Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/NPnteAnTO6P8v_yZjomwEFtMwmg.roa
File:                     NPnteAnTO6P8v_yZjomwEFtMwmg.roa (raw, json)
Hash identifier:          PTq32Sl/oMXHqTwS6LSxSiA+KXhDj5IsQkWLrCimASU=
Subject key identifier:   34:F9:ED:78:09:D3:3B:A3:FC:BF:FC:99:8E:89:B0:10:5B:4C:C2:68
Certificate issuer:       /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial:       01856ED4D96B78A20D152FF0EFA0C77C0342
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/NPnteAnTO6P8v_yZjomwEFtMwmg.roa
Signing time:             Sun 01 Jan 2023 19:35:21 +0000
ROA not before:           Sun 01 Jan 2023 19:35:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     208695
IP address blocks:        201.49.188.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 17 Nov 2023 13:13:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:d4:d9:6b:78:a2:0d:15:2f:f0:ef:a0:c7:7c:03:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
        Validity
            Not Before: Jan  1 19:35:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=34f9ed7809d33ba3fcbffc998e89b0105b4cc268
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:25:de:84:fe:bd:e5:19:06:c3:72:77:92:a3:
                    a0:dc:3e:d4:84:90:c2:80:72:df:62:e8:b1:14:32:
                    ed:3b:d3:bc:99:50:ab:0f:e0:51:cb:5a:f8:53:ca:
                    f7:d2:f4:16:54:b0:22:6e:b5:8f:73:f0:81:cc:85:
                    c6:0e:e3:a9:ea:d7:2e:1c:41:2b:a4:cc:de:7b:e6:
                    54:e2:9c:ca:8b:0c:7f:cb:49:a5:70:15:dd:8a:e1:
                    47:3a:3e:08:5e:c2:f0:db:4b:f5:2b:02:4a:65:3b:
                    63:3c:93:32:3f:be:cd:34:06:d2:46:e9:9b:99:b2:
                    0f:ed:de:67:73:1f:bf:1e:85:de:9d:50:73:75:1d:
                    6e:46:4a:43:75:1c:12:b6:9c:ad:82:c9:99:a5:48:
                    a9:5c:8d:46:e4:cd:e3:a9:77:08:35:80:48:05:ab:
                    ed:c5:bf:81:50:2c:ca:d1:c8:bc:a4:fd:22:06:67:
                    07:a2:ab:4a:37:f3:c9:1e:20:b7:6a:fb:78:d1:b3:
                    91:1c:3b:31:74:59:59:35:7b:cf:40:43:e2:45:54:
                    1d:c1:d6:97:eb:0c:c5:c0:57:7c:db:16:af:e6:49:
                    24:a5:dc:e6:da:f5:7e:08:54:8f:72:eb:b1:5e:cf:
                    ec:b7:5c:95:ad:05:c6:44:cb:d4:aa:43:c5:71:40:
                    6d:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:F9:ED:78:09:D3:3B:A3:FC:BF:FC:99:8E:89:B0:10:5B:4C:C2:68
            X509v3 Authority Key Identifier:
                keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/NPnteAnTO6P8v_yZjomwEFtMwmg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  201.49.188.0/24

    Signature Algorithm: sha256WithRSAEncryption
         71:ea:72:f3:53:f0:29:22:58:66:80:b2:d0:a1:4e:17:36:57:
         8a:28:8f:58:90:83:32:f9:de:32:73:82:bb:13:1c:9e:d7:aa:
         74:7d:48:14:e2:ee:40:e2:77:fc:ca:26:b2:0f:a0:4a:ea:11:
         91:e1:4f:8a:01:6c:ec:95:99:11:33:c1:30:1d:b7:f7:e3:e4:
         6f:d9:e7:85:28:a2:e1:fc:c0:75:ef:a1:a7:30:24:df:f2:17:
         9a:0c:7a:dc:c5:4f:8f:c2:76:94:82:24:cb:93:4e:c3:ee:57:
         34:f1:90:9a:d0:e9:18:2e:3a:d2:5d:ff:82:0a:58:86:5b:5b:
         a8:32:f2:d5:43:d8:70:4e:14:46:61:d7:bf:b0:ff:21:c3:3d:
         ae:5a:1e:e0:73:67:04:7c:5b:67:0e:c9:27:8a:4b:9b:46:82:
         a5:a2:fc:00:b3:7a:dc:26:07:29:78:1e:8b:4d:a0:43:5a:91:
         e3:5e:eb:77:bd:7a:26:d5:58:4e:3a:2b:13:e4:7a:c6:cc:ad:
         65:b9:07:7e:05:8d:b4:f5:b9:92:fd:d7:9c:0d:25:57:12:20:
         5e:a8:71:a8:47:5f:14:23:cb:a4:07:a3:be:4a:00:af:b8:3b:
         35:5b:38:5d:9b:3a:79:65:33:af:02:50:93:d8:99:50:7d:e9:
         b9:a4:e9:0e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVu1NlreKINFS/w76DHfANCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjMwMTAxMTkzNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGY5ZWQ3ODA5ZDMzYmEzZmNiZmZjOTk4ZTg5YjAxMDViNGNjMjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyiXehP695RkGw3J3kqOg3D7UhJDC
gHLfYuixFDLtO9O8mVCrD+BRy1r4U8r30vQWVLAibrWPc/CBzIXGDuOp6tcuHEEr
pMzee+ZU4pzKiwx/y0mlcBXdiuFHOj4IXsLw20v1KwJKZTtjPJMyP77NNAbSRumb
mbIP7d5ncx+/HoXenVBzdR1uRkpDdRwStpytgsmZpUipXI1G5M3jqXcINYBIBavt
xb+BUCzK0ci8pP0iBmcHoqtKN/PJHiC3avt40bORHDsxdFlZNXvPQEPiRVQdwdaX
6wzFwFd82xav5kkkpdzm2vV+CFSPcuuxXs/st1yVrQXGRMvUqkPFcUBtbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDT57XgJ0zuj/L/8mY6JsBBbTMJoMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvTlBudGVBblRPNlA4dl95WmpvbXdFRnRNd21nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAyTG8MA0G
CSqGSIb3DQEBCwUAA4IBAQBx6nLzU/ApIlhmgLLQoU4XNleKKI9YkIMy+d4yc4K7
Exye16p0fUgU4u5A4nf8yiayD6BK6hGR4U+KAWzslZkRM8EwHbf34+Rv2eeFKKLh
/MB176GnMCTf8heaDHrcxU+PwnaUgiTLk07D7lc08ZCa0OkYLjrSXf+CCliGW1uo
MvLVQ9hwThRGYde/sP8hwz2uWh7gc2cEfFtnDsknikubRoKlovwAs3rcJgcpeB6L
TaBDWpHjXut3vXom1VhOOisT5HrGzK1luQd+BY209bmS/decDSVXEiBeqHGoR18U
I8ukB6O+SgCvuDs1Wzhdmzp5ZTOvAlCT2JlQfem5pOkO
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:35 2024 by rpki-client on console-ams.rpki-client.org