Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Rw56N7axWM7njRR9JHcxm2WaZyQ.roa
File:                     Rw56N7axWM7njRR9JHcxm2WaZyQ.roa (raw, json)
Hash identifier:          qRsMlfReSETY3sAvk+fWLj8u1MRViKJVjduG7Ai29mk=
Subject key identifier:   47:0E:7A:37:B6:B1:58:CE:E7:8D:14:7D:24:77:31:9B:65:9A:67:24
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       018571031F9822BEF5F34E93856FFED5B80D
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Rw56N7axWM7njRR9JHcxm2WaZyQ.roa
Signing time:             Mon 02 Jan 2023 05:45:08 +0000
ROA not before:           Mon 02 Jan 2023 05:45:08 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212396
IP address blocks:        185.150.1.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:30:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:03:1f:98:22:be:f5:f3:4e:93:85:6f:fe:d5:b8:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Jan  2 05:45:08 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=470e7a37b6b158cee78d147d2477319b659a6724
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:92:cb:c9:b2:f5:20:ab:58:a5:dd:d1:36:01:
                    2f:ed:ba:2a:f2:71:55:66:c1:0c:9a:9b:66:54:a1:
                    16:4e:50:da:7d:18:3b:39:d4:cf:1f:0c:28:90:26:
                    08:f0:eb:b7:62:9a:20:d6:43:56:24:8a:67:93:a6:
                    49:9b:c5:92:59:b5:9a:bc:4c:d5:70:75:7e:64:5d:
                    b3:76:56:21:ca:3f:f8:a1:79:c8:6b:22:3f:1c:10:
                    8b:e9:24:12:9d:6e:26:a3:2e:a6:13:ab:b9:c6:0b:
                    18:5a:98:b8:81:43:b7:d8:d4:07:df:c7:35:24:48:
                    95:08:cf:f3:31:8b:dc:9c:c6:ab:23:90:a3:2d:60:
                    6b:3a:b7:f8:c3:3d:4f:57:5d:6a:3a:97:09:7c:af:
                    9f:ef:ae:73:4a:2f:73:e2:e2:c2:9a:be:35:ae:1c:
                    9b:8f:00:05:f7:7d:25:2f:e3:75:8b:15:b7:bd:87:
                    3d:29:d8:52:9b:b5:3f:9e:e0:84:d6:02:b9:3c:03:
                    78:41:e8:e9:4d:42:31:5b:ed:19:3f:2f:03:93:98:
                    77:79:65:15:ab:01:d2:35:47:df:99:65:c1:b8:df:
                    de:1d:af:47:76:50:0b:93:be:61:f9:a8:a1:ca:9f:
                    77:ca:64:97:d8:12:7e:70:39:3a:07:75:7b:c9:41:
                    ac:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:0E:7A:37:B6:B1:58:CE:E7:8D:14:7D:24:77:31:9B:65:9A:67:24
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Rw56N7axWM7njRR9JHcxm2WaZyQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.150.1.0/24

    Signature Algorithm: sha256WithRSAEncryption
         77:43:01:e5:4e:4e:a1:8b:23:45:36:e8:33:e4:a3:0a:87:f9:
         3f:c2:d6:de:d0:0c:32:cd:13:15:a7:5a:96:df:de:37:80:7b:
         66:4f:40:a4:48:cc:b0:23:6f:3d:d6:23:98:cf:95:67:88:c3:
         d0:9a:82:fb:01:12:4f:c3:f6:47:10:41:7a:9e:cd:3f:e9:ca:
         92:b8:d0:18:03:c4:64:e6:bc:29:af:ff:44:9d:f9:77:bf:aa:
         2b:2d:a3:f5:ca:a7:6a:2c:d5:a3:cd:77:c4:79:fc:8a:c6:51:
         4c:f6:e2:68:ff:9b:f2:ec:96:1b:ea:b7:89:e5:7a:4e:7e:6f:
         21:26:f7:ed:93:b4:87:47:8a:e9:10:5c:59:cb:10:3f:f9:d0:
         b3:b4:6f:2b:fd:5f:e0:ea:47:60:3d:81:98:03:fb:c2:91:ef:
         07:71:ca:b6:61:62:ed:eb:3d:1b:b3:b2:7d:96:85:13:dc:a3:
         5f:d2:8d:2c:63:63:58:9e:3a:b3:31:2d:35:88:73:7b:73:4d:
         ee:c1:d7:ee:48:36:10:1c:02:12:9d:13:08:be:22:3a:7e:9e:
         64:7a:54:00:d4:5e:7a:df:57:03:00:52:94:bd:c5:dc:10:70:
         02:d1:95:0b:2f:f7:09:2c:fa:a2:08:50:b2:ee:90:f3:8c:0e:
         5c:81:e5:e5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxAx+YIr71806ThW/+1bgNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMTAyMDU0NTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzBlN2EzN2I2YjE1OGNlZTc4ZDE0N2QyNDc3MzE5YjY1OWE2NzI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZLLybL1IKtYpd3RNgEv7boq8nFV
ZsEMmptmVKEWTlDafRg7OdTPHwwokCYI8Ou3Ypog1kNWJIpnk6ZJm8WSWbWavEzV
cHV+ZF2zdlYhyj/4oXnIayI/HBCL6SQSnW4moy6mE6u5xgsYWpi4gUO32NQH38c1
JEiVCM/zMYvcnMarI5CjLWBrOrf4wz1PV11qOpcJfK+f765zSi9z4uLCmr41rhyb
jwAF930lL+N1ixW3vYc9KdhSm7U/nuCE1gK5PAN4QejpTUIxW+0ZPy8Dk5h3eWUV
qwHSNUffmWXBuN/eHa9HdlALk75h+aihyp93ymSX2BJ+cDk6B3V7yUGsZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEcOeje2sVjO540UfSR3MZtlmmckMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvUnc1Nk43YXhXTTdualJSOUpIY3htMldhWnlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZYBMA0G
CSqGSIb3DQEBCwUAA4IBAQB3QwHlTk6hiyNFNugz5KMKh/k/wtbe0AwyzRMVp1qW
3943gHtmT0CkSMywI2891iOYz5VniMPQmoL7ARJPw/ZHEEF6ns0/6cqSuNAYA8Rk
5rwpr/9Enfl3v6orLaP1yqdqLNWjzXfEefyKxlFM9uJo/5vy7JYb6reJ5XpOfm8h
Jvftk7SHR4rpEFxZyxA/+dCztG8r/V/g6kdgPYGYA/vCke8Hccq2YWLt6z0bs7J9
loUT3KNf0o0sY2NYnjqzMS01iHN7c03uwdfuSDYQHAISnRMIviI6fp5kelQA1F56
31cDAFKUvcXcEHAC0ZULL/cJLPqiCFCy7pDzjA5cgeXl
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:11 2024 by rpki-client on console-ams.rpki-client.org