Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/ROVjSkCi6nG083BSnkTIvjKVpps.roa
File:                     ROVjSkCi6nG083BSnkTIvjKVpps.roa (raw, json)
Hash identifier:          VXH9/HWIajTCr1e/s9zUwThdM/318Yn7SSK2GgF9nlM=
Subject key identifier:   44:E5:63:4A:40:A2:EA:71:B4:F3:70:52:9E:44:C8:BE:32:95:A6:9B
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       0185F1F080502A82A0FE252EA96BB3B07820
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/ROVjSkCi6nG083BSnkTIvjKVpps.roa
Signing time:             Fri 27 Jan 2023 06:35:48 +0000
ROA not before:           Fri 27 Jan 2023 06:35:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     136923
IP address blocks:        185.135.140.0/24 maxlen: 24
                          185.255.169.0/24 maxlen: 24
                          91.188.204.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 27 Feb 2023 08:28:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:f1:f0:80:50:2a:82:a0:fe:25:2e:a9:6b:b3:b0:78:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Jan 27 06:35:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=44e5634a40a2ea71b4f370529e44c8be3295a69b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:00:70:ef:71:72:54:45:3a:15:3c:5c:f9:b4:
                    c6:e9:fa:c0:70:0b:4f:f9:19:dd:89:7c:75:dc:1c:
                    2b:03:92:89:83:e9:b8:62:33:9d:3e:b1:a7:4b:9d:
                    49:c5:d2:fe:31:5d:bf:19:91:f9:06:3a:c7:c0:f6:
                    b2:3a:26:20:dd:f7:e6:60:d0:18:6d:94:90:a3:d2:
                    d4:3d:a6:19:5b:94:cc:99:a2:f2:9f:48:a6:77:f1:
                    5a:f7:52:b6:30:1f:eb:5b:8e:e2:47:bd:63:87:f5:
                    38:50:1b:a7:ff:30:03:21:20:a8:0b:f4:b6:7e:7e:
                    f6:cc:63:94:96:11:cc:4c:55:88:a5:94:ad:1b:fc:
                    da:f5:58:f8:c0:26:a1:16:ad:0b:0b:5e:2a:52:29:
                    9d:28:63:fc:88:b3:7c:51:1e:2f:8f:e3:b3:76:88:
                    1a:e8:2d:06:4f:dd:1d:2e:00:97:39:8e:39:9e:5c:
                    5b:72:f3:34:8a:77:46:e4:5a:f4:8c:90:9b:09:56:
                    68:7a:46:5d:0a:ea:12:51:53:5c:cd:e3:05:51:4a:
                    51:f9:24:db:af:f4:9b:89:e8:df:93:36:27:d7:32:
                    83:9a:06:a8:3f:43:9b:3a:f9:ce:7a:1f:ba:7f:ef:
                    a5:9c:82:30:bb:fd:e6:ac:7b:b7:04:df:24:98:17:
                    9e:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:E5:63:4A:40:A2:EA:71:B4:F3:70:52:9E:44:C8:BE:32:95:A6:9B
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/ROVjSkCi6nG083BSnkTIvjKVpps.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.188.204.0/24
                  185.135.140.0/24
                  185.255.169.0/24

    Signature Algorithm: sha256WithRSAEncryption
         49:f9:b6:56:ed:84:c4:77:3d:48:81:c0:ef:7a:62:fe:a6:b5:
         57:8b:20:41:57:89:62:07:96:93:50:81:84:96:a7:7c:85:e8:
         71:d3:9d:42:b3:12:98:16:5a:61:41:18:13:f7:0f:4f:45:61:
         39:d9:9e:26:1b:d9:c9:4e:0e:c7:f2:8f:8c:97:c5:32:4b:13:
         73:ec:d9:44:81:07:5f:ac:bf:79:9f:82:9a:6e:98:44:17:6f:
         10:96:7c:51:3c:ba:d8:23:ce:a7:60:2d:8d:0e:b8:f7:9b:15:
         4f:22:c5:72:63:6b:eb:f1:8b:02:97:ad:e2:49:40:a1:4d:35:
         7e:33:69:a0:2f:8f:63:a7:b2:f5:75:86:5b:d8:a4:d8:3a:73:
         d5:f7:31:fa:8b:c6:e0:fc:81:2e:94:5f:ce:e5:92:3e:a2:75:
         07:15:a2:d4:e6:e8:f9:b5:d7:e1:c8:af:3f:11:5c:0b:bc:11:
         57:45:9c:c9:6f:7b:ce:94:e4:68:98:d5:21:fe:a6:2d:c3:0a:
         e9:bd:8b:ef:eb:fb:27:71:48:ca:a9:3f:83:e9:1c:d5:9b:c4:
         c1:94:26:7d:62:37:10:fe:f2:a8:42:96:bb:fa:60:4a:eb:ae:
         9a:fd:ae:88:42:ac:ef:39:64:3f:cb:b4:9c:17:42:c0:51:80:
         83:18:58:ed
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYXx8IBQKoKg/iUuqWuzsHggMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMTI3MDYzNTQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGU1NjM0YTQwYTJlYTcxYjRmMzcwNTI5ZTQ0YzhiZTMyOTVhNjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmQBw73FyVEU6FTxc+bTG6frAcAtP
+RndiXx13BwrA5KJg+m4YjOdPrGnS51JxdL+MV2/GZH5BjrHwPayOiYg3ffmYNAY
bZSQo9LUPaYZW5TMmaLyn0imd/Fa91K2MB/rW47iR71jh/U4UBun/zADISCoC/S2
fn72zGOUlhHMTFWIpZStG/za9Vj4wCahFq0LC14qUimdKGP8iLN8UR4vj+Ozdoga
6C0GT90dLgCXOY45nlxbcvM0indG5Fr0jJCbCVZoekZdCuoSUVNczeMFUUpR+STb
r/SbiejfkzYn1zKDmgaoP0ObOvnOeh+6f++lnIIwu/3mrHu3BN8kmBee6QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFETlY0pAoupxtPNwUp5EyL4ylaabMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvUk9WalNrQ2k2bkcwODNCU25rVEl2aktWcHBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW7zMAwQA
uYeMAwQAuf+pMA0GCSqGSIb3DQEBCwUAA4IBAQBJ+bZW7YTEdz1IgcDvemL+prVX
iyBBV4liB5aTUIGElqd8hehx051CsxKYFlphQRgT9w9PRWE52Z4mG9nJTg7H8o+M
l8UySxNz7NlEgQdfrL95n4KabphEF28QlnxRPLrYI86nYC2NDrj3mxVPIsVyY2vr
8YsCl63iSUChTTV+M2mgL49jp7L1dYZb2KTYOnPV9zH6i8bg/IEulF/O5ZI+onUH
FaLU5uj5tdfhyK8/EVwLvBFXRZzJb3vOlORomNUh/qYtwwrpvYvv6/sncUjKqT+D
6RzVm8TBlCZ9YjcQ/vKoQpa7+mBK666a/a6IQqzvOWQ/y7ScF0LAUYCDGFjt
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:10 2024 by rpki-client on console-ams.rpki-client.org