Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/n8ow6fbQvMowL96Hl7Bg6e6wCLQ.roa
File:                     n8ow6fbQvMowL96Hl7Bg6e6wCLQ.roa (raw, json)
Hash identifier:          GquS+fDvsL9FZaBTwGSVuy+TVScMAEeCd9sru1DXykQ=
Subject key identifier:   9F:CA:30:E9:F6:D0:BC:CA:30:2F:DE:87:97:B0:60:E9:EE:B0:08:B4
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       018746AE36C13C69B90276CC1A316532E780
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/n8ow6fbQvMowL96Hl7Bg6e6wCLQ.roa
Signing time:             Mon 03 Apr 2023 10:33:54 +0000
ROA not before:           Mon 03 Apr 2023 10:33:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     3507
IP address blocks:        93.114.192.0/24 maxlen: 24
                          193.23.130.0/24 maxlen: 24
                          45.156.158.0/24 maxlen: 24
                          89.34.127.0/24 maxlen: 24
                          89.33.84.0/24 maxlen: 24
                          93.115.109.0/24 maxlen: 24
                          188.240.232.0/24 maxlen: 24
                          188.241.110.0/24 maxlen: 24
                          188.241.214.0/24 maxlen: 24
                          89.37.62.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 04 Apr 2023 08:26:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:46:ae:36:c1:3c:69:b9:02:76:cc:1a:31:65:32:e7:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Apr  3 10:33:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9fca30e9f6d0bcca302fde8797b060e9eeb008b4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:4f:15:fb:3a:f6:e2:90:c7:f1:0e:b6:8f:b1:
                    e5:1b:e4:9f:44:ae:a5:5e:2c:06:03:7f:1f:41:a2:
                    bd:ed:4d:9b:df:a2:9c:df:3d:48:a2:47:8b:6f:b6:
                    9a:ea:67:70:69:9d:a1:39:06:63:e9:e5:6a:3d:8c:
                    cf:25:28:b7:d6:29:e8:c3:df:54:8e:95:21:32:0e:
                    20:9e:0a:dc:35:e2:c7:f8:98:30:9d:f7:b8:3c:0d:
                    9a:4d:db:0c:29:d4:2a:c1:19:f1:60:9c:b7:46:a8:
                    31:a4:bc:19:c3:ab:d4:bb:ed:59:99:8e:f8:64:ca:
                    ca:c8:fb:c2:39:5b:e2:bf:dc:2b:ef:b7:52:51:cd:
                    48:b8:ec:00:fe:e8:c7:1c:38:37:33:05:26:9e:20:
                    9e:15:55:3b:22:9b:f1:d3:d5:76:8e:24:a9:3d:6d:
                    74:7c:d7:b5:50:3d:64:15:7d:9a:c8:56:b5:11:56:
                    3c:52:65:63:8e:ad:00:a5:9f:ad:3e:13:d4:15:0d:
                    c4:2d:72:12:13:32:49:d6:0f:ef:f1:87:a4:26:cc:
                    8b:2c:e3:07:de:90:d1:f1:b5:9d:39:1c:03:ec:74:
                    52:10:b0:fc:d9:6c:06:ac:cc:d3:85:ea:0c:6f:d3:
                    46:e6:79:90:8e:b6:52:56:8d:70:03:ec:67:6f:ca:
                    01:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:CA:30:E9:F6:D0:BC:CA:30:2F:DE:87:97:B0:60:E9:EE:B0:08:B4
