Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/Nk3yoi-CKmS3NtatYhFYQapSI7Y.roa
File:                     Nk3yoi-CKmS3NtatYhFYQapSI7Y.roa (raw, json)
Hash identifier:          ruTknokmPogCPzetjhmXXGZ/kF/sctsKwxvD18w75Co=
Subject key identifier:   36:4D:F2:A2:2F:82:2A:64:B7:36:D6:AD:62:11:58:41:AA:52:23:B6
Certificate issuer:       /CN=66feef09c450990af34779ce701be6cd54b3d924
Certificate serial:       0189ABBD27B6BB40732B03A66DC4F23A7B86
Authority key identifier: 66:FE:EF:09:C4:50:99:0A:F3:47:79:CE:70:1B:E6:CD:54:B3:D9:24
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/Nk3yoi-CKmS3NtatYhFYQapSI7Y.roa
Signing time:             Mon 31 Jul 2023 11:37:27 +0000
ROA not before:           Mon 31 Jul 2023 11:37:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        83.168.125.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:ab:bd:27:b6:bb:40:73:2b:03:a6:6d:c4:f2:3a:7b:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=66feef09c450990af34779ce701be6cd54b3d924
        Validity
            Not Before: Jul 31 11:37:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=364df2a22f822a64b736d6ad62115841aa5223b6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:b3:0f:6c:f3:07:56:29:c7:23:45:0a:1f:ff:
                    c8:ff:ef:f5:6d:8a:b4:e3:7f:8c:2f:67:4f:88:73:
                    50:d5:00:70:0e:82:af:61:49:2e:86:d2:94:90:7f:
                    e6:53:36:ff:05:db:a4:20:dc:08:10:17:1e:c1:c0:
                    6a:8b:79:25:a6:87:5d:92:cb:64:48:7f:3a:bc:c9:
                    01:0c:8f:61:5b:96:19:b3:17:e9:c2:0c:fc:28:a2:
                    c5:78:7a:bb:c4:02:be:f0:ac:52:d6:44:64:d1:4e:
                    92:94:56:72:81:9a:89:5f:51:26:57:61:32:98:af:
                    a3:a3:3c:93:c7:51:21:81:7f:24:39:e5:c3:92:7a:
                    ae:90:ef:f3:4a:1a:2d:d8:8a:7f:e4:71:f6:cb:53:
                    fb:ff:a2:56:4d:9f:44:f1:08:51:b4:dc:e6:99:4e:
                    33:d9:7c:4e:17:39:f1:48:a9:44:12:54:aa:f4:d5:
                    ff:f5:63:cf:ad:f3:53:da:2d:c6:35:a9:62:4e:43:
                    22:f7:7c:66:f9:23:20:89:cf:16:06:b5:b7:d3:bb:
                    ad:1b:ca:5e:8a:d5:84:74:7e:ca:1a:42:e8:8b:c2:
                    45:c7:31:04:f4:7f:cc:8e:8e:8e:9e:72:02:88:64:
                    6d:d9:44:38:04:bc:9d:90:81:a6:ff:95:f5:02:29:
                    7d:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:4D:F2:A2:2F:82:2A:64:B7:36:D6:AD:62:11:58:41:AA:52:23:B6
            X509v3 Authority Key Identifier:
                keyid:66:FE:EF:09:C4:50:99:0A:F3:47:79:CE:70:1B:E6:CD:54:B3:D9:24

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/Nk3yoi-CKmS3NtatYhFYQapSI7Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  83.168.125.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b2:e1:18:a7:04:4d:90:e5:07:eb:c5:a5:c0:3a:3c:c6:aa:4b:
