Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/70cb80-4e6d-46a5-b1b4-4e3f4d68f682/1/NpBln6nbOSgNM2nItwxsj19eMPo.roa
File:                     NpBln6nbOSgNM2nItwxsj19eMPo.roa (raw, json)
Hash identifier:          ey1Aqh6hcnxXWEnToBAeAgbNrQ8CP2y8FDBil4NplEU=
Subject key identifier:   36:90:65:9F:A9:DB:39:28:0D:33:69:C8:B7:0C:6C:8F:5F:5E:30:FA
Certificate issuer:       /CN=74267f3ecfcc61668e0501bca60ced6dd75d347c
Certificate serial:       01856D5D25B62D18AD326CB9B8F1F40EABC0
Authority key identifier: 74:26:7F:3E:CF:CC:61:66:8E:05:01:BC:A6:0C:ED:6D:D7:5D:34:7C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dCZ_Ps_MYWaOBQG8pgztbdddNHw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/70cb80-4e6d-46a5-b1b4-4e3f4d68f682/1/NpBln6nbOSgNM2nItwxsj19eMPo.roa
Signing time:             Sun 01 Jan 2023 12:44:59 +0000
ROA not before:           Sun 01 Jan 2023 12:44:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     50897
IP address blocks:        192.108.116.0/24 maxlen: 24
                          192.108.117.0/24 maxlen: 24
                          192.108.118.0/24 maxlen: 24
                          192.108.115.0/24 maxlen: 24
                          192.44.75.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:5d:25:b6:2d:18:ad:32:6c:b9:b8:f1:f4:0e:ab:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=74267f3ecfcc61668e0501bca60ced6dd75d347c
        Validity
            Not Before: Jan  1 12:44:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3690659fa9db39280d3369c8b70c6c8f5f5e30fa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:d2:f9:c7:23:36:ef:77:d4:2b:d5:8e:27:59:
                    ce:7a:f0:be:a1:32:15:fb:56:cf:f7:c7:c4:ed:90:
                    7e:6c:58:d7:1f:74:79:89:72:b9:c9:b6:01:74:66:
                    b0:35:b0:f9:ed:87:cf:d6:97:39:38:f0:65:3c:99:
                    6c:75:ca:8e:64:bf:f7:43:ef:b8:de:49:02:ad:7f:
                    e4:f7:c7:59:ca:1a:9a:a0:9e:6d:71:56:14:e6:4c:
                    77:78:32:c2:7f:91:ac:e4:05:65:1d:9b:b5:20:0e:
                    e5:56:90:9d:4c:1f:36:3b:2a:b5:3d:91:99:bd:ee:
                    e2:1f:31:be:78:1a:6a:b2:2e:6a:b3:31:aa:fd:d6:
                    74:2c:28:e9:54:52:a0:dc:7c:13:b4:c5:f3:e9:ee:
                    c9:0b:4d:da:f0:7f:1b:66:4e:64:03:ba:32:a8:a6:
                    59:b5:42:b1:dd:8d:cd:a2:72:0a:39:81:d4:ca:5d:
                    0a:05:53:63:f6:42:83:50:00:cb:85:52:f9:d8:c1:
                    00:9a:93:7c:19:0b:76:38:d2:51:08:4c:65:be:21:
                    f1:e3:d9:7f:c8:fe:3d:b8:40:6d:44:50:88:38:84:
                    1a:ba:08:b8:64:77:0f:8b:7c:7a:98:38:f5:03:ec:
                    44:3d:bb:7c:5c:ac:0e:25:62:39:e6:38:95:98:5e:
                    03:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:90:65:9F:A9:DB:39:28:0D:33:69:C8:B7:0C:6C:8F:5F:5E:30:FA
            X509v3 Authority Key Identifier:
