Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/mVEybWHb_A-txy_J_Fig-NTZSR4.roa
File:                     mVEybWHb_A-txy_J_Fig-NTZSR4.roa (raw, json)
Hash identifier:          hU++gYjZHPgjnfCUfxkyI7Cf2XagFsbf2Am/Ez6NfsA=
Subject key identifier:   99:51:32:6D:61:DB:FC:0F:AD:C7:2F:C9:FC:58:A0:F8:D4:D9:49:1E
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       018B0EBC4F88341B942348B866C2AE74E1EE
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/mVEybWHb_A-txy_J_Fig-NTZSR4.roa
Signing time:             Sun 08 Oct 2023 10:01:44 +0000
ROA not before:           Sun 08 Oct 2023 10:01:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     216253
IP address blocks:        185.35.139.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 01 Dec 2023 05:36:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:0e:bc:4f:88:34:1b:94:23:48:b8:66:c2:ae:74:e1:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Oct  8 10:01:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9951326d61dbfc0fadc72fc9fc58a0f8d4d9491e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:7b:b2:cd:b9:39:38:50:24:e8:b2:13:0b:d1:
                    52:a4:e7:c1:02:92:0b:71:53:44:b7:85:cd:5b:fc:
                    ee:4b:7a:fd:bd:60:18:25:74:c1:ee:97:db:5a:7d:
                    02:27:31:03:86:08:0d:9d:49:fb:e6:91:f8:f9:62:
                    89:19:19:5d:42:91:01:62:8b:a1:91:86:44:a5:9b:
                    68:d7:8f:e1:31:9c:86:93:d6:31:38:51:4b:72:35:
                    45:1d:42:59:35:79:d5:fa:f2:56:81:dd:e1:94:99:
                    4e:67:ef:27:fd:05:1b:54:0e:d4:87:2d:ad:28:5f:
                    2f:20:0c:a0:39:aa:63:dd:c1:d1:6c:20:a9:7e:b0:
                    81:21:94:d5:58:23:9b:40:c8:bd:46:3e:a8:27:12:
                    74:1e:f1:d4:c3:5f:c8:8c:37:a2:ec:53:e3:66:d5:
                    66:5e:f6:a5:aa:43:59:03:70:12:20:79:20:da:32:
                    df:ee:97:d4:d8:d4:9d:d6:ee:c0:47:0b:79:c2:0a:
                    af:f9:5b:fa:56:25:b3:d5:cc:a2:d6:7c:d7:69:a5:
                    e2:68:71:c7:82:7b:ef:dd:e6:a1:ee:e7:d9:a3:2b:
                    0d:e9:b8:b8:97:79:a2:df:f9:d9:13:d3:fc:37:a2:
                    79:32:5d:1d:db:ea:f2:c5:70:49:4c:35:fa:63:10:
                    09:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:51:32:6D:61:DB:FC:0F:AD:C7:2F:C9:FC:58:A0:F8:D4:D9:49:1E
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/mVEybWHb_A-txy_J_Fig-NTZSR4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.35.139.0/24

    Signature Algorithm: sha256WithRSAEncryption
         98:58:34:13:2d:80:fd:6a:f0:4d:3e:dd:94:1a:7b:94:7e:dc:
         2a:05:d6:07:59:63:b9:23:33:41:a1:2a:3f:62:2e:98:92:bc:
         21:77:0e:58:0b:46:ba:e2:26:6c:0a:2a:04:b4:52:4c:02:df:
         62:55:ac:f0:48:c6:03:50:9e:ea:b9:bb:21:b0:5a:34:37:14:
         9e:f0:7f:6a:eb:e9:ca:fe:b0:25:e0:1f:19:9a:92:4e:77:34:
         4a:e5:46:65:6b:0f:b3:fb:74:76:71:88:22:d9:25:58:df:30:
         5d:1b:a6:49:60:f7:a4:20:ab:c6:fe:50:b6:f6:cb:42:9c:b4:
         45:36:34:f9:1c:91:89:2b:35:ca:bc:22:51:b7:91:fd:92:02:
         97:da:08:80:a7:18:72:2e:81:7e:47:97:30:e1:61:dc:62:58:
         79:c0:61:16:75:82:54:f1:e5:9e:20:77:7b:6e:73:42:85:4e:
         ce:a2:f2:44:04:b5:00:b0:df:9c:44:27:37:b5:f5:5e:62:5d:
         4e:b4:c1:49:d4:0d:db:0a:05:9c:3a:f3:e9:79:50:20:eb:7c:
         4a:a6:20:bf:db:ea:71:91:76:9f:f1:36:be:9d:bb:46:a0:8a:
         d0:b8:0a:67:6f:b7:58:46:7d:e7:00:8f:e3:1c:ec:a2:a5:53:
         a6:15:56:e2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYsOvE+INBuUI0i4ZsKudOHuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMDA4MTAwMTQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTUxMzI2ZDYxZGJmYzBmYWRjNzJmYzlmYzU4YTBmOGQ0ZDk0OTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg3uyzbk5OFAk6LITC9FSpOfBApIL
cVNEt4XNW/zuS3r9vWAYJXTB7pfbWn0CJzEDhggNnUn75pH4+WKJGRldQpEBYouh
kYZEpZto14/hMZyGk9YxOFFLcjVFHUJZNXnV+vJWgd3hlJlOZ+8n/QUbVA7Uhy2t
KF8vIAygOapj3cHRbCCpfrCBIZTVWCObQMi9Rj6oJxJ0HvHUw1/IjDei7FPjZtVm
XvalqkNZA3ASIHkg2jLf7pfU2NSd1u7ARwt5wgqv+Vv6ViWz1cyi1nzXaaXiaHHH
gnvv3eah7ufZoysN6bi4l3mi3/nZE9P8N6J5Ml0d2+ryxXBJTDX6YxAJTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJlRMm1h2/wPrccvyfxYoPjU2UkeMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvbVZFeWJXSGJfQS10eHlfSl9GaWctTlRaU1I0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuSOLMA0G
CSqGSIb3DQEBCwUAA4IBAQCYWDQTLYD9avBNPt2UGnuUftwqBdYHWWO5IzNBoSo/
Yi6Ykrwhdw5YC0a64iZsCioEtFJMAt9iVazwSMYDUJ7qubshsFo0NxSe8H9q6+nK
/rAl4B8ZmpJOdzRK5UZlaw+z+3R2cYgi2SVY3zBdG6ZJYPekIKvG/lC29stCnLRF
NjT5HJGJKzXKvCJRt5H9kgKX2giApxhyLoF+R5cw4WHcYlh5wGEWdYJU8eWeIHd7
bnNChU7OovJEBLUAsN+cRCc3tfVeYl1OtMFJ1A3bCgWcOvPpeVAg63xKpiC/2+px
kXaf8Ta+nbtGoIrQuApnb7dYRn3nAI/jHOyipVOmFVbi
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:48 2024 by rpki-client on console-fra.rpki-client.org