Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/ScK2EXq8K2Ia5G3VGA-kAQqnYS4.roa
File:                     ScK2EXq8K2Ia5G3VGA-kAQqnYS4.roa (raw, json)
Hash identifier:          u6C+ADMTapwfA7x35l+0SlBz6ovJyaezi3XthyeMIm0=
Subject key identifier:   49:C2:B6:11:7A:BC:2B:62:1A:E4:6D:D5:18:0F:A4:01:0A:A7:61:2E
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       018764E63A9CFC57E63075F5DCEE6DE26795
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/ScK2EXq8K2Ia5G3VGA-kAQqnYS4.roa
Signing time:             Sun 09 Apr 2023 07:23:42 +0000
ROA not before:           Sun 09 Apr 2023 07:23:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     7411
IP address blocks:        89.33.85.0/24 maxlen: 24
                          188.240.232.0/24 maxlen: 24
                          188.240.233.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 18 Apr 2023 17:36:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:64:e6:3a:9c:fc:57:e6:30:75:f5:dc:ee:6d:e2:67:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Apr  9 07:23:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=49c2b6117abc2b621ae46dd5180fa4010aa7612e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:0c:b7:79:54:bc:eb:1a:59:ae:f4:ef:2e:5f:
                    86:56:47:02:b8:f9:ef:37:ea:91:31:3d:e2:bf:05:
                    8b:88:f5:1e:32:93:39:57:43:be:e1:5e:ac:51:35:
                    49:2d:f1:02:4a:b3:31:56:f8:1c:c2:fc:ec:1c:32:
                    69:4e:45:6a:84:da:24:6e:f0:04:37:31:4b:5f:ac:
                    8d:ac:f8:d6:45:4c:b9:dc:3f:df:f3:dd:57:18:a3:
                    2c:1d:10:2a:bf:b1:b5:4c:20:0a:b4:c9:b9:fb:89:
                    a2:19:eb:36:d4:3a:06:16:25:2c:2e:6b:83:00:53:
                    43:76:4e:91:9c:8d:93:a7:cc:82:60:e4:74:76:b4:
                    29:21:78:5b:d3:fc:60:ea:59:71:c2:4a:8d:cb:d2:
                    4f:cd:6d:84:72:42:21:4b:f6:d0:47:82:0b:ee:34:
                    cc:3b:ba:1a:20:b1:ec:bc:95:2e:2b:03:3c:ea:ca:
                    01:84:08:99:d7:61:2f:c6:d0:9b:1b:69:51:4e:fd:
                    39:f3:0b:f8:60:96:f9:3b:fb:a7:72:5d:3f:28:8f:
                    e4:db:ea:16:94:3c:d7:a2:11:3c:3c:d3:b4:db:ab:
                    e5:db:7c:3d:27:ae:d1:1e:70:a6:e8:33:8d:83:ad:
                    ab:0f:5e:51:75:3c:d7:b8:a5:cd:6d:f6:a4:18:ff:
                    c1:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:C2:B6:11:7A:BC:2B:62:1A:E4:6D:D5:18:0F:A4:01:0A:A7:61:2E
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/ScK2EXq8K2Ia5G3VGA-kAQqnYS4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.33.85.0/24
                  188.240.232.0/23

    Signature Algorithm: sha256WithRSAEncryption
         96:21:7f:e8:9b:4d:21:f1:88:c6:12:e4:4b:7d:3d:87:ef:31:
         dc:4b:bb:91:9b:b6:61:26:43:eb:83:fd:da:52:6b:26:05:78:
         89:83:21:17:d7:c5:1a:db:25:f2:03:bb:61:9c:b7:8c:82:72:
         1c:6a:a0:54:7c:7f:1e:52:e4:09:c8:40:76:95:a5:88:90:61:
         d9:a5:c5:3c:6b:25:fe:fa:3e:70:b3:8f:10:45:b0:6b:70:3a:
         19:4d:46:38:58:37:c6:d3:ee:ec:35:50:53:02:0a:14:8c:69:
         f0:68:0f:5a:d3:24:64:7a:29:2a:2f:d6:b7:6f:93:f6:74:99:
         58:47:22:04:6f:68:6b:05:01:84:ac:df:3f:5d:83:2c:10:ec:
         e3:55:d0:08:c7:a6:c3:1a:5f:21:c9:eb:c6:06:ea:73:78:26:
         28:8b:9e:80:1c:bf:af:fd:bf:aa:99:5f:49:c1:14:4b:a9:2f:
         29:42:e7:5f:62:a1:ba:d8:d8:a2:1a:d9:63:d6:16:d8:c8:0e:
         3e:d8:b7:3c:fd:c3:54:75:43:95:96:03:9f:df:64:78:76:94:
         be:13:e0:9f:1d:6f:ab:cf:8b:54:ff:1d:25:49:ad:08:49:42:
         0d:6e:56:ec:b3:c6:29:57:08:c6:47:98:7d:69:32:91:37:8e:
         0e:0b:de:4c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYdk5jqc/FfmMHX13O5t4meVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNDA5MDcyMzQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWMyYjYxMTdhYmMyYjYyMWFlNDZkZDUxODBmYTQwMTBhYTc2MTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAggy3eVS86xpZrvTvLl+GVkcCuPnv
N+qRMT3ivwWLiPUeMpM5V0O+4V6sUTVJLfECSrMxVvgcwvzsHDJpTkVqhNokbvAE
NzFLX6yNrPjWRUy53D/f891XGKMsHRAqv7G1TCAKtMm5+4miGes21DoGFiUsLmuD
AFNDdk6RnI2Tp8yCYOR0drQpIXhb0/xg6llxwkqNy9JPzW2EckIhS/bQR4IL7jTM
O7oaILHsvJUuKwM86soBhAiZ12EvxtCbG2lRTv058wv4YJb5O/uncl0/KI/k2+oW
lDzXohE8PNO026vl23w9J67RHnCm6DONg62rD15RdTzXuKXNbfakGP/BFwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEnCthF6vCtiGuRt1RgPpAEKp2EuMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvU2NLMkVYcThLMklhNUczVkdBLWtBUXFuWVM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWSFVAwQB
vPDoMA0GCSqGSIb3DQEBCwUAA4IBAQCWIX/om00h8YjGEuRLfT2H7zHcS7uRm7Zh
JkPrg/3aUmsmBXiJgyEX18Ua2yXyA7thnLeMgnIcaqBUfH8eUuQJyEB2laWIkGHZ
pcU8ayX++j5ws48QRbBrcDoZTUY4WDfG0+7sNVBTAgoUjGnwaA9a0yRkeikqL9a3
b5P2dJlYRyIEb2hrBQGErN8/XYMsEOzjVdAIx6bDGl8hyevGBupzeCYoi56AHL+v
/b+qmV9JwRRLqS8pQudfYqG62NiiGtlj1hbYyA4+2Lc8/cNUdUOVlgOf32R4dpS+
E+CfHW+rz4tU/x0lSa0ISUINblbss8YpVwjGR5h9aTKRN44OC95M
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:11 2024 by rpki-client on console-ams.rpki-client.org