Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/NqKEgGEkb3CcQ7YxsFTderYCdyk.roa
File:                     NqKEgGEkb3CcQ7YxsFTderYCdyk.roa (raw, json)
Hash identifier:          0kCIR2NYw1KI582jCqJqaXvgQJhsKy1epaZr/MXLLRY=
Subject key identifier:   36:A2:84:80:61:24:6F:70:9C:43:B6:31:B0:54:DD:7A:B6:02:77:29
Certificate issuer:       /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial:       0187C352E188A2F550F2BB428E8CBB9A6B2C
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/NqKEgGEkb3CcQ7YxsFTderYCdyk.roa
Signing time:             Thu 27 Apr 2023 15:26:41 +0000
ROA not before:           Thu 27 Apr 2023 15:26:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     202723
IP address blocks:        185.105.47.0/24 maxlen: 24
                          185.79.138.0/24 maxlen: 24
                          185.77.138.0/24 maxlen: 24
                          185.77.139.0/24 maxlen: 24
                          185.75.134.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 23 Jun 2023 06:10:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:c3:52:e1:88:a2:f5:50:f2:bb:42:8e:8c:bb:9a:6b:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
        Validity
            Not Before: Apr 27 15:26:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=36a2848061246f709c43b631b054dd7ab6027729
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:97:a9:e1:08:66:04:40:62:42:26:0a:da:47:
                    34:ba:d4:76:31:f5:14:41:cb:5e:c2:b1:28:f9:c5:
                    c7:b4:d8:7c:c4:12:45:c6:cd:fe:b1:7c:cc:81:0c:
                    17:56:ee:26:42:d7:4b:92:aa:d8:91:ec:fc:93:53:
                    94:fe:69:fc:02:f9:39:f9:a8:fc:f2:e4:aa:c3:66:
                    d4:c8:65:fe:59:91:a3:3b:7f:86:39:fa:d3:27:52:
                    f4:75:10:1b:a8:03:6b:dd:5a:9c:85:3e:0d:bc:bb:
                    ad:0e:67:9c:3f:25:e8:8a:a8:fb:83:e8:90:a8:42:
                    56:2e:e0:27:ee:bc:cb:fc:bb:b0:f6:d9:1a:e1:9d:
                    e3:84:75:78:7a:41:e2:61:a9:b9:67:05:a1:ec:5f:
                    03:ce:a0:df:9f:3b:81:99:bf:62:92:49:67:f0:8d:
                    f8:b4:b6:46:26:c6:42:55:d8:8d:b4:c9:da:32:57:
                    50:e1:1d:49:4b:e0:e4:e2:aa:5c:26:5c:22:9e:54:
                    e6:44:16:ce:35:45:7d:69:97:d4:83:92:d0:18:ae:
                    f2:2c:fb:68:f7:d6:3b:ec:fa:61:cd:4c:1c:11:ec:
                    a3:b8:6d:7d:54:c7:7f:4d:9a:f3:41:b1:e6:98:5e:
                    bd:b5:89:c7:55:ca:9b:dc:ce:e1:42:89:cb:5a:8d:
                    2c:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:A2:84:80:61:24:6F:70:9C:43:B6:31:B0:54:DD:7A:B6:02:77:29
            X509v3 Authority Key Identifier:
                keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/NqKEgGEkb3CcQ7YxsFTderYCdyk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.75.134.0/24
                  185.77.138.0/23
                  185.79.138.0/24
                  185.105.47.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9b:f3:04:32:88:12:68:01:44:36:bf:79:eb:93:b7:d0:40:c4:
         7c:15:c5:87:d7:32:42:7b:9b:50:e4:35:50:da:99:3c:fe:b1:
         b5:20:8a:f9:54:e1:03:ce:18:f6:9f:f2:83:9d:e4:80:76:41:
         57:db:89:82:2f:7c:c9:fa:06:21:46:f3:d7:f4:60:05:f7:49:
         e8:da:1a:6f:05:55:03:a3:a4:2a:5a:dc:2c:36:8b:c1:ec:ae:
         f3:b4:3d:19:40:2b:6c:ce:30:d2:45:cb:81:68:fa:9c:0f:88:
         e6:2a:2a:05:bd:f1:ec:9d:23:36:f0:0c:66:bd:37:a4:7d:e0:
         a3:b2:66:07:52:8f:1e:e9:ff:c6:a8:a5:fc:e0:c4:95:22:f0:
         06:1d:67:66:57:fe:d4:29:80:49:26:e1:cc:a3:c0:0d:ea:1f:
         82:c5:62:ec:62:24:fb:8a:e1:c3:c1:9a:6d:66:8f:c4:a7:29:
         b6:35:a7:b0:8c:57:12:58:87:c8:d6:32:db:9b:41:c1:b1:a9:
         e8:5e:d5:3a:e1:0e:88:f8:a3:3a:3e:2e:1e:d2:97:66:07:3c:
         1b:01:01:cc:d6:5b:34:c8:29:0b:e8:bf:f7:79:fa:aa:fd:0c:
         44:fa:b2:32:91:0d:f4:d8:fc:4a:bc:af:04:80:57:99:23:58:
         25:f1:5d:e8
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYfDUuGIovVQ8rtCjoy7mmssMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjMwNDI3MTUyNjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmEyODQ4MDYxMjQ2ZjcwOWM0M2I2MzFiMDU0ZGQ3YWI2MDI3NzI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZep4QhmBEBiQiYK2kc0utR2MfUU
QctewrEo+cXHtNh8xBJFxs3+sXzMgQwXVu4mQtdLkqrYkez8k1OU/mn8Avk5+aj8
8uSqw2bUyGX+WZGjO3+GOfrTJ1L0dRAbqANr3VqchT4NvLutDmecPyXoiqj7g+iQ
qEJWLuAn7rzL/Luw9tka4Z3jhHV4ekHiYam5ZwWh7F8DzqDfnzuBmb9ikkln8I34
tLZGJsZCVdiNtMnaMldQ4R1JS+Dk4qpcJlwinlTmRBbONUV9aZfUg5LQGK7yLPto
99Y77PphzUwcEeyjuG19VMd/TZrzQbHmmF69tYnHVcqb3M7hQonLWo0sHwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDaihIBhJG9wnEO2MbBU3Xq2AncpMB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvTnFLRWdHRWtiM0NjUTdZeHNGVGRlcllDZHlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAuUuGAwQB
uU2KAwQAuU+KAwQAuWkvMA0GCSqGSIb3DQEBCwUAA4IBAQCb8wQyiBJoAUQ2v3nr
k7fQQMR8FcWH1zJCe5tQ5DVQ2pk8/rG1IIr5VOEDzhj2n/KDneSAdkFX24mCL3zJ
+gYhRvPX9GAF90no2hpvBVUDo6QqWtwsNovB7K7ztD0ZQCtszjDSRcuBaPqcD4jm
KioFvfHsnSM28AxmvTekfeCjsmYHUo8e6f/GqKX84MSVIvAGHWdmV/7UKYBJJuHM
o8AN6h+CxWLsYiT7iuHDwZptZo/Epym2NaewjFcSWIfI1jLbm0HBsanoXtU64Q6I
+KM6Pi4e0pdmBzwbAQHM1ls0yCkL6L/3efqq/QxE+rIykQ302PxKvK8EgFeZI1gl
8V3o
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:59 2024 by rpki-client on console-fra.rpki-client.org