Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/90d366-2fab-47e5-90b9-0265e5cd6966/1/Nttx-x4Oa4cn2e1bx1UkYKj3wcg.roa
File:                     Nttx-x4Oa4cn2e1bx1UkYKj3wcg.roa (raw, json)
Hash identifier:          iBfzhflnnHY6mxlbtiXlRIfd0xsJfshIbjnvW9Q1sqY=
Subject key identifier:   36:DB:71:FB:1E:0E:6B:87:27:D9:ED:5B:C7:55:24:60:A8:F7:C1:C8
Certificate issuer:       /CN=f324d0f47297680535eb2799189db888b4066782
Certificate serial:       0185737AA811101AB0AF42947F2B27A638CF
Authority key identifier: F3:24:D0:F4:72:97:68:05:35:EB:27:99:18:9D:B8:88:B4:06:67:82
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8yTQ9HKXaAU16yeZGJ24iLQGZ4I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/90d366-2fab-47e5-90b9-0265e5cd6966/1/Nttx-x4Oa4cn2e1bx1UkYKj3wcg.roa
Signing time:             Mon 02 Jan 2023 17:14:56 +0000
ROA not before:           Mon 02 Jan 2023 17:14:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     30848
IP address blocks:        185.90.68.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:7a:a8:11:10:1a:b0:af:42:94:7f:2b:27:a6:38:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f324d0f47297680535eb2799189db888b4066782
        Validity
            Not Before: Jan  2 17:14:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=36db71fb1e0e6b8727d9ed5bc7552460a8f7c1c8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:ea:c1:40:cb:b2:7f:75:15:cb:a4:1a:ef:f5:
                    31:5a:58:1d:36:11:0b:0e:b6:7b:ff:a2:be:e9:09:
                    6b:1c:7c:af:ff:be:6e:23:ed:1c:78:11:c3:87:3c:
                    5c:7e:93:15:88:2a:a9:5d:7c:b6:18:64:c8:eb:47:
                    d6:12:fd:63:9d:cd:c1:5e:8c:da:1f:06:8b:af:eb:
                    0c:bf:41:a8:35:fd:a5:19:f7:97:e8:c3:68:18:71:
                    da:a7:65:f7:21:5f:28:76:2d:ab:b4:46:ae:02:24:
                    32:a3:fc:6f:ed:10:df:17:91:44:f4:60:68:cd:97:
                    47:ad:10:a1:43:36:bd:46:41:3e:c8:dd:38:c5:6a:
                    14:76:5c:71:e1:ba:73:8f:ac:be:93:a6:88:66:27:
                    ad:d0:76:b5:5f:1b:9f:78:3b:83:aa:78:40:4b:42:
                    ae:60:a4:27:94:bb:53:ba:4c:50:ca:87:ee:24:e1:
                    e0:d2:f6:df:74:24:3d:ce:74:16:7e:45:06:68:f4:
                    2b:43:c2:e9:16:c1:e5:a8:ef:99:78:24:8e:24:7a:
                    62:94:29:ce:51:fa:5f:a5:e2:48:d2:ae:3e:49:f8:
                    60:30:0d:cd:b7:9f:b6:ed:26:b1:1b:39:06:5d:ac:
                    c3:56:08:be:11:4a:09:3c:80:46:a4:95:d6:35:94:
                    ce:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:DB:71:FB:1E:0E:6B:87:27:D9:ED:5B:C7:55:24:60:A8:F7:C1:C8
            X509v3 Authority Key Identifier:
                keyid:F3:24:D0:F4:72:97:68:05:35:EB:27:99:18:9D:B8:88:B4:06:67:82

