Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/mWGy7tR4h8ZQLLrISmM6g7Q06ic.roa
File:                     mWGy7tR4h8ZQLLrISmM6g7Q06ic.roa (raw, json)
Hash identifier:          hBv1h47qGNmx4srp1kh6VooBpoXYEeMebefxdCZJm+4=
Subject key identifier:   99:61:B2:EE:D4:78:87:C6:50:2C:BA:C8:4A:63:3A:83:B4:34:EA:27
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       01879ED219D04691B133FF425D8275C48F43
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/mWGy7tR4h8ZQLLrISmM6g7Q06ic.roa
Signing time:             Thu 20 Apr 2023 13:19:41 +0000
ROA not before:           Thu 20 Apr 2023 13:19:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     56488
IP address blocks:        194.76.135.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:30:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:9e:d2:19:d0:46:91:b1:33:ff:42:5d:82:75:c4:8f:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Apr 20 13:19:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9961b2eed47887c6502cbac84a633a83b434ea27
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:b6:80:4b:10:38:37:16:80:6d:eb:77:db:b1:
                    b2:de:04:52:99:69:e2:0c:5b:c7:52:3d:d3:8c:e9:
                    71:27:bd:1d:b0:15:cd:e5:e6:66:1d:0f:ac:45:75:
                    79:6c:07:11:7c:a8:c0:ce:2a:cf:c7:ac:3d:15:64:
                    16:ce:38:49:cd:f7:14:48:78:ee:25:ec:57:44:63:
                    9f:07:ed:5d:4d:00:8e:a8:64:91:c6:55:44:a4:96:
                    1c:5b:29:70:70:e5:44:7e:51:dd:26:ff:ef:93:4f:
                    91:41:26:fb:9a:34:6d:f0:63:12:df:33:43:b8:4d:
                    38:14:0b:b7:a0:06:a1:5d:8e:b9:f2:f2:88:7e:b9:
                    d6:18:d3:e7:2b:18:4a:3c:8f:64:ae:38:d1:50:25:
                    48:61:56:ea:a3:1f:ec:ff:aa:b8:7c:6d:b9:b9:fe:
                    f7:12:c3:97:9e:b4:75:d5:35:9c:2f:11:73:d6:30:
                    cb:a7:af:a0:b4:e1:81:dc:e0:34:19:7b:94:d1:8d:
                    6d:9e:c7:5d:b8:c8:4f:0a:50:db:63:d2:18:2f:c7:
                    f6:34:e1:57:53:ed:3a:84:fc:ce:e3:1c:88:59:43:
                    cf:62:94:8e:7f:00:48:58:90:1c:31:c1:85:5b:51:
                    15:24:d8:78:aa:09:03:43:4d:c5:ed:64:3b:61:87:
                    0f:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:61:B2:EE:D4:78:87:C6:50:2C:BA:C8:4A:63:3A:83:B4:34:EA:27
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/mWGy7tR4h8ZQLLrISmM6g7Q06ic.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.76.135.0/24

    Signature Algorithm: sha256WithRSAEncryption
         26:e1:a9:79:c6:5c:0c:49:c8:8a:d4:91:f0:79:26:46:cb:d0:
         a3:eb:a8:5d:22:01:b6:fb:7c:85:f7:3f:e4:f1:e9:87:2d:6f:
         49:f5:33:d1:14:61:26:7e:7b:13:62:78:2a:ca:94:fb:16:76:
         83:ef:8c:47:9e:37:6b:34:c5:65:e1:1e:29:9a:88:5a:fa:a9:
         1c:6e:aa:f6:a4:96:39:cf:e0:55:33:1d:5d:d6:a8:1f:78:8a:
         3b:59:6b:53:23:60:43:ce:38:0b:20:ad:3a:d4:8e:34:c8:48:
         34:98:07:c6:74:01:43:23:e8:b0:ee:4f:a1:88:5b:8a:95:a2:
         ff:c2:65:f1:9f:27:82:75:7b:a0:d9:48:bc:d3:df:4b:df:fb:
         53:96:98:3b:7f:be:fd:3f:c4:d0:b2:d4:e2:f3:85:35:30:ca:
         e1:ab:e6:4f:c1:11:b0:c2:44:dd:a5:33:96:a8:57:05:66:b7:
         5d:f1:fa:bd:dc:78:21:21:c1:fb:47:df:9e:3f:22:97:26:d9:
         3f:4f:9d:aa:3b:df:9e:1e:56:c7:4a:07:cd:e3:fd:27:ec:f0:
         a9:1e:08:88:80:7d:26:5f:d0:64:5c:60:ab:9d:52:91:96:ee:
         74:c9:d2:6f:4b:6f:20:e6:f7:c5:55:f3:ac:ba:2b:26:59:3a:
         63:b3:c8:7a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYee0hnQRpGxM/9CXYJ1xI9DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNDIwMTMxOTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTYxYjJlZWQ0Nzg4N2M2NTAyY2JhYzg0YTYzM2E4M2I0MzRlYTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqraASxA4NxaAbet327Gy3gRSmWni
DFvHUj3TjOlxJ70dsBXN5eZmHQ+sRXV5bAcRfKjAzirPx6w9FWQWzjhJzfcUSHju
JexXRGOfB+1dTQCOqGSRxlVEpJYcWylwcOVEflHdJv/vk0+RQSb7mjRt8GMS3zND
uE04FAu3oAahXY658vKIfrnWGNPnKxhKPI9krjjRUCVIYVbqox/s/6q4fG25uf73
EsOXnrR11TWcLxFz1jDLp6+gtOGB3OA0GXuU0Y1tnsdduMhPClDbY9IYL8f2NOFX
U+06hPzO4xyIWUPPYpSOfwBIWJAcMcGFW1EVJNh4qgkDQ03F7WQ7YYcPJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJlhsu7UeIfGUCy6yEpjOoO0NOonMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvbVdHeTd0UjRoOFpRTExySVNtTTZnN1EwNmljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwkyHMA0G
CSqGSIb3DQEBCwUAA4IBAQAm4al5xlwMSciK1JHweSZGy9Cj66hdIgG2+3yF9z/k
8emHLW9J9TPRFGEmfnsTYngqypT7FnaD74xHnjdrNMVl4R4pmoha+qkcbqr2pJY5
z+BVMx1d1qgfeIo7WWtTI2BDzjgLIK061I40yEg0mAfGdAFDI+iw7k+hiFuKlaL/
wmXxnyeCdXug2Ui8099L3/tTlpg7f779P8TQstTi84U1MMrhq+ZPwRGwwkTdpTOW
qFcFZrdd8fq93HghIcH7R9+ePyKXJtk/T52qO9+eHlbHSgfN4/0n7PCpHgiIgH0m
X9BkXGCrnVKRlu50ydJvS28g5vfFVfOsuismWTpjs8h6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:48 2024 by rpki-client on console-fra.rpki-client.org