Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/80d1cc-453f-42e3-9fd4-87becf74d564/1/NmzFJLLjC_lA5Y5Up_dvjk1nyvY.roa
File:                     NmzFJLLjC_lA5Y5Up_dvjk1nyvY.roa (raw, json)
Hash identifier:          QGUzrQBOCzPgJNZLL2SSodwai2hGzo2uBuWD+zX+xDc=
Subject key identifier:   36:6C:C5:24:B2:E3:0B:F9:40:E5:8E:54:A7:F7:6F:8E:4D:67:CA:F6
Certificate issuer:       /CN=111d895492ed4b69d5aa6eda5f702fe763a27ba0
Certificate serial:       0185710C06A0DD4E432253AE7608C9867D4E
Authority key identifier: 11:1D:89:54:92:ED:4B:69:D5:AA:6E:DA:5F:70:2F:E7:63:A2:7B:A0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ER2JVJLtS2nVqm7aX3Av52Oie6A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/80d1cc-453f-42e3-9fd4-87becf74d564/1/NmzFJLLjC_lA5Y5Up_dvjk1nyvY.roa
Signing time:             Mon 02 Jan 2023 05:54:51 +0000
ROA not before:           Mon 02 Jan 2023 05:54:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     559
IP address blocks:        130.125.0.0/16 maxlen: 16
                          192.42.42.0/23 maxlen: 23
                          192.42.44.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 00:29:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:0c:06:a0:dd:4e:43:22:53:ae:76:08:c9:86:7d:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=111d895492ed4b69d5aa6eda5f702fe763a27ba0
        Validity
            Not Before: Jan  2 05:54:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=366cc524b2e30bf940e58e54a7f76f8e4d67caf6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:0d:b7:5f:b2:c8:a7:04:68:ae:39:31:b3:07:
                    38:fa:3e:45:03:8f:93:fa:5f:64:23:33:ae:6e:fd:
                    96:c3:87:2d:8b:e7:7c:3c:02:bf:63:d7:10:5a:3f:
                    19:ec:2c:38:15:03:c2:34:94:08:63:5b:81:e5:3a:
                    d5:85:88:a7:a5:f4:97:17:98:33:73:a4:71:7c:4e:
                    b8:c5:f2:de:16:a2:4f:d7:da:c7:7c:53:75:d6:13:
                    f7:e0:25:dd:15:2d:a4:81:fe:c1:e5:4a:fe:b7:5c:
                    63:e8:70:6c:a7:dd:d1:e2:a7:cd:4b:4c:b3:38:54:
                    13:c6:c7:fa:2b:49:01:88:3b:07:7e:e2:9f:f0:5b:
                    da:4d:56:95:c9:a1:0e:4a:09:80:44:84:2d:80:bf:
                    0d:04:fb:08:cb:8e:aa:aa:fb:f3:fb:20:e9:94:1d:
                    17:83:b8:c7:19:7a:17:30:38:49:63:01:2d:19:2a:
                    04:fc:f8:b8:5f:3f:bd:7f:f6:f7:ca:30:b7:19:b4:
                    ed:9c:73:b7:ed:8c:1a:5b:32:b1:39:e8:41:7e:8d:
                    6c:ad:21:14:6f:02:ac:f0:af:5c:4a:a2:dd:7d:8a:
                    22:3a:ca:22:4d:3a:75:c4:5f:fb:d3:a8:2c:95:ce:
                    d0:1f:93:a9:ac:bc:44:c7:79:04:c5:01:84:95:5a:
                    ca:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:6C:C5:24:B2:E3:0B:F9:40:E5:8E:54:A7:F7:6F:8E:4D:67:CA:F6
            X509v3 Authority Key Identifier:
