Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/NxDMCGEkHRueEE48EbI_siuMNhU.roa
File:                     NxDMCGEkHRueEE48EbI_siuMNhU.roa (raw, json)
Hash identifier:          UadmDKkPI+Sms0awWczfi3IZPpX3wzQQGcFt2xytDaA=
Subject key identifier:   37:10:CC:08:61:24:1D:1B:9E:10:4E:3C:11:B2:3F:B2:2B:8C:36:15
Certificate issuer:       /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial:       018F11879303F86121BB823577A73FC1249C
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/NxDMCGEkHRueEE48EbI_siuMNhU.roa
Signing time:             Wed 24 Apr 2024 19:14:08 +0000
ROA not before:           Wed 24 Apr 2024 19:14:08 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     215158
IP address blocks:        2a11:9580::/29 maxlen: 29
                          2a11:e8c0::/29 maxlen: 29
                          2a11:ea80::/29 maxlen: 29
                          2a11:ff40::/29 maxlen: 29
                          2a12:1040::/29 maxlen: 29
                          2a12:2e80::/29 maxlen: 29
                          2a12:3c00::/29 maxlen: 29
                          2a12:8580::/29 maxlen: 29
                          2a12:8a00::/29 maxlen: 29
                          2a12:9300::/29 maxlen: 29
                          2a12:d080::/29 maxlen: 29

Validation:               Failed, certificate revoked on Sat 27 Apr 2024 17:19:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:11:87:93:03:f8:61:21:bb:82:35:77:a7:3f:c1:24:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
        Validity
            Not Before: Apr 24 19:14:08 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=3710cc0861241d1b9e104e3c11b23fb22b8c3615
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:75:72:b4:fa:07:b3:97:84:2d:d9:cb:2a:cc:
                    6e:a5:9c:19:31:38:96:26:c5:18:e3:7e:b9:1d:3d:
                    cf:d7:dc:8e:85:82:82:db:81:23:58:9f:44:14:84:
                    03:e3:03:ed:8b:d3:93:21:39:3c:46:58:76:ad:4f:
                    bf:01:49:8b:3c:42:57:f3:2b:55:be:c2:33:87:0a:
                    3b:97:74:b0:f9:d0:60:85:b3:a4:6f:51:e6:98:bc:
                    2c:e4:d5:da:bf:63:80:af:44:1a:85:b7:c6:f4:02:
                    b9:de:bf:e0:d0:d1:99:f9:09:9f:bf:b1:d3:d5:57:
                    b1:1b:d2:d7:bc:ab:c9:1e:26:5c:bf:ab:81:79:2e:
                    58:1b:48:35:2e:23:74:71:e4:b9:96:df:4b:94:50:
                    7a:87:32:c4:78:5c:99:af:04:6a:a4:0e:09:34:e9:
                    88:3c:3c:16:4f:27:4d:ea:bb:7c:35:33:65:0e:a9:
                    88:01:cd:a0:de:f4:22:84:8b:da:10:66:6f:58:28:
                    f7:90:a6:3f:5c:a3:38:3e:da:8c:bd:00:83:27:f1:
                    70:22:03:ad:f1:b3:78:f9:60:6e:a1:d9:30:3f:42:
                    57:19:3c:a7:8b:dc:54:ac:cb:e4:db:53:83:c0:e8:
                    88:8c:b2:92:b9:25:a6:ca:0a:a7:97:e3:8b:6b:c1:
                    b9:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:10:CC:08:61:24:1D:1B:9E:10:4E:3C:11:B2:3F:B2:2B:8C:36:15
