Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/nPur76ha54YnemTR6mvbymwaPDU.roa
File:                     nPur76ha54YnemTR6mvbymwaPDU.roa (raw, json)
Hash identifier:          Ce6LxV8QTqEMjdTRhdQm+8LDDadLCv1uPoLCYho8ITA=
Subject key identifier:   9C:FB:AB:EF:A8:5A:E7:86:27:7A:64:D1:EA:6B:DB:CA:6C:1A:3C:35
Certificate issuer:       /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial:       0185B97BAD0043250BC4D3802375DC45836C
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/nPur76ha54YnemTR6mvbymwaPDU.roa
Signing time:             Mon 16 Jan 2023 07:29:28 +0000
ROA not before:           Mon 16 Jan 2023 07:29:28 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200088
IP address blocks:        37.220.82.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 16 Jan 2023 09:43:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:b9:7b:ad:00:43:25:0b:c4:d3:80:23:75:dc:45:83:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
        Validity
            Not Before: Jan 16 07:29:28 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9cfbabefa85ae786277a64d1ea6bdbca6c1a3c35
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:0b:3f:27:c7:da:75:d2:80:e2:d1:91:d4:63:
                    c3:36:01:1b:45:8b:f1:a7:21:ce:bb:f8:f3:0e:7f:
                    63:97:66:50:48:4d:e2:2f:45:3d:50:55:b2:5b:b2:
                    3d:31:d1:bc:dc:bb:b3:1b:9a:d0:f0:10:41:d1:ee:
                    81:06:e6:7a:14:58:03:07:a9:9a:8c:15:a1:3d:19:
                    5e:ce:3a:0f:f0:77:16:cd:41:85:96:5c:5f:ea:9d:
                    44:7c:e1:4a:27:22:d8:d6:23:58:2a:61:54:bc:e0:
                    51:fc:c6:df:2f:cc:78:33:e2:84:d1:58:9b:dc:1f:
                    a3:b4:43:b8:05:ad:4d:64:cc:66:4e:3b:1c:ad:a8:
                    f6:3d:0b:23:9d:e4:1a:27:d3:9d:94:1b:19:7f:ea:
                    80:53:78:7c:67:1e:63:bf:03:93:9b:6e:92:bc:a0:
                    a5:47:4b:be:a1:24:26:0d:a7:64:ee:0c:87:fd:68:
                    77:32:f4:d5:0f:aa:e6:e5:8f:cb:48:45:da:0f:6d:
                    eb:21:d3:74:af:a9:c6:56:22:a8:dc:10:5a:bf:69:
                    00:56:5b:86:e8:24:c4:4d:98:80:41:9a:92:af:23:
                    65:25:96:91:99:d7:26:37:8d:bc:5b:75:52:04:12:
                    5e:3d:88:8a:b1:99:a0:a2:fe:30:2a:af:0b:8f:2e:
                    d8:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:FB:AB:EF:A8:5A:E7:86:27:7A:64:D1:EA:6B:DB:CA:6C:1A:3C:35
            X509v3 Authority Key Identifier:
                keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/nPur76ha54YnemTR6mvbymwaPDU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.220.82.0/24

    Signature Algorithm: sha256WithRSAEncryption
         93:ca:aa:d5:7c:89:fe:62:76:b2:bf:24:c6:28:da:a4:f2:bf:
         09:10:7d:61:b0:68:e6:66:c1:8f:2d:b9:c2:70:d5:9b:7a:b0:
         08:07:5a:09:fc:59:fa:3a:ab:d1:a5:c6:3e:d0:ec:63:20:f5:
         4e:15:db:c4:2a:b5:87:57:ef:15:18:50:cf:fb:c4:c9:10:bc:
         86:8f:06:bb:bf:a0:cc:17:7d:5e:38:ed:03:0d:b9:dc:75:ea:
         4a:e8:22:bf:7c:35:f3:2a:63:a9:69:3e:33:0d:63:3e:21:0a:
         89:84:cb:a0:4e:3b:86:80:39:5b:b4:4d:ea:5d:f4:b4:f9:cc:
         56:85:6a:28:c5:23:e4:e5:12:94:3b:53:b5:7a:b0:c4:30:f8:
         b4:3c:e5:f6:42:18:72:1b:bc:d7:f9:6d:0a:d9:ed:db:aa:a3:
         35:ec:57:4b:df:ee:2c:ba:99:dd:b6:e8:39:c5:27:b2:37:ec:
         07:0b:55:ab:f1:06:33:05:17:26:b3:d3:75:20:00:c4:45:8d:
         01:9a:57:77:0c:73:3e:87:08:24:9f:1d:ff:d5:7d:d6:3b:a4:
         38:bb:b5:42:32:70:05:0c:76:2f:b9:25:81:56:00:3a:ca:cc:
         ae:5a:9b:fe:af:ac:6d:46:3b:70:a4:a8:7b:3f:66:09:66:c3:
         56:39:ba:75
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYW5e60AQyULxNOAI3XcRYNsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjMwMTE2MDcyOTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2ZiYWJlZmE4NWFlNzg2Mjc3YTY0ZDFlYTZiZGJjYTZjMWEzYzM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArws/J8faddKA4tGR1GPDNgEbRYvx
pyHOu/jzDn9jl2ZQSE3iL0U9UFWyW7I9MdG83LuzG5rQ8BBB0e6BBuZ6FFgDB6ma
jBWhPRlezjoP8HcWzUGFllxf6p1EfOFKJyLY1iNYKmFUvOBR/MbfL8x4M+KE0Vib
3B+jtEO4Ba1NZMxmTjscraj2PQsjneQaJ9OdlBsZf+qAU3h8Zx5jvwOTm26SvKCl
R0u+oSQmDadk7gyH/Wh3MvTVD6rm5Y/LSEXaD23rIdN0r6nGViKo3BBav2kAVluG
6CTETZiAQZqSryNlJZaRmdcmN428W3VSBBJePYiKsZmgov4wKq8Ljy7YTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJz7q++oWueGJ3pk0epr28psGjw1MB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvblB1cjc2aGE1NFluZW1UUjZtdmJ5bXdhUERVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJdxSMA0G
CSqGSIb3DQEBCwUAA4IBAQCTyqrVfIn+YnayvyTGKNqk8r8JEH1hsGjmZsGPLbnC
cNWberAIB1oJ/Fn6OqvRpcY+0OxjIPVOFdvEKrWHV+8VGFDP+8TJELyGjwa7v6DM
F31eOO0DDbncdepK6CK/fDXzKmOpaT4zDWM+IQqJhMugTjuGgDlbtE3qXfS0+cxW
hWooxSPk5RKUO1O1erDEMPi0POX2QhhyG7zX+W0K2e3bqqM17FdL3+4supndtug5
xSeyN+wHC1Wr8QYzBRcms9N1IADERY0Bmld3DHM+hwgknx3/1X3WO6Q4u7VCMnAF
DHYvuSWBVgA6ysyuWpv+r6xtRjtwpKh7P2YJZsNWObp1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:55 2024 by rpki-client on console-fra.rpki-client.org