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/n8ow6fbQvMowL96Hl7Bg6e6wCLQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.156.158.0/24
                  89.33.84.0/24
                  89.34.127.0/24
                  89.37.62.0/24
                  93.114.192.0/24
                  93.115.109.0/24
                  188.240.232.0/24
                  188.241.110.0/24
                  188.241.214.0/24
                  193.23.130.0/24

    Signature Algorithm: sha256WithRSAEncryption
         13:c8:1d:26:89:ed:68:b9:9f:57:f6:f7:8d:d4:80:7c:d7:0f:
         e7:be:31:48:62:fe:32:e0:ab:ce:03:53:eb:47:87:9a:dc:bf:
         e1:ce:25:a0:58:3d:85:1e:06:f2:6d:e9:0e:0d:4f:fe:14:f4:
         73:1f:31:38:d8:86:41:b9:11:80:1d:65:49:4d:1b:d3:91:b1:
         4c:17:66:20:19:15:2a:ee:96:8e:3c:a6:44:95:27:07:9a:f9:
         29:30:e8:c0:b7:9b:c8:f8:8e:ff:3d:02:29:e9:31:40:bc:1b:
         3f:e7:63:33:fa:bc:df:08:48:f5:e2:8f:a8:4c:b2:03:d2:1e:
         8a:23:36:74:27:86:d9:d4:69:35:2a:36:13:2d:14:42:6a:6d:
         82:e5:16:00:74:05:d4:83:12:fe:24:a7:6c:e4:3e:5d:2a:e8:
         3e:3b:f0:38:af:e5:f9:15:f0:f5:58:ae:80:21:64:f2:37:d6:
         bf:cf:4f:a2:aa:3a:bd:27:e6:55:b6:7d:90:04:f9:7a:09:18:
         cf:9f:2a:c6:70:b5:6d:61:db:48:c6:62:99:15:a4:cd:28:cb:
         d0:f4:70:be:f6:2d:48:7a:65:45:9d:ae:da:82:2e:83:00:96:
         a8:00:45:45:28:51:66:2e:06:33:ba:df:21:a6:8d:cf:cc:78:
         9b:cb:98:2a
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYdGrjbBPGm5AnbMGjFlMueAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNDAzMTAzMzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmNhMzBlOWY2ZDBiY2NhMzAyZmRlODc5N2IwNjBlOWVlYjAwOGI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqE8V+zr24pDH8Q62j7HlG+SfRK6l
XiwGA38fQaK97U2b36Kc3z1IokeLb7aa6mdwaZ2hOQZj6eVqPYzPJSi31inow99U
jpUhMg4gngrcNeLH+Jgwnfe4PA2aTdsMKdQqwRnxYJy3RqgxpLwZw6vUu+1ZmY74
ZMrKyPvCOVviv9wr77dSUc1IuOwA/ujHHDg3MwUmniCeFVU7Ipvx09V2jiSpPW10
fNe1UD1kFX2ayFa1EVY8UmVjjq0ApZ+tPhPUFQ3ELXISEzJJ1g/v8YekJsyLLOMH
3pDR8bWdORwD7HRSELD82WwGrMzTheoMb9NG5nmQjrZSVo1wA+xnb8oB0QIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFJ/KMOn20LzKMC/eh5ewYOnusAi0MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvbjhvdzZmYlF2TW93TDk2SGw3Qmc2ZTZ3Q0xRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQALZyeAwQA
WSFUAwQAWSJ/AwQAWSU+AwQAXXLAAwQAXXNtAwQAvPDoAwQAvPFuAwQAvPHWAwQA
wReCMA0GCSqGSIb3DQEBCwUAA4IBAQATyB0mie1ouZ9X9veN1IB81w/nvjFIYv4y
4KvOA1PrR4ea3L/hziWgWD2FHgbybekODU/+FPRzHzE42IZBuRGAHWVJTRvTkbFM
F2YgGRUq7paOPKZElScHmvkpMOjAt5vI+I7/PQIp6TFAvBs/52Mz+rzfCEj14o+o
TLID0h6KIzZ0J4bZ1Gk1KjYTLRRCam2C5RYAdAXUgxL+JKds5D5dKug+O/A4r+X5
FfD1WK6AIWTyN9a/z0+iqjq9J+ZVtn2QBPl6CRjPnyrGcLVtYdtIxmKZFaTNKMvQ
9HC+9i1IemVFna7agi6DAJaoAEVFKFFmLgYzut8hpo3PzHiby5gq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:48 2024 by rpki-client on console-fra.rpki-client.org