3:71:AB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yda1mpPjJAg_vKQjfkfp9evzcas.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/682b07-773f-46fd-82e2-b9211e1fc1ac/1/NtXPQ2Lj4arc370EetMzpszQGcQ.roa
Signing time:             Mon 23 Jan 2023 15:45:37 +0000
ROA not before:           Mon 23 Jan 2023 15:45:37 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211432
IP address blocks:        185.193.164.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:29:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:df:4e:6d:c9:18:77:08:ba:2f:50:21:13:81:85:5e:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c9d6b59a93e324083fbca4237e47e9f5ebf371ab
        Validity
            Not Before: Jan 23 15:45:37 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=36d5cf4362e3e1aadcdfbd047ad333a6ccd019c4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:e1:b1:8c:30:e3:b8:b7:f6:dd:11:8e:b7:af:
                    47:73:cd:9d:9e:89:57:d6:4a:1c:93:5a:19:49:64:
                    25:44:0d:4b:ce:d5:c2:98:d0:5b:fd:3f:b6:00:08:
                    99:a1:16:6d:01:6f:6c:a5:2e:01:36:5c:13:66:ac:
                    d5:2e:82:9b:20:02:91:1e:c2:81:f6:f4:f0:d1:24:
                    25:cf:b6:d6:23:d3:28:16:31:a9:81:d4:b4:16:2a:
                    86:e8:d1:23:54:e3:9a:27:c6:cf:dd:c4:fc:0c:f7:
                    07:97:ca:e5:be:10:64:dc:ce:2a:6b:61:8f:71:e9:
                    25:03:6a:fb:1a:83:6f:8a:db:b5:a0:17:04:38:90:
                    b2:84:71:a3:e4:b3:b6:23:ee:24:fe:83:a6:39:34:
                    6e:44:f9:04:ea:d9:9c:3d:01:cf:8b:28:c7:00:7d:
                    70:7e:7f:71:6f:e4:21:6e:c5:9c:c1:37:ce:42:e5:
                    a5:d4:17:b2:f4:3d:7f:47:71:a2:e4:33:92:de:40:
                    8c:18:eb:5c:23:85:cf:fd:0d:88:28:5c:ab:61:67:
                    ae:56:5a:d8:57:12:a5:f2:e2:05:4f:78:5e:03:5c:
                    76:3c:11:70:85:e9:d0:0f:94:e3:2f:9a:97:f2:26:
                    2f:93:47:d9:ac:5e:ff:35:21:fa:e9:49:39:7b:85:
                    68:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:D5:CF:43:62:E3:E1:AA:DC:DF:BD:04:7A:D3:33:A6:CC:D0:19:C4
            X509v3 Authority Key Identifier:
                keyid:C9:D6:B5:9A:93:E3:24:08:3F:BC:A4:23:7E:47:E9:F5:EB:F3:71:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yda1mpPjJAg_vKQjfkfp9evzcas.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/682b07-773f-46fd-82e2-b9211e1fc1ac/1/NtXPQ2Lj4arc370EetMzpszQGcQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/682b07-773f-46fd-82e2-b9211e1fc1ac/1/yda1mpPjJAg_vKQjfkfp9evzcas.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.193.164.0/24

    Signature Algorithm: sha256WithRSAEncryption
