Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/WN8nGUvREwexC6xk9F5CJOFRtto.roa
File:                     WN8nGUvREwexC6xk9F5CJOFRtto.roa (raw, json)
Hash identifier:          Ku6mUHnsTOkSxDw+hMAHkvvBVckcNyAzNm862iM2DpQ=
Subject key identifier:   58:DF:27:19:4B:D1:13:07:B1:0B:AC:64:F4:5E:42:24:E1:51:B6:DA
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       0188F166F836D07C05C31382E9F3745CAF2A
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/WN8nGUvREwexC6xk9F5CJOFRtto.roa
Signing time:             Sun 25 Jun 2023 07:13:57 +0000
ROA not before:           Sun 25 Jun 2023 07:13:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204721
IP address blocks:        188.212.133.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:30:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:f1:66:f8:36:d0:7c:05:c3:13:82:e9:f3:74:5c:af:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Jun 25 07:13:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=58df27194bd11307b10bac64f45e4224e151b6da
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:58:b0:7c:6a:76:04:1b:b5:f2:b8:5b:69:c0:
                    20:f8:8f:b7:b1:4a:f5:fa:ab:34:5e:5e:47:02:d7:
                    33:ae:6a:f3:d4:42:99:63:f3:4a:10:6d:64:9c:f0:
                    92:ba:fa:07:a3:ef:29:5c:59:fe:9f:27:ee:cb:80:
                    84:c3:6f:64:29:bd:95:ad:ff:af:93:97:e1:24:e9:
                    6c:f8:0b:c4:10:f4:32:01:cf:5d:b3:aa:3a:4c:a3:
                    c7:90:cc:99:4a:6f:d1:c1:94:1c:7c:fa:dc:aa:12:
                    ff:f8:f5:83:68:59:b1:f6:43:31:c2:c7:6c:d1:37:
                    d0:fb:58:ec:0f:ab:fc:61:f1:9d:0b:8b:53:6a:1d:
                    bc:9f:73:2b:9b:16:ab:0c:05:10:11:7b:a7:bb:c7:
                    df:49:b1:63:9c:37:26:db:4c:e5:8a:f1:69:e2:48:
                    8e:1e:24:c6:39:6e:7c:df:db:e2:61:ed:97:2e:0d:
                    67:ee:23:6c:73:ba:31:f1:15:97:a1:27:e0:5b:3a:
                    ca:ac:a0:8e:8b:2a:cb:ab:d8:62:da:b1:88:5f:6f:
                    ac:f8:50:ca:60:0e:63:16:d3:ea:a1:ba:c3:0e:b0:
                    b4:a1:ee:97:35:7a:d6:d5:d5:b2:4a:01:85:95:f5:
                    e2:8e:40:f9:ad:72:91:01:40:36:76:7a:ca:21:0e:
                    e6:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:DF:27:19:4B:D1:13:07:B1:0B:AC:64:F4:5E:42:24:E1:51:B6:DA
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/WN8nGUvREwexC6xk9F5CJOFRtto.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.212.133.0/24

    Signature Algorithm: sha256WithRSAEncryption
         63:3b:35:47:73:91:8a:f6:d8:51:62:96:ce:90:1d:71:d7:40:
         34:2a:2c:38:d1:b6:c2:f0:ac:5c:59:3d:e3:e5:db:6e:bc:db:
         14:8e:72:a7:9c:29:fd:b6:8f:3a:48:54:9c:ef:fd:ed:0a:d2:
         61:66:88:e8:df:43:01:d4:33:ae:bf:46:bc:0e:fb:ec:e0:15:
         56:7a:56:80:12:80:8e:de:99:c6:97:36:34:f5:a3:d5:88:9f:
         d8:7f:28:bc:bd:b9:64:f1:cf:33:3e:01:65:5b:dc:c7:7a:d5:
         af:11:44:1a:14:b5:ef:71:f5:3e:9a:aa:36:8f:12:ef:c4:5d:
         cf:80:a9:2f:8d:06:bc:50:37:95:58:ce:0a:95:36:94:e6:6c:
         9d:45:df:87:90:53:bf:03:53:1a:84:7e:56:4e:09:cb:95:50:
         f1:33:d5:dd:92:cb:8d:37:e2:60:bb:d4:00:5f:37:d0:58:00:
         8d:08:c3:18:bd:0f:ea:ba:1d:57:02:02:2c:b8:56:47:a2:a1:
         97:d4:14:b4:68:21:0f:ba:c4:e2:39:ce:7f:fe:87:e1:f5:80:
         9a:70:d8:cf:70:9a:2e:56:71:3c:e9:30:f1:34:fd:f7:02:a9:
         47:4d:22:97:dc:97:36:48:61:1b:f4:ef:3e:75:91:d4:32:75:
         d5:89:eb:20
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYjxZvg20HwFwxOC6fN0XK8qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNjI1MDcxMzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGRmMjcxOTRiZDExMzA3YjEwYmFjNjRmNDVlNDIyNGUxNTFiNmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsViwfGp2BBu18rhbacAg+I+3sUr1
+qs0Xl5HAtczrmrz1EKZY/NKEG1knPCSuvoHo+8pXFn+nyfuy4CEw29kKb2Vrf+v
k5fhJOls+AvEEPQyAc9ds6o6TKPHkMyZSm/RwZQcfPrcqhL/+PWDaFmx9kMxwsds
0TfQ+1jsD6v8YfGdC4tTah28n3MrmxarDAUQEXunu8ffSbFjnDcm20zlivFp4kiO
HiTGOW5839viYe2XLg1n7iNsc7ox8RWXoSfgWzrKrKCOiyrLq9hi2rGIX2+s+FDK
YA5jFtPqobrDDrC0oe6XNXrW1dWySgGFlfXijkD5rXKRAUA2dnrKIQ7mbQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFjfJxlL0RMHsQusZPReQiThUbbaMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvV044bkdVdlJFd2V4QzZ4azlGNUNKT0ZSdHRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvNSFMA0G
CSqGSIb3DQEBCwUAA4IBAQBjOzVHc5GK9thRYpbOkB1x10A0Kiw40bbC8KxcWT3j
5dtuvNsUjnKnnCn9to86SFSc7/3tCtJhZojo30MB1DOuv0a8Dvvs4BVWelaAEoCO
3pnGlzY09aPViJ/Yfyi8vblk8c8zPgFlW9zHetWvEUQaFLXvcfU+mqo2jxLvxF3P
gKkvjQa8UDeVWM4KlTaU5mydRd+HkFO/A1MahH5WTgnLlVDxM9XdksuNN+Jgu9QA
XzfQWACNCMMYvQ/quh1XAgIsuFZHoqGX1BS0aCEPusTiOc5//ofh9YCacNjPcJou
VnE86TDxNP33AqlHTSKX3Jc2SGEb9O8+dZHUMnXViesg
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:11 2024 by rpki-client on console-ams.rpki-client.org