Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/mZDzGqeQ9DI0uBG3uaApMzpbjHg.roa
File:                     mZDzGqeQ9DI0uBG3uaApMzpbjHg.roa (raw, json)
Hash identifier:          N8gv4OMFQL/Ka7MHiDp+jVbzSWCC5M2ZuG22tWK7GNQ=
Subject key identifier:   99:90:F3:1A:A7:90:F4:32:34:B8:11:B7:B9:A0:29:33:3A:5B:8C:78
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       01862BE41986AF3E3428BC8C69ED4030210C
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/mZDzGqeQ9DI0uBG3uaApMzpbjHg.roa
Signing time:             Tue 07 Feb 2023 12:40:14 +0000
ROA not before:           Tue 07 Feb 2023 12:40:14 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     62240
IP address blocks:        185.198.243.0/24 maxlen: 24
                          185.192.69.0/24 maxlen: 24
                          185.165.45.0/24 maxlen: 24
                          185.217.117.0/24 maxlen: 24
                          185.198.240.0/24 maxlen: 24
                          45.80.157.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 19 Sep 2023 08:46:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:2b:e4:19:86:af:3e:34:28:bc:8c:69:ed:40:30:21:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Feb  7 12:40:14 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9990f31aa790f43234b811b7b9a029333a5b8c78
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:bb:38:b9:bb:56:de:89:da:e1:3b:fb:5c:dc:
                    c9:30:f0:b3:03:a4:55:95:d4:f3:6e:aa:ed:7d:b2:
                    7b:66:40:94:40:2c:40:f3:e7:36:18:ab:ef:6f:4e:
                    48:ed:fc:69:99:ca:7e:dd:e6:63:01:26:cd:54:24:
                    69:54:7e:d9:60:c1:33:a2:1b:19:35:04:19:be:eb:
                    ff:e5:19:86:c7:97:d2:24:dd:5d:d9:7a:84:a8:82:
                    51:5b:af:b8:b6:ba:11:28:5b:88:46:30:a1:20:9a:
                    0d:6d:b6:c1:46:61:06:3f:9a:d4:0c:ee:59:04:96:
                    9a:17:fb:0d:3e:50:3d:8f:c4:5f:b5:a6:56:c9:75:
                    f6:4e:6c:da:18:4d:c9:5b:34:b6:98:87:d9:58:67:
                    17:da:be:80:3b:ea:25:95:8e:d6:11:6c:b7:0b:0a:
                    06:55:b4:70:5a:42:29:1b:7a:85:2f:04:7d:7d:2d:
                    88:99:20:17:fa:b7:90:34:5b:8c:30:a6:b1:a5:5f:
                    d1:ce:90:74:0c:1f:c2:a3:84:30:2c:69:21:9d:e2:
                    40:9b:34:f9:3b:75:59:ce:75:70:93:82:c3:d9:99:
                    56:a2:c8:69:6a:a4:73:a1:80:16:60:4f:84:5c:8a:
                    7d:60:61:85:d6:b4:04:22:d5:c2:e4:e4:21:6a:61:
                    0f:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:90:F3:1A:A7:90:F4:32:34:B8:11:B7:B9:A0:29:33:3A:5B:8C:78
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/mZDzGqeQ9DI0uBG3uaApMzpbjHg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.80.157.0/24
                  185.165.45.0/24
                  185.192.69.0/24
                  185.198.240.0/24
                  185.198.243.0/24
                  185.217.117.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4c:26:76:1e:f2:d6:69:29:3b:88:c9:63:5a:c0:8c:b1:b2:1e:
         26:8a:a1:8a:21:5e:38:ee:a6:2d:01:5b:28:ef:f4:83:96:ff:
         96:8d:ab:4a:46:b7:fb:1c:04:13:c6:8c:8a:db:8e:2a:ad:2c:
         a3:11:e8:8b:16:e2:79:9f:8b:42:58:cf:0d:d9:77:29:b5:85:
         2c:d8:7a:dc:69:28:6c:9b:7b:9a:23:10:5d:c8:c7:05:d5:75:
         1e:fa:aa:0c:23:3d:07:ac:87:62:2f:9c:d0:3f:6b:59:15:34:
         74:84:6f:e8:a3:60:b2:96:39:a9:bf:ff:25:63:38:96:a1:c5:
         26:77:93:d8:34:69:51:b2:97:71:3e:6a:a1:30:57:a5:8c:09:
         28:c2:86:a8:29:c6:d5:90:cd:be:98:0e:74:ae:79:af:b2:f6:
         13:61:00:9e:9c:7b:58:2d:c4:34:a5:da:78:24:75:1e:9e:74:
         3c:43:eb:32:b4:08:5e:a2:85:d6:5f:cd:f4:f2:29:b5:32:1c:
         14:5c:2c:0b:f6:92:9f:48:b2:74:18:0b:cf:1f:b2:9f:be:c1:
         99:71:28:1a:d6:f7:5a:92:30:a3:73:af:a9:46:34:31:21:70:
         f6:83:88:13:2a:da:4e:a8:0d:63:ff:9f:9b:7a:7b:1d:9b:ad:
         de:d1:7e:97
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYYr5BmGrz40KLyMae1AMCEMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMjA3MTI0MDE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTkwZjMxYWE3OTBmNDMyMzRiODExYjdiOWEwMjkzMzNhNWI4Yzc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk7s4ubtW3ona4Tv7XNzJMPCzA6RV
ldTzbqrtfbJ7ZkCUQCxA8+c2GKvvb05I7fxpmcp+3eZjASbNVCRpVH7ZYMEzohsZ
NQQZvuv/5RmGx5fSJN1d2XqEqIJRW6+4troRKFuIRjChIJoNbbbBRmEGP5rUDO5Z
BJaaF/sNPlA9j8RftaZWyXX2TmzaGE3JWzS2mIfZWGcX2r6AO+ollY7WEWy3CwoG
VbRwWkIpG3qFLwR9fS2ImSAX+reQNFuMMKaxpV/RzpB0DB/Co4QwLGkhneJAmzT5
O3VZznVwk4LD2ZlWoshpaqRzoYAWYE+EXIp9YGGF1rQEItXC5OQhamEPVwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJmQ8xqnkPQyNLgRt7mgKTM6W4x4MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvbVpEekdxZVE5REkwdUJHM3VhQXBNenBiakhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALVCdAwQA
uaUtAwQAucBFAwQAucbwAwQAucbzAwQAudl1MA0GCSqGSIb3DQEBCwUAA4IBAQBM
JnYe8tZpKTuIyWNawIyxsh4miqGKIV447qYtAVso7/SDlv+WjatKRrf7HAQTxoyK
244qrSyjEeiLFuJ5n4tCWM8N2XcptYUs2HrcaShsm3uaIxBdyMcF1XUe+qoMIz0H
rIdiL5zQP2tZFTR0hG/oo2Cyljmpv/8lYziWocUmd5PYNGlRspdxPmqhMFeljAko
woaoKcbVkM2+mA50rnmvsvYTYQCenHtYLcQ0pdp4JHUennQ8Q+sytAheooXWX830
8im1MhwUXCwL9pKfSLJ0GAvPH7KfvsGZcSga1vdakjCjc6+pRjQxIXD2g4gTKtpO
qA1j/5+bensdm63e0X6X
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:48 2024 by rpki-client on console-fra.rpki-client.org