Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/NKRjNocUklS4dC9NRkp7i6EiUuc.roa
File:                     NKRjNocUklS4dC9NRkp7i6EiUuc.roa (raw, json)
Hash identifier:          jwEaY/NemfIFC2K1Y7Y0tyQN6/gyQSXRFjSxvr9ymnQ=
Subject key identifier:   34:A4:63:36:87:14:92:54:B8:74:2F:4D:46:4A:7B:8B:A1:22:52:E7
Certificate issuer:       /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial:       018910B3FB6040C288B8ED5EAC923C8A426A
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/NKRjNocUklS4dC9NRkp7i6EiUuc.roa
Signing time:             Sat 01 Jul 2023 09:06:18 +0000
ROA not before:           Sat 01 Jul 2023 09:06:18 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     45027
IP address blocks:        31.129.30.0/24 maxlen: 24
                          141.98.233.0/24 maxlen: 24
                          77.83.117.0/24 maxlen: 24
                          92.118.112.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 10 Jul 2023 08:37:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:10:b3:fb:60:40:c2:88:b8:ed:5e:ac:92:3c:8a:42:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
        Validity
            Not Before: Jul  1 09:06:18 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=34a4633687149254b8742f4d464a7b8ba12252e7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:29:e0:27:71:28:f8:8b:a5:b9:27:24:df:16:
                    36:1b:e6:1b:aa:bf:53:fb:10:0b:89:d0:9d:f1:f6:
                    64:4e:18:51:59:d8:4c:79:af:60:e5:0a:cc:b4:45:
                    5e:a7:55:53:d6:04:d7:99:a4:e1:6f:21:43:58:71:
                    72:69:53:ac:f5:7d:a6:b2:48:e0:b2:61:54:82:bf:
                    76:69:02:d3:dc:10:22:13:66:97:7e:91:90:06:31:
                    34:78:79:39:d8:25:11:84:a7:f9:42:91:cc:68:9a:
                    2e:15:3d:45:18:73:1a:13:4a:95:f6:fd:24:6d:c1:
                    a9:82:41:58:4e:e3:3e:98:b2:b3:c7:99:7e:ca:ad:
                    26:bb:c1:22:12:35:27:01:4a:bf:0f:04:d3:4b:5d:
                    c0:45:48:bc:e9:98:2c:33:67:6b:2b:ff:84:8a:83:
                    e3:c0:23:19:a4:92:74:b3:b5:9d:f0:5d:34:e3:9f:
                    dc:6e:4d:fd:ab:83:df:da:fd:2e:c3:12:c7:5f:3f:
                    98:f5:bf:19:d5:03:57:93:16:39:ad:15:33:51:6e:
                    91:6b:44:e2:a4:d6:56:ab:01:f9:57:87:8e:ca:06:
                    be:56:da:e6:51:b4:85:81:e5:97:63:ac:65:8f:6f:
                    0d:bc:39:59:7a:7e:70:bd:ef:2c:a7:e7:cd:14:96:
                    45:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:A4:63:36:87:14:92:54:B8:74:2F:4D:46:4A:7B:8B:A1:22:52:E7
            X509v3 Authority Key Identifier:
                keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/NKRjNocUklS4dC9NRkp7i6EiUuc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.129.30.0/24
                  77.83.117.0/24
                  92.118.112.0/24
                  141.98.233.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6e:3f:16:c9:7a:1a:13:9a:8d:96:67:0e:e3:0b:d6:7f:13:ce:
         80:ab:07:4b:00:0d:00:e2:a9:68:5b:d0:24:ec:76:0f:e9:f6:
         fb:f2:1e:b4:84:48:ed:da:0b:5b:38:cc:7a:66:87:08:cb:0f:
         0c:0c:81:b3:7a:af:57:4f:f3:36:9a:d2:2e:b6:7f:4d:58:ab:
         63:81:10:d2:c0:76:85:a7:84:02:d8:5a:61:00:e2:ae:ce:22:
         37:2e:60:b9:b2:ef:ef:51:e7:5e:76:d9:95:10:01:b2:e8:4c:
         6b:21:32:29:67:27:21:58:10:cf:71:89:68:b0:fa:27:15:c9:
         d8:ba:d0:28:cc:15:37:a8:0a:f5:27:3f:5f:27:ea:96:53:56:
         17:96:24:a5:83:b7:af:52:a8:7a:77:47:ab:96:67:2f:34:89:
         17:f5:83:14:7f:01:9e:25:d5:8f:9f:ea:8a:84:66:1c:2d:f1:
         cb:66:31:98:ce:65:04:35:c5:a7:c5:ba:99:8e:ab:a5:5d:0b:
         a5:82:88:50:bc:2d:11:0b:3d:81:b9:d2:39:9d:fe:68:3a:3c:
         0a:cd:c3:e1:08:59:59:cd:62:aa:a0:97:7d:56:75:1a:38:1d:
         b5:50:2b:37:2f:ad:83:b9:f5:f9:8f:ed:a3:57:bd:73:1e:e5:
         a9:ae:bb:e4
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYkQs/tgQMKIuO1erJI8ikJqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjMwNzAxMDkwNjE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGE0NjMzNjg3MTQ5MjU0Yjg3NDJmNGQ0NjRhN2I4YmExMjI1MmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtyngJ3Eo+IuluSck3xY2G+Ybqr9T
+xALidCd8fZkThhRWdhMea9g5QrMtEVep1VT1gTXmaThbyFDWHFyaVOs9X2mskjg
smFUgr92aQLT3BAiE2aXfpGQBjE0eHk52CURhKf5QpHMaJouFT1FGHMaE0qV9v0k
bcGpgkFYTuM+mLKzx5l+yq0mu8EiEjUnAUq/DwTTS13ARUi86ZgsM2drK/+EioPj
wCMZpJJ0s7Wd8F0045/cbk39q4Pf2v0uwxLHXz+Y9b8Z1QNXkxY5rRUzUW6Ra0Ti
pNZWqwH5V4eOyga+VtrmUbSFgeWXY6xlj28NvDlZen5wve8sp+fNFJZF1QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDSkYzaHFJJUuHQvTUZKe4uhIlLnMB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvTktSak5vY1VrbFM0ZEM5TlJrcDdpNkVpVXVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAH4EeAwQA
TVN1AwQAXHZwAwQAjWLpMA0GCSqGSIb3DQEBCwUAA4IBAQBuPxbJehoTmo2WZw7j
C9Z/E86AqwdLAA0A4qloW9Ak7HYP6fb78h60hEjt2gtbOMx6ZocIyw8MDIGzeq9X
T/M2mtIutn9NWKtjgRDSwHaFp4QC2FphAOKuziI3LmC5su/vUededtmVEAGy6Exr
ITIpZychWBDPcYlosPonFcnYutAozBU3qAr1Jz9fJ+qWU1YXliSlg7evUqh6d0er
lmcvNIkX9YMUfwGeJdWPn+qKhGYcLfHLZjGYzmUENcWnxbqZjqulXQulgohQvC0R
Cz2BudI5nf5oOjwKzcPhCFlZzWKqoJd9VnUaOB21UCs3L62DufX5j+2jV71zHuWp
rrvk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:54 2024 by rpki-client on console-fra.rpki-client.org