Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/_R3pWG6QuGCwtS62ITt1P4Whujo.roa
File:                     _R3pWG6QuGCwtS62ITt1P4Whujo.roa (raw, json)
Hash identifier:          UNrkGBHREuSmNdslaETCzGQQjdIloaYaqBa6ILc0hZ8=
Subject key identifier:   FD:1D:E9:58:6E:90:B8:60:B0:B5:2E:B6:21:3B:75:3F:85:A1:BA:3A
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       018571031A44F6E08D9453FB1A4297DA8D7A
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/_R3pWG6QuGCwtS62ITt1P4Whujo.roa
Signing time:             Mon 02 Jan 2023 05:45:06 +0000
ROA not before:           Mon 02 Jan 2023 05:45:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209014
IP address blocks:        185.192.17.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:30:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:03:1a:44:f6:e0:8d:94:53:fb:1a:42:97:da:8d:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Jan  2 05:45:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=fd1de9586e90b860b0b52eb6213b753f85a1ba3a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:95:50:cc:5d:67:46:db:3c:19:23:7e:3c:ec:
                    07:4f:74:81:75:84:33:06:52:69:0b:fe:7e:37:f1:
                    a6:56:5f:12:7a:df:bb:a5:c6:48:66:da:44:e3:45:
                    d5:c5:e3:e5:09:34:28:9a:78:ba:39:10:e3:78:85:
                    8c:a3:ae:0b:4a:e3:73:e8:45:78:4f:36:11:9b:8d:
                    b0:07:c6:4e:84:21:d4:4a:75:d3:9f:dd:6f:b6:33:
                    5d:1a:85:6b:f0:f7:f5:bc:b9:89:c2:84:78:31:3c:
                    51:79:1a:1a:ec:b1:51:c9:7a:cc:38:1b:9d:d5:7b:
                    e2:86:62:d9:f0:3e:cb:dc:01:e1:2a:48:43:ab:a4:
                    0e:21:96:e2:e9:b0:a9:f1:62:0e:0d:a7:21:1c:55:
                    ed:af:55:4f:32:5d:51:13:e2:dc:ba:67:3d:a2:a5:
                    d2:25:f2:7d:e9:ab:99:74:d7:42:19:f7:f3:ec:0c:
                    a0:fc:8d:ab:9c:bd:f6:b8:c9:6a:94:16:9f:f1:24:
                    d8:a6:a5:18:64:82:5d:7f:e8:45:46:68:28:60:9d:
                    c5:41:44:8d:ba:61:4f:bb:d4:e2:30:0f:95:49:13:
                    ec:2d:96:c8:6d:cd:5b:cc:07:8e:91:f5:c5:41:1b:
                    99:19:24:c8:26:f6:f6:87:7b:3f:f4:f9:60:49:28:
                    18:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:1D:E9:58:6E:90:B8:60:B0:B5:2E:B6:21:3B:75:3F:85:A1:BA:3A
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/_R3pWG6QuGCwtS62ITt1P4Whujo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.192.17.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8d:11:14:b7:33:b6:cc:ee:9c:8a:fb:7e:ef:7b:47:bf:16:94:
         ca:ca:41:47:b1:20:71:e0:ea:de:85:33:49:5a:c3:36:ea:90:
         6f:46:c3:40:16:11:fc:58:b2:f9:aa:9e:ad:58:fc:28:af:de:
         36:8f:e6:dd:11:b4:6a:b5:f4:6b:14:e7:43:eb:43:26:89:6b:
         60:e7:9f:a2:fd:80:1e:e2:14:f8:5e:9b:02:2c:76:68:f9:41:
         9a:66:9f:0f:2c:63:36:d4:99:32:1a:4f:30:d6:e2:0f:6b:fa:
         35:ad:6b:34:da:db:eb:a6:ad:d0:1c:65:65:c7:63:cc:10:da:
         9b:6c:6f:a6:59:8c:50:17:70:c6:2f:d9:d6:3f:ce:ab:e3:2f:
         71:46:ce:73:2d:3c:96:8e:f6:44:0b:69:72:97:e1:f5:eb:c9:
         6b:08:94:d1:2e:95:0d:4d:9e:e9:1e:a7:f1:02:63:c0:c2:f8:
         9f:cc:8f:37:24:7a:9d:e6:b5:73:85:fe:6a:70:a2:69:3f:6e:
         d1:8d:8c:b5:fb:65:66:09:57:46:25:c0:a6:08:56:3d:d9:e4:
         00:6b:28:4a:f2:4f:8f:02:85:a9:6c:c2:34:7a:74:5b:c5:75:
         28:aa:28:64:15:67:fb:e8:65:eb:5a:83:dd:8a:04:89:5f:ed:
         56:9f:9d:fd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxAxpE9uCNlFP7GkKX2o16MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMTAyMDU0NTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDFkZTk1ODZlOTBiODYwYjBiNTJlYjYyMTNiNzUzZjg1YTFiYTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx5VQzF1nRts8GSN+POwHT3SBdYQz
BlJpC/5+N/GmVl8Set+7pcZIZtpE40XVxePlCTQomni6ORDjeIWMo64LSuNz6EV4
TzYRm42wB8ZOhCHUSnXTn91vtjNdGoVr8Pf1vLmJwoR4MTxReRoa7LFRyXrMOBud
1XvihmLZ8D7L3AHhKkhDq6QOIZbi6bCp8WIODachHFXtr1VPMl1RE+Lcumc9oqXS
JfJ96auZdNdCGffz7Ayg/I2rnL32uMlqlBaf8STYpqUYZIJdf+hFRmgoYJ3FQUSN
umFPu9TiMA+VSRPsLZbIbc1bzAeOkfXFQRuZGSTIJvb2h3s/9PlgSSgY9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP0d6VhukLhgsLUutiE7dT+Fobo6MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvX1IzcFdHNlF1R0N3dFM2MklUdDFQNFdodWpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAucARMA0G
CSqGSIb3DQEBCwUAA4IBAQCNERS3M7bM7pyK+37ve0e/FpTKykFHsSBx4OrehTNJ
WsM26pBvRsNAFhH8WLL5qp6tWPwor942j+bdEbRqtfRrFOdD60MmiWtg55+i/YAe
4hT4XpsCLHZo+UGaZp8PLGM21JkyGk8w1uIPa/o1rWs02tvrpq3QHGVlx2PMENqb
bG+mWYxQF3DGL9nWP86r4y9xRs5zLTyWjvZEC2lyl+H168lrCJTRLpUNTZ7pHqfx
AmPAwvifzI83JHqd5rVzhf5qcKJpP27RjYy1+2VmCVdGJcCmCFY92eQAayhK8k+P
AoWpbMI0enRbxXUoqihkFWf76GXrWoPdigSJX+1Wn539
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:46 2024 by rpki-client on console-fra.rpki-client.org