Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/NbgFPS0znVkqns4mRJO7mMJLovM.roa
File:                     NbgFPS0znVkqns4mRJO7mMJLovM.roa (raw, json)
Hash identifier:          Pw9WUUcZwH3l5D40uXr7DIG6ZMgARYc8mn3EU/vz3QU=
Subject key identifier:   35:B8:05:3D:2D:33:9D:59:2A:9E:CE:26:44:93:BB:98:C2:4B:A2:F3
Certificate issuer:       /CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Certificate serial:       018807BF2CFA48736A3EAB5FCB269FF87C38
Authority key identifier: 3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/NbgFPS0znVkqns4mRJO7mMJLovM.roa
Signing time:             Wed 10 May 2023 22:19:09 +0000
ROA not before:           Wed 10 May 2023 22:19:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        62.182.172.0/24 maxlen: 24
                          62.182.175.0/24 maxlen: 24
                          194.15.152.0/22 maxlen: 24
                          194.15.153.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:07:bf:2c:fa:48:73:6a:3e:ab:5f:cb:26:9f:f8:7c:38
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3c4ed942e5c742e77bfb9beb954f872534f52848
        Validity
            Not Before: May 10 22:19:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=35b8053d2d339d592a9ece264493bb98c24ba2f3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:c2:ea:a9:2a:f5:90:1b:ac:63:fc:8f:fb:ba:
                    bd:ec:cb:8c:cc:31:0d:b6:26:68:71:71:49:a7:e6:
                    bb:70:1f:11:00:d9:75:dd:f9:05:f7:ee:99:0e:82:
                    1d:76:42:bc:71:1f:bb:44:f3:0b:1e:b1:fd:81:b5:
                    90:4d:f8:65:01:a8:ee:c4:b2:65:d2:36:d6:4d:96:
                    b6:fb:7b:7d:3d:80:80:db:ad:62:f4:25:a5:7f:1a:
                    c1:40:95:2f:96:b1:fc:47:05:03:bf:3d:53:d6:9c:
                    0c:6f:e4:ce:d8:4a:c6:39:86:68:61:a7:74:fa:c8:
                    6a:53:3d:77:7c:43:a7:92:97:fa:1d:6a:91:37:c0:
                    38:eb:37:20:cf:6a:4c:42:18:d3:d5:09:9a:0e:b9:
                    dd:5b:83:2f:a5:b0:97:59:32:08:2d:98:13:3f:7b:
                    b7:50:0b:b4:9c:56:91:7a:ed:77:f6:b5:12:33:a0:
                    4d:f6:7d:7e:db:a4:c3:3c:84:6d:47:ee:ad:1a:6a:
                    b0:67:0c:33:58:25:f5:7f:35:b3:b0:d5:2c:ce:82:
                    01:0a:1d:9c:6e:55:8c:62:e2:7b:19:af:36:47:ea:
                    7d:cc:90:e9:db:aa:78:47:c4:72:14:20:5c:22:c9:
                    bc:ca:1a:f9:ba:59:23:0f:f1:68:86:1e:db:10:06:
                    4f:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:B8:05:3D:2D:33:9D:59:2A:9E:CE:26:44:93:BB:98:C2:4B:A2:F3
            X509v3 Authority Key Identifier:
                keyid:3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/NbgFPS0znVkqns4mRJO7mMJLovM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.182.172.0/24
