Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/ddce4d-9912-487d-b55d-47d82a41a8f3/1/nv9w6DT3cteZRPimbOcGWc8PdNs.roa
File:                     nv9w6DT3cteZRPimbOcGWc8PdNs.roa (raw, json)
Hash identifier:          3qMGLbzycp/NB8dN6bFoc6xapjerHeaKB56anty/OW0=
Subject key identifier:   9E:FF:70:E8:34:F7:72:D7:99:44:F8:A6:6C:E7:06:59:CF:0F:74:DB
Certificate issuer:       /CN=5794afdb5e6a1885780920a54ffa82408ea85ba1
Certificate serial:       01859C09636166A94DEA6DC630E9536D0610
Authority key identifier: 57:94:AF:DB:5E:6A:18:85:78:09:20:A5:4F:FA:82:40:8E:A8:5B:A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/V5Sv215qGIV4CSClT_qCQI6oW6E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/ddce4d-9912-487d-b55d-47d82a41a8f3/1/nv9w6DT3cteZRPimbOcGWc8PdNs.roa
Signing time:             Tue 10 Jan 2023 14:15:39 +0000
ROA not before:           Tue 10 Jan 2023 14:15:39 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     174
IP address blocks:        178.236.236.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Thu 26 Oct 2023 10:15:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:9c:09:63:61:66:a9:4d:ea:6d:c6:30:e9:53:6d:06:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5794afdb5e6a1885780920a54ffa82408ea85ba1
        Validity
            Not Before: Jan 10 14:15:39 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9eff70e834f772d79944f8a66ce70659cf0f74db
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:d2:34:12:4b:ed:93:f6:6c:46:50:41:10:79:
                    62:50:b9:a0:92:9b:67:26:3c:e6:49:eb:cb:26:8d:
                    67:bb:9f:76:d7:27:fe:50:5e:fd:50:80:fc:dc:81:
                    32:f8:35:6b:5d:25:2b:91:39:10:db:ab:48:47:04:
                    8e:33:1e:18:ea:62:28:38:2f:05:32:55:0c:fc:73:
                    c9:1e:e4:86:42:51:f9:43:ec:6c:19:5e:18:43:8b:
                    62:c0:bc:7f:29:08:f5:49:67:62:73:30:bb:c1:c9:
                    20:b5:2f:86:4c:69:ad:66:e7:fd:3b:13:ff:97:99:
                    d6:16:d3:c4:8e:5d:44:9f:63:61:62:c4:28:33:30:
                    46:4e:ea:5b:27:ac:98:b4:57:52:b0:69:3a:bc:bc:
                    84:e5:db:b7:08:e6:f6:78:20:2d:57:1b:c6:0c:46:
                    f1:8e:99:9f:4b:5e:b0:24:62:6a:b2:30:d2:c0:6d:
                    cf:e9:23:b9:39:f8:c8:58:ed:99:07:19:c6:43:4b:
                    74:e5:70:d0:2d:ed:3b:f9:a4:6f:78:ad:07:00:f0:
                    99:03:86:9f:46:7b:38:51:76:e7:67:9b:d8:2b:58:
                    3e:90:51:18:ca:26:ba:d5:4a:1a:29:00:54:e1:96:
                    38:0f:b9:ef:60:41:e3:1d:7e:d3:35:09:45:9d:66:
                    e1:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:FF:70:E8:34:F7:72:D7:99:44:F8:A6:6C:E7:06:59:CF:0F:74:DB
            X509v3 Authority Key Identifier:
