Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/2krQxWSvzo4diVujWiCsbisOkjE.roa
File:                     2krQxWSvzo4diVujWiCsbisOkjE.roa (raw, json)
Hash identifier:          w33S0yL/cQckikaq+HVrm+8J+8tY5hTe5k2OwHovGfg=
Subject key identifier:   DA:4A:D0:C5:64:AF:CE:8E:1D:89:5B:A3:5A:20:AC:6E:2B:0E:92:31
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       018571030A816791B4210446DF06991B84C1
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/2krQxWSvzo4diVujWiCsbisOkjE.roa
Signing time:             Mon 02 Jan 2023 05:45:02 +0000
ROA not before:           Mon 02 Jan 2023 05:45:02 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     45929
IP address blocks:        185.245.112.0/22 maxlen: 22
                          195.38.4.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:30:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:03:0a:81:67:91:b4:21:04:46:df:06:99:1b:84:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Jan  2 05:45:02 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=da4ad0c564afce8e1d895ba35a20ac6e2b0e9231
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:9a:82:f6:cd:0b:ca:fe:59:a0:dc:e5:9b:2a:
                    7a:94:b2:b2:e1:ad:69:17:7e:19:a8:64:f0:c5:3a:
                    d9:61:fc:0e:4a:2c:85:f7:db:81:3a:ab:27:6b:e2:
                    86:85:47:c5:8a:de:03:1e:90:38:05:d4:7e:41:fb:
                    70:f2:81:46:1b:78:92:f9:9e:37:3b:be:ba:84:4d:
                    a7:ec:2d:42:e8:9d:a9:dd:c0:11:9d:0c:21:80:9f:
                    17:71:45:f2:d9:fb:62:66:55:3b:fb:f2:a3:77:50:
                    19:01:bb:3f:6e:a1:f0:99:e0:47:0d:64:60:0b:07:
                    e4:cc:91:b8:64:cc:95:16:c2:70:7d:97:6d:b3:73:
                    46:c0:97:23:70:db:ac:e7:4c:9c:d4:4d:8a:23:1d:
                    c2:dd:69:29:aa:58:bb:39:b4:33:21:c6:ca:31:17:
                    16:f3:0b:1c:2b:2d:bc:2d:b5:9f:c5:fa:e9:c6:60:
                    26:b1:55:84:19:0b:cd:58:05:db:53:8b:87:7a:99:
                    68:7b:5b:73:c4:5c:6e:26:54:9c:bb:6e:bf:58:57:
                    df:c1:7b:59:6b:70:76:9c:71:dc:fb:f6:84:ad:89:
                    dc:08:6a:86:e1:46:c7:cb:7c:ba:a3:be:30:25:fd:
                    d4:24:09:0c:48:84:c3:bb:b5:a2:8a:c3:21:c6:6f:
                    ed:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:4A:D0:C5:64:AF:CE:8E:1D:89:5B:A3:5A:20:AC:6E:2B:0E:92:31
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/2krQxWSvzo4diVujWiCsbisOkjE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.245.112.0/22
                  195.38.4.0/22

    Signature Algorithm: sha256WithRSAEncryption
         2e:7c:6d:0b:21:46:40:4e:f5:07:62:5d:48:a6:ef:c3:48:b4:
         05:ab:33:0f:8b:12:dd:2e:98:b4:7d:f8:a8:0a:a4:3d:01:bb:
         d9:97:c3:c0:96:a1:e8:52:b8:ec:92:80:36:16:1f:64:23:fa:
         35:d7:ae:08:d3:d3:ee:ac:38:02:4d:51:92:7d:cf:2e:3c:99:
         a3:b6:a9:ad:58:fa:95:5d:16:24:1a:18:72:1e:4e:86:37:0b:
         f9:ad:60:70:ec:86:9f:20:3f:c4:c5:fc:b9:69:a5:88:08:6b:
         96:0c:a0:22:19:e2:95:7d:a3:3f:4b:76:9a:d6:ff:5a:8c:86:
         9f:7f:50:13:97:40:0a:be:ae:1a:f2:07:83:0a:e8:ca:0e:fa:
         1a:c5:2b:98:35:b6:bf:58:cc:1f:fc:ea:aa:77:c2:14:f0:a2:
         57:87:01:4a:ba:6f:b2:39:7f:c4:aa:e0:b2:d5:d9:34:4d:c1:
         c2:19:02:f9:01:b0:27:ff:a7:23:ec:26:35:68:b8:8f:07:2a:
         58:ea:a9:b3:5d:fe:5b:89:63:70:a1:98:92:be:72:e2:b7:cb:
         d2:15:b9:4d:06:7d:b2:cf:4c:7e:3d:b4:3e:11:ca:47:77:89:
         10:3e:1b:97:8a:75:81:a0:7c:86:4f:fd:4b:f8:ef:49:fa:8f:
         89:8f:2b:a7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxAwqBZ5G0IQRG3waZG4TBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMTAyMDU0NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTRhZDBjNTY0YWZjZThlMWQ4OTViYTM1YTIwYWM2ZTJiMGU5MjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnZqC9s0Lyv5ZoNzlmyp6lLKy4a1p
F34ZqGTwxTrZYfwOSiyF99uBOqsna+KGhUfFit4DHpA4BdR+Qftw8oFGG3iS+Z43
O766hE2n7C1C6J2p3cARnQwhgJ8XcUXy2ftiZlU7+/Kjd1AZAbs/bqHwmeBHDWRg
CwfkzJG4ZMyVFsJwfZdts3NGwJcjcNus50yc1E2KIx3C3Wkpqli7ObQzIcbKMRcW
8wscKy28LbWfxfrpxmAmsVWEGQvNWAXbU4uHeploe1tzxFxuJlScu26/WFffwXtZ
a3B2nHHc+/aErYncCGqG4UbHy3y6o74wJf3UJAkMSITDu7WiisMhxm/tUwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNpK0MVkr86OHYlbo1ogrG4rDpIxMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvMmtyUXhXU3Z6bzRkaVZ1aldpQ3NiaXNPa2pFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCufVwAwQC
wyYEMA0GCSqGSIb3DQEBCwUAA4IBAQAufG0LIUZATvUHYl1Ipu/DSLQFqzMPixLd
Lpi0ffioCqQ9AbvZl8PAlqHoUrjskoA2Fh9kI/o1164I09PurDgCTVGSfc8uPJmj
tqmtWPqVXRYkGhhyHk6GNwv5rWBw7IafID/Exfy5aaWICGuWDKAiGeKVfaM/S3aa
1v9ajIaff1ATl0AKvq4a8geDCujKDvoaxSuYNba/WMwf/Oqqd8IU8KJXhwFKum+y
OX/EquCy1dk0TcHCGQL5AbAn/6cj7CY1aLiPBypY6qmzXf5biWNwoZiSvnLit8vS
FblNBn2yz0x+PbQ+EcpHd4kQPhuXinWBoHyGT/1L+O9J+o+Jjyun
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:08 2024 by rpki-client on console-ams.rpki-client.org