                  62.182.175.0/24
                  194.15.152.0/22

    Signature Algorithm: sha256WithRSAEncryption
         22:7e:6a:07:3a:92:98:3e:d2:ec:50:ee:d9:e4:6a:ea:a5:de:
         c6:ca:2f:87:14:b9:16:85:bc:bc:17:48:36:b8:f3:62:0f:10:
         0c:29:7e:11:d5:f3:82:ac:57:4b:ed:d6:3c:35:73:f3:2f:f1:
         19:b0:16:a1:e9:4a:05:32:42:48:e4:a9:bf:88:6f:e9:33:df:
         56:13:3f:63:f6:a4:fd:f3:d0:fb:e2:45:33:11:b6:91:c8:1d:
         b8:0b:96:6a:73:df:12:83:64:14:ee:8a:01:37:6f:53:50:35:
         b9:94:0c:e8:13:2a:29:86:1c:b8:f0:06:5b:54:ad:53:67:af:
         1a:30:be:22:a6:62:32:e4:ed:6c:46:35:ab:15:4f:b0:8b:60:
         dc:82:c7:69:3b:71:81:e7:82:db:9d:90:41:75:45:21:60:5b:
         ae:0a:2a:5b:5c:14:03:1e:77:28:26:8b:93:68:8c:f9:4c:8a:
         71:da:3d:f8:bb:e8:11:4c:fb:4b:5a:d8:a3:2f:f5:60:ef:51:
         44:a6:ca:a2:0c:df:b4:e0:5b:ff:57:4d:99:64:3f:e7:7e:bd:
         18:1a:c3:cf:8f:b1:6e:57:b4:ea:40:c4:bf:56:1c:1d:47:8c:
         a2:e8:0e:57:e3:b3:50:84:b9:3e:42:28:ec:d9:76:83:b0:6f:
         e7:af:2c:71
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYgHvyz6SHNqPqtfyyaf+Hw4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNGVkOTQyZTVjNzQyZTc3YmZiOWJlYjk1NGY4NzI1MzRm
NTI4NDgwHhcNMjMwNTEwMjIxOTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWI4MDUzZDJkMzM5ZDU5MmE5ZWNlMjY0NDkzYmI5OGMyNGJhMmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiMLqqSr1kBusY/yP+7q97MuMzDEN
tiZocXFJp+a7cB8RANl13fkF9+6ZDoIddkK8cR+7RPMLHrH9gbWQTfhlAajuxLJl
0jbWTZa2+3t9PYCA261i9CWlfxrBQJUvlrH8RwUDvz1T1pwMb+TO2ErGOYZoYad0
+shqUz13fEOnkpf6HWqRN8A46zcgz2pMQhjT1QmaDrndW4MvpbCXWTIILZgTP3u3
UAu0nFaReu139rUSM6BN9n1+26TDPIRtR+6tGmqwZwwzWCX1fzWzsNUszoIBCh2c
blWMYuJ7Ga82R+p9zJDp26p4R8RyFCBcIsm8yhr5ulkjD/Fohh7bEAZPZQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDW4BT0tM51ZKp7OJkSTu5jCS6LzMB8GA1UdIwQY
MBaAFDxO2ULlx0Lne/ub65VPhyU09ShIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2Et
NzczNDRiY2M5MTkxLzEvTmJnRlBTMHpuVmtxbnM0bVJKTzdtTUpMb3ZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2EtNzczNDRiY2M5MTkx
LzEvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAPrasAwQA
PravAwQCwg+YMA0GCSqGSIb3DQEBCwUAA4IBAQAifmoHOpKYPtLsUO7Z5Grqpd7G
yi+HFLkWhby8F0g2uPNiDxAMKX4R1fOCrFdL7dY8NXPzL/EZsBah6UoFMkJI5Km/
iG/pM99WEz9j9qT989D74kUzEbaRyB24C5Zqc98Sg2QU7ooBN29TUDW5lAzoEyop
hhy48AZbVK1TZ68aML4ipmIy5O1sRjWrFU+wi2DcgsdpO3GB54LbnZBBdUUhYFuu
CipbXBQDHncoJouTaIz5TIpx2j34u+gRTPtLWtijL/Vg71FEpsqiDN+04Fv/V02Z
ZD/nfr0YGsPPj7FuV7TqQMS/VhwdR4yi6A5X47NQhLk+Qijs2XaDsG/nryxx
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:12 2023 by rpki-client on console-fra.rpki-client.org