Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/NWGGEF7DwHOvjmelyLgehpU6VHs.roa
File:                     NWGGEF7DwHOvjmelyLgehpU6VHs.roa (raw, json)
Hash identifier:          UbwHihsZHkhUD2G/+2RyfXyMCZCcY1ZtDiXUQ/80ccI=
Subject key identifier:   35:61:86:10:5E:C3:C0:73:AF:8E:67:A5:C8:B8:1E:86:95:3A:54:7B
Certificate issuer:       /CN=0b247e73391ec9d6a2a46f2cb0b02fc994288f13
Certificate serial:       0188AE765B6A1284F5333028F1BFD54F99BF
Authority key identifier: 0B:24:7E:73:39:1E:C9:D6:A2:A4:6F:2C:B0:B0:2F:C9:94:28:8F:13
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CyR-czkeydaipG8ssLAvyZQojxM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/NWGGEF7DwHOvjmelyLgehpU6VHs.roa
Signing time:             Mon 12 Jun 2023 07:16:12 +0000
ROA not before:           Mon 12 Jun 2023 07:16:12 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     9009
IP address blocks:        45.66.132.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:30:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:ae:76:5b:6a:12:84:f5:33:30:28:f1:bf:d5:4f:99:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0b247e73391ec9d6a2a46f2cb0b02fc994288f13
        Validity
            Not Before: Jun 12 07:16:12 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=356186105ec3c073af8e67a5c8b81e86953a547b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:4c:14:3f:e2:fb:03:48:9b:dc:0f:73:c3:30:
                    dd:04:1a:1c:e3:3b:aa:2a:bd:fd:94:6c:23:64:09:
                    77:dc:b2:5f:5e:28:2f:56:32:e3:fe:d6:52:2d:3c:
                    90:89:7c:86:0b:20:97:98:c3:6b:1e:e0:6b:7b:94:
                    9a:2b:31:eb:83:9c:65:7a:81:c5:18:ee:8d:b9:9c:
                    31:f7:e2:b3:ae:c4:3e:4f:71:4c:59:ff:1f:97:20:
                    0f:da:a7:5f:cc:60:56:4d:4b:1e:a2:d8:9b:fc:f7:
                    4e:4b:41:d8:48:9c:e8:bb:a2:ee:bd:73:66:37:c9:
                    ac:6c:7f:c7:43:2e:b0:02:95:93:f1:24:bb:03:aa:
                    49:4d:91:33:c9:9e:c9:fb:34:e1:44:4e:47:39:a2:
                    88:03:4c:39:5e:44:65:85:4e:3a:92:ab:fd:d1:bd:
                    af:ea:45:53:31:7d:86:8c:b3:00:89:0c:e3:da:a5:
                    e5:37:3a:1a:3c:eb:d2:2e:7c:32:a0:82:99:a1:a1:
                    f1:ed:ca:57:d4:6d:c0:2f:aa:51:f3:72:1a:6e:a1:
                    4f:e6:e8:3d:77:1e:1f:99:df:14:94:5f:04:8d:c2:
                    2f:67:c8:19:fa:fa:aa:82:a4:4e:93:b7:cb:74:18:
                    57:57:76:76:bf:71:e0:8c:a2:82:3d:69:ca:fb:63:
                    07:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:61:86:10:5E:C3:C0:73:AF:8E:67:A5:C8:B8:1E:86:95:3A:54:7B
            X509v3 Authority Key Identifier:
                keyid:0B:24:7E:73:39:1E:C9:D6:A2:A4:6F:2C:B0:B0:2F:C9:94:28:8F:13

