Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/tXPu-JEIjJOSWToxJkCranfu-B0.roa
File:                     tXPu-JEIjJOSWToxJkCranfu-B0.roa (raw, json)
Hash identifier:          j6aAXUXqzehiLcoInO9DMwrRt/mneODnRxPDrpl0moc=
Subject key identifier:   B5:73:EE:F8:91:08:8C:93:92:59:3A:31:26:40:AB:6A:77:EE:F8:1D
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       018E9E0EAB758133283367D2940E1CD080DE
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/tXPu-JEIjJOSWToxJkCranfu-B0.roa
Signing time:             Tue 02 Apr 2024 09:05:45 +0000
ROA not before:           Tue 02 Apr 2024 09:05:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     8038
IP address blocks:        185.165.44.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 05 Apr 2024 07:34:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:9e:0e:ab:75:81:33:28:33:67:d2:94:0e:1c:d0:80:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Apr  2 09:05:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=b573eef891088c9392593a312640ab6a77eef81d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:ca:9b:d4:9a:60:dd:6a:64:29:19:81:11:dd:
                    41:16:3c:6b:ee:56:13:bb:ea:ca:35:cb:d4:07:75:
                    ee:aa:e3:fe:2e:34:8e:e7:03:e5:7c:2c:fb:c3:16:
                    66:91:da:0e:0d:b8:92:fe:ac:f0:1a:6d:f9:76:e0:
                    36:e0:96:4d:2e:54:f2:a7:fb:17:3b:f9:56:f0:8b:
                    6b:59:a6:c0:b2:52:f6:90:95:5f:2f:25:1e:4f:0c:
                    fc:8a:4a:79:bd:e0:63:1c:57:a0:87:92:a0:ac:63:
                    7c:b0:5b:ed:a7:b1:9d:6c:9c:c5:2b:f8:37:7e:66:
                    4d:87:c5:ad:23:f0:50:3f:62:d2:40:f7:17:33:97:
                    bd:8b:cd:65:48:a1:ac:6a:24:ae:a5:6c:ac:6a:12:
                    8e:df:d9:9b:a2:fa:27:c1:d0:4a:5d:5d:97:5a:96:
                    20:b1:26:1a:72:37:33:0b:72:5a:a5:17:98:e1:f6:
                    6e:0a:2a:d7:1e:67:9a:61:7f:66:e9:b8:9c:53:25:
                    ac:4b:9f:a2:df:10:37:30:86:73:66:fe:95:05:c0:
                    47:d8:bb:b7:80:5a:1f:bb:27:04:3b:94:62:d9:0d:
                    43:ae:ce:30:26:1e:fe:af:eb:fa:fc:b4:12:6d:d2:
                    4c:3b:56:ed:e3:1f:50:05:d6:61:90:bc:33:da:b3:
                    3c:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:73:EE:F8:91:08:8C:93:92:59:3A:31:26:40:AB:6A:77:EE:F8:1D
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/tXPu-JEIjJOSWToxJkCranfu-B0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.165.44.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7d:f6:20:3b:cf:2c:08:df:1c:d6:28:27:1e:3a:3b:66:3b:a7:
         8d:93:d0:b4:e7:e8:7e:be:f2:b4:18:e4:59:0f:e3:9f:29:6d:
         7c:55:3e:55:bd:ea:05:a4:0c:9f:dc:67:ed:4a:99:b0:ac:10:
         39:86:2c:b9:30:28:34:5a:98:a3:42:93:3f:7f:be:84:eb:1f:
         12:2c:84:b7:cc:d1:9c:e8:37:3c:8b:14:56:8c:76:8f:47:31:
         45:15:db:a0:2f:0f:e1:28:e7:b4:21:60:db:fe:01:2b:e4:8b:
         d2:98:eb:6a:06:a8:e9:b3:a0:f4:c2:83:68:bd:b0:16:11:92:
         34:54:ee:d6:c7:a1:29:e6:70:fb:aa:29:d1:c0:54:a2:56:ad:
         8f:6d:31:f9:dc:b9:09:04:7c:b3:62:d0:27:06:60:c3:79:2e:
         7e:7c:fb:29:7c:db:16:59:56:52:67:ab:c1:dd:4b:36:39:f6:
         6e:f6:cd:7e:ab:e0:be:7b:22:4d:d1:fe:a3:b6:41:a3:d7:4b:
         68:7a:45:44:df:21:8a:21:02:03:4c:e4:4d:5b:37:a7:e5:0c:
         6f:22:89:45:d0:1f:fa:9d:b5:7b:5d:0f:2e:f0:99:9c:a0:c1:
         95:79:b2:5e:a1:7e:e9:d9:35:04:3e:52:15:ca:0d:f0:b2:72:
         72:2c:f7:27
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY6eDqt1gTMoM2fSlA4c0IDeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwNDAyMDkwNTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTczZWVmODkxMDg4YzkzOTI1OTNhMzEyNjQwYWI2YTc3ZWVmODFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvsqb1Jpg3WpkKRmBEd1BFjxr7lYT
u+rKNcvUB3XuquP+LjSO5wPlfCz7wxZmkdoODbiS/qzwGm35duA24JZNLlTyp/sX
O/lW8ItrWabAslL2kJVfLyUeTwz8ikp5veBjHFegh5KgrGN8sFvtp7GdbJzFK/g3
fmZNh8WtI/BQP2LSQPcXM5e9i81lSKGsaiSupWysahKO39mbovonwdBKXV2XWpYg
sSYacjczC3JapReY4fZuCirXHmeaYX9m6bicUyWsS5+i3xA3MIZzZv6VBcBH2Lu3
gFofuycEO5Ri2Q1Drs4wJh7+r+v6/LQSbdJMO1bt4x9QBdZhkLwz2rM8XQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLVz7viRCIyTklk6MSZAq2p37vgdMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvdFhQdS1KRUlqSk9TV1RveEprQ3JhbmZ1LUIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuaUsMA0G
CSqGSIb3DQEBCwUAA4IBAQB99iA7zywI3xzWKCceOjtmO6eNk9C05+h+vvK0GORZ
D+OfKW18VT5VveoFpAyf3GftSpmwrBA5hiy5MCg0WpijQpM/f76E6x8SLIS3zNGc
6Dc8ixRWjHaPRzFFFdugLw/hKOe0IWDb/gEr5IvSmOtqBqjps6D0woNovbAWEZI0
VO7Wx6Ep5nD7qinRwFSiVq2PbTH53LkJBHyzYtAnBmDDeS5+fPspfNsWWVZSZ6vB
3Us2OfZu9s1+q+C+eyJN0f6jtkGj10toekVE3yGKIQIDTORNWzen5QxvIolF0B/6
nbV7XQ8u8JmcoMGVebJeoX7p2TUEPlIVyg3wsnJyLPcn
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:14 2024 by rpki-client on console-ams.rpki-client.org