                keyid:74:26:7F:3E:CF:CC:61:66:8E:05:01:BC:A6:0C:ED:6D:D7:5D:34:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dCZ_Ps_MYWaOBQG8pgztbdddNHw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/70cb80-4e6d-46a5-b1b4-4e3f4d68f682/1/NpBln6nbOSgNM2nItwxsj19eMPo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/70cb80-4e6d-46a5-b1b4-4e3f4d68f682/1/dCZ_Ps_MYWaOBQG8pgztbdddNHw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.44.75.0/24
                  192.108.115.0-192.108.118.255

    Signature Algorithm: sha256WithRSAEncryption
         a5:2d:47:93:75:00:9a:98:0d:5c:e4:f7:83:ef:0a:d0:30:2c:
         ce:52:43:6a:29:05:e2:07:51:0e:81:07:e7:0e:d0:32:1a:28:
         08:55:31:25:30:74:d0:f6:96:de:0d:19:f7:f3:74:89:9f:88:
         da:ce:68:b3:d7:b2:c7:da:f0:4f:34:c7:99:f7:1a:1b:ad:35:
         a7:85:28:4e:8e:d1:ad:7e:08:8d:77:33:24:42:ff:16:1f:dd:
         6d:e0:74:6e:01:9a:00:60:e8:69:03:8f:3b:88:c4:e6:69:db:
         10:e2:5a:8b:d0:18:86:41:cd:5a:9a:f3:7a:2f:da:33:82:73:
         01:f1:c1:80:da:e4:f3:b8:af:2a:e9:cd:d8:f7:54:fd:89:27:
         ec:d1:4a:e4:fe:49:46:04:5f:d7:f7:f3:60:56:03:a3:aa:4e:
         06:e9:eb:e7:c7:d8:df:f6:92:b0:ee:6d:6d:4d:25:49:c5:e1:
         1d:64:4b:76:72:50:9f:ed:44:84:89:77:7c:ca:39:91:68:80:
         10:23:6b:bd:13:03:3b:ea:48:cb:7b:ce:a3:be:2c:6d:bf:c0:
         dc:49:d1:fe:bb:66:76:3b:8b:6a:7d:7f:28:08:1f:0f:7e:f7:
         d2:ed:03:05:fc:b3:6c:d8:18:ae:43:97:04:b2:9c:18:fc:f4:
         05:f6:2a:80
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVtXSW2LRitMmy5uPH0DqvAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0MjY3ZjNlY2ZjYzYxNjY4ZTA1MDFiY2E2MGNlZDZkZDc1
ZDM0N2MwHhcNMjMwMTAxMTI0NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjkwNjU5ZmE5ZGIzOTI4MGQzMzY5YzhiNzBjNmM4ZjVmNWUzMGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3dL5xyM273fUK9WOJ1nOevC+oTIV
+1bP98fE7ZB+bFjXH3R5iXK5ybYBdGawNbD57YfP1pc5OPBlPJlsdcqOZL/3Q++4
3kkCrX/k98dZyhqaoJ5tcVYU5kx3eDLCf5Gs5AVlHZu1IA7lVpCdTB82Oyq1PZGZ
ve7iHzG+eBpqsi5qszGq/dZ0LCjpVFKg3HwTtMXz6e7JC03a8H8bZk5kA7oyqKZZ
tUKx3Y3NonIKOYHUyl0KBVNj9kKDUADLhVL52MEAmpN8GQt2ONJRCExlviHx49l/
yP49uEBtRFCIOIQaugi4ZHcPi3x6mDj1A+xEPbt8XKwOJWI55jiVmF4D4wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFDaQZZ+p2zkoDTNpyLcMbI9fXjD6MB8GA1UdIwQY
MBaAFHQmfz7PzGFmjgUBvKYM7W3XXTR8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZENaX1BzX01ZV2FPQlFHOHBnenRiZGRkTkh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny83MGNiODAtNGU2ZC00NmE1LWIxYjQt
NGUzZjRkNjhmNjgyLzEvTnBCbG42bmJPU2dOTTJuSXR3eHNqMTllTVBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny83MGNiODAtNGU2ZC00NmE1LWIxYjQtNGUzZjRkNjhmNjgy
LzEvZENaX1BzX01ZV2FPQlFHOHBnenRiZGRkTkh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAwCxLMAwD
BADAbHMDBADAbHYwDQYJKoZIhvcNAQELBQADggEBAKUtR5N1AJqYDVzk94PvCtAw
LM5SQ2opBeIHUQ6BB+cO0DIaKAhVMSUwdND2lt4NGffzdImfiNrOaLPXssfa8E80
x5n3GhutNaeFKE6O0a1+CI13MyRC/xYf3W3gdG4BmgBg6GkDjzuIxOZp2xDiWovQ
GIZBzVqa83ov2jOCcwHxwYDa5PO4ryrpzdj3VP2JJ+zRSuT+SUYEX9f382BWA6Oq
Tgbp6+fH2N/2krDubW1NJUnF4R1kS3ZyUJ/tRISJd3zKOZFogBAja70TAzvqSMt7
zqO+LG2/wNxJ0f67ZnY7i2p9fygIHw9+99LtAwX8s2zYGK5DlwSynBj89AX2KoA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:19 2024 by rpki-client on console-fra.rpki-client.org