Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/eI4uNwEC0Pbrj5l2rglpgpdaJIg.roa
File:                     eI4uNwEC0Pbrj5l2rglpgpdaJIg.roa (raw, json)
Hash identifier:          Nl9WAXbquLgj831Kk8PcFYAS3fvmiZPESbIBDyI2z5A=
Subject key identifier:   78:8E:2E:37:01:02:D0:F6:EB:8F:99:76:AE:09:69:82:97:5A:24:88
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       018571031BCA640D66268F7346D04EFA7F30
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/eI4uNwEC0Pbrj5l2rglpgpdaJIg.roa
Signing time:             Mon 02 Jan 2023 05:45:07 +0000
ROA not before:           Mon 02 Jan 2023 05:45:07 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     210558
IP address blocks:        45.92.1.0/24 maxlen: 24
                          185.241.208.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 01 Feb 2023 07:56:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:03:1b:ca:64:0d:66:26:8f:73:46:d0:4e:fa:7f:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Jan  2 05:45:07 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=788e2e370102d0f6eb8f9976ae096982975a2488
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:8a:fb:77:91:56:7b:c6:2d:a1:33:a9:f1:8c:
                    86:9c:2e:ae:5c:4d:8d:d6:98:73:3d:84:36:a7:ea:
                    01:fd:65:79:de:45:c8:d3:cf:7e:d8:e2:a8:64:0a:
                    56:65:70:4d:7b:4e:ca:ec:7f:f4:ab:36:b9:d5:f2:
                    28:d7:41:da:3a:64:2f:46:d1:70:fe:6e:81:38:dc:
                    ed:6c:70:8c:08:8c:52:36:0e:5b:28:28:ac:9a:b3:
                    90:92:5d:12:00:12:da:03:42:10:3a:1e:77:c9:77:
                    a3:ef:55:98:bc:43:dd:29:e8:86:30:d8:3e:ad:bd:
                    99:20:0e:31:0d:76:98:bb:14:2f:42:68:2b:15:c0:
                    6d:4c:83:45:24:8c:bd:ce:d4:c7:d3:ce:ba:95:2e:
                    44:55:7d:e6:a0:7f:09:c8:ff:70:e4:9d:eb:5d:56:
                    8e:d5:1d:18:71:d5:f1:45:14:6e:fc:d7:e7:18:fd:
                    c5:bc:1d:3c:0c:b6:01:a0:ac:82:4d:fb:8d:45:91:
                    b1:9b:16:f3:92:5b:36:aa:b7:2c:59:a2:90:c3:a9:
                    fa:3b:6d:70:da:58:9c:80:f0:c0:e1:2b:80:38:9d:
                    ba:4f:56:94:6c:aa:e8:da:1e:17:41:bb:4c:da:0e:
                    70:a9:57:dc:2f:88:ce:d8:be:39:17:6c:e2:92:2c:
                    6d:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:8E:2E:37:01:02:D0:F6:EB:8F:99:76:AE:09:69:82:97:5A:24:88
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/eI4uNwEC0Pbrj5l2rglpgpdaJIg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.92.1.0/24
                  185.241.208.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5c:0d:d4:e1:cd:90:e4:0e:37:cf:7e:57:d4:f9:90:c1:21:c4:
         28:29:60:4a:99:2c:5c:10:93:b5:ff:77:73:7d:2a:ab:2f:31:
         f9:1a:46:20:8f:c5:3c:d0:af:03:ef:a9:cc:19:0d:12:a2:de:
         eb:2e:25:41:f4:0c:df:e6:64:3e:91:2d:08:75:55:26:7f:5b:
         df:03:5b:d5:52:3a:cb:4d:d0:a5:87:28:64:2d:08:63:d9:2d:
         0e:ba:33:e7:e1:fe:8e:5f:23:9e:fb:55:2d:68:e7:b5:77:6d:
         13:b8:16:95:1f:09:9a:42:55:6d:2b:f6:c1:b0:21:17:65:c3:
         dd:8d:47:f6:3b:60:72:97:20:7d:c3:cd:dd:84:73:c7:7d:47:
         c4:14:e3:7d:c7:d1:f1:fc:70:de:36:a3:33:7e:10:b0:d5:76:
         7d:85:bf:a5:42:c8:eb:ae:24:7c:3e:94:53:49:ff:f1:3a:34:
         f8:69:9c:77:6f:1d:de:7d:78:db:b2:28:33:87:c7:bb:4d:12:
         6e:ea:90:27:04:4c:6e:9c:e5:e8:61:66:62:37:14:d5:af:22:
         0b:cf:d9:0d:d3:29:5c:5a:44:77:c9:60:c6:30:0c:b0:83:ca:
         ba:b4:2d:f2:27:68:2d:08:83:74:ee:40:68:37:a0:69:73:28:
         09:62:56:43
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxAxvKZA1mJo9zRtBO+n8wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMTAyMDU0NTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODhlMmUzNzAxMDJkMGY2ZWI4Zjk5NzZhZTA5Njk4Mjk3NWEyNDg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoYr7d5FWe8YtoTOp8YyGnC6uXE2N
1phzPYQ2p+oB/WV53kXI089+2OKoZApWZXBNe07K7H/0qza51fIo10HaOmQvRtFw
/m6BONztbHCMCIxSNg5bKCismrOQkl0SABLaA0IQOh53yXej71WYvEPdKeiGMNg+
rb2ZIA4xDXaYuxQvQmgrFcBtTINFJIy9ztTH0866lS5EVX3moH8JyP9w5J3rXVaO
1R0YcdXxRRRu/NfnGP3FvB08DLYBoKyCTfuNRZGxmxbzkls2qrcsWaKQw6n6O21w
2licgPDA4SuAOJ26T1aUbKro2h4XQbtM2g5wqVfcL4jO2L45F2zikixteQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHiOLjcBAtD264+Zdq4JaYKXWiSIMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvZUk0dU53RUMwUGJyajVsMnJnbHBncGRhSklnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALVwBAwQA
ufHQMA0GCSqGSIb3DQEBCwUAA4IBAQBcDdThzZDkDjfPflfU+ZDBIcQoKWBKmSxc
EJO1/3dzfSqrLzH5GkYgj8U80K8D76nMGQ0Sot7rLiVB9Azf5mQ+kS0IdVUmf1vf
A1vVUjrLTdClhyhkLQhj2S0OujPn4f6OXyOe+1UtaOe1d20TuBaVHwmaQlVtK/bB
sCEXZcPdjUf2O2BylyB9w83dhHPHfUfEFON9x9Hx/HDeNqMzfhCw1XZ9hb+lQsjr
riR8PpRTSf/xOjT4aZx3bx3efXjbsigzh8e7TRJu6pAnBExunOXoYWZiNxTVryIL
z9kN0ylcWkR3yWDGMAywg8q6tC3yJ2gtCIN07kBoN6BpcygJYlZD
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:12 2024 by rpki-client on console-ams.rpki-client.org