Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/NfJenyH1ujC3g8tp17cJRvCLpFA.roa
File:                     NfJenyH1ujC3g8tp17cJRvCLpFA.roa (raw, json)
Hash identifier:          sG2IuF/oRS008NvxmqpVKwxQtDAl674bt39axRPZiB8=
Subject key identifier:   35:F2:5E:9F:21:F5:BA:30:B7:83:CB:69:D7:B7:09:46:F0:8B:A4:50
Certificate issuer:       /CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
Certificate serial:       0185EFEDF8C015C50F332756F1125858FEC1
Authority key identifier: 2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/NfJenyH1ujC3g8tp17cJRvCLpFA.roa
Signing time:             Thu 26 Jan 2023 21:13:48 +0000
ROA not before:           Thu 26 Jan 2023 21:13:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        37.19.68.0/22 maxlen: 22
                          185.145.52.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 06 Apr 2023 06:24:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:ef:ed:f8:c0:15:c5:0f:33:27:56:f1:12:58:58:fe:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
        Validity
            Not Before: Jan 26 21:13:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=35f25e9f21f5ba30b783cb69d7b70946f08ba450
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:74:76:9f:79:7a:02:43:40:fa:57:e7:6a:4f:
                    03:26:69:f4:13:73:18:02:51:ff:5b:f3:c3:3a:6d:
                    62:e1:f0:52:53:99:25:37:a9:62:df:20:62:83:4d:
                    bd:b1:9f:5e:3c:17:ba:cd:d3:ab:d8:d2:40:81:c7:
                    e3:ac:a5:98:29:e1:e8:6d:04:c6:3a:9d:35:f5:2b:
                    85:24:c0:73:e4:f5:51:d5:2e:89:3c:88:83:22:ea:
                    74:68:16:d1:42:5d:7a:27:8e:8a:0e:e8:92:4f:b2:
                    ce:59:b2:75:b8:fb:8e:68:fc:fb:d8:0e:22:18:8f:
                    ec:17:a2:f0:e1:4e:8f:f2:55:3f:78:a1:6f:9a:20:
                    f0:1b:31:53:f0:c9:aa:8d:c0:95:92:2c:51:fa:d5:
                    33:7d:7f:c7:dc:dc:6f:fd:28:67:8a:f6:db:c3:9a:
                    97:29:8e:aa:c8:96:e0:cd:fa:e4:08:5e:67:ef:0f:
                    fd:03:96:4c:6d:41:7a:dc:99:6e:73:69:d5:6c:e9:
                    95:68:c1:a6:49:b1:a2:03:cd:3b:5c:93:cb:89:67:
                    13:bd:8a:8d:13:b7:30:e7:9e:44:70:9e:84:75:13:
                    3b:2f:1a:f5:bf:6f:ae:e5:fd:09:f9:b5:64:66:9d:
                    f3:9b:b1:94:72:cc:a0:8a:ea:46:08:56:e5:1b:29:
                    ff:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:F2:5E:9F:21:F5:BA:30:B7:83:CB:69:D7:B7:09:46:F0:8B:A4:50
            X509v3 Authority Key Identifier:
                keyid:2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/NfJenyH1ujC3g8tp17cJRvCLpFA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.19.68.0/22
                  185.145.52.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b5:58:ae:56:2a:2b:42:c9:e0:ad:db:6d:71:62:77:bb:31:3b:
         c8:2f:3a:8d:11:f1:29:f9:16:95:ec:e8:10:90:e8:2b:f1:c8:
         f2:9e:8d:ea:b2:1f:d7:6e:81:83:df:36:d2:88:18:00:76:f2:
         0d:ce:29:f4:c6:eb:6d:50:83:e1:61:97:3f:30:4e:44:e9:bb:
         bd:ac:66:12:1b:57:24:56:50:09:88:44:2b:6e:26:31:43:3b:
         94:8d:f9:0b:b5:dc:1b:ea:1a:5a:8b:c0:b4:5f:21:42:7b:35:
         48:86:a9:77:b9:19:38:11:88:c2:77:6b:e1:a3:50:d0:9c:ee:
         5d:97:63:24:46:7b:40:67:35:ac:70:5f:c5:02:00:f2:15:3d:
         90:d1:cc:08:87:98:c5:95:29:30:72:77:32:2d:8a:74:c7:6f:
         ab:f4:b3:46:69:1e:6a:68:d2:68:a4:52:bc:a7:3d:68:58:5d:
         e1:60:c0:a2:84:2a:c6:b9:98:f5:45:1c:0f:af:6f:fa:12:f5:
         96:78:f1:a7:e7:46:24:4a:a6:fb:29:54:0b:e6:1d:3a:06:c6:
         c7:dd:be:c9:8a:85:fe:df:f3:8a:a1:7e:37:c8:2c:1e:64:45:
         e0:a9:b2:75:a4:65:b0:90:2d:45:5f:a2:cb:3f:5a:aa:1d:4c:
         2a:9b:e8:42
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYXv7fjAFcUPMydW8RJYWP7BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlODI5NjNmZjFhYTcwYWIxMGQxZDMzZTg2YjFkNmQ0OTRk
NmNlNTEwHhcNMjMwMTI2MjExMzQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWYyNWU5ZjIxZjViYTMwYjc4M2NiNjlkN2I3MDk0NmYwOGJhNDUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnnR2n3l6AkNA+lfnak8DJmn0E3MY
AlH/W/PDOm1i4fBSU5klN6li3yBig029sZ9ePBe6zdOr2NJAgcfjrKWYKeHobQTG
Op019SuFJMBz5PVR1S6JPIiDIup0aBbRQl16J46KDuiST7LOWbJ1uPuOaPz72A4i
GI/sF6Lw4U6P8lU/eKFvmiDwGzFT8MmqjcCVkixR+tUzfX/H3Nxv/Shnivbbw5qX
KY6qyJbgzfrkCF5n7w/9A5ZMbUF63Jluc2nVbOmVaMGmSbGiA807XJPLiWcTvYqN
E7cw555EcJ6EdRM7Lxr1v2+u5f0J+bVkZp3zm7GUcsygiupGCFblGyn/4QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDXyXp8h9bowt4PLade3CUbwi6RQMB8GA1UdIwQY
MBaAFC6Clj/xqnCrENHTPoax1tSU1s5RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQt
ZGY2NGYwZTgyMzYwLzEvTmZKZW55SDF1akMzZzh0cDE3Y0pSdkNMcEZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQtZGY2NGYwZTgyMzYw
LzEvTG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCJRNEAwQA
uZE0MA0GCSqGSIb3DQEBCwUAA4IBAQC1WK5WKitCyeCt221xYne7MTvILzqNEfEp
+RaV7OgQkOgr8cjyno3qsh/XboGD3zbSiBgAdvINzin0xuttUIPhYZc/ME5E6bu9
rGYSG1ckVlAJiEQrbiYxQzuUjfkLtdwb6hpai8C0XyFCezVIhql3uRk4EYjCd2vh
o1DQnO5dl2MkRntAZzWscF/FAgDyFT2Q0cwIh5jFlSkwcncyLYp0x2+r9LNGaR5q
aNJopFK8pz1oWF3hYMCihCrGuZj1RRwPr2/6EvWWePGn50YkSqb7KVQL5h06BsbH
3b7JioX+3/OKoX43yCweZEXgqbJ1pGWwkC1FX6LLP1qqHUwqm+hC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:05 2024 by rpki-client on console-fra.rpki-client.org