Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/4inR-rZwmo8PrZA2CObq3hLGkRY.roa
File:                     4inR-rZwmo8PrZA2CObq3hLGkRY.roa (raw, json)
Hash identifier:          9SfxtN+/FRK7UsMw+by+brbUwzHpP/d/BBRxIhlyMH0=
Subject key identifier:   E2:29:D1:FA:B6:70:9A:8F:0F:AD:90:36:08:E6:EA:DE:12:C6:91:16
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       018649E8074C605C45A146CEA04EED462A1A
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/4inR-rZwmo8PrZA2CObq3hLGkRY.roa
Signing time:             Mon 13 Feb 2023 08:33:08 +0000
ROA not before:           Mon 13 Feb 2023 08:33:08 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49581
IP address blocks:        89.36.23.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:30:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:49:e8:07:4c:60:5c:45:a1:46:ce:a0:4e:ed:46:2a:1a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Feb 13 08:33:08 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e229d1fab6709a8f0fad903608e6eade12c69116
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:89:ba:ad:d6:40:97:b6:96:fe:7f:c0:d8:f2:
                    8d:b1:ad:16:c3:40:df:44:67:11:ee:ac:0f:e3:89:
                    54:16:d4:32:82:f6:45:be:e7:94:aa:a5:80:04:13:
                    c3:19:e1:89:76:1f:3f:51:71:23:a2:f8:4b:69:5b:
                    bc:63:f5:50:93:3b:6a:65:af:60:61:28:7f:ea:50:
                    c7:58:28:7a:dd:57:4b:0f:d9:ad:e0:b8:7b:c1:c6:
                    e3:c9:bc:3a:e3:aa:9e:09:28:b8:0b:3b:af:18:f0:
                    99:bd:bf:1a:ee:87:2b:d8:0e:d8:79:43:3c:98:8e:
                    9e:c6:3b:f2:b9:85:7b:c1:f2:12:99:b3:e2:dd:a2:
                    d5:a3:55:f5:b0:c0:82:f9:ef:91:15:f3:0e:c3:72:
                    e9:3b:71:38:16:05:d3:fc:c6:99:db:7b:a4:3b:aa:
                    75:af:a9:22:0c:45:b1:68:4d:cb:a8:e6:09:ae:ad:
                    4b:5d:28:93:32:9a:54:99:f8:48:f2:39:1e:1b:c8:
                    20:15:b5:30:2d:3f:a4:0a:b0:cc:e5:0e:aa:86:99:
                    49:c6:49:9c:ac:0f:f6:e4:ac:5e:1a:79:4b:5c:61:
                    44:23:62:a8:67:68:f4:b2:69:af:39:a0:b3:96:66:
                    49:df:04:cf:5a:90:ef:13:65:11:b6:cb:79:e6:4b:
                    91:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:29:D1:FA:B6:70:9A:8F:0F:AD:90:36:08:E6:EA:DE:12:C6:91:16
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/4inR-rZwmo8PrZA2CObq3hLGkRY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.36.23.0/24

    Signature Algorithm: sha256WithRSAEncryption
         81:de:b2:3d:31:84:28:93:c9:ce:2c:55:ad:5f:7e:7c:02:ad:
         13:c1:eb:7e:51:ba:83:b1:7c:e6:99:10:61:4d:68:2d:62:e0:
         dc:30:a4:d9:29:c5:6c:10:db:e5:d6:c6:31:58:b8:27:19:8d:
         07:76:23:8d:f2:a6:f9:91:df:57:64:92:09:fd:da:4a:a2:ba:
         82:f4:43:6d:63:82:b0:f7:d4:1a:dc:9f:7f:f4:ae:a6:0b:b1:
         d2:5a:44:00:ae:26:eb:3f:da:3d:92:72:90:37:52:af:5c:ff:
         25:00:73:2c:16:a0:a7:32:47:92:d3:58:1a:fe:ca:e9:dd:77:
         38:88:35:12:c5:0d:5e:cf:c2:3f:7e:0b:32:64:c3:03:b2:34:
         bb:0a:7c:c1:79:fe:8c:bd:49:76:8b:ab:bf:b7:c8:13:25:0e:
         03:c4:c5:51:9f:ee:ba:aa:b2:2e:f7:d8:c7:90:bd:db:40:20:
         2e:15:35:fd:87:98:d9:b6:0d:86:62:ad:96:01:09:f7:41:6d:
         89:a6:00:82:88:fa:b6:f4:c6:55:ad:5e:7a:5b:56:0c:b7:88:
         d5:e0:fb:67:c7:03:a0:b0:3a:89:8c:7d:77:fd:dc:e2:e0:39:
         08:6c:86:62:14:44:d9:ab:a9:26:e9:50:a1:8a:9d:62:8d:8d:
         58:07:f4:96
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYZJ6AdMYFxFoUbOoE7tRioaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMjEzMDgzMzA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjI5ZDFmYWI2NzA5YThmMGZhZDkwMzYwOGU2ZWFkZTEyYzY5MTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArYm6rdZAl7aW/n/A2PKNsa0Ww0Df
RGcR7qwP44lUFtQygvZFvueUqqWABBPDGeGJdh8/UXEjovhLaVu8Y/VQkztqZa9g
YSh/6lDHWCh63VdLD9mt4Lh7wcbjybw646qeCSi4CzuvGPCZvb8a7ocr2A7YeUM8
mI6exjvyuYV7wfISmbPi3aLVo1X1sMCC+e+RFfMOw3LpO3E4FgXT/MaZ23ukO6p1
r6kiDEWxaE3LqOYJrq1LXSiTMppUmfhI8jkeG8ggFbUwLT+kCrDM5Q6qhplJxkmc
rA/25KxeGnlLXGFEI2KoZ2j0smmvOaCzlmZJ3wTPWpDvE2URtst55kuRIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOIp0fq2cJqPD62QNgjm6t4SxpEWMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvNGluUi1yWndtbzhQclpBMkNPYnEzaExHa1JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSQXMA0G
CSqGSIb3DQEBCwUAA4IBAQCB3rI9MYQok8nOLFWtX358Aq0Twet+UbqDsXzmmRBh
TWgtYuDcMKTZKcVsENvl1sYxWLgnGY0HdiON8qb5kd9XZJIJ/dpKorqC9ENtY4Kw
99Qa3J9/9K6mC7HSWkQAribrP9o9knKQN1KvXP8lAHMsFqCnMkeS01ga/srp3Xc4
iDUSxQ1ez8I/fgsyZMMDsjS7CnzBef6MvUl2i6u/t8gTJQ4DxMVRn+66qrIu99jH
kL3bQCAuFTX9h5jZtg2GYq2WAQn3QW2JpgCCiPq29MZVrV56W1YMt4jV4PtnxwOg
sDqJjH13/dzi4DkIbIZiFETZq6km6VChip1ijY1YB/SW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:44 2024 by rpki-client on console-fra.rpki-client.org