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8yTQ9HKXaAU16yeZGJ24iLQGZ4I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/90d366-2fab-47e5-90b9-0265e5cd6966/1/Nttx-x4Oa4cn2e1bx1UkYKj3wcg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/90d366-2fab-47e5-90b9-0265e5cd6966/1/8yTQ9HKXaAU16yeZGJ24iLQGZ4I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.90.68.0/22

    Signature Algorithm: sha256WithRSAEncryption
         9f:c2:2a:2a:b9:15:b4:44:40:f4:d8:86:41:21:ae:02:9d:10:
         d2:c2:47:fc:95:f2:7f:79:5d:fe:71:40:c8:fb:14:5f:ec:23:
         e9:cc:a1:d6:52:5e:a2:39:c9:7e:6e:15:28:15:ac:4a:6a:3e:
         fc:92:fe:c7:63:8b:1f:a2:a8:dd:77:73:46:25:55:68:a1:36:
         ea:79:92:97:02:b7:92:d4:8b:1b:c1:ed:6a:92:31:23:4e:b5:
         bc:b9:44:ab:98:b3:86:c8:fa:5e:a6:aa:24:fd:1a:60:11:45:
         71:41:70:92:0c:b6:d3:08:73:cd:51:29:4a:d7:3f:fd:ba:78:
         81:73:25:ab:9a:1b:01:60:f1:11:7a:de:0d:2b:d5:c1:2c:a7:
         8b:df:ae:5c:bc:76:9a:f9:c3:df:eb:22:67:51:3a:3c:b5:f0:
         2b:0b:1e:b5:d5:5e:32:4a:ac:da:34:bd:a3:5d:ac:87:fe:dc:
         af:69:8e:78:0d:2b:57:4c:0a:ba:43:e4:4a:f3:35:15:fc:1b:
         0e:ba:15:7b:dd:24:0b:d3:9d:b0:5c:60:2b:68:d6:ff:10:16:
         0a:29:2a:50:49:46:4e:4c:f3:9c:df:71:8b:e3:cf:8f:48:3c:
         76:2c:63:07:39:d3:e8:be:28:f1:40:ec:19:c7:d2:2c:f3:e3:
         eb:a6:dc:b6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzeqgREBqwr0KUfysnpjjPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzMjRkMGY0NzI5NzY4MDUzNWViMjc5OTE4OWRiODg4YjQw
NjY3ODIwHhcNMjMwMTAyMTcxNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmRiNzFmYjFlMGU2Yjg3MjdkOWVkNWJjNzU1MjQ2MGE4ZjdjMWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp+rBQMuyf3UVy6Qa7/UxWlgdNhEL
DrZ7/6K+6QlrHHyv/75uI+0ceBHDhzxcfpMViCqpXXy2GGTI60fWEv1jnc3BXoza
HwaLr+sMv0GoNf2lGfeX6MNoGHHap2X3IV8odi2rtEauAiQyo/xv7RDfF5FE9GBo
zZdHrRChQza9RkE+yN04xWoUdlxx4bpzj6y+k6aIZiet0Ha1XxufeDuDqnhAS0Ku
YKQnlLtTukxQyofuJOHg0vbfdCQ9znQWfkUGaPQrQ8LpFsHlqO+ZeCSOJHpilCnO
UfpfpeJI0q4+SfhgMA3Nt5+27SaxGzkGXazDVgi+EUoJPIBGpJXWNZTOgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDbbcfseDmuHJ9ntW8dVJGCo98HIMB8GA1UdIwQY
MBaAFPMk0PRyl2gFNesnmRiduIi0BmeCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHlUUTlIS1hhQVUxNnllWkdKMjRpTFFHWjRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC85MGQzNjYtMmZhYi00N2U1LTkwYjkt
MDI2NWU1Y2Q2OTY2LzEvTnR0eC14NE9hNGNuMmUxYngxVWtZS2ozd2NnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC85MGQzNjYtMmZhYi00N2U1LTkwYjktMDI2NWU1Y2Q2OTY2
LzEvOHlUUTlIS1hhQVUxNnllWkdKMjRpTFFHWjRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVpEMA0G
CSqGSIb3DQEBCwUAA4IBAQCfwioquRW0RED02IZBIa4CnRDSwkf8lfJ/eV3+cUDI
+xRf7CPpzKHWUl6iOcl+bhUoFaxKaj78kv7HY4sfoqjdd3NGJVVooTbqeZKXAreS
1Isbwe1qkjEjTrW8uUSrmLOGyPpepqok/RpgEUVxQXCSDLbTCHPNUSlK1z/9uniB
cyWrmhsBYPERet4NK9XBLKeL365cvHaa+cPf6yJnUTo8tfArCx611V4ySqzaNL2j
XayH/tyvaY54DStXTAq6Q+RK8zUV/BsOuhV73SQL052wXGAraNb/EBYKKSpQSUZO
TPOc33GL48+PSDx2LGMHOdPovijxQOwZx9Is8+Prpty2
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:21 2024 by rpki-client on console-ams.rpki-client.org