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CyR-czkeydaipG8ssLAvyZQojxM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/NWGGEF7DwHOvjmelyLgehpU6VHs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/CyR-czkeydaipG8ssLAvyZQojxM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.66.132.0/24

    Signature Algorithm: sha256WithRSAEncryption
         19:ec:a8:63:3a:7f:4a:9b:f2:24:1d:c9:f3:b2:ca:a0:67:03:
         df:b0:36:7c:cb:f6:12:8e:41:0f:3c:fd:7d:f0:3d:6c:5a:ae:
         42:5d:d0:4a:e0:f3:d7:90:8e:9b:7b:f6:57:fb:54:cf:f0:b5:
         07:72:1a:fa:5a:e7:14:11:2c:d2:7d:9e:ac:f3:50:36:02:d6:
         c7:38:6a:05:b1:de:cb:3d:91:96:0d:f1:bf:7c:ae:b2:29:2f:
         c3:ae:90:8e:8e:d4:58:c0:02:9a:e4:a3:c2:f0:26:10:07:45:
         4d:c8:10:9a:c5:11:cc:76:3d:8c:31:bd:0b:7f:f3:13:d5:e4:
         e4:54:06:93:0d:f4:93:01:72:dc:fc:a7:c2:d1:77:2f:c5:71:
         a9:3f:f5:cd:1f:f0:c3:94:d2:dd:92:04:95:fa:12:97:ca:34:
         77:da:da:fd:81:74:b0:0c:12:58:4a:36:f4:38:b5:81:59:5c:
         e4:10:fa:5c:7e:b1:10:c3:20:7c:ce:37:24:82:65:a5:89:03:
         7d:df:3b:0c:3b:a5:b9:4d:9b:3a:32:5b:a4:db:b9:64:c9:1b:
         20:36:a6:41:b6:44:c8:56:c2:c9:55:15:28:66:cd:4f:09:92:
         b1:fe:b6:d0:49:cc:46:8c:14:aa:a4:8d:21:64:b2:4b:3d:76:
         02:52:f2:11
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYiudltqEoT1MzAo8b/VT5m/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiMjQ3ZTczMzkxZWM5ZDZhMmE0NmYyY2IwYjAyZmM5OTQy
ODhmMTMwHhcNMjMwNjEyMDcxNjEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTYxODYxMDVlYzNjMDczYWY4ZTY3YTVjOGI4MWU4Njk1M2E1NDdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs0wUP+L7A0ib3A9zwzDdBBoc4zuq
Kr39lGwjZAl33LJfXigvVjLj/tZSLTyQiXyGCyCXmMNrHuBre5SaKzHrg5xleoHF
GO6NuZwx9+KzrsQ+T3FMWf8flyAP2qdfzGBWTUseotib/PdOS0HYSJzou6LuvXNm
N8msbH/HQy6wApWT8SS7A6pJTZEzyZ7J+zThRE5HOaKIA0w5XkRlhU46kqv90b2v
6kVTMX2GjLMAiQzj2qXlNzoaPOvSLnwyoIKZoaHx7cpX1G3AL6pR83IabqFP5ug9
dx4fmd8UlF8EjcIvZ8gZ+vqqgqROk7fLdBhXV3Z2v3HgjKKCPWnK+2MHRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDVhhhBew8Bzr45npci4HoaVOlR7MB8GA1UdIwQY
MBaAFAskfnM5HsnWoqRvLLCwL8mUKI8TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3lSLWN6a2V5ZGFpcEc4c3NMQXZ5WlFvanhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iM2ZkNDAtYjEyNS00MjgyLWI4ODMt
NzM2Nzg5ZWU2ZmQwLzEvTldHR0VGN0R3SE92am1lbHlMZ2VocFU2VkhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9iM2ZkNDAtYjEyNS00MjgyLWI4ODMtNzM2Nzg5ZWU2ZmQw
LzEvQ3lSLWN6a2V5ZGFpcEc4c3NMQXZ5WlFvanhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALUKEMA0G
CSqGSIb3DQEBCwUAA4IBAQAZ7KhjOn9Km/IkHcnzssqgZwPfsDZ8y/YSjkEPPP19
8D1sWq5CXdBK4PPXkI6be/ZX+1TP8LUHchr6WucUESzSfZ6s81A2AtbHOGoFsd7L
PZGWDfG/fK6yKS/DrpCOjtRYwAKa5KPC8CYQB0VNyBCaxRHMdj2MMb0Lf/MT1eTk
VAaTDfSTAXLc/KfC0XcvxXGpP/XNH/DDlNLdkgSV+hKXyjR32tr9gXSwDBJYSjb0
OLWBWVzkEPpcfrEQwyB8zjckgmWliQN93zsMO6W5TZs6Mluk27lkyRsgNqZBtkTI
VsLJVRUoZs1PCZKx/rbQScxGjBSqpI0hZLJLPXYCUvIR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:50 2024 by rpki-client on console-fra.rpki-client.org