Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/562112-ad44-4d71-9cb9-fb7d7dca34a7/1/dtsIbNKbKPILISnbWNlTqtKmkZY.roa
File:                     dtsIbNKbKPILISnbWNlTqtKmkZY.roa (raw, json)
Hash identifier:          6RISvAVPUErtHZIg5gcSDU1wnsVMlgqN/A57gV6Yazs=
Subject key identifier:   76:DB:08:6C:D2:9B:28:F2:0B:21:29:DB:58:D9:53:AA:D2:A6:91:96
Certificate issuer:       /CN=8da03e0d020efc944c1eebdaee5427d365b70076
Certificate serial:       01857102F345DEC7E381584133966EA49170
Authority key identifier: 8D:A0:3E:0D:02:0E:FC:94:4C:1E:EB:DA:EE:54:27:D3:65:B7:00:76
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jaA-DQIO_JRMHuva7lQn02W3AHY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/89/562112-ad44-4d71-9cb9-fb7d7dca34a7/1/dtsIbNKbKPILISnbWNlTqtKmkZY.roa
Signing time:             Mon 02 Jan 2023 05:44:56 +0000
ROA not before:           Mon 02 Jan 2023 05:44:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     202561
IP address blocks:        185.200.36.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Tue 04 Jul 2023 08:18:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:02:f3:45:de:c7:e3:81:58:41:33:96:6e:a4:91:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8da03e0d020efc944c1eebdaee5427d365b70076
        Validity
            Not Before: Jan  2 05:44:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=76db086cd29b28f20b2129db58d953aad2a69196
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:bb:ba:8f:5b:85:33:7e:69:7a:04:06:26:3c:
                    9e:43:8c:77:42:16:e7:64:27:b0:99:5c:3d:33:54:
                    c9:03:ee:9e:83:00:be:1d:3f:52:e9:3a:11:2c:9f:
                    af:fe:8c:27:09:4b:e5:fa:bd:06:f4:a4:19:de:e7:
                    9e:ca:a4:89:6b:19:60:f8:fd:07:73:d9:1d:c5:ce:
                    8d:be:5e:89:2a:a7:3d:1a:d4:04:de:ae:45:13:a7:
                    26:26:a5:f6:ff:db:65:b1:a2:30:a0:f3:09:fd:59:
                    04:ac:05:16:f0:64:86:47:49:20:4a:7d:14:6a:28:
                    a1:6a:f1:8b:5c:40:b8:a3:5a:e9:82:9a:ce:3d:83:
                    fe:2c:25:5f:a1:3a:f1:bc:05:0c:83:0d:14:be:40:
                    91:ac:2f:d6:0e:29:c4:d3:5d:9f:78:95:25:e4:ea:
                    c5:ce:85:7a:4a:a4:5b:27:f1:eb:fa:f2:99:12:1a:
                    d6:a3:ab:a9:5b:be:1e:3d:5f:86:e4:11:6e:df:a1:
                    13:a4:21:e5:6a:f9:89:90:24:22:93:2f:54:47:af:
                    46:54:4a:59:bb:29:2e:d5:dc:43:57:78:5b:f3:c0:
                    dc:fa:97:6b:54:a0:b9:26:4b:ae:ac:5a:9e:d4:ab:
                    99:9f:96:7b:7c:f0:5e:f5:af:b3:aa:1d:3e:05:b1:
                    5d:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:DB:08:6C:D2:9B:28:F2:0B:21:29:DB:58:D9:53:AA:D2:A6:91:96
            X509v3 Authority Key Identifier:
                keyid:8D:A0:3E:0D:02:0E:FC:94:4C:1E:EB:DA:EE:54:27:D3:65:B7:00:76

