Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Vz0gtqlJY8sraW6ktbACErZkQIk.roa
File:                     Vz0gtqlJY8sraW6ktbACErZkQIk.roa (raw, json)
Hash identifier:          /jV8Jck46R/fnQpkF6gwgaBp2Pvgmlt/iRY7ZOvyEUw=
Subject key identifier:   57:3D:20:B6:A9:49:63:CB:2B:69:6E:A4:B5:B0:02:12:B6:64:40:89
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       0188B82BE34DD175228A2B148CF2CDF40256
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Vz0gtqlJY8sraW6ktbACErZkQIk.roa
Signing time:             Wed 14 Jun 2023 04:31:03 +0000
ROA not before:           Wed 14 Jun 2023 04:31:03 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207459
IP address blocks:        188.240.68.0/24 maxlen: 24
                          188.212.132.0/24 maxlen: 24
                          188.212.159.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 04 Jul 2023 12:55:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:b8:2b:e3:4d:d1:75:22:8a:2b:14:8c:f2:cd:f4:02:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Jun 14 04:31:03 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=573d20b6a94963cb2b696ea4b5b00212b6644089
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:37:81:a3:9d:2f:40:67:8b:f1:ef:82:5d:9c:
                    a4:68:13:36:fd:99:cf:08:b0:1e:f0:e2:ec:21:38:
                    07:39:7d:39:66:16:e3:9c:29:26:da:54:25:11:87:
                    f4:91:63:d5:de:d9:cc:7f:f2:4b:45:7d:57:b4:ad:
                    8c:8e:e3:c4:a6:51:51:77:ee:06:d0:f9:24:2a:6e:
                    98:a7:8e:ab:d2:bf:69:a6:18:8e:72:41:e9:f2:df:
                    7c:83:b9:a7:f6:51:9c:40:9e:e2:ed:74:d1:be:f8:
                    fa:0f:2f:07:61:2f:8c:07:48:e4:90:a5:49:1b:f1:
                    91:2c:5c:46:a0:c6:87:12:5f:5b:83:5c:ec:c4:1e:
                    71:1c:a4:10:ed:be:74:39:a4:91:55:8f:5f:20:5f:
                    5a:fe:35:dc:3e:f1:54:ab:5c:73:65:f8:90:59:b1:
                    1b:a1:55:61:a5:b3:55:eb:f4:51:0a:82:a0:14:44:
                    00:aa:e1:4d:06:de:e3:8d:e6:14:a0:1e:a2:1f:fa:
                    42:b1:e7:b9:88:45:02:12:d2:98:e0:98:10:11:cf:
                    20:d2:93:93:25:fb:25:f8:b5:1f:b3:e2:ab:b2:d0:
                    33:69:a9:0a:d9:82:92:ca:9e:de:2d:25:69:20:a1:
                    ff:94:d3:8e:5a:b0:f4:be:94:1f:db:b8:69:d6:bd:
                    da:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:3D:20:B6:A9:49:63:CB:2B:69:6E:A4:B5:B0:02:12:B6:64:40:89
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Vz0gtqlJY8sraW6ktbACErZkQIk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.212.132.0/24
                  188.212.159.0/24
                  188.240.68.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5b:91:c7:cc:28:d3:87:2c:63:e3:74:87:51:4b:df:ff:13:00:
         24:c6:9a:f2:2b:9f:b2:78:a6:11:c9:69:69:3b:6d:6c:98:5d:
         de:f0:b3:b5:c8:bd:21:af:f6:db:e6:91:5b:59:9b:e7:c6:b4:
         a0:d9:72:ba:27:bb:f8:a6:de:96:48:ad:15:46:32:1d:40:21:
         b9:11:f4:6a:46:30:fe:49:cf:2f:81:83:e4:e9:80:46:a2:bf:
         8d:ab:b6:af:e3:53:74:90:d7:96:37:b7:33:5f:24:ad:7e:1e:
         20:5b:99:e0:9d:7f:57:e4:c3:e4:65:8e:29:d4:4c:dd:e5:26:
         51:42:fe:7d:cf:90:79:8a:7f:04:84:23:39:e9:2d:b7:49:94:
         40:f5:01:5a:68:aa:22:66:90:66:6f:c4:ae:54:7d:c6:69:32:
         7d:aa:73:68:a5:9b:b8:63:54:64:cd:85:43:65:b9:62:c6:3e:
         83:0c:53:4a:4e:69:2f:e9:80:f6:bb:df:3f:0b:5a:d1:26:25:
         43:dd:ec:f5:c4:8e:3e:4b:b4:90:27:cb:39:5a:08:6d:cb:7c:
         4f:88:d3:7c:ff:28:07:b1:49:cb:eb:7a:ec:9d:29:4a:9f:5b:
         6c:23:e1:d1:51:8f:d5:25:f9:c3:f1:d6:d1:bc:94:58:65:d9:
         34:9f:7c:10
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYi4K+NN0XUiiisUjPLN9AJWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNjE0MDQzMTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzNkMjBiNmE5NDk2M2NiMmI2OTZlYTRiNWIwMDIxMmI2NjQ0MDg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhTeBo50vQGeL8e+CXZykaBM2/ZnP
CLAe8OLsITgHOX05ZhbjnCkm2lQlEYf0kWPV3tnMf/JLRX1XtK2MjuPEplFRd+4G
0PkkKm6Yp46r0r9pphiOckHp8t98g7mn9lGcQJ7i7XTRvvj6Dy8HYS+MB0jkkKVJ
G/GRLFxGoMaHEl9bg1zsxB5xHKQQ7b50OaSRVY9fIF9a/jXcPvFUq1xzZfiQWbEb
oVVhpbNV6/RRCoKgFEQAquFNBt7jjeYUoB6iH/pCsee5iEUCEtKY4JgQEc8g0pOT
Jfsl+LUfs+KrstAzaakK2YKSyp7eLSVpIKH/lNOOWrD0vpQf27hp1r3aywIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFc9ILapSWPLK2lupLWwAhK2ZECJMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvVnowZ3RxbEpZOHNyYVc2a3RiQUNFclprUUlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAvNSEAwQA
vNSfAwQAvPBEMA0GCSqGSIb3DQEBCwUAA4IBAQBbkcfMKNOHLGPjdIdRS9//EwAk
xpryK5+yeKYRyWlpO21smF3e8LO1yL0hr/bb5pFbWZvnxrSg2XK6J7v4pt6WSK0V
RjIdQCG5EfRqRjD+Sc8vgYPk6YBGor+Nq7av41N0kNeWN7czXyStfh4gW5ngnX9X
5MPkZY4p1Ezd5SZRQv59z5B5in8EhCM56S23SZRA9QFaaKoiZpBmb8SuVH3GaTJ9
qnNopZu4Y1RkzYVDZblixj6DDFNKTmkv6YD2u98/C1rRJiVD3ez1xI4+S7SQJ8s5
Wghty3xPiNN8/ygHsUnL63rsnSlKn1tsI+HRUY/VJfnD8dbRvJRYZdk0n3wQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:46 2024 by rpki-client on console-fra.rpki-client.org