Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/f4ab5f-e6c2-48b8-94ec-49178296de86/1/NUZHn_r91qVKFrhN0269UKC7F9Y.roa
File:                     NUZHn_r91qVKFrhN0269UKC7F9Y.roa (raw, json)
Hash identifier:          FCSr6nUgZ33XS0stEZoAzW2GY8oRY0zOAhOHUNPb8Vo=
Subject key identifier:   35:46:47:9F:FA:FD:D6:A5:4A:16:B8:4D:D3:6E:BD:50:A0:BB:17:D6
Certificate issuer:       /CN=0b58c921cb3e9c81ddc316ff039cb9c36d2a4390
Certificate serial:       018C648682E3D517D52D42AE5F9B82ED2CEE
Authority key identifier: 0B:58:C9:21:CB:3E:9C:81:DD:C3:16:FF:03:9C:B9:C3:6D:2A:43:90
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/C1jJIcs-nIHdwxb_A5y5w20qQ5A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8c/f4ab5f-e6c2-48b8-94ec-49178296de86/1/NUZHn_r91qVKFrhN0269UKC7F9Y.roa
Signing time:             Wed 13 Dec 2023 18:53:06 +0000
ROA not before:           Wed 13 Dec 2023 18:53:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     40401
IP address blocks:        45.11.36.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:30:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:64:86:82:e3:d5:17:d5:2d:42:ae:5f:9b:82:ed:2c:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0b58c921cb3e9c81ddc316ff039cb9c36d2a4390
        Validity
            Not Before: Dec 13 18:53:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3546479ffafdd6a54a16b84dd36ebd50a0bb17d6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:8c:f1:6c:c0:88:47:9b:f2:a5:58:55:32:27:
                    10:b1:0d:11:dc:ef:80:ed:95:30:c9:e5:0f:b1:54:
                    e7:04:d2:31:17:84:cd:f1:0d:3c:b6:7c:f4:fd:39:
                    1b:0a:35:9b:79:8f:3e:06:54:b8:4b:a4:3e:9a:43:
                    93:d6:3a:a4:34:01:8f:00:a6:e2:22:b1:4b:aa:e9:
                    4e:9a:40:d1:93:32:ba:1a:bf:44:57:5e:a7:53:8f:
                    f5:de:af:c6:d6:43:de:af:6b:04:d9:96:7d:5b:02:
                    c2:ed:29:86:a3:38:d0:07:be:44:63:39:66:4d:83:
                    03:af:67:13:36:26:f8:01:82:9a:71:82:93:57:13:
                    9e:58:7e:43:18:52:09:48:56:24:ad:0e:c7:d4:de:
                    61:fe:53:c7:a2:e0:a0:dd:d2:72:d6:fe:8f:a6:71:
                    0a:ea:64:c3:50:9f:91:62:49:5e:78:70:e2:c3:07:
                    86:6c:b1:16:8d:87:39:b1:69:0e:d8:74:e7:72:29:
                    d6:3e:7e:1f:af:aa:14:e6:8e:25:a6:82:46:e9:2f:
                    b7:98:b0:a2:50:3f:3a:ab:b4:fc:36:dd:d0:02:93:
                    9f:b1:6d:fd:5a:24:c7:55:8f:30:c2:88:37:74:23:
                    91:cc:1e:ae:22:45:0c:34:f4:f8:1c:d1:75:11:1c:
                    b4:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:46:47:9F:FA:FD:D6:A5:4A:16:B8:4D:D3:6E:BD:50:A0:BB:17:D6
            X509v3 Authority Key Identifier:
                keyid:0B:58:C9:21:CB:3E:9C:81:DD:C3:16:FF:03:9C:B9:C3:6D:2A:43:90

