Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/OLxcUvFadwL9EDHyRgVAP53cVE8.roa
File:                     OLxcUvFadwL9EDHyRgVAP53cVE8.roa (raw, json)
Hash identifier:          pS+EMoHOi77bIACFbWuI8LqpNpXrZTcDSOSZEYeXSWA=
Subject key identifier:   38:BC:5C:52:F1:5A:77:02:FD:10:31:F2:46:05:40:3F:9D:DC:54:4F
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       018A854E856437C905199F2C0857FD2ABA82
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/OLxcUvFadwL9EDHyRgVAP53cVE8.roa
Signing time:             Mon 11 Sep 2023 17:33:50 +0000
ROA not before:           Mon 11 Sep 2023 17:33:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     199760
IP address blocks:        188.212.132.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 29 Sep 2023 04:44:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:85:4e:85:64:37:c9:05:19:9f:2c:08:57:fd:2a:ba:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Sep 11 17:33:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=38bc5c52f15a7702fd1031f24605403f9ddc544f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:5b:c9:5b:39:a3:4a:c6:4a:5a:bd:40:f7:37:
                    b4:6e:04:03:17:c5:62:0f:70:0c:75:fc:2a:bd:6b:
                    21:1d:b6:75:1e:9f:8c:1a:56:35:22:73:c0:e3:65:
                    e4:de:3e:2b:33:87:0b:e7:9f:62:51:eb:44:e8:65:
                    22:22:a1:0a:4e:66:2c:ef:57:7d:92:8f:e9:d6:56:
                    3f:24:cd:61:d3:65:2d:9c:fc:bc:cc:ef:7a:8c:51:
                    05:b1:53:c6:29:fa:d7:a5:e5:90:77:73:d6:ed:18:
                    ef:2d:78:e4:60:74:83:4e:c6:03:8c:92:dd:7c:44:
                    c8:95:fd:9c:c3:c6:6c:14:84:64:2a:b9:0b:cf:7b:
                    24:44:d7:75:9c:f4:d7:c1:32:e1:4c:e2:ff:ab:d6:
                    cf:10:9c:eb:65:19:0b:76:ee:cb:dc:26:d8:50:af:
                    dc:f6:a7:0f:76:ef:14:b0:3c:a1:54:c4:60:19:78:
                    a7:ca:79:da:74:1e:5f:7c:7d:1d:88:ac:3f:18:07:
                    e9:81:42:bc:dc:32:10:0a:67:2a:a1:c6:d8:78:d7:
                    c2:f4:41:91:fa:aa:b1:ac:d2:d1:e0:24:72:90:18:
                    24:35:67:f3:17:cf:af:ed:9f:93:5e:c2:42:ee:bc:
                    f9:b1:e5:f7:13:2f:30:de:c4:bc:0b:47:79:0f:b2:
                    b0:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:BC:5C:52:F1:5A:77:02:FD:10:31:F2:46:05:40:3F:9D:DC:54:4F
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/OLxcUvFadwL9EDHyRgVAP53cVE8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.212.132.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6e:6d:68:fa:3b:c9:c2:69:4c:e0:af:70:02:7d:02:1c:b5:08:
         12:75:74:46:0a:89:d5:9a:da:15:c9:3b:9e:17:3b:64:fd:0f:
         cc:26:69:98:7c:a6:60:23:d8:2b:e9:b6:65:53:7c:73:0f:8d:
         8b:54:be:e6:ec:99:8f:ee:fc:b6:01:3b:7a:a7:50:a6:94:fa:
         e8:18:b9:13:2e:bf:a1:41:17:90:74:48:68:df:16:01:f6:c1:
         ec:5f:45:30:e5:bb:be:74:43:6e:14:4d:ed:2e:2c:a8:99:bc:
         1a:1d:88:21:6b:60:9b:d5:89:61:2e:c2:43:1f:f0:4d:f9:40:
         0b:b1:65:b4:61:19:88:59:c5:ae:ed:0d:47:65:7e:3c:3b:6b:
         2a:8d:bb:44:b5:da:3b:01:e7:61:2c:85:3f:82:94:d7:21:88:
         81:00:90:f7:81:89:8a:2e:2d:19:2d:16:83:3d:c7:0b:ec:d7:
         2a:90:a3:76:d7:73:6b:5b:24:9a:54:73:04:23:0c:68:2f:d2:
         0e:dc:fc:2d:50:f5:16:c5:85:71:d4:8e:90:ee:98:86:3f:57:
         8f:ac:26:71:da:34:7b:e3:b3:45:70:67:62:45:d1:95:b2:bc:
         82:35:e8:43:b7:03:30:dc:d3:2e:e3:40:f2:c8:1f:a1:e9:13:
         09:1b:98:90
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYqFToVkN8kFGZ8sCFf9KrqCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwOTExMTczMzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGJjNWM1MmYxNWE3NzAyZmQxMDMxZjI0NjA1NDAzZjlkZGM1NDRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArVvJWzmjSsZKWr1A9ze0bgQDF8Vi
D3AMdfwqvWshHbZ1Hp+MGlY1InPA42Xk3j4rM4cL559iUetE6GUiIqEKTmYs71d9
ko/p1lY/JM1h02UtnPy8zO96jFEFsVPGKfrXpeWQd3PW7RjvLXjkYHSDTsYDjJLd
fETIlf2cw8ZsFIRkKrkLz3skRNd1nPTXwTLhTOL/q9bPEJzrZRkLdu7L3CbYUK/c
9qcPdu8UsDyhVMRgGXinynnadB5ffH0diKw/GAfpgUK83DIQCmcqocbYeNfC9EGR
+qqxrNLR4CRykBgkNWfzF8+v7Z+TXsJC7rz5seX3Ey8w3sS8C0d5D7Kw7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDi8XFLxWncC/RAx8kYFQD+d3FRPMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvT0x4Y1V2RmFkd0w5RURIeVJnVkFQNTNjVkU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvNSEMA0G
CSqGSIb3DQEBCwUAA4IBAQBubWj6O8nCaUzgr3ACfQIctQgSdXRGConVmtoVyTue
Fztk/Q/MJmmYfKZgI9gr6bZlU3xzD42LVL7m7JmP7vy2ATt6p1CmlProGLkTLr+h
QReQdEho3xYB9sHsX0Uw5bu+dENuFE3tLiyombwaHYgha2Cb1YlhLsJDH/BN+UAL
sWW0YRmIWcWu7Q1HZX48O2sqjbtEtdo7AedhLIU/gpTXIYiBAJD3gYmKLi0ZLRaD
PccL7NcqkKN213NrWySaVHMEIwxoL9IO3PwtUPUWxYVx1I6Q7piGP1ePrCZx2jR7
47NFcGdiRdGVsryCNehDtwMw3NMu40DyyB+h6RMJG5iQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:10 2024 by rpki-client on console-ams.rpki-client.org