Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/snBSkHrTmYWz2gWKqbNPE0tRPWc.roa
File:                     snBSkHrTmYWz2gWKqbNPE0tRPWc.roa (raw, json)
Hash identifier:          j55BSFtXKPal9tKgstEavVcT+I/EeHw8CFRVuQbFH84=
Subject key identifier:   B2:70:52:90:7A:D3:99:85:B3:DA:05:8A:A9:B3:4F:13:4B:51:3D:67
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       018AD55FEA21256BC75BA8C2CA04DC069E16
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/snBSkHrTmYWz2gWKqbNPE0tRPWc.roa
Signing time:             Wed 27 Sep 2023 06:42:27 +0000
ROA not before:           Wed 27 Sep 2023 06:42:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     206150
IP address blocks:        45.130.82.0/24 maxlen: 24
                          2a0b:64c6::/32 maxlen: 32
                          2a10:7400::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 13 Nov 2023 09:02:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:d5:5f:ea:21:25:6b:c7:5b:a8:c2:ca:04:dc:06:9e:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Sep 27 06:42:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b27052907ad39985b3da058aa9b34f134b513d67
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:99:15:fc:bf:6f:eb:1b:d9:be:c3:4a:48:d4:
                    28:d9:62:c5:79:a0:b4:0e:58:ce:d7:1c:0e:78:e3:
                    17:90:1b:21:32:ff:11:f1:1a:c0:e6:b1:f4:64:df:
                    2a:da:c0:63:04:0b:04:3b:fb:f8:8d:c7:1f:a5:22:
                    17:ce:0d:e5:06:7c:b3:b6:54:7d:ca:67:46:25:9c:
                    1d:4b:30:14:6f:d4:3d:56:3c:49:22:65:ba:8d:af:
                    fa:3c:b2:a6:cd:f8:85:f9:33:3c:df:7e:db:1d:57:
                    ca:73:db:ea:18:48:be:7e:7d:01:07:69:06:a0:ad:
                    da:4d:dc:f8:6a:28:b4:7d:0c:b3:15:0b:ed:10:50:
                    74:91:09:74:74:40:dc:9d:23:ee:08:8b:18:f3:f0:
                    ae:c6:89:d0:2d:b1:f2:45:c8:56:95:a8:d1:f2:e5:
                    1c:f7:85:44:18:60:2d:be:35:c1:4a:18:b1:45:ef:
                    a8:a3:18:89:bf:97:63:e3:4e:ba:a4:2c:6d:9d:6b:
                    68:0e:e1:d8:97:f5:16:86:13:38:cb:2a:4f:52:77:
                    46:b6:cc:20:79:8c:3b:30:1d:12:8a:79:48:ef:89:
                    7e:02:7e:b6:df:75:ff:ec:4a:6e:53:9c:52:b1:12:
                    79:fb:66:23:2b:81:e2:89:68:13:c6:c2:e1:8b:7c:
                    48:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:70:52:90:7A:D3:99:85:B3:DA:05:8A:A9:B3:4F:13:4B:51:3D:67
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/snBSkHrTmYWz2gWKqbNPE0tRPWc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.130.82.0/24
                IPv6:
                  2a0b:64c6::/32
                  2a10:7400::/32

    Signature Algorithm: sha256WithRSAEncryption
         93:63:a5:b9:fb:4c:2e:21:4f:72:c7:f6:60:82:18:be:01:1c:
         2a:72:53:fc:44:a8:40:f0:d7:9f:38:b0:f0:17:1a:99:f3:21:
         0a:cd:45:b9:e7:f6:53:8e:25:9b:b6:aa:fa:f1:96:98:a3:74:
         5f:a1:50:46:52:7f:5d:e9:c0:fe:56:97:bb:a0:8f:e0:e6:23:
         2c:8f:e8:34:3b:03:6e:20:6e:61:0f:15:98:dc:7e:0f:14:da:
         70:24:6b:51:a5:81:6a:4a:69:fa:a4:30:ed:a1:a1:f7:ac:46:
         17:a0:a1:4b:3c:2a:39:10:a6:cc:7c:29:57:ee:2c:d6:09:73:
         8e:23:76:db:69:0e:fc:28:a2:4a:71:78:1b:18:83:28:7b:b6:
         f6:66:85:f3:c9:2b:c4:70:64:8c:2d:d6:da:49:1c:20:ca:44:
         02:7f:eb:32:36:96:57:b7:d1:4d:e7:ed:06:a2:37:d8:f6:34:
         ad:64:46:9e:92:ce:c5:93:ca:c1:5d:71:cc:e2:fc:5b:e8:88:
         bb:c9:c6:37:82:ef:e5:93:27:6f:03:3b:3d:f6:12:c1:5f:eb:
         0f:7c:f8:98:66:97:16:15:31:b7:c7:ec:21:69:00:65:e7:21:
         d6:53:b9:93:1e:d5:e3:ec:91:37:a7:b3:89:b5:41:d0:75:3d:
         a1:d6:6f:05
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYrVX+ohJWvHW6jCygTcBp4WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwOTI3MDY0MjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjcwNTI5MDdhZDM5OTg1YjNkYTA1OGFhOWIzNGYxMzRiNTEzZDY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnpkV/L9v6xvZvsNKSNQo2WLFeaC0
DljO1xwOeOMXkBshMv8R8RrA5rH0ZN8q2sBjBAsEO/v4jccfpSIXzg3lBnyztlR9
ymdGJZwdSzAUb9Q9VjxJImW6ja/6PLKmzfiF+TM8337bHVfKc9vqGEi+fn0BB2kG
oK3aTdz4aii0fQyzFQvtEFB0kQl0dEDcnSPuCIsY8/CuxonQLbHyRchWlajR8uUc
94VEGGAtvjXBShixRe+ooxiJv5dj4066pCxtnWtoDuHYl/UWhhM4yypPUndGtswg
eYw7MB0SinlI74l+An6233X/7EpuU5xSsRJ5+2YjK4HiiWgTxsLhi3xIqwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFLJwUpB605mFs9oFiqmzTxNLUT1nMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvc25CU2tIclRtWVd6MmdXS3FiTlBFMHRSUFdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQALYJSMBQE
AgACMA4DBQAqC2TGAwUAKhB0ADANBgkqhkiG9w0BAQsFAAOCAQEAk2OluftMLiFP
csf2YIIYvgEcKnJT/ESoQPDXnziw8BcamfMhCs1Fuef2U44lm7aq+vGWmKN0X6FQ
RlJ/XenA/laXu6CP4OYjLI/oNDsDbiBuYQ8VmNx+DxTacCRrUaWBakpp+qQw7aGh
96xGF6ChSzwqORCmzHwpV+4s1glzjiN222kO/CiiSnF4GxiDKHu29maF88krxHBk
jC3W2kkcIMpEAn/rMjaWV7fRTeftBqI32PY0rWRGnpLOxZPKwV1xzOL8W+iIu8nG
N4Lv5ZMnbwM7PfYSwV/rD3z4mGaXFhUxt8fsIWkAZech1lO5kx7V4+yRN6ezibVB
0HU9odZvBQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:14 2024 by rpki-client on console-ams.rpki-client.org