Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/aw21OcR-fV4JUZZla9bxuLIVfR0.roa
File:                     aw21OcR-fV4JUZZla9bxuLIVfR0.roa (raw, json)
Hash identifier:          oCKweBk/OFTI7z86LnVPABMQvPsY04u3UZXvPdLEu4c=
Subject key identifier:   6B:0D:B5:39:C4:7E:7D:5E:09:51:96:65:6B:D6:F1:B8:B2:15:7D:1D
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       018CC5012824AA9CED4F00C68CD4BAFEF494
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/aw21OcR-fV4JUZZla9bxuLIVfR0.roa
Signing time:             Mon 01 Jan 2024 12:30:36 +0000
ROA not before:           Mon 01 Jan 2024 12:30:36 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     206865
IP address blocks:        178.239.199.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 29 Feb 2024 05:04:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:01:28:24:aa:9c:ed:4f:00:c6:8c:d4:ba:fe:f4:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Jan  1 12:30:36 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=6b0db539c47e7d5e095196656bd6f1b8b2157d1d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:12:c1:b0:2d:88:fa:27:ae:30:0a:82:05:13:
                    e2:e8:0e:0e:c7:7c:b1:24:b9:70:91:c1:38:1e:a9:
                    13:61:41:97:d5:6d:e1:87:30:b0:99:a7:80:27:0f:
                    cf:c3:ef:07:00:d9:fc:75:a6:40:01:ab:19:52:2f:
                    8d:c0:ee:06:a6:40:48:38:cb:56:b2:03:d9:3a:d2:
                    f2:bd:e7:0e:64:4f:21:99:c7:a6:90:6a:66:76:cd:
                    f0:fd:9a:7e:27:18:83:7f:2c:dd:33:08:22:32:a6:
                    8e:b4:35:6e:a2:07:b6:3a:b0:f3:4b:bd:8a:69:36:
                    78:be:57:e6:d2:9d:20:7b:bc:a6:6d:81:65:57:0a:
                    f1:22:b3:0f:e5:9d:79:1d:0b:2f:dc:8f:b3:ef:e8:
                    be:b3:10:ea:a2:99:2e:1d:90:16:e2:da:68:c9:90:
                    91:57:51:f5:d8:bf:44:6c:f9:da:71:53:aa:04:c7:
                    b9:86:17:14:bb:2b:57:35:89:ea:85:39:a2:78:a3:
                    d4:f5:1a:f5:d5:a0:34:ec:ab:aa:f0:8a:a7:46:68:
                    d4:82:8d:df:2f:42:98:fb:2e:db:22:f1:72:25:e4:
                    b1:6a:e4:ad:ae:5e:54:b2:7d:d8:13:10:a0:14:ce:
                    75:18:a0:36:25:9b:47:f2:fe:b6:22:c4:b2:99:31:
                    44:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:0D:B5:39:C4:7E:7D:5E:09:51:96:65:6B:D6:F1:B8:B2:15:7D:1D
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/aw21OcR-fV4JUZZla9bxuLIVfR0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.239.199.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1b:63:81:9c:a7:c9:f6:e0:d6:a9:69:cc:14:a8:7e:cc:dc:f5:
         01:a1:a2:89:e1:7c:7a:b4:55:95:4d:88:b7:8f:d8:f0:87:f0:
         51:84:71:2d:e1:c7:a2:5f:5c:b7:02:db:f5:73:a1:4a:b9:de:
         22:9e:3d:bb:65:79:db:aa:29:de:4d:6b:e9:69:b4:c5:4b:ac:
         d6:88:a5:de:34:09:f0:b2:0a:9f:69:15:d9:7b:9b:b3:dd:f8:
         e8:76:ce:ac:38:ad:23:7f:53:62:5b:21:4f:c6:36:38:1e:02:
         5b:2d:9b:40:4b:a4:b7:af:62:c6:2f:25:28:ea:90:86:ca:b7:
         08:cc:1e:d3:a9:32:55:7c:0d:9b:96:49:5d:d1:7b:cb:e9:67:
         3f:4c:0b:6b:93:16:38:34:9f:82:f4:a5:72:1b:dd:f0:29:e4:
         6b:01:ae:53:cc:c2:49:9d:0c:bb:2b:2b:50:b1:f5:cf:45:24:
         7a:a3:ed:d0:71:fb:53:24:99:dc:69:5a:ae:e2:2b:ff:0b:b9:
         ae:aa:1b:d9:84:b0:ea:20:b6:c7:d4:a1:b9:11:73:7c:4d:25:
         c0:ce:9f:ff:a9:15:b1:23:48:f6:dd:43:fa:a7:89:10:38:2e:
         56:5f:fc:82:52:d1:a6:a8:db:75:2e:4f:e1:8e:81:73:18:73:
         be:63:af:34
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFASgkqpztTwDGjNS6/vSUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwMTAxMTIzMDM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjBkYjUzOWM0N2U3ZDVlMDk1MTk2NjU2YmQ2ZjFiOGIyMTU3ZDFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnBLBsC2I+ieuMAqCBRPi6A4Ox3yx
JLlwkcE4HqkTYUGX1W3hhzCwmaeAJw/Pw+8HANn8daZAAasZUi+NwO4GpkBIOMtW
sgPZOtLyvecOZE8hmcemkGpmds3w/Zp+JxiDfyzdMwgiMqaOtDVuoge2OrDzS72K
aTZ4vlfm0p0ge7ymbYFlVwrxIrMP5Z15HQsv3I+z7+i+sxDqopkuHZAW4tpoyZCR
V1H12L9EbPnacVOqBMe5hhcUuytXNYnqhTmieKPU9Rr11aA07Kuq8IqnRmjUgo3f
L0KY+y7bIvFyJeSxauStrl5Usn3YExCgFM51GKA2JZtH8v62IsSymTFEYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGsNtTnEfn1eCVGWZWvW8biyFX0dMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvYXcyMU9jUi1mVjRKVVpabGE5Ynh1TElWZlIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsu/HMA0G
CSqGSIb3DQEBCwUAA4IBAQAbY4Gcp8n24NapacwUqH7M3PUBoaKJ4Xx6tFWVTYi3
j9jwh/BRhHEt4ceiX1y3Atv1c6FKud4inj27ZXnbqineTWvpabTFS6zWiKXeNAnw
sgqfaRXZe5uz3fjods6sOK0jf1NiWyFPxjY4HgJbLZtAS6S3r2LGLyUo6pCGyrcI
zB7TqTJVfA2blkld0XvL6Wc/TAtrkxY4NJ+C9KVyG93wKeRrAa5TzMJJnQy7KytQ
sfXPRSR6o+3QcftTJJncaVqu4iv/C7muqhvZhLDqILbH1KG5EXN8TSXAzp//qRWx
I0j23UP6p4kQOC5WX/yCUtGmqNt1Lk/hjoFzGHO+Y680
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:12 2024 by rpki-client on console-ams.rpki-client.org