Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/SpcOoi9stCtJbP0F_LUcFfGHeow.roa
File:                     SpcOoi9stCtJbP0F_LUcFfGHeow.roa (raw, json)
Hash identifier:          Exp4hw8Bu01DjtLNxPxRTHMpw/9j+IqEsxLlsL2nvfU=
Subject key identifier:   4A:97:0E:A2:2F:6C:B4:2B:49:6C:FD:05:FC:B5:1C:15:F1:87:7A:8C
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       018BB32D6224A398AFA8C5068D6C807936BB
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/SpcOoi9stCtJbP0F_LUcFfGHeow.roa
Signing time:             Thu 09 Nov 2023 08:22:57 +0000
ROA not before:           Thu 09 Nov 2023 08:22:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     199760
IP address blocks:        188.241.242.0/24 maxlen: 24
                          188.212.158.0/24 maxlen: 24
                          188.241.182.0/24 maxlen: 24
                          89.33.84.0/24 maxlen: 24
                          93.115.109.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 09 Nov 2023 15:18:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:b3:2d:62:24:a3:98:af:a8:c5:06:8d:6c:80:79:36:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Nov  9 08:22:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4a970ea22f6cb42b496cfd05fcb51c15f1877a8c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:d5:aa:4f:63:ff:ae:0f:fe:0a:5b:dc:b8:44:
                    19:5f:56:5b:cb:93:96:14:a6:2e:8c:7e:d8:48:8f:
                    fc:43:d4:69:e4:4f:dc:e7:61:40:02:3b:dc:60:4d:
                    aa:0b:94:83:b6:dd:d3:7c:1c:0c:4e:aa:4c:74:c2:
                    42:3f:f3:9f:0c:00:15:43:41:03:e0:70:44:5c:be:
                    08:26:3e:d0:5e:cd:8f:d9:e0:2a:c6:e5:d7:70:12:
                    78:54:20:f1:57:f6:d9:3e:34:97:bb:6a:b2:f3:7f:
                    ec:41:56:28:e5:97:c2:71:39:bb:30:d5:6b:24:d8:
                    40:0d:02:8d:f7:09:8d:f0:f9:4a:4f:0d:2a:04:54:
                    06:be:24:d8:90:02:d8:b5:2a:18:9e:8c:c3:3e:a5:
                    fb:d7:3a:53:a5:5f:5e:9f:f0:ec:b2:e5:b5:60:77:
                    e4:9a:b6:d2:2c:b7:5a:d8:5e:ac:01:a8:09:d7:df:
                    5f:bb:db:8a:74:db:59:59:b7:e8:87:c8:c3:51:2a:
                    ca:e2:b1:5e:9e:45:30:40:02:c3:7d:ce:22:92:f3:
                    96:47:05:b7:48:88:ef:a4:50:8e:6c:da:a4:e5:e4:
                    0e:17:80:f7:37:bd:ab:9d:8e:ce:a8:ae:5c:00:d6:
                    46:31:c1:77:7f:b0:df:b6:57:bf:e2:43:41:4a:72:
                    6f:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:97:0E:A2:2F:6C:B4:2B:49:6C:FD:05:FC:B5:1C:15:F1:87:7A:8C
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/SpcOoi9stCtJbP0F_LUcFfGHeow.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.33.84.0/24
                  93.115.109.0/24
                  188.212.158.0/24
                  188.241.182.0/24
                  188.241.242.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7d:a5:08:2b:5c:05:68:31:8b:5c:3a:e2:b9:87:ab:34:a4:b1:
         0c:42:44:a1:68:26:46:28:56:e0:f5:c2:b0:35:29:27:e1:bf:
         74:ea:0a:58:21:a4:6e:83:eb:87:4c:fd:63:9d:ec:b4:36:52:
         19:da:41:fe:a7:ee:ba:b6:63:b3:02:32:8c:7b:9d:48:c7:d4:
         02:79:21:6a:8d:ec:09:a6:23:de:d1:36:66:79:02:68:3e:58:
         77:56:fd:8b:73:aa:20:bc:e0:e1:50:c4:67:a1:d2:66:5a:e0:
         52:c9:1b:aa:93:08:e7:02:93:73:24:47:37:94:6b:59:9e:a0:
         3e:26:63:5d:9b:3d:68:7b:ca:43:c1:9b:1d:53:e6:d7:84:d8:
         6b:4a:e6:a6:e7:57:ed:e8:55:3b:72:8f:e3:e1:7f:36:7a:4f:
         16:c8:1a:dc:f7:08:06:6a:37:8f:ea:67:5a:1f:4b:4f:73:53:
         3e:ff:9a:2a:c7:dc:20:41:3a:04:35:fd:de:d4:3c:7f:c1:61:
         06:21:4e:7b:21:a7:68:d7:1e:3d:28:a4:2e:cd:ba:a8:6f:1b:
         a2:49:cb:e9:f9:9b:eb:28:04:70:ef:2f:ee:64:69:76:ef:bb:
         cd:41:48:3e:a0:32:1d:dd:1f:51:ee:47:cb:2b:b6:d5:78:1a:
         15:37:3a:31
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYuzLWIko5ivqMUGjWyAeTa7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMTA5MDgyMjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTk3MGVhMjJmNmNiNDJiNDk2Y2ZkMDVmY2I1MWMxNWYxODc3YThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApNWqT2P/rg/+ClvcuEQZX1Zby5OW
FKYujH7YSI/8Q9Rp5E/c52FAAjvcYE2qC5SDtt3TfBwMTqpMdMJCP/OfDAAVQ0ED
4HBEXL4IJj7QXs2P2eAqxuXXcBJ4VCDxV/bZPjSXu2qy83/sQVYo5ZfCcTm7MNVr
JNhADQKN9wmN8PlKTw0qBFQGviTYkALYtSoYnozDPqX71zpTpV9en/DssuW1YHfk
mrbSLLda2F6sAagJ199fu9uKdNtZWbfoh8jDUSrK4rFenkUwQALDfc4ikvOWRwW3
SIjvpFCObNqk5eQOF4D3N72rnY7OqK5cANZGMcF3f7Dftle/4kNBSnJvtQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFEqXDqIvbLQrSWz9Bfy1HBXxh3qMMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvU3BjT29pOXN0Q3RKYlAwRl9MVWNGZkdIZW93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAWSFUAwQA
XXNtAwQAvNSeAwQAvPG2AwQAvPHyMA0GCSqGSIb3DQEBCwUAA4IBAQB9pQgrXAVo
MYtcOuK5h6s0pLEMQkShaCZGKFbg9cKwNSkn4b906gpYIaRug+uHTP1jney0NlIZ
2kH+p+66tmOzAjKMe51Ix9QCeSFqjewJpiPe0TZmeQJoPlh3Vv2Lc6ogvODhUMRn
odJmWuBSyRuqkwjnApNzJEc3lGtZnqA+JmNdmz1oe8pDwZsdU+bXhNhrSuam51ft
6FU7co/j4X82ek8WyBrc9wgGajeP6mdaH0tPc1M+/5oqx9wgQToENf3e1Dx/wWEG
IU57Iado1x49KKQuzbqobxuiScvp+ZvrKARw7y/uZGl277vNQUg+oDId3R9R7kfL
K7bVeBoVNzox
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:11 2024 by rpki-client on console-ams.rpki-client.org