Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/NkGNcy-mltqHKSpFyuG9D84hfmA.roa
File:                     NkGNcy-mltqHKSpFyuG9D84hfmA.roa (raw, json)
Hash identifier:          yzEiYRyRDj0zfHh0kejRS1sKCVC+Bd4oZmzuiBp0m00=
Subject key identifier:   36:41:8D:73:2F:A6:96:DA:87:29:2A:45:CA:E1:BD:0F:CE:21:7E:60
Certificate issuer:       /CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Certificate serial:       0187FFC58C5F4287E806473DCE2FE4D0F396
Authority key identifier: F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/NkGNcy-mltqHKSpFyuG9D84hfmA.roa
Signing time:             Tue 09 May 2023 09:09:09 +0000
ROA not before:           Tue 09 May 2023 09:09:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204650
IP address blocks:        185.243.49.0/24 maxlen: 24
                          185.243.48.0/22 maxlen: 22
                          185.215.231.0/24 maxlen: 24
                          185.124.172.0/22 maxlen: 24
                          178.239.159.0/24 maxlen: 24
                          178.239.154.0/24 maxlen: 24
                          185.26.34.0/23 maxlen: 24
                          185.124.173.0/24 maxlen: 24
                          185.124.175.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 17 May 2023 06:41:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:ff:c5:8c:5f:42:87:e8:06:47:3d:ce:2f:e4:d0:f3:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f13533399f55eb52e6b2200c7cae4272b74d6464
        Validity
            Not Before: May  9 09:09:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=36418d732fa696da87292a45cae1bd0fce217e60
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:fc:85:e2:94:cd:1f:7e:57:5d:0b:1a:c4:46:
                    ad:c4:f5:2b:d5:eb:d0:9d:af:06:62:34:4c:e3:49:
                    0d:38:2b:87:e7:c7:70:a9:a0:b7:26:f8:bf:03:ba:
                    2c:de:22:de:ce:71:b7:9f:db:6d:51:a0:40:47:21:
                    ca:30:53:43:82:18:65:9d:3a:b1:4d:85:43:5c:c1:
                    b6:1c:54:6d:26:e8:d1:c8:d0:fc:8a:86:ff:5b:1d:
                    6d:df:98:43:45:34:40:0e:48:d3:83:5b:16:4c:94:
                    bf:2c:11:d9:a2:11:16:0e:f5:86:87:58:a7:4d:8a:
                    a9:f7:40:33:c0:a0:2e:c8:39:d5:a4:a6:e5:c4:9b:
                    07:e4:56:3b:99:aa:b0:18:e9:49:7a:e6:21:cf:67:
                    8f:94:9a:b7:a7:d8:37:5c:4e:fc:78:b0:e0:e3:3a:
                    64:3a:f5:d3:f5:57:70:1d:26:26:e6:9b:ba:2b:b5:
                    58:1c:aa:b1:cb:ff:d8:e8:34:52:c2:1e:c6:c8:13:
                    88:ff:26:24:01:30:bb:a3:6f:d0:a6:fb:b8:9e:38:
                    b8:28:18:19:b2:36:11:02:e4:45:36:d3:21:99:7d:
                    5a:f3:01:d5:ed:42:0b:11:f2:23:81:ae:07:4e:45:
                    9b:55:3a:28:23:df:bb:19:49:7c:af:9c:1e:48:0b:
                    c4:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:41:8D:73:2F:A6:96:DA:87:29:2A:45:CA:E1:BD:0F:CE:21:7E:60
            X509v3 Authority Key Identifier:
