Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/99d2w_CIJC6ObNCUCOWT1Cet2bs.roa
File:                     99d2w_CIJC6ObNCUCOWT1Cet2bs.roa (raw, json)
Hash identifier:          xj1dmbjBetukitBfrctjL16lTDKDcWsicap7JdbTRvo=
Subject key identifier:   F7:D7:76:C3:F0:88:24:2E:8E:6C:D0:94:08:E5:93:D4:27:AD:D9:BB
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       018C5E6D17332D6A898E76C538FA56E2CA08
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/99d2w_CIJC6ObNCUCOWT1Cet2bs.roa
Signing time:             Tue 12 Dec 2023 14:27:36 +0000
ROA not before:           Tue 12 Dec 2023 14:27:36 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     57043
IP address blocks:        188.212.132.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:30:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:5e:6d:17:33:2d:6a:89:8e:76:c5:38:fa:56:e2:ca:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Dec 12 14:27:36 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f7d776c3f088242e8e6cd09408e593d427add9bb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:b2:58:86:37:a3:83:3f:9e:51:19:1e:ef:df:
                    78:25:73:e9:e0:15:2d:c7:ea:84:27:6c:5c:36:1a:
                    d1:b9:46:6c:44:ee:2b:6c:15:d5:3f:5f:0f:b5:30:
                    86:31:7c:6e:cb:7f:60:07:50:98:1b:c3:06:d9:5d:
                    6a:30:e7:46:5d:6d:7c:83:eb:86:b1:62:eb:84:56:
                    04:29:b9:f8:e1:b1:02:7f:63:e1:8f:d3:47:15:d9:
                    de:ad:71:32:d8:e5:b8:fd:17:fd:f2:0a:9f:94:0f:
                    6b:f1:ee:2f:b1:bb:48:df:5f:21:c9:e8:cb:c9:6e:
                    30:1a:62:af:6e:32:a8:50:02:1f:e4:65:e6:75:b0:
                    8c:7b:89:ec:b9:d4:da:ce:72:57:b8:b4:de:04:8c:
                    38:53:82:4e:f5:ad:c6:1a:8a:53:47:08:4e:9e:ec:
                    03:95:4c:7a:b1:e5:51:82:db:6c:c4:09:33:df:2d:
                    89:52:2b:ba:80:6e:d3:fe:0c:55:75:82:d1:86:12:
                    ed:cc:38:41:12:40:a4:fb:e4:17:0c:91:e8:4f:9a:
                    f7:b0:74:1d:8e:f6:1c:0a:75:88:b6:d6:64:e3:2c:
                    8d:d5:6b:f6:f0:63:2e:3f:25:57:49:a5:d2:f8:1e:
                    e9:57:d7:17:10:c6:51:2f:73:b0:df:0f:6b:44:fd:
                    f3:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:D7:76:C3:F0:88:24:2E:8E:6C:D0:94:08:E5:93:D4:27:AD:D9:BB
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/99d2w_CIJC6ObNCUCOWT1Cet2bs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.212.132.0/24

    Signature Algorithm: sha256WithRSAEncryption
         39:2d:85:b3:b0:75:58:05:cf:0f:18:df:b9:a6:e1:fb:d5:3b:
         c0:ba:bd:cb:9e:02:15:e8:ab:34:57:03:a5:75:ab:20:6d:e5:
         c8:cc:6a:0c:ca:3d:87:0d:ee:f7:52:0a:02:4a:57:24:09:51:
         b4:f4:02:9b:b3:d4:3f:69:98:68:8c:fb:cc:24:96:3b:18:2b:
         a3:a1:93:58:ab:8c:fe:e6:c3:51:06:b0:b3:59:38:4b:f2:fe:
         15:6a:91:c5:8c:a1:89:37:a9:e9:93:5b:96:61:e4:ed:53:3f:
         50:59:55:aa:c6:a8:76:52:02:6f:7b:77:c8:ab:da:13:7f:df:
         59:27:97:8b:83:87:4d:b3:cc:74:bb:02:2d:ea:c4:14:0a:ae:
         f4:90:78:9d:d4:0d:6b:21:44:58:88:de:89:3f:b0:0f:cf:ef:
         c4:54:f6:ee:d3:4e:70:7d:f9:6a:33:e8:c7:6b:e3:aa:fc:f2:
         68:ef:d9:d1:40:8e:9f:3b:84:bb:4b:d0:36:5e:03:f0:53:dc:
         e8:e1:7b:f0:5b:43:42:a1:c8:e5:24:bb:a9:2e:d2:6f:7c:5c:
         44:1a:dc:5b:75:2a:3e:cd:8d:8b:39:b8:89:e4:01:03:9c:c0:
         9e:d6:33:ad:6e:ee:98:7f:91:e5:50:6b:56:22:58:35:8a:04:
         85:fa:6e:5a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxebRczLWqJjnbFOPpW4soIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMjEyMTQyNzM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2Q3NzZjM2YwODgyNDJlOGU2Y2QwOTQwOGU1OTNkNDI3YWRkOWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiLJYhjejgz+eURke7994JXPp4BUt
x+qEJ2xcNhrRuUZsRO4rbBXVP18PtTCGMXxuy39gB1CYG8MG2V1qMOdGXW18g+uG
sWLrhFYEKbn44bECf2Phj9NHFdnerXEy2OW4/Rf98gqflA9r8e4vsbtI318hyejL
yW4wGmKvbjKoUAIf5GXmdbCMe4nsudTaznJXuLTeBIw4U4JO9a3GGopTRwhOnuwD
lUx6seVRgttsxAkz3y2JUiu6gG7T/gxVdYLRhhLtzDhBEkCk++QXDJHoT5r3sHQd
jvYcCnWIttZk4yyN1Wv28GMuPyVXSaXS+B7pV9cXEMZRL3Ow3w9rRP3zzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPfXdsPwiCQujmzQlAjlk9Qnrdm7MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvOTlkMndfQ0lKQzZPYk5DVUNPV1QxQ2V0MmJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvNSEMA0G
CSqGSIb3DQEBCwUAA4IBAQA5LYWzsHVYBc8PGN+5puH71TvAur3LngIV6Ks0VwOl
dasgbeXIzGoMyj2HDe73UgoCSlckCVG09AKbs9Q/aZhojPvMJJY7GCujoZNYq4z+
5sNRBrCzWThL8v4VapHFjKGJN6npk1uWYeTtUz9QWVWqxqh2UgJve3fIq9oTf99Z
J5eLg4dNs8x0uwIt6sQUCq70kHid1A1rIURYiN6JP7APz+/EVPbu005wfflqM+jH
a+Oq/PJo79nRQI6fO4S7S9A2XgPwU9zo4XvwW0NCocjlJLupLtJvfFxEGtxbdSo+
zY2LObiJ5AEDnMCe1jOtbu6Yf5HlUGtWIlg1igSF+m5a
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:44 2024 by rpki-client on console-fra.rpki-client.org