                keyid:57:94:AF:DB:5E:6A:18:85:78:09:20:A5:4F:FA:82:40:8E:A8:5B:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V5Sv215qGIV4CSClT_qCQI6oW6E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/ddce4d-9912-487d-b55d-47d82a41a8f3/1/nv9w6DT3cteZRPimbOcGWc8PdNs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/ddce4d-9912-487d-b55d-47d82a41a8f3/1/V5Sv215qGIV4CSClT_qCQI6oW6E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.236.236.0/22

    Signature Algorithm: sha256WithRSAEncryption
         82:38:9f:5c:e8:d8:01:0b:5a:ea:69:8e:3b:a7:99:91:ef:03:
         78:0d:10:10:b5:eb:2f:b5:79:89:e4:d3:70:07:be:84:4f:b0:
         66:fa:99:20:c7:1e:9a:60:d5:0a:7c:1f:7d:a4:a5:a0:3a:de:
         a4:6d:8f:bb:e9:db:5e:d3:5e:15:2d:63:29:81:7d:f4:17:af:
         7f:3d:1b:2e:04:bb:c7:85:4b:75:d4:09:97:4e:c1:50:6f:ad:
         59:3f:99:7d:ba:51:74:cb:b1:eb:08:f9:6b:28:0a:f0:ce:bb:
         95:4d:fb:53:b0:30:20:d7:6a:3c:5a:da:9a:db:41:ba:0a:6c:
         75:fa:cd:df:0c:92:54:89:76:35:79:88:79:4f:91:23:56:72:
         9e:44:88:05:b3:a7:6e:dc:e2:1c:58:4e:e0:a2:5f:82:e8:ef:
         09:74:01:fd:24:77:0e:5d:e6:68:3a:cb:95:23:d5:da:9d:a8:
         17:c8:87:a6:3f:35:da:cb:be:14:e3:cf:87:4e:88:d9:91:80:
         8d:4e:81:a5:85:fa:17:80:1e:3a:36:eb:fd:a0:f3:f0:b3:c6:
         77:b2:88:e4:2f:6a:56:0d:7c:4f:00:88:b7:c4:da:5a:9f:52:
         9d:65:3f:af:fd:9a:fd:89:d5:c9:a8:6a:e8:03:90:2e:b6:d9:
         f9:05:ec:c3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYWcCWNhZqlN6m3GMOlTbQYQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3OTRhZmRiNWU2YTE4ODU3ODA5MjBhNTRmZmE4MjQwOGVh
ODViYTEwHhcNMjMwMTEwMTQxNTM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWZmNzBlODM0Zjc3MmQ3OTk0NGY4YTY2Y2U3MDY1OWNmMGY3NGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoNI0Ekvtk/ZsRlBBEHliULmgkptn
JjzmSevLJo1nu5921yf+UF79UID83IEy+DVrXSUrkTkQ26tIRwSOMx4Y6mIoOC8F
MlUM/HPJHuSGQlH5Q+xsGV4YQ4tiwLx/KQj1SWdiczC7wckgtS+GTGmtZuf9OxP/
l5nWFtPEjl1En2NhYsQoMzBGTupbJ6yYtFdSsGk6vLyE5du3COb2eCAtVxvGDEbx
jpmfS16wJGJqsjDSwG3P6SO5OfjIWO2ZBxnGQ0t05XDQLe07+aRveK0HAPCZA4af
Rns4UXbnZ5vYK1g+kFEYyia61UoaKQBU4ZY4D7nvYEHjHX7TNQlFnWbhRwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ7/cOg093LXmUT4pmznBlnPD3TbMB8GA1UdIwQY
MBaAFFeUr9teahiFeAkgpU/6gkCOqFuhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjVTdjIxNXFHSVY0Q1NDbFRfcUNRSTZvVzZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9kZGNlNGQtOTkxMi00ODdkLWI1NWQt
NDdkODJhNDFhOGYzLzEvbnY5dzZEVDNjdGVaUlBpbWJPY0dXYzhQZE5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9kZGNlNGQtOTkxMi00ODdkLWI1NWQtNDdkODJhNDFhOGYz
LzEvVjVTdjIxNXFHSVY0Q1NDbFRfcUNRSTZvVzZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCsuzsMA0G
CSqGSIb3DQEBCwUAA4IBAQCCOJ9c6NgBC1rqaY47p5mR7wN4DRAQtesvtXmJ5NNw
B76ET7Bm+pkgxx6aYNUKfB99pKWgOt6kbY+76dte014VLWMpgX30F69/PRsuBLvH
hUt11AmXTsFQb61ZP5l9ulF0y7HrCPlrKArwzruVTftTsDAg12o8Wtqa20G6Cmx1
+s3fDJJUiXY1eYh5T5EjVnKeRIgFs6du3OIcWE7gol+C6O8JdAH9JHcOXeZoOsuV
I9XanagXyIemPzXay74U48+HTojZkYCNToGlhfoXgB46Nuv9oPPws8Z3sojkL2pW
DXxPAIi3xNpan1KdZT+v/Zr9idXJqGroA5Auttn5BezD
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:13 2024 by rpki-client on console-ams.rpki-client.org