         b0:07:7b:1f:c1:36:6d:2c:6a:83:b6:89:b3:b2:15:8f:4d:fe:
         6d:41:b2:01:70:ff:86:82:f5:2b:45:c9:e1:80:d2:67:53:a0:
         ef:03:37:b3:a5:da:02:7f:53:bd:85:8c:93:de:65:a5:05:b8:
         86:7c:c4:b8:15:ff:03:3a:2e:58:ad:8c:f6:2f:b5:a3:92:39:
         49:30:6e:be:28:f4:08:4d:c6:fb:a3:70:08:de:86:cd:5f:d2:
         73:14:e6:64:2c:f2:0b:83:18:ae:45:f2:1a:7a:54:ff:63:87:
         76:f2:8c:d3:40:be:c9:ca:11:f6:c9:5f:28:f9:4c:86:36:37:
         77:36:4a:55:5f:00:a3:7f:91:f4:1f:dc:23:37:83:50:3f:ba:
         c5:69:c7:d9:3e:a1:15:06:3c:71:bc:ff:85:44:19:2f:60:d9:
         c6:2a:79:3a:25:8d:eb:82:6d:21:0b:4c:ab:db:01:1c:db:78:
         32:f9:2d:2b:87:af:f8:7c:5d:3b:72:8e:cb:ae:2a:58:c5:c7:
         1f:5d:78:04:66:46:fb:4e:af:95:a3:c8:ba:66:de:5e:dc:b3:
         ec:d0:18:63:b7:31:d2:44:f0:16:20:8a:90:8a:f1:37:b5:bd:
         cb:fa:9e:a8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYmrvSe2u0BzKwOmbcTyOnuGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZmVlZjA5YzQ1MDk5MGFmMzQ3NzljZTcwMWJlNmNkNTRi
M2Q5MjQwHhcNMjMwNzMxMTEzNzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjRkZjJhMjJmODIyYTY0YjczNmQ2YWQ2MjExNTg0MWFhNTIyM2I2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAibMPbPMHVinHI0UKH//I/+/1bYq0
43+ML2dPiHNQ1QBwDoKvYUkuhtKUkH/mUzb/BdukINwIEBcewcBqi3klpoddkstk
SH86vMkBDI9hW5YZsxfpwgz8KKLFeHq7xAK+8KxS1kRk0U6SlFZygZqJX1EmV2Ey
mK+jozyTx1EhgX8kOeXDknqukO/zShot2Ip/5HH2y1P7/6JWTZ9E8QhRtNzmmU4z
2XxOFznxSKlEElSq9NX/9WPPrfNT2i3GNaliTkMi93xm+SMgic8WBrW307utG8pe
itWEdH7KGkLoi8JFxzEE9H/Mjo6OnnICiGRt2UQ4BLydkIGm/5X1Ail93QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDZN8qIvgipktzbWrWIRWEGqUiO2MB8GA1UdIwQY
MBaAFGb+7wnEUJkK80d5znAb5s1Us9kkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnY3dkNjUlFtUXJ6UjNuT2NCdm16VlN6MlNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9hMTU5N2ItNmVmMi00NDMwLWFhNTYt
ODI0NTFmMzNmNGNhLzEvTmszeW9pLUNLbVMzTnRhdFloRllRYXBTSTdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9hMTU5N2ItNmVmMi00NDMwLWFhNTYtODI0NTFmMzNmNGNh
LzEvWnY3dkNjUlFtUXJ6UjNuT2NCdm16VlN6MlNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAU6h9MA0G
CSqGSIb3DQEBCwUAA4IBAQCy4RinBE2Q5QfrxaXAOjzGqkuwB3sfwTZtLGqDtomz
shWPTf5tQbIBcP+GgvUrRcnhgNJnU6DvAzezpdoCf1O9hYyT3mWlBbiGfMS4Ff8D
Oi5YrYz2L7WjkjlJMG6+KPQITcb7o3AI3obNX9JzFOZkLPILgxiuRfIaelT/Y4d2
8ozTQL7JyhH2yV8o+UyGNjd3NkpVXwCjf5H0H9wjN4NQP7rFacfZPqEVBjxxvP+F
RBkvYNnGKnk6JY3rgm0hC0yr2wEc23gy+S0rh6/4fF07co7LripYxccfXXgEZkb7
Tq+Vo8i6Zt5e3LPs0BhjtzHSRPAWIIqQivE3tb3L+p6o
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:38 2024 by rpki-client on console-fra.rpki-client.org