Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/74AYvUaJhYIqjwTc43D4nifIqgs.roa
File:                     74AYvUaJhYIqjwTc43D4nifIqgs.roa (raw, json)
Hash identifier:          neg2YPtEAX2JQNvopMqONt19JovZGPw4u0Ww/13Z1nk=
Subject key identifier:   EF:80:18:BD:46:89:85:82:2A:8F:04:DC:E3:70:F8:9E:27:C8:AA:0B
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       018612F5E5112D77EB3A73D14468CD5A6FA7
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/74AYvUaJhYIqjwTc43D4nifIqgs.roa
Signing time:             Thu 02 Feb 2023 16:29:10 +0000
ROA not before:           Thu 02 Feb 2023 16:29:10 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     17447
IP address blocks:        213.232.92.0/24 maxlen: 24
                          89.34.126.0/24 maxlen: 24
                          94.176.111.0/24 maxlen: 24
                          188.240.224.0/24 maxlen: 24
                          185.238.8.0/24 maxlen: 24
                          185.238.11.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 08 Feb 2023 05:15:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:12:f5:e5:11:2d:77:eb:3a:73:d1:44:68:cd:5a:6f:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Feb  2 16:29:10 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ef8018bd468985822a8f04dce370f89e27c8aa0b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:0c:0f:e5:35:df:f6:78:29:bf:4d:27:a6:ad:
                    b5:e8:c2:47:84:17:d4:60:2e:8d:75:15:6e:04:bb:
                    7f:b8:50:2e:5c:c3:ef:fb:82:c0:b6:32:9b:8d:4e:
                    4e:d8:25:cc:49:fd:b4:81:8f:36:c8:88:ae:85:1a:
                    ff:cb:5b:12:80:d7:08:eb:55:84:97:fc:1c:eb:bb:
                    4b:65:a0:98:f7:dc:c0:2c:86:bd:10:4f:e9:00:7f:
                    a0:0e:6d:41:02:a7:e9:ec:5b:e9:66:5e:25:f3:8b:
                    8a:24:60:f7:9f:13:95:3d:e7:39:a3:57:e1:fb:4b:
                    c7:3b:e7:cf:36:d3:97:78:9f:4a:6d:90:c2:a7:f8:
                    a2:0f:7f:b7:e3:49:dc:b8:87:a3:ff:36:6d:48:22:
                    75:90:d2:f9:e3:cb:71:51:1d:e7:7d:74:96:9a:9e:
                    1b:5b:0d:c6:5d:fa:4e:2c:5f:cd:78:02:67:12:ec:
                    58:fb:09:11:8c:b8:c0:bd:e8:72:94:04:bd:7a:3b:
                    4c:30:47:19:46:c2:06:e1:48:31:31:fe:10:01:df:
                    b2:3d:15:71:59:17:13:70:6a:0f:35:89:a9:42:26:
                    cc:4e:60:04:6e:21:c3:7c:5d:0d:c9:a9:3c:1f:b0:
                    c8:b9:0f:ab:56:43:8f:07:b6:e9:35:1e:38:95:70:
                    99:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:80:18:BD:46:89:85:82:2A:8F:04:DC:E3:70:F8:9E:27:C8:AA:0B
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/74AYvUaJhYIqjwTc43D4nifIqgs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.34.126.0/24
                  94.176.111.0/24
                  185.238.8.0/24
                  185.238.11.0/24
                  188.240.224.0/24
                  213.232.92.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5a:0a:77:7b:e9:71:69:32:ca:8b:89:ce:19:07:c3:39:a0:b5:
         56:f4:e5:dc:d4:92:dd:d6:d8:97:2b:ea:5a:15:95:b7:a6:1f:
         b2:b0:9c:35:23:3a:c7:e6:12:98:95:f0:9c:af:b0:c0:c3:aa:
         c4:6c:89:07:de:da:53:ef:3c:5e:e8:4d:44:14:18:b7:9c:6d:
         a4:eb:c3:54:ea:a8:97:05:15:ae:06:14:22:0a:4a:26:b1:7e:
         4c:97:e9:95:72:b0:6a:5f:95:72:ed:af:39:76:c4:72:b4:1a:
         4e:a6:b5:4f:ff:e9:1d:c7:96:95:ec:5f:67:84:c4:64:85:70:
         f2:7f:ee:ec:9a:63:ae:ef:24:94:16:cf:56:61:fb:9c:b3:66:
         ac:c1:70:d6:32:8a:e7:bb:e6:50:5e:7c:45:be:11:1c:af:9c:
         f5:a9:8e:7a:c3:c2:50:6e:96:52:15:ef:43:f6:0e:97:3e:47:
         24:fa:9f:32:60:f6:4b:2b:be:bf:3c:87:bb:c4:83:22:63:b1:
         eb:37:7b:94:fc:55:fd:63:fd:a3:64:3d:5c:cb:61:ee:15:81:
         ec:0c:43:de:d7:fc:8f:0a:91:aa:88:70:dd:92:f1:b3:5d:65:
         6d:22:8c:3d:3e:da:72:34:a6:ce:22:52:80:e8:26:8e:7d:7f:
         d3:2d:52:d7
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYYS9eURLXfrOnPRRGjNWm+nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMjAyMTYyOTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjgwMThiZDQ2ODk4NTgyMmE4ZjA0ZGNlMzcwZjg5ZTI3YzhhYTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6QwP5TXf9ngpv00npq216MJHhBfU
YC6NdRVuBLt/uFAuXMPv+4LAtjKbjU5O2CXMSf20gY82yIiuhRr/y1sSgNcI61WE
l/wc67tLZaCY99zALIa9EE/pAH+gDm1BAqfp7FvpZl4l84uKJGD3nxOVPec5o1fh
+0vHO+fPNtOXeJ9KbZDCp/iiD3+340ncuIej/zZtSCJ1kNL548txUR3nfXSWmp4b
Ww3GXfpOLF/NeAJnEuxY+wkRjLjAvehylAS9ejtMMEcZRsIG4UgxMf4QAd+yPRVx
WRcTcGoPNYmpQibMTmAEbiHDfF0Nyak8H7DIuQ+rVkOPB7bpNR44lXCZEQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFO+AGL1GiYWCKo8E3ONw+J4nyKoLMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvNzRBWXZVYUpoWUlxandUYzQzRDRuaWZJcWdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAWSJ+AwQA
XrBvAwQAue4IAwQAue4LAwQAvPDgAwQA1ehcMA0GCSqGSIb3DQEBCwUAA4IBAQBa
Cnd76XFpMsqLic4ZB8M5oLVW9OXc1JLd1tiXK+paFZW3ph+ysJw1IzrH5hKYlfCc
r7DAw6rEbIkH3tpT7zxe6E1EFBi3nG2k68NU6qiXBRWuBhQiCkomsX5Ml+mVcrBq
X5Vy7a85dsRytBpOprVP/+kdx5aV7F9nhMRkhXDyf+7smmOu7ySUFs9WYfucs2as
wXDWMornu+ZQXnxFvhEcr5z1qY56w8JQbpZSFe9D9g6XPkck+p8yYPZLK76/PIe7
xIMiY7HrN3uU/FX9Y/2jZD1cy2HuFYHsDEPe1/yPCpGqiHDdkvGzXWVtIow9Ptpy
NKbOIlKA6CaOfX/TLVLX
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:08 2024 by rpki-client on console-ams.rpki-client.org