Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/Nw1_nwE6VSg3UyHOcgKcUvot5o4.roa
File:                     Nw1_nwE6VSg3UyHOcgKcUvot5o4.roa (raw, json)
Hash identifier:          yHnrmDarZvFQaGzniAk1kEgl5WeOHNX4MAyvf2cKFUE=
Subject key identifier:   37:0D:7F:9F:01:3A:55:28:37:53:21:CE:72:02:9C:52:FA:2D:E6:8E
Certificate issuer:       /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial:       018E514ADF4ED7BD5C6805E88A2EFE10D8F7
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/Nw1_nwE6VSg3UyHOcgKcUvot5o4.roa
Signing time:             Mon 18 Mar 2024 11:20:45 +0000
ROA not before:           Mon 18 Mar 2024 11:20:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     22341
IP address blocks:        87.107.8.0/21 maxlen: 24

Validation:               Failed, certificate revoked on Mon 18 Mar 2024 15:33:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:51:4a:df:4e:d7:bd:5c:68:05:e8:8a:2e:fe:10:d8:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
        Validity
            Not Before: Mar 18 11:20:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=370d7f9f013a5528375321ce72029c52fa2de68e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:e5:e0:21:03:5d:54:dc:0b:c8:af:cc:2b:f0:
                    ef:df:8a:6c:6e:7a:3b:50:43:99:8b:09:e2:f2:50:
                    60:31:59:65:82:36:c7:2e:f6:ef:02:6f:59:0f:26:
                    d2:29:46:95:97:29:3d:a6:72:e0:58:e3:3c:b4:59:
                    ee:38:10:12:c5:e1:11:36:9b:c6:03:60:b2:cd:02:
                    ac:8a:8f:4b:4c:d6:30:c6:ad:e8:be:80:4b:0f:45:
                    44:6a:05:b9:16:23:b9:ab:69:77:f3:42:5d:f8:03:
                    a8:63:ba:7c:82:9d:1c:33:e6:3f:57:1d:10:46:b4:
                    ef:c2:b5:a3:d4:da:f7:a9:95:d7:b9:bd:3f:b0:f2:
                    f2:8e:07:71:38:df:1b:b0:ea:fa:10:aa:bb:f0:5b:
                    7b:97:c4:88:20:99:7e:88:f2:f7:b7:2f:99:15:a9:
                    7e:22:ea:6f:9f:84:7b:0c:a9:44:0d:f8:75:85:be:
                    65:f8:03:c2:fa:71:63:93:09:53:85:e3:60:c1:4a:
                    9a:b1:8c:a2:a4:b8:f2:db:62:58:bb:fe:3f:f0:a8:
                    26:c6:7f:08:a8:64:9a:ee:3c:0d:f1:45:18:fa:a6:
                    05:18:b2:04:e0:a3:57:19:ba:02:f5:ca:b4:f0:cd:
                    6b:42:51:a9:b6:e6:23:5d:a2:48:ec:22:fb:4b:1f:
                    29:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:0D:7F:9F:01:3A:55:28:37:53:21:CE:72:02:9C:52:FA:2D:E6:8E
            X509v3 Authority Key Identifier:
                keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/Nw1_nwE6VSg3UyHOcgKcUvot5o4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  87.107.8.0/21

    Signature Algorithm: sha256WithRSAEncryption
         61:18:cc:74:ad:44:e2:ad:91:b0:ab:c9:f6:03:e2:ce:da:dc:
         30:4d:ef:90:31:9a:8e:1d:22:0b:8c:fc:61:b4:3f:5e:e5:ed:
         9f:98:a4:bf:09:55:d4:aa:f9:13:c8:62:6f:de:3e:6d:67:7d:
         2b:0f:63:e7:86:79:28:6a:47:57:cc:cb:08:ec:6b:82:2e:7a:
         7f:06:2f:31:17:f1:87:39:6a:0d:e6:0c:bc:7c:5e:05:9b:90:
         75:58:40:8c:f3:21:66:13:d4:9a:7c:07:30:28:24:1c:cb:1c:
         79:2f:f9:3c:ca:d2:55:77:20:25:bd:55:a1:21:24:07:7f:59:
         da:9f:42:ec:c7:73:ca:0f:ff:20:57:4a:d7:f3:95:a9:55:a7:
         e8:31:8c:45:67:ba:b4:3b:48:f6:36:5b:17:67:56:7f:5b:99:
         c9:d4:5f:c9:7f:22:38:26:f0:17:61:13:f1:66:1a:34:9b:90:
         20:47:82:e5:a0:4b:5a:2a:68:25:00:34:e2:e1:03:54:bb:eb:
         fb:df:21:37:ac:d1:9e:6b:4f:e4:58:5f:a8:6b:f1:41:a8:c4:
         4d:d3:ab:6c:52:0f:67:b1:4e:ee:20:04:89:e7:e8:24:c2:40:
         87:c8:77:b4:6b:c7:db:83:33:72:e3:d8:91:4e:2f:63:ec:ee:
         67:83:52:8e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY5RSt9O171caAXoii7+ENj3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzc1ZDk0NzFiODVkOTYzZmVmNmQyODM1OTBlMmQ5NDJk
ZDVjMjEwHhcNMjQwMzE4MTEyMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzBkN2Y5ZjAxM2E1NTI4Mzc1MzIxY2U3MjAyOWM1MmZhMmRlNjhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAneXgIQNdVNwLyK/MK/Dv34psbno7
UEOZiwni8lBgMVllgjbHLvbvAm9ZDybSKUaVlyk9pnLgWOM8tFnuOBASxeERNpvG
A2CyzQKsio9LTNYwxq3ovoBLD0VEagW5FiO5q2l380Jd+AOoY7p8gp0cM+Y/Vx0Q
RrTvwrWj1Nr3qZXXub0/sPLyjgdxON8bsOr6EKq78Ft7l8SIIJl+iPL3ty+ZFal+
Iupvn4R7DKlEDfh1hb5l+APC+nFjkwlTheNgwUqasYyipLjy22JYu/4/8Kgmxn8I
qGSa7jwN8UUY+qYFGLIE4KNXGboC9cq08M1rQlGptuYjXaJI7CL7Sx8p7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDcNf58BOlUoN1MhznICnFL6LeaOMB8GA1UdIwQY
MBaAFAB3XZRxuF2WP+9tKDWQ4tlC3VwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQt
NzZiMzNlNGNlODIxLzEvTncxX253RTZWU2czVXlIT2NnS2NVdm90NW80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQtNzZiMzNlNGNlODIx
LzEvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDV2sIMA0G
CSqGSIb3DQEBCwUAA4IBAQBhGMx0rUTirZGwq8n2A+LO2twwTe+QMZqOHSILjPxh
tD9e5e2fmKS/CVXUqvkTyGJv3j5tZ30rD2PnhnkoakdXzMsI7GuCLnp/Bi8xF/GH
OWoN5gy8fF4Fm5B1WECM8yFmE9SafAcwKCQcyxx5L/k8ytJVdyAlvVWhISQHf1na
n0Lsx3PKD/8gV0rX85WpVafoMYxFZ7q0O0j2NlsXZ1Z/W5nJ1F/JfyI4JvAXYRPx
Zho0m5AgR4LloEtaKmglADTi4QNUu+v73yE3rNGea0/kWF+oa/FBqMRN06tsUg9n
sU7uIASJ5+gkwkCHyHe0a8fbgzNy49iRTi9j7O5ng1KO
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:56 2024 by rpki-client on console-fra.rpki-client.org