Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/pVHgvZk8B_CfNtQN1_-ofTFnDVU.roa
File:                     pVHgvZk8B_CfNtQN1_-ofTFnDVU.roa (raw, json)
Hash identifier:          fAtlMNZ/mHXURr2AFO3TbbHTtRHIMDKz2VnKmYmV2zk=
Subject key identifier:   A5:51:E0:BD:99:3C:07:F0:9F:36:D4:0D:D7:FF:A8:7D:31:67:0D:55
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       0187957063441675B52C05131657C6443058
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/pVHgvZk8B_CfNtQN1_-ofTFnDVU.roa
Signing time:             Tue 18 Apr 2023 17:36:23 +0000
ROA not before:           Tue 18 Apr 2023 17:36:23 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     7411
IP address blocks:        89.33.85.0/24 maxlen: 24
                          188.240.232.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 25 Apr 2023 20:10:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:95:70:63:44:16:75:b5:2c:05:13:16:57:c6:44:30:58
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Apr 18 17:36:23 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a551e0bd993c07f09f36d40dd7ffa87d31670d55
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:17:d2:35:60:20:a1:56:0f:e5:85:c2:f4:f6:
                    62:51:dd:9f:3c:b2:d5:f8:d0:a9:d5:98:2d:89:ed:
                    14:3f:f2:78:14:f6:a9:07:1b:c1:6b:b5:6b:93:ed:
                    6c:d8:48:e0:ab:66:4b:a6:b5:03:bf:48:22:97:b6:
                    d1:76:7c:d8:71:10:15:bc:f8:20:45:09:58:7d:da:
                    dc:4c:3e:a9:ee:0f:3f:95:a3:b9:65:fb:13:ac:83:
                    2e:b8:cc:b7:09:4c:c8:93:dd:e2:91:3d:9f:ff:56:
                    be:dc:d5:a3:b8:7b:33:9e:c3:1f:a6:a1:5c:56:d8:
                    16:0e:3a:9a:7e:c2:2a:fd:7c:56:25:1c:f1:fa:ce:
                    d4:65:4b:87:66:16:4c:6a:1e:1b:c1:e7:62:87:66:
                    5f:65:49:63:46:d7:12:da:4a:9d:09:3c:78:f9:5a:
                    d4:df:1c:8a:82:58:b6:67:cc:e0:25:8d:23:21:c9:
                    72:c2:4e:ec:e8:d5:7a:30:9f:27:e8:c9:a2:2d:32:
                    1c:5e:da:0f:bb:a4:e7:7f:e9:40:9c:a9:d4:fa:f3:
                    c2:a2:b0:65:15:fc:32:04:d5:7c:1b:58:1c:39:b9:
                    cf:31:b1:d7:af:4a:03:84:bf:72:17:53:4f:0e:a5:
                    f0:4d:a5:3c:e3:2c:eb:5b:c2:51:87:36:3a:6a:3e:
                    ee:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:51:E0:BD:99:3C:07:F0:9F:36:D4:0D:D7:FF:A8:7D:31:67:0D:55
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/pVHgvZk8B_CfNtQN1_-ofTFnDVU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.33.85.0/24
                  188.240.232.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0f:d4:a7:a8:79:2c:06:24:dd:00:59:98:bc:06:85:d3:4f:05:
         f0:dd:d0:80:a6:c0:09:ba:78:70:bb:cf:5c:26:35:67:10:af:
         7d:b7:28:95:4e:09:c0:e4:42:5e:7b:56:d8:83:f2:f2:d1:0a:
         4e:53:7a:ba:e2:8c:cf:81:ab:4d:4f:e5:f7:11:9e:0f:8f:a0:
         e0:0b:f9:4e:7d:56:0b:79:92:07:c8:cd:13:14:d4:f8:44:c8:
         ce:19:d8:59:e6:e1:66:24:6d:03:06:2a:b6:61:83:bb:84:90:
         b3:34:e8:0b:2b:7f:ab:f1:bc:ae:bb:7f:fb:0b:b8:bd:00:40:
         c7:a2:53:fb:4a:ce:7f:e7:96:6e:59:4d:78:9d:b8:2e:5d:bd:
         41:ea:ff:c5:29:d1:f8:d9:3a:84:ae:3b:a2:22:e8:19:71:a2:
         90:a1:88:ae:14:30:dc:58:84:9a:ac:be:15:26:de:97:40:dd:
         1a:00:65:08:fa:0c:53:6a:38:e3:2f:61:0b:95:16:51:d7:f2:
         fb:bb:c9:2c:05:39:84:45:b1:6b:03:75:00:24:90:c8:98:ff:
         c0:8f:81:bc:d8:fe:4a:a9:47:95:33:48:d9:9d:df:a0:d5:dc:
         1c:09:21:69:13:36:08:06:8f:6b:62:de:f2:67:86:cc:17:e2:
         27:7a:d2:29
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYeVcGNEFnW1LAUTFlfGRDBYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNDE4MTczNjIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTUxZTBiZDk5M2MwN2YwOWYzNmQ0MGRkN2ZmYTg3ZDMxNjcwZDU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkBfSNWAgoVYP5YXC9PZiUd2fPLLV
+NCp1Zgtie0UP/J4FPapBxvBa7Vrk+1s2Ejgq2ZLprUDv0gil7bRdnzYcRAVvPgg
RQlYfdrcTD6p7g8/laO5ZfsTrIMuuMy3CUzIk93ikT2f/1a+3NWjuHsznsMfpqFc
VtgWDjqafsIq/XxWJRzx+s7UZUuHZhZMah4bwedih2ZfZUljRtcS2kqdCTx4+VrU
3xyKgli2Z8zgJY0jIclywk7s6NV6MJ8n6MmiLTIcXtoPu6Tnf+lAnKnU+vPCorBl
FfwyBNV8G1gcObnPMbHXr0oDhL9yF1NPDqXwTaU84yzrW8JRhzY6aj7uhwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKVR4L2ZPAfwnzbUDdf/qH0xZw1VMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvcFZIZ3ZaazhCX0NmTnRRTjFfLW9mVEZuRFZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWSFVAwQA
vPDoMA0GCSqGSIb3DQEBCwUAA4IBAQAP1KeoeSwGJN0AWZi8BoXTTwXw3dCApsAJ
unhwu89cJjVnEK99tyiVTgnA5EJee1bYg/Ly0QpOU3q64ozPgatNT+X3EZ4Pj6Dg
C/lOfVYLeZIHyM0TFNT4RMjOGdhZ5uFmJG0DBiq2YYO7hJCzNOgLK3+r8byuu3/7
C7i9AEDHolP7Ss5/55ZuWU14nbguXb1B6v/FKdH42TqErjuiIugZcaKQoYiuFDDc
WISarL4VJt6XQN0aAGUI+gxTajjjL2ELlRZR1/L7u8ksBTmERbFrA3UAJJDImP/A
j4G82P5KqUeVM0jZnd+g1dwcCSFpEzYIBo9rYt7yZ4bMF+InetIp
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:48 2024 by rpki-client on console-fra.rpki-client.org