         27:4e:1b:5e:ce:cd:64:84:5e:d9:a6:a9:59:0a:c2:12:c4:78:
         8a:25:ec:ca:7a:53:2c:bc:be:21:23:c1:1d:75:62:6a:4c:ca:
         af:f2:51:eb:1d:55:2d:a8:2f:e3:c1:0d:2a:ee:fe:5e:a5:2e:
         7b:46:3d:64:ef:52:af:66:92:e7:1c:b0:3b:2e:9b:65:56:95:
         84:1d:51:04:33:61:ef:cb:f1:c1:f2:70:15:09:b9:12:22:4d:
         13:d8:e9:b0:ed:4b:5a:1b:35:aa:21:f9:1a:a8:e4:01:f1:92:
         ec:29:47:21:b2:31:29:d3:d9:79:3d:48:14:72:a0:e4:ef:04:
         11:96:8a:67:17:9b:de:18:11:ee:f8:55:07:6f:a7:90:84:98:
         47:a2:e1:8d:6f:db:1a:dd:62:f7:f2:56:37:0f:21:cc:73:ef:
         26:ad:e0:8a:db:c2:c4:c9:bc:be:02:3d:ec:a7:e4:e8:47:5b:
         e0:b8:93:ab:cb:aa:2c:10:00:b2:aa:2d:ec:0b:95:45:4a:fe:
         c5:32:ba:a6:08:0b:5f:62:f3:73:64:65:af:c4:ad:93:9a:b4:
         95:04:47:7c:eb:4e:a4:c8:03:94:08:0f:e4:3f:6a:c1:ca:f7:
         79:87:2c:7e:a9:9d:7a:9f:d1:04:12:6f:b2:ee:99:1f:a3:b5:
         31:73:9b:d6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYXfTm3JGHcIui9QIROBhV7/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDZiNTlhOTNlMzI0MDgzZmJjYTQyMzdlNDdlOWY1ZWJm
MzcxYWIwHhcNMjMwMTIzMTU0NTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmQ1Y2Y0MzYyZTNlMWFhZGNkZmJkMDQ3YWQzMzNhNmNjZDAxOWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxuGxjDDjuLf23RGOt69Hc82dnolX
1kock1oZSWQlRA1LztXCmNBb/T+2AAiZoRZtAW9spS4BNlwTZqzVLoKbIAKRHsKB
9vTw0SQlz7bWI9MoFjGpgdS0FiqG6NEjVOOaJ8bP3cT8DPcHl8rlvhBk3M4qa2GP
ceklA2r7GoNvitu1oBcEOJCyhHGj5LO2I+4k/oOmOTRuRPkE6tmcPQHPiyjHAH1w
fn9xb+QhbsWcwTfOQuWl1Bey9D1/R3Gi5DOS3kCMGOtcI4XP/Q2IKFyrYWeuVlrY
VxKl8uIFT3heA1x2PBFwhenQD5TjL5qX8iYvk0fZrF7/NSH66Uk5e4VoXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDbVz0Ni4+Gq3N+9BHrTM6bM0BnEMB8GA1UdIwQY
MBaAFMnWtZqT4yQIP7ykI35H6fXr83GrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRhMW1wUGpKQWdfdktRamZrZnA5ZXZ6Y2FzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny82ODJiMDctNzczZi00NmZkLTgyZTIt
YjkyMTFlMWZjMWFjLzEvTnRYUFEyTGo0YXJjMzcwRWV0TXpwc3pRR2NRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny82ODJiMDctNzczZi00NmZkLTgyZTItYjkyMTFlMWZjMWFj
LzEveWRhMW1wUGpKQWdfdktRamZrZnA5ZXZ6Y2FzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAucGkMA0G
CSqGSIb3DQEBCwUAA4IBAQAnThtezs1khF7ZpqlZCsISxHiKJezKelMsvL4hI8Ed
dWJqTMqv8lHrHVUtqC/jwQ0q7v5epS57Rj1k71KvZpLnHLA7LptlVpWEHVEEM2Hv
y/HB8nAVCbkSIk0T2Omw7UtaGzWqIfkaqOQB8ZLsKUchsjEp09l5PUgUcqDk7wQR
lopnF5veGBHu+FUHb6eQhJhHouGNb9sa3WL38lY3DyHMc+8mreCK28LEyby+Aj3s
p+ToR1vguJOry6osEACyqi3sC5VFSv7FMrqmCAtfYvNzZGWvxK2TmrSVBEd8606k
yAOUCA/kP2rByvd5hyx+qZ16n9EEEm+y7pkfo7Uxc5vW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:30 2024 by rpki-client on console-fra.rpki-client.org