Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/NvG3Cj3P0JQVagoWk01OcCgqKQQ.roa
File:                     NvG3Cj3P0JQVagoWk01OcCgqKQQ.roa (raw, json)
Hash identifier:          97n0Ca1UhhWEH7l6bKZXCL6J5qWqTvnPrvtxLRTv+B0=
Subject key identifier:   36:F1:B7:0A:3D:CF:D0:94:15:6A:0A:16:93:4D:4E:70:28:2A:29:04
Certificate issuer:       /CN=253a3b5f51808168c212c094a2baaff38e16464a
Certificate serial:       018721F48A30D87C0CFF1948657499E4B895
Authority key identifier: 25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/NvG3Cj3P0JQVagoWk01OcCgqKQQ.roa
Signing time:             Mon 27 Mar 2023 07:24:46 +0000
ROA not before:           Mon 27 Mar 2023 07:24:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     5547
IP address blocks:        195.208.8.0/21 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 16:29:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:21:f4:8a:30:d8:7c:0c:ff:19:48:65:74:99:e4:b8:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=253a3b5f51808168c212c094a2baaff38e16464a
        Validity
            Not Before: Mar 27 07:24:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=36f1b70a3dcfd094156a0a16934d4e70282a2904
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:d9:f1:dd:97:79:cb:af:60:1d:78:fe:b7:1f:
                    97:73:84:3e:e9:a8:d9:b3:a4:05:b0:2c:7a:88:88:
                    66:0f:fc:bd:99:a0:7c:41:58:1b:cf:08:cf:11:67:
                    8d:f1:dc:ea:ad:21:dd:69:94:ab:bc:9e:7b:92:d7:
                    c6:d6:42:fd:7a:68:94:47:96:26:96:01:38:04:fb:
                    b4:5b:ac:0e:fc:0c:0e:d7:56:63:6b:36:59:33:24:
                    ed:39:89:98:b9:fa:b3:66:2e:3e:be:1b:8e:47:78:
                    4a:c6:2c:77:50:93:5b:2a:00:aa:41:89:26:ac:2b:
                    26:25:f6:cf:07:a2:6d:d3:1b:35:fd:bd:95:69:4d:
                    8a:b8:94:d5:9b:65:90:32:64:fe:00:4b:fe:9c:ac:
                    ef:12:9c:62:9b:12:e7:61:67:11:81:0a:02:25:4c:
                    6d:af:66:ff:7c:9d:2a:49:57:c5:1e:75:e5:58:f5:
                    3e:e1:ce:e3:ea:f2:64:3d:07:68:ad:d2:55:39:69:
                    a4:b2:46:50:0c:87:42:16:99:11:d3:98:b2:49:2c:
                    15:b5:cf:5a:aa:ac:e2:32:6d:5f:4c:48:c9:45:dc:
                    74:96:cd:b6:27:f9:4f:7a:20:b1:65:48:6f:21:df:
                    dc:40:b1:36:8f:cf:17:da:0a:e0:43:0c:d4:d0:e4:
                    f0:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:F1:B7:0A:3D:CF:D0:94:15:6A:0A:16:93:4D:4E:70:28:2A:29:04
            X509v3 Authority Key Identifier:
                keyid:25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/NvG3Cj3P0JQVagoWk01OcCgqKQQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.208.8.0/21

    Signature Algorithm: sha256WithRSAEncryption
         b0:06:1c:22:09:85:08:bf:f2:a4:3d:35:d5:76:84:e3:38:a8:
         3e:9b:82:fe:ab:79:72:c6:16:a5:5d:50:28:ff:49:38:4d:4a:
         1c:6a:48:8d:3a:69:99:a7:c9:8d:01:9f:a4:c9:73:62:f2:13:
         c8:92:7d:b1:21:aa:f1:5c:18:24:56:d7:3f:a9:85:9c:fc:4a:
         da:12:6b:7e:d6:29:15:2b:51:12:55:97:8b:44:f3:a3:5b:06:
         85:94:21:5c:75:b4:6d:e5:7a:3c:ff:af:73:31:a5:54:94:94:
         36:3f:fd:f9:18:1f:45:68:e1:ba:a7:71:3d:33:f9:4e:20:09:
         8b:1f:06:fd:f1:8c:79:19:fe:45:5c:74:c4:fc:e7:0b:d8:5e:
         4c:2c:eb:f7:45:ea:c6:d5:d2:c6:2d:42:01:ad:ca:65:b4:50:
         59:2d:f8:ac:2e:f6:0f:3e:60:7d:e4:ef:9e:9f:53:e1:3d:48:
         50:f8:ed:b3:ad:22:b9:83:c1:7e:bf:f2:2f:df:65:a3:ce:6b:
         da:b6:15:17:7f:57:63:82:b8:b3:29:a9:39:0b:6d:8e:cb:fe:
         a2:29:01:30:24:ba:d6:b1:7f:42:bb:cf:69:5d:7d:05:64:8a:
         c6:24:ca:c2:cc:05:54:1b:40:96:65:c8:58:37:70:57:d9:21:
         66:22:45:ca
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYch9Iow2HwM/xlIZXSZ5LiVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1M2EzYjVmNTE4MDgxNjhjMjEyYzA5NGEyYmFhZmYzOGUx
NjQ2NGEwHhcNMjMwMzI3MDcyNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmYxYjcwYTNkY2ZkMDk0MTU2YTBhMTY5MzRkNGU3MDI4MmEyOTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmNnx3Zd5y69gHXj+tx+Xc4Q+6ajZ
s6QFsCx6iIhmD/y9maB8QVgbzwjPEWeN8dzqrSHdaZSrvJ57ktfG1kL9emiUR5Ym
lgE4BPu0W6wO/AwO11ZjazZZMyTtOYmYufqzZi4+vhuOR3hKxix3UJNbKgCqQYkm
rCsmJfbPB6Jt0xs1/b2VaU2KuJTVm2WQMmT+AEv+nKzvEpximxLnYWcRgQoCJUxt
r2b/fJ0qSVfFHnXlWPU+4c7j6vJkPQdordJVOWmkskZQDIdCFpkR05iySSwVtc9a
qqziMm1fTEjJRdx0ls22J/lPeiCxZUhvId/cQLE2j88X2grgQwzU0OTw/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDbxtwo9z9CUFWoKFpNNTnAoKikEMB8GA1UdIwQY
MBaAFCU6O19RgIFowhLAlKK6r/OOFkZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQt
OWU5YTFlMDM3MzhlLzEvTnZHM0NqM1AwSlFWYWdvV2swMU9jQ2dxS1FRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQtOWU5YTFlMDM3Mzhl
LzEvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDw9AIMA0G
CSqGSIb3DQEBCwUAA4IBAQCwBhwiCYUIv/KkPTXVdoTjOKg+m4L+q3lyxhalXVAo
/0k4TUocakiNOmmZp8mNAZ+kyXNi8hPIkn2xIarxXBgkVtc/qYWc/EraEmt+1ikV
K1ESVZeLRPOjWwaFlCFcdbRt5Xo8/69zMaVUlJQ2P/35GB9FaOG6p3E9M/lOIAmL
Hwb98Yx5Gf5FXHTE/OcL2F5MLOv3RerG1dLGLUIBrcpltFBZLfisLvYPPmB95O+e
n1PhPUhQ+O2zrSK5g8F+v/Iv32WjzmvathUXf1djgrizKak5C22Oy/6iKQEwJLrW
sX9Cu89pXX0FZIrGJMrCzAVUG0CWZchYN3BX2SFmIkXK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:56 2024 by rpki-client on console-fra.rpki-client.org