Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/d35d28-8ac1-459a-9129-3f7039345289/1/nlOe-plmReREfUgO21C66WiN7hQ.roa
File:                     nlOe-plmReREfUgO21C66WiN7hQ.roa (raw, json)
Hash identifier:          OKZodksxOs7RVFSzlYLkr29rICN+/wYBW4J2lrWr4rE=
Subject key identifier:   9E:53:9E:FA:99:66:45:E4:44:7D:48:0E:DB:50:BA:E9:68:8D:EE:14
Certificate issuer:       /CN=496e79694637ee05579e1804c14d851e382a14c8
Certificate serial:       01856F02529658046137EF96082492FE215B
Authority key identifier: 49:6E:79:69:46:37:EE:05:57:9E:18:04:C1:4D:85:1E:38:2A:14:C8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SW55aUY37gVXnhgEwU2FHjgqFMg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/d35d28-8ac1-459a-9129-3f7039345289/1/nlOe-plmReREfUgO21C66WiN7hQ.roa
Signing time:             Sun 01 Jan 2023 20:25:01 +0000
ROA not before:           Sun 01 Jan 2023 20:25:01 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     35297
IP address blocks:        91.236.155.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:29:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:02:52:96:58:04:61:37:ef:96:08:24:92:fe:21:5b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=496e79694637ee05579e1804c14d851e382a14c8
        Validity
            Not Before: Jan  1 20:25:01 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9e539efa996645e4447d480edb50bae9688dee14
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:ff:64:10:a7:ab:96:73:8b:71:40:84:4c:b8:
                    a2:46:90:ac:47:77:6a:90:d1:2d:24:33:96:1b:30:
                    bb:50:b0:68:5c:5b:1a:d8:1c:c6:0e:c4:8a:f5:94:
                    59:9b:3b:5f:a6:31:71:f9:6b:1e:0a:45:5a:f1:d5:
                    28:48:76:35:32:21:ec:84:9e:44:22:1c:87:0a:07:
                    ac:83:a4:2e:8f:49:bd:18:0f:ac:60:05:f9:71:bb:
                    ff:5d:81:4b:23:63:56:1c:9f:c1:22:31:37:d0:b1:
                    b8:e6:e8:74:34:f8:2f:a4:26:6e:5d:ca:78:0e:00:
                    c0:e6:f3:74:b0:53:e0:14:13:ca:22:f2:c3:b5:ef:
                    0e:9f:ae:2b:a0:2b:a5:f3:1f:1a:62:0c:52:ee:1b:
                    a9:03:0b:90:b8:7d:fa:4e:e5:ed:9d:b3:63:9b:28:
                    ae:73:98:93:74:5c:82:7b:f6:9d:b3:03:c9:df:5b:
                    7b:0a:14:fe:31:c8:fc:5d:e8:85:1e:e6:c1:76:1c:
                    2b:88:bd:d7:88:71:cb:27:71:fb:4e:4f:a3:0b:2c:
                    70:7d:f4:1e:87:d9:66:8f:56:11:1c:3f:48:11:25:
                    9b:72:a5:75:40:f4:e8:45:81:b4:e0:44:df:c8:ce:
                    18:d1:10:f8:e0:79:c0:7a:c1:d5:a3:f8:8e:8e:07:
                    57:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:53:9E:FA:99:66:45:E4:44:7D:48:0E:DB:50:BA:E9:68:8D:EE:14
            X509v3 Authority Key Identifier:
                keyid:49:6E:79:69:46:37:EE:05:57:9E:18:04:C1:4D:85:1E:38:2A:14:C8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SW55aUY37gVXnhgEwU2FHjgqFMg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/d35d28-8ac1-459a-9129-3f7039345289/1/nlOe-plmReREfUgO21C66WiN7hQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/d35d28-8ac1-459a-9129-3f7039345289/1/SW55aUY37gVXnhgEwU2FHjgqFMg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.236.155.0/24

    Signature Algorithm: sha256WithRSAEncryption
         13:33:47:97:07:3d:d1:9a:39:12:cf:ae:47:e7:b6:9a:87:56:
         00:8f:61:81:a0:65:9b:b2:db:e5:9c:ba:dd:db:f4:ab:98:24:
         7c:38:d9:3a:a2:72:2a:30:26:c3:6b:c0:f4:e9:a4:99:17:18:
         f4:f5:66:64:de:e9:7c:24:0e:b0:ba:2d:12:e0:07:ab:26:f4:
         45:8c:1a:84:4b:7e:05:4e:90:93:95:df:ea:02:f4:a7:c0:9a:
         7c:ce:ef:61:e3:65:d6:cd:d1:83:39:bc:c2:d7:e4:57:23:8c:
         2b:15:a6:95:fe:24:98:85:c8:f6:66:8c:8e:7e:f4:50:3f:bc:
         81:b6:44:a2:18:71:4f:f4:95:68:b2:45:26:57:6d:30:88:6d:
         e4:21:5f:23:dd:35:71:95:df:4e:14:2b:3d:8e:00:33:c7:82:
         27:5c:6d:ab:16:77:ab:e0:fc:27:4c:2c:f6:cb:5d:72:a3:e6:
         44:5c:f4:03:e1:ee:1b:8c:6c:5c:fc:22:a6:1a:96:2c:25:2b:
         67:9f:5f:df:c6:d7:2c:76:a4:6b:3e:f6:46:56:a2:ff:f4:45:
         61:85:25:48:a0:06:87:27:1a:7b:41:d3:29:4c:0b:29:44:a1:
         80:0d:63:c2:7b:47:69:ab:c3:b1:b6:14:e5:89:99:79:ab:1d:
         7a:e1:25:e7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvAlKWWARhN++WCCSS/iFbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5NmU3OTY5NDYzN2VlMDU1NzllMTgwNGMxNGQ4NTFlMzgy
YTE0YzgwHhcNMjMwMTAxMjAyNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTUzOWVmYTk5NjY0NWU0NDQ3ZDQ4MGVkYjUwYmFlOTY4OGRlZTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhv9kEKerlnOLcUCETLiiRpCsR3dq
kNEtJDOWGzC7ULBoXFsa2BzGDsSK9ZRZmztfpjFx+WseCkVa8dUoSHY1MiHshJ5E
IhyHCgesg6Quj0m9GA+sYAX5cbv/XYFLI2NWHJ/BIjE30LG45uh0NPgvpCZuXcp4
DgDA5vN0sFPgFBPKIvLDte8On64roCul8x8aYgxS7hupAwuQuH36TuXtnbNjmyiu
c5iTdFyCe/adswPJ31t7ChT+Mcj8XeiFHubBdhwriL3XiHHLJ3H7Tk+jCyxwffQe
h9lmj1YRHD9IESWbcqV1QPToRYG04ETfyM4Y0RD44HnAesHVo/iOjgdXAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ5TnvqZZkXkRH1IDttQuuloje4UMB8GA1UdIwQY
MBaAFElueWlGN+4FV54YBMFNhR44KhTIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1c1NWFVWTM3Z1ZYbmhnRXdVMkZIamdxRk1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9kMzVkMjgtOGFjMS00NTlhLTkxMjkt
M2Y3MDM5MzQ1Mjg5LzEvbmxPZS1wbG1SZVJFZlVnTzIxQzY2V2lON2hRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9kMzVkMjgtOGFjMS00NTlhLTkxMjktM2Y3MDM5MzQ1Mjg5
LzEvU1c1NWFVWTM3Z1ZYbmhnRXdVMkZIamdxRk1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+ybMA0G
CSqGSIb3DQEBCwUAA4IBAQATM0eXBz3RmjkSz65H57aah1YAj2GBoGWbstvlnLrd
2/SrmCR8ONk6onIqMCbDa8D06aSZFxj09WZk3ul8JA6wui0S4AerJvRFjBqES34F
TpCTld/qAvSnwJp8zu9h42XWzdGDObzC1+RXI4wrFaaV/iSYhcj2ZoyOfvRQP7yB
tkSiGHFP9JVoskUmV20wiG3kIV8j3TVxld9OFCs9jgAzx4InXG2rFner4PwnTCz2
y11yo+ZEXPQD4e4bjGxc/CKmGpYsJStnn1/fxtcsdqRrPvZGVqL/9EVhhSVIoAaH
Jxp7QdMpTAspRKGADWPCe0dpq8OxthTliZl5qx164SXn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:58 2024 by rpki-client on console-fra.rpki-client.org