                keyid:11:1D:89:54:92:ED:4B:69:D5:AA:6E:DA:5F:70:2F:E7:63:A2:7B:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ER2JVJLtS2nVqm7aX3Av52Oie6A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/80d1cc-453f-42e3-9fd4-87becf74d564/1/NmzFJLLjC_lA5Y5Up_dvjk1nyvY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/80d1cc-453f-42e3-9fd4-87becf74d564/1/ER2JVJLtS2nVqm7aX3Av52Oie6A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  130.125.0.0/16
                  192.42.42.0-192.42.47.255

    Signature Algorithm: sha256WithRSAEncryption
         9a:63:21:b3:a2:3e:01:b1:fb:19:2e:f9:53:b0:d2:7e:b7:8d:
         dc:b9:a5:85:00:93:81:0b:40:ec:03:da:da:73:bf:81:23:3d:
         75:06:84:f8:3d:23:8c:aa:f2:43:05:04:65:9f:48:80:19:93:
         ba:09:82:37:db:42:1d:a5:dc:8c:ac:3c:25:bd:6f:fc:c1:34:
         1d:4a:db:c4:cb:06:68:80:f2:e3:e2:56:0c:b5:d4:ec:3a:e9:
         1d:23:7c:5a:25:ef:ea:ee:37:f1:40:92:22:b9:88:c8:af:bf:
         5e:8c:08:0f:22:97:60:9f:e1:6a:f6:60:6c:0c:7c:63:38:ed:
         53:e2:46:0a:13:2e:6a:b6:e5:40:f4:23:8e:8e:fe:ce:94:5c:
         29:08:28:c5:9f:de:39:0a:08:56:83:81:57:87:95:3b:9c:b9:
         8d:e9:a9:24:55:27:17:06:fc:83:4a:94:81:4c:26:d7:ff:91:
         cc:85:48:c4:08:84:64:5b:ff:f0:01:4e:58:c5:cf:b7:d8:30:
         f2:ae:71:2c:0d:2b:8f:e1:b7:c2:de:6c:26:32:26:75:57:9a:
         42:22:fe:77:66:4b:19:80:9b:9b:12:6a:93:14:d7:5b:a8:47:
         c4:20:0a:18:c5:bd:18:c6:71:21:d1:fc:3d:87:d4:aa:a9:5c:
         7b:5f:6c:72
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAYVxDAag3U5DIlOudgjJhn1OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExMWQ4OTU0OTJlZDRiNjlkNWFhNmVkYTVmNzAyZmU3NjNh
MjdiYTAwHhcNMjMwMTAyMDU1NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjZjYzUyNGIyZTMwYmY5NDBlNThlNTRhN2Y3NmY4ZTRkNjdjYWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkQ23X7LIpwRorjkxswc4+j5FA4+T
+l9kIzOubv2Ww4cti+d8PAK/Y9cQWj8Z7Cw4FQPCNJQIY1uB5TrVhYinpfSXF5gz
c6RxfE64xfLeFqJP19rHfFN11hP34CXdFS2kgf7B5Ur+t1xj6HBsp93R4qfNS0yz
OFQTxsf6K0kBiDsHfuKf8FvaTVaVyaEOSgmARIQtgL8NBPsIy46qqvvz+yDplB0X
g7jHGXoXMDhJYwEtGSoE/Pi4Xz+9f/b3yjC3GbTtnHO37YwaWzKxOehBfo1srSEU
bwKs8K9cSqLdfYoiOsoiTTp1xF/706gslc7QH5OprLxEx3kExQGElVrKfQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFDZsxSSy4wv5QOWOVKf3b45NZ8r2MB8GA1UdIwQY
MBaAFBEdiVSS7Utp1apu2l9wL+djonugMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVIySlZKTHRTMm5WcW03YVgzQXY1Mk9pZTZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny84MGQxY2MtNDUzZi00MmUzLTlmZDQt
ODdiZWNmNzRkNTY0LzEvTm16RkpMTGpDX2xBNVk1VXBfZHZqazFueXZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny84MGQxY2MtNDUzZi00MmUzLTlmZDQtODdiZWNmNzRkNTY0
LzEvRVIySlZKTHRTMm5WcW03YVgzQXY1Mk9pZTZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAATATAwMAgn0wDAME
AcAqKgMEBMAqIDANBgkqhkiG9w0BAQsFAAOCAQEAmmMhs6I+AbH7GS75U7DSfreN
3LmlhQCTgQtA7APa2nO/gSM9dQaE+D0jjKryQwUEZZ9IgBmTugmCN9tCHaXcjKw8
Jb1v/ME0HUrbxMsGaIDy4+JWDLXU7DrpHSN8WiXv6u438UCSIrmIyK+/XowIDyKX
YJ/havZgbAx8YzjtU+JGChMuarblQPQjjo7+zpRcKQgoxZ/eOQoIVoOBV4eVO5y5
jempJFUnFwb8g0qUgUwm1/+RzIVIxAiEZFv/8AFOWMXPt9gw8q5xLA0rj+G3wt5s
JjImdVeaQiL+d2ZLGYCbmxJqkxTXW6hHxCAKGMW9GMZxIdH8PYfUqqlce19scg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:54 2024 by rpki-client on console-ams.rpki-client.org