                keyid:F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/NkGNcy-mltqHKSpFyuG9D84hfmA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.239.154.0/24
                  178.239.159.0/24
                  185.26.34.0/23
                  185.124.172.0/22
                  185.215.231.0/24
                  185.243.48.0/22

    Signature Algorithm: sha256WithRSAEncryption
         0b:8b:7a:8c:3b:5c:4d:c1:83:c5:6e:20:c0:c2:ff:22:41:7f:
         84:8f:92:2e:5e:ac:05:2c:ae:cf:29:21:ac:62:22:9d:fe:c3:
         47:51:b6:24:ec:81:4b:42:e8:7f:ee:49:08:d8:47:1f:da:24:
         35:0d:c2:03:d0:05:11:f3:bd:99:bd:3e:ee:20:20:44:49:29:
         84:84:96:c2:3a:9a:41:16:08:fd:f6:8a:5a:f5:6a:62:39:6b:
         ba:89:43:43:c1:15:51:82:38:aa:97:01:14:d1:d7:51:0e:6a:
         24:d6:91:d4:8e:c0:c6:25:e8:d5:87:a2:5b:0c:db:38:8c:05:
         78:1b:46:9b:0b:70:61:32:ba:e8:5e:fc:c6:8b:ff:4a:35:74:
         0c:2b:8c:3b:f8:cf:ba:ba:68:0f:95:4a:1e:57:ce:a3:03:bf:
         29:58:b0:e1:8c:fd:97:20:26:59:49:2a:ad:ab:a4:9e:5b:28:
         ca:3f:83:c0:10:bc:2b:eb:c3:ba:25:63:eb:84:5d:e1:52:ee:
         e1:1a:c8:5d:a2:94:2a:ef:18:5d:ab:c5:db:7e:5a:f1:44:e8:
         3b:b2:50:ba:61:11:21:17:11:a9:09:59:61:71:6c:e3:73:04:
         91:d4:52:bb:1f:81:26:a3:ba:22:bc:d8:7b:d0:99:36:48:5d:
         aa:8b:7f:9a
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYf/xYxfQofoBkc9zi/k0POWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMzUzMzM5OWY1NWViNTJlNmIyMjAwYzdjYWU0MjcyYjc0
ZDY0NjQwHhcNMjMwNTA5MDkwOTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjQxOGQ3MzJmYTY5NmRhODcyOTJhNDVjYWUxYmQwZmNlMjE3ZTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuPyF4pTNH35XXQsaxEatxPUr1evQ
na8GYjRM40kNOCuH58dwqaC3Jvi/A7os3iLeznG3n9ttUaBARyHKMFNDghhlnTqx
TYVDXMG2HFRtJujRyND8iob/Wx1t35hDRTRADkjTg1sWTJS/LBHZohEWDvWGh1in
TYqp90AzwKAuyDnVpKblxJsH5FY7maqwGOlJeuYhz2ePlJq3p9g3XE78eLDg4zpk
OvXT9VdwHSYm5pu6K7VYHKqxy//Y6DRSwh7GyBOI/yYkATC7o2/Qpvu4nji4KBgZ
sjYRAuRFNtMhmX1a8wHV7UILEfIjga4HTkWbVTooI9+7GUl8r5weSAvESQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFDZBjXMvppbahykqRcrhvQ/OIX5gMB8GA1UdIwQY
MBaAFPE1MzmfVetS5rIgDHyuQnK3TWRkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEt
OTg5MTY2ODgxOTY5LzEvTmtHTmN5LW1sdHFIS1NwRnl1RzlEODRoZm1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEtOTg5MTY2ODgxOTY5
LzEvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAsu+aAwQA
su+fAwQBuRoiAwQCuXysAwQAudfnAwQCufMwMA0GCSqGSIb3DQEBCwUAA4IBAQAL
i3qMO1xNwYPFbiDAwv8iQX+Ej5IuXqwFLK7PKSGsYiKd/sNHUbYk7IFLQuh/7kkI
2Ecf2iQ1DcID0AUR872ZvT7uICBESSmEhJbCOppBFgj99opa9WpiOWu6iUNDwRVR
gjiqlwEU0ddRDmok1pHUjsDGJejVh6JbDNs4jAV4G0abC3BhMrroXvzGi/9KNXQM
K4w7+M+6umgPlUoeV86jA78pWLDhjP2XICZZSSqtq6SeWyjKP4PAELwr68O6JWPr
hF3hUu7hGshdopQq7xhdq8XbflrxROg7slC6YREhFxGpCVlhcWzjcwSR1FK7H4Em
o7oivNh70Jk2SF2qi3+a
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:09 2024 by rpki-client on console-ams.rpki-client.org