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jaA-DQIO_JRMHuva7lQn02W3AHY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/562112-ad44-4d71-9cb9-fb7d7dca34a7/1/dtsIbNKbKPILISnbWNlTqtKmkZY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/89/562112-ad44-4d71-9cb9-fb7d7dca34a7/1/jaA-DQIO_JRMHuva7lQn02W3AHY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.200.36.0/22

    Signature Algorithm: sha256WithRSAEncryption
         91:36:de:6b:54:8c:2e:01:56:a1:84:dc:8b:2b:70:c7:45:c7:
         e0:f1:15:b5:ff:cc:c2:13:49:1f:86:31:92:95:68:f3:d5:1b:
         dc:12:36:a6:d8:16:36:bb:1e:63:2a:4d:52:c7:c2:27:70:78:
         04:55:e2:4d:42:c4:32:05:89:cb:51:a5:d0:87:0d:35:9d:fe:
         9a:1d:6b:bf:51:7c:ee:a2:5c:43:10:1e:f9:c9:47:4f:34:b7:
         88:b1:9d:8b:e1:32:83:39:54:84:90:27:fc:99:72:4a:15:1c:
         dd:02:50:a4:3b:50:97:38:33:cb:25:c2:41:bb:6a:7d:64:c2:
         aa:13:0e:bf:79:6d:50:70:c4:8a:1d:1b:23:7a:8a:67:43:89:
         26:02:f7:2b:a8:28:06:98:27:eb:b0:85:6b:e2:32:da:85:ca:
         99:01:3e:24:95:fe:5d:c2:27:39:8e:8c:52:5d:44:55:a7:7b:
         eb:6a:41:84:62:f8:53:2f:37:7f:d7:6f:61:95:6d:1a:d7:f4:
         9c:5f:92:3a:15:c6:34:de:3a:21:fc:cc:9e:61:ff:16:57:ce:
         14:3b:d5:68:d3:92:6b:e7:9a:74:66:23:f2:1b:dd:c4:d0:0c:
         f1:f3:ef:30:53:13:89:61:51:c4:03:f6:ea:08:a0:d4:25:47:
         ee:ab:13:a2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxAvNF3sfjgVhBM5ZupJFwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkYTAzZTBkMDIwZWZjOTQ0YzFlZWJkYWVlNTQyN2QzNjVi
NzAwNzYwHhcNMjMwMTAyMDU0NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmRiMDg2Y2QyOWIyOGYyMGIyMTI5ZGI1OGQ5NTNhYWQyYTY5MTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw7u6j1uFM35pegQGJjyeQ4x3Qhbn
ZCewmVw9M1TJA+6egwC+HT9S6ToRLJ+v/ownCUvl+r0G9KQZ3ueeyqSJaxlg+P0H
c9kdxc6Nvl6JKqc9GtQE3q5FE6cmJqX2/9tlsaIwoPMJ/VkErAUW8GSGR0kgSn0U
aiihavGLXEC4o1rpgprOPYP+LCVfoTrxvAUMgw0UvkCRrC/WDinE012feJUl5OrF
zoV6SqRbJ/Hr+vKZEhrWo6upW74ePV+G5BFu36ETpCHlavmJkCQiky9UR69GVEpZ
uyku1dxDV3hb88Dc+pdrVKC5JkuurFqe1KuZn5Z7fPBe9a+zqh0+BbFdpQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHbbCGzSmyjyCyEp21jZU6rSppGWMB8GA1UdIwQY
MBaAFI2gPg0CDvyUTB7r2u5UJ9NltwB2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamFBLURRSU9fSlJNSHV2YTdsUW4wMlczQUhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS81NjIxMTItYWQ0NC00ZDcxLTljYjkt
ZmI3ZDdkY2EzNGE3LzEvZHRzSWJOS2JLUElMSVNuYldObFRxdEtta1pZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS81NjIxMTItYWQ0NC00ZDcxLTljYjktZmI3ZDdkY2EzNGE3
LzEvamFBLURRSU9fSlJNSHV2YTdsUW4wMlczQUhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucgkMA0G
CSqGSIb3DQEBCwUAA4IBAQCRNt5rVIwuAVahhNyLK3DHRcfg8RW1/8zCE0kfhjGS
lWjz1RvcEjam2BY2ux5jKk1Sx8IncHgEVeJNQsQyBYnLUaXQhw01nf6aHWu/UXzu
olxDEB75yUdPNLeIsZ2L4TKDOVSEkCf8mXJKFRzdAlCkO1CXODPLJcJBu2p9ZMKq
Ew6/eW1QcMSKHRsjeopnQ4kmAvcrqCgGmCfrsIVr4jLahcqZAT4klf5dwic5joxS
XURVp3vrakGEYvhTLzd/129hlW0a1/ScX5I6FcY03joh/MyeYf8WV84UO9Vo05Jr
55p0ZiPyG93E0Azx8+8wUxOJYVHEA/bqCKDUJUfuqxOi
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:01 2024 by rpki-client on console-ams.rpki-client.org