Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/ox4IQeHrHlIeUOJ2JFdqGGO6FCI.roa
File:                     ox4IQeHrHlIeUOJ2JFdqGGO6FCI.roa (raw, json)
Hash identifier:          Za5yt9/UaLz1XT+p+TJS+Et7K2dvQBj2CIMMkN9gj1o=
Subject key identifier:   A3:1E:08:41:E1:EB:1E:52:1E:50:E2:76:24:57:6A:18:63:BA:14:22
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       01885748BD450365980934C758F750B7A3E0
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/ox4IQeHrHlIeUOJ2JFdqGGO6FCI.roa
Signing time:             Fri 26 May 2023 08:59:24 +0000
ROA not before:           Fri 26 May 2023 08:59:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     14315
IP address blocks:        192.159.99.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:30:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:57:48:bd:45:03:65:98:09:34:c7:58:f7:50:b7:a3:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: May 26 08:59:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a31e0841e1eb1e521e50e27624576a1863ba1422
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:09:78:45:cb:05:3b:30:fe:ff:2b:80:f4:1b:
                    7c:08:19:01:75:2b:14:4a:53:35:6b:8f:18:92:b4:
                    65:fb:58:20:3e:6f:ad:ee:f8:cc:17:c9:8b:e6:31:
                    ac:bd:4d:b9:f5:7c:91:54:cc:41:b3:79:8c:02:d8:
                    5b:3b:cc:b3:d8:b3:e3:6c:11:89:58:91:6b:c1:f2:
                    87:eb:19:2d:9e:6f:5a:13:06:69:4a:10:3d:de:3b:
                    ec:11:02:af:6e:8e:10:67:cc:41:1d:a2:73:76:92:
                    c6:56:9c:13:9c:b3:ae:39:a2:61:da:a9:7c:b4:ac:
                    a5:51:83:66:8e:dd:de:b4:fc:31:81:fe:7e:e2:3d:
                    78:7c:fd:51:df:1e:8c:23:d2:ce:e8:5c:81:9f:e9:
                    3b:db:aa:c3:ee:e4:74:f8:72:bb:4a:e1:d8:00:07:
                    91:78:53:c8:f9:b2:9d:9b:f4:a3:56:f3:bb:a6:bd:
                    26:76:b5:19:21:1b:58:f9:95:dd:bc:62:62:1e:93:
                    df:a7:03:93:0e:40:e1:ac:0b:49:c7:fe:1d:45:47:
                    a1:fc:b0:b3:16:1e:f1:aa:4a:e1:73:ac:ab:9e:e9:
                    49:f4:3f:32:98:d9:37:ef:87:d1:83:29:53:96:14:
                    5d:1d:a7:e1:b5:18:81:99:d5:c6:e0:ce:52:80:0b:
                    35:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:1E:08:41:E1:EB:1E:52:1E:50:E2:76:24:57:6A:18:63:BA:14:22
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/ox4IQeHrHlIeUOJ2JFdqGGO6FCI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.159.99.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0e:a4:14:7c:99:9c:17:d7:09:15:12:f6:94:53:f4:ec:b9:ec:
         d7:22:6f:ef:6c:da:25:e9:f8:cd:22:1b:c7:e2:5f:7b:91:5c:
         d7:8c:a4:cc:6e:5e:d6:9b:d9:e5:93:88:26:20:d3:bd:f3:60:
         bf:ca:dc:8d:6d:2e:f3:11:26:23:0a:8f:fe:2f:9f:61:26:71:
         3c:13:3e:2d:c9:25:63:73:7d:a4:1c:73:d1:e9:ff:56:d2:22:
         d9:42:3b:b1:2f:59:af:68:e9:1c:8d:0d:60:08:de:27:17:24:
         f6:da:1a:03:51:41:3d:4a:0f:43:7a:3c:1a:8c:fd:68:45:7a:
         47:d1:ac:55:14:09:d3:0b:f3:70:5f:00:12:fc:41:ec:0d:a2:
         30:a8:2c:4c:93:2e:f3:8c:0e:b6:f8:af:0d:c3:61:54:4c:72:
         6f:08:5f:85:67:67:0c:31:9d:2e:4c:9c:4d:bd:b8:2c:d1:02:
         57:1b:41:09:b5:32:8b:d7:7a:5e:fe:0f:92:29:3a:91:8c:97:
         fe:23:3e:ea:b5:dd:16:d0:e7:b2:3c:59:56:e4:29:7b:3e:30:
         d6:77:d0:53:05:d6:f3:e8:42:5b:f9:42:4b:0c:19:df:9b:0a:
         f2:e9:8e:ee:2f:c3:f2:be:eb:01:a3:4f:35:e2:88:5e:93:58:
         28:1a:95:d8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYhXSL1FA2WYCTTHWPdQt6PgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNTI2MDg1OTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzFlMDg0MWUxZWIxZTUyMWU1MGUyNzYyNDU3NmExODYzYmExNDIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3wl4RcsFOzD+/yuA9Bt8CBkBdSsU
SlM1a48YkrRl+1ggPm+t7vjMF8mL5jGsvU259XyRVMxBs3mMAthbO8yz2LPjbBGJ
WJFrwfKH6xktnm9aEwZpShA93jvsEQKvbo4QZ8xBHaJzdpLGVpwTnLOuOaJh2ql8
tKylUYNmjt3etPwxgf5+4j14fP1R3x6MI9LO6FyBn+k726rD7uR0+HK7SuHYAAeR
eFPI+bKdm/SjVvO7pr0mdrUZIRtY+ZXdvGJiHpPfpwOTDkDhrAtJx/4dRUeh/LCz
Fh7xqkrhc6yrnulJ9D8ymNk374fRgylTlhRdHafhtRiBmdXG4M5SgAs1IQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKMeCEHh6x5SHlDidiRXahhjuhQiMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvb3g0SVFlSHJIbEllVU9KMkpGZHFHR082RkNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwJ9jMA0G
CSqGSIb3DQEBCwUAA4IBAQAOpBR8mZwX1wkVEvaUU/TsuezXIm/vbNol6fjNIhvH
4l97kVzXjKTMbl7Wm9nlk4gmINO982C/ytyNbS7zESYjCo/+L59hJnE8Ez4tySVj
c32kHHPR6f9W0iLZQjuxL1mvaOkcjQ1gCN4nFyT22hoDUUE9Sg9DejwajP1oRXpH
0axVFAnTC/NwXwAS/EHsDaIwqCxMky7zjA62+K8Nw2FUTHJvCF+FZ2cMMZ0uTJxN
vbgs0QJXG0EJtTKL13pe/g+SKTqRjJf+Iz7qtd0W0OeyPFlW5Cl7PjDWd9BTBdbz
6EJb+UJLDBnfmwry6Y7uL8PyvusBo0814ohek1goGpXY
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:48 2024 by rpki-client on console-fra.rpki-client.org