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C1jJIcs-nIHdwxb_A5y5w20qQ5A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/f4ab5f-e6c2-48b8-94ec-49178296de86/1/NUZHn_r91qVKFrhN0269UKC7F9Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/f4ab5f-e6c2-48b8-94ec-49178296de86/1/C1jJIcs-nIHdwxb_A5y5w20qQ5A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.11.36.0/22

    Signature Algorithm: sha256WithRSAEncryption
         28:ef:bd:0f:c4:d9:f7:74:ce:44:1a:6a:45:dd:61:ed:7a:70:
         7e:6c:5c:7a:9b:d5:22:c0:5f:6e:60:09:9c:43:62:e2:f9:ad:
         a6:33:94:af:08:91:22:bc:43:7a:6e:c1:38:6d:4c:29:de:ca:
         63:c0:3a:19:80:0b:01:a6:4a:81:4a:97:5b:e8:ce:d9:cf:59:
         b6:fd:7b:e0:e5:6d:75:0a:90:f5:51:3f:c4:63:de:8c:8a:7e:
         5c:7c:70:6d:3a:fc:f2:1a:8c:ad:ae:a2:18:aa:e2:c5:b0:26:
         97:d7:48:ae:eb:5f:f0:4c:4a:42:ab:f1:09:b5:c3:fb:60:3d:
         64:4b:70:94:12:9e:73:c7:99:8a:5e:e6:7b:ab:1d:05:fc:50:
         a1:c3:ab:56:0f:6c:bb:fb:c7:96:aa:0e:9d:9c:68:54:4e:f3:
         a1:58:64:c2:1e:b5:31:f3:90:31:e8:17:9b:90:f2:b7:4d:bb:
         fa:ed:92:40:fe:20:b9:85:39:6c:d0:c4:38:8d:93:00:0f:c6:
         09:c4:4e:d0:7e:4c:34:0e:d2:28:1c:37:77:0a:03:64:bc:b4:
         c7:b1:01:34:d1:4c:8e:70:91:e6:c4:1f:6b:4d:81:92:59:23:
         4a:3b:bb:ed:0d:d0:42:34:a5:80:e3:aa:9c:63:6b:b6:dc:37:
         43:1b:aa:1c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxkhoLj1RfVLUKuX5uC7SzuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNThjOTIxY2IzZTljODFkZGMzMTZmZjAzOWNiOWMzNmQy
YTQzOTAwHhcNMjMxMjEzMTg1MzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTQ2NDc5ZmZhZmRkNmE1NGExNmI4NGRkMzZlYmQ1MGEwYmIxN2Q2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1IzxbMCIR5vypVhVMicQsQ0R3O+A
7ZUwyeUPsVTnBNIxF4TN8Q08tnz0/TkbCjWbeY8+BlS4S6Q+mkOT1jqkNAGPAKbi
IrFLqulOmkDRkzK6Gr9EV16nU4/13q/G1kPer2sE2ZZ9WwLC7SmGozjQB75EYzlm
TYMDr2cTNib4AYKacYKTVxOeWH5DGFIJSFYkrQ7H1N5h/lPHouCg3dJy1v6PpnEK
6mTDUJ+RYkleeHDiwweGbLEWjYc5sWkO2HTncinWPn4fr6oU5o4lpoJG6S+3mLCi
UD86q7T8Nt3QApOfsW39WiTHVY8wwog3dCORzB6uIkUMNPT4HNF1ERy0fwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDVGR5/6/dalSha4TdNuvVCguxfWMB8GA1UdIwQY
MBaAFAtYySHLPpyB3cMW/wOcucNtKkOQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzFqSkljcy1uSUhkd3hiX0E1eTV3MjBxUTVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9mNGFiNWYtZTZjMi00OGI4LTk0ZWMt
NDkxNzgyOTZkZTg2LzEvTlVaSG5fcjkxcVZLRnJoTjAyNjlVS0M3RjlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9mNGFiNWYtZTZjMi00OGI4LTk0ZWMtNDkxNzgyOTZkZTg2
LzEvQzFqSkljcy1uSUhkd3hiX0E1eTV3MjBxUTVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLQskMA0G
CSqGSIb3DQEBCwUAA4IBAQAo770PxNn3dM5EGmpF3WHtenB+bFx6m9UiwF9uYAmc
Q2Li+a2mM5SvCJEivEN6bsE4bUwp3spjwDoZgAsBpkqBSpdb6M7Zz1m2/Xvg5W11
CpD1UT/EY96Min5cfHBtOvzyGoytrqIYquLFsCaX10iu61/wTEpCq/EJtcP7YD1k
S3CUEp5zx5mKXuZ7qx0F/FChw6tWD2y7+8eWqg6dnGhUTvOhWGTCHrUx85Ax6Beb
kPK3Tbv67ZJA/iC5hTls0MQ4jZMAD8YJxE7Qfkw0DtIoHDd3CgNkvLTHsQE00UyO
cJHmxB9rTYGSWSNKO7vtDdBCNKWA46qcY2u23DdDG6oc
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:41 2024 by rpki-client on console-fra.rpki-client.org