Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/6HbgJXzCrN-hHBpsznpHRN2ZqXE.roa
File:                     6HbgJXzCrN-hHBpsznpHRN2ZqXE.roa (raw, json)
Hash identifier:          nWAWFg1GA9pPbu+LlUwEfJS0GQPKt+Ro2AwmpjlecG0=
Subject key identifier:   E8:76:E0:25:7C:C2:AC:DF:A1:1C:1A:6C:CE:7A:47:44:DD:99:A9:71
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       0186B62372062DE51E0DD2456950BD8E296F
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/6HbgJXzCrN-hHBpsznpHRN2ZqXE.roa
Signing time:             Mon 06 Mar 2023 08:57:01 +0000
ROA not before:           Mon 06 Mar 2023 08:57:01 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212477
IP address blocks:        45.141.203.0/24 maxlen: 24
                          45.141.200.0/23 maxlen: 24
                          185.35.136.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Fri 10 Mar 2023 10:18:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:b6:23:72:06:2d:e5:1e:0d:d2:45:69:50:bd:8e:29:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Mar  6 08:57:01 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e876e0257cc2acdfa11c1a6cce7a4744dd99a971
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:aa:9d:43:ee:97:78:07:ae:17:81:a3:43:bd:
                    08:a1:03:8e:cb:63:f1:86:ff:13:9b:6d:6d:99:0c:
                    9d:11:de:39:04:b2:d6:5e:7e:ec:2f:84:69:ae:4c:
                    d7:89:a9:4e:81:ca:73:dd:89:fe:ed:2d:70:c7:62:
                    ad:77:6b:fc:f5:d5:2c:69:8a:af:b5:52:55:58:b9:
                    04:f0:4a:d0:4c:59:bc:6e:4f:cb:7e:15:7e:1a:80:
                    6b:8e:74:d0:93:fc:17:cf:e6:f7:6b:20:07:2f:74:
                    53:8c:97:2d:8d:9d:98:e7:f4:8a:6f:f4:7c:14:37:
                    63:ae:a3:1a:f4:e4:14:18:41:ca:9b:c4:8a:6d:ec:
                    6d:9e:e9:1e:49:7a:ec:20:45:de:3b:a9:1c:b8:df:
                    14:3b:a2:e1:17:1b:26:5f:c4:e8:d1:da:8f:2e:c3:
                    22:ca:8e:e4:25:b9:9d:c5:3e:aa:4e:4d:5a:8f:75:
                    4e:6b:1b:3a:6d:08:69:c0:72:d5:71:c6:c5:b9:f0:
                    4e:df:f8:4b:36:da:89:cd:0b:16:46:65:4c:96:07:
                    56:0e:6b:86:fe:17:bd:1e:6d:ca:81:31:48:9b:c0:
                    14:af:18:9e:bd:6e:ed:62:98:15:ae:ec:85:12:f4:
                    f0:50:59:8d:1e:3a:3b:fa:81:d9:25:11:51:15:a9:
                    ef:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:76:E0:25:7C:C2:AC:DF:A1:1C:1A:6C:CE:7A:47:44:DD:99:A9:71
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/6HbgJXzCrN-hHBpsznpHRN2ZqXE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.141.200.0/23
                  45.141.203.0/24
                  185.35.136.0/23

    Signature Algorithm: sha256WithRSAEncryption
         91:7f:cf:60:32:81:08:d3:5d:88:fd:15:df:cf:23:ba:ce:f1:
         00:c7:81:24:7f:5e:e5:ee:46:ab:0f:a7:bd:cb:dd:d9:16:1b:
         d5:3a:d7:c3:9e:60:da:b0:9b:92:1c:d3:f3:79:7b:4a:9b:e5:
         b4:92:2f:fb:cd:c0:81:cc:0b:b8:74:67:81:2a:24:57:a8:37:
         13:70:7a:b0:29:c9:87:5d:d7:c9:50:44:e0:64:3d:b5:f8:44:
         be:10:b2:fc:58:68:89:6b:07:39:ef:5d:49:bf:c2:6a:52:d5:
         dd:0f:14:14:b9:16:26:22:21:21:fe:0f:9e:29:06:82:11:f7:
         7b:6d:d2:ac:e1:46:96:9f:5c:30:4f:7a:28:43:70:47:4e:51:
         5c:fc:79:00:5d:2f:36:e2:f2:68:05:1e:48:dc:74:62:63:d5:
         51:af:86:dc:cf:a8:1b:66:d8:04:39:89:ef:6f:ad:14:03:b9:
         20:19:4b:4a:cf:1c:1e:9e:2e:79:eb:db:f6:30:67:b9:e0:97:
         ea:be:81:d4:ce:46:0f:e7:83:fc:ca:95:30:56:3e:7f:47:c0:
         b7:76:08:de:5e:77:d7:8c:b2:a7:92:d8:f4:52:dc:77:4f:1c:
         23:05:9c:36:6a:3c:74:8c:35:1b:ef:79:1f:52:b4:a6:7e:94:
         96:b0:3b:13
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYa2I3IGLeUeDdJFaVC9jilvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMzA2MDg1NzAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODc2ZTAyNTdjYzJhY2RmYTExYzFhNmNjZTdhNDc0NGRkOTlhOTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw6qdQ+6XeAeuF4GjQ70IoQOOy2Px
hv8Tm21tmQydEd45BLLWXn7sL4RprkzXialOgcpz3Yn+7S1wx2Ktd2v89dUsaYqv
tVJVWLkE8ErQTFm8bk/LfhV+GoBrjnTQk/wXz+b3ayAHL3RTjJctjZ2Y5/SKb/R8
FDdjrqMa9OQUGEHKm8SKbextnukeSXrsIEXeO6kcuN8UO6LhFxsmX8To0dqPLsMi
yo7kJbmdxT6qTk1aj3VOaxs6bQhpwHLVccbFufBO3/hLNtqJzQsWRmVMlgdWDmuG
/he9Hm3KgTFIm8AUrxievW7tYpgVruyFEvTwUFmNHjo7+oHZJRFRFanvkQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOh24CV8wqzfoRwabM56R0TdmalxMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvNkhiZ0pYekNyTi1oSEJwc3pucEhSTjJacVhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBLY3IAwQA
LY3LAwQBuSOIMA0GCSqGSIb3DQEBCwUAA4IBAQCRf89gMoEI012I/RXfzyO6zvEA
x4Ekf17l7karD6e9y93ZFhvVOtfDnmDasJuSHNPzeXtKm+W0ki/7zcCBzAu4dGeB
KiRXqDcTcHqwKcmHXdfJUETgZD21+ES+ELL8WGiJawc5711Jv8JqUtXdDxQUuRYm
IiEh/g+eKQaCEfd7bdKs4UaWn1wwT3ooQ3BHTlFc/HkAXS824vJoBR5I3HRiY9VR
r4bcz6gbZtgEOYnvb60UA7kgGUtKzxweni5569v2MGe54JfqvoHUzkYP54P8ypUw
Vj5/R8C3dgjeXnfXjLKnktj0Utx3TxwjBZw2ajx0jDUb73kfUrSmfpSWsDsT
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:08 2024 by rpki-client on console-ams.rpki-client.org