            X509v3 Authority Key Identifier:
                keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/NxDMCGEkHRueEE48EbI_siuMNhU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a11:9580::/29
                  2a11:e8c0::/29
                  2a11:ea80::/29
                  2a11:ff40::/29
                  2a12:1040::/29
                  2a12:2e80::/29
                  2a12:3c00::/29
                  2a12:8580::/29
                  2a12:8a00::/29
                  2a12:9300::/29
                  2a12:d080::/29

    Signature Algorithm: sha256WithRSAEncryption
         39:57:be:28:6c:96:4b:47:d8:0e:5d:19:a4:a4:f3:2b:a3:56:
         b8:15:70:c0:0e:ef:ac:7e:4f:95:80:5d:b8:54:0e:c7:e7:4c:
         7b:a1:1b:40:66:30:d9:24:8f:cd:54:38:27:a2:d2:6a:79:2d:
         d5:30:7b:65:9f:9e:2b:3e:68:22:a6:ee:ff:97:74:f4:65:72:
         22:fe:55:92:1e:0e:d8:2e:cd:b2:e1:0d:56:1b:b1:52:fa:6a:
         97:b2:7a:41:00:e6:c0:b1:b9:f2:cc:b0:83:7e:d5:6f:64:1f:
         65:bd:3b:7d:12:f3:3e:8a:81:d3:b9:94:5e:b9:1d:6e:48:2f:
         cb:8b:d5:49:0a:8e:6e:de:bd:22:bf:70:5e:73:78:5f:64:fd:
         0c:d6:37:b1:37:ac:4f:f7:ea:9a:88:a3:cf:89:2f:1a:03:00:
         f0:f7:29:3d:63:05:a9:c6:6f:26:d6:4e:b4:e5:ff:f1:fd:88:
         44:36:99:a9:93:53:e1:3d:a9:e8:c7:32:b3:a2:d0:bb:b1:5a:
         42:98:40:88:49:08:9e:aa:85:a4:64:9d:9e:9a:42:b1:3d:4b:
         14:52:09:54:a5:05:bc:c1:42:84:39:4f:76:9f:32:ad:df:88:
         e4:5c:d8:08:e7:2d:5b:de:2a:d0:70:c1:d3:b0:e4:a4:42:72:
         2a:65:1f:2a
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAY8Rh5MD+GEhu4I1d6c/wSScMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQwNDI0MTkxNDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzEwY2MwODYxMjQxZDFiOWUxMDRlM2MxMWIyM2ZiMjJiOGMzNjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs3VytPoHs5eELdnLKsxupZwZMTiW
JsUY4365HT3P19yOhYKC24EjWJ9EFIQD4wPti9OTITk8Rlh2rU+/AUmLPEJX8ytV
vsIzhwo7l3Sw+dBghbOkb1HmmLws5NXav2OAr0QahbfG9AK53r/g0NGZ+Qmfv7HT
1VexG9LXvKvJHiZcv6uBeS5YG0g1LiN0ceS5lt9LlFB6hzLEeFyZrwRqpA4JNOmI
PDwWTydN6rt8NTNlDqmIAc2g3vQihIvaEGZvWCj3kKY/XKM4PtqMvQCDJ/FwIgOt
8bN4+WBuodkwP0JXGTyni9xUrMvk21ODwOiIjLKSuSWmygqnl+OLa8G5BQIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFDcQzAhhJB0bnhBOPBGyP7IrjDYVMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvTnhETUNHRWtIUnVlRUU0OEViSV9zaXVNTmhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTBTBAIAAjBNAwUDKhGVgAMF
AyoR6MADBQMqEeqAAwUDKhH/QAMFAyoSEEADBQMqEi6AAwUDKhI8AAMFAyoShYAD
BQMqEooAAwUDKhKTAAMFAyoS0IAwDQYJKoZIhvcNAQELBQADggEBADlXvihslktH
2A5dGaSk8yujVrgVcMAO76x+T5WAXbhUDsfnTHuhG0BmMNkkj81UOCei0mp5LdUw
e2Wfnis+aCKm7v+XdPRlciL+VZIeDtguzbLhDVYbsVL6apeyekEA5sCxufLMsIN+
1W9kH2W9O30S8z6KgdO5lF65HW5IL8uL1UkKjm7evSK/cF5zeF9k/QzWN7E3rE/3
6pqIo8+JLxoDAPD3KT1jBanGbybWTrTl//H9iEQ2mamTU+E9qejHMrOi0LuxWkKY
QIhJCJ6qhaRknZ6aQrE9SxRSCVSlBbzBQoQ5T3afMq3fiORc2AjnLVveKtBwwdOw
5KRCciplHyo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:51 2024 by rpki-client on console-ams.rpki-client.org