Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/uaml3dgnlR0QZJN8E_iINFjH7yw.roa
File:                     uaml3dgnlR0QZJN8E_iINFjH7yw.roa (raw, json)
Hash identifier:          vJLXwgNBINZasF14EQHjHaryl7HnZjAJp5ZDYVclDEA=
Subject key identifier:   B9:A9:A5:DD:D8:27:95:1D:10:64:93:7C:13:F8:88:34:58:C7:EF:2C
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       018986AD887CC6FFB6623D2E7466DF6E7DE1
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/uaml3dgnlR0QZJN8E_iINFjH7yw.roa
Signing time:             Mon 24 Jul 2023 06:54:26 +0000
ROA not before:           Mon 24 Jul 2023 06:54:26 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     20473
IP address blocks:        84.54.33.0/24 maxlen: 24
                          193.218.34.0/24 maxlen: 24
                          45.83.28.0/24 maxlen: 24
                          2a0b:64c5::/32 maxlen: 32
                          2a0b:64c7::/32 maxlen: 32
                          2a0b:64c6::/32 maxlen: 32
                          2a0b:64c4::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 21 Aug 2023 07:32:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:86:ad:88:7c:c6:ff:b6:62:3d:2e:74:66:df:6e:7d:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Jul 24 06:54:26 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b9a9a5ddd827951d1064937c13f8883458c7ef2c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:ac:63:91:2e:a8:a4:a0:21:e2:7c:80:40:7c:
                    a7:18:58:37:cd:22:7e:c3:76:f2:dd:68:2b:f2:b2:
                    fd:15:c4:e6:39:8e:7b:c7:de:3e:2a:d4:62:a3:b4:
                    eb:0b:50:48:eb:7d:79:6f:5a:bb:4e:05:04:62:54:
                    b6:6f:ee:c1:99:5d:14:d4:73:4c:df:89:1f:2f:ee:
                    5c:26:2e:d8:eb:b5:dc:5f:38:79:11:8b:b6:61:9e:
                    8d:1d:d7:f2:af:3b:36:52:45:9a:d8:05:bc:75:64:
                    04:e3:e6:93:6b:24:62:70:4b:6f:4e:3d:20:be:79:
                    1b:12:bb:c8:c1:40:20:7a:2f:be:e2:86:ed:e7:66:
                    92:70:38:17:2a:49:40:5c:da:37:63:09:ba:fb:5b:
                    44:bc:83:33:6e:66:e4:74:3d:85:cf:a4:70:6f:39:
                    21:34:be:3d:32:30:f7:e6:39:9f:70:2c:04:a2:bd:
                    8b:42:58:a2:9f:c3:f7:e5:f9:29:78:40:0f:4f:0c:
                    2a:1f:0b:d2:f6:cb:5d:d8:27:91:22:06:88:58:e0:
                    4a:02:c4:5b:5d:29:0c:0b:86:f3:33:ff:8f:a1:19:
                    7f:60:ab:e2:10:75:1a:f9:76:95:70:4c:98:de:33:
                    bd:f8:5b:6e:c3:2e:37:59:6c:a6:1a:d7:85:45:d5:
                    bc:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:A9:A5:DD:D8:27:95:1D:10:64:93:7C:13:F8:88:34:58:C7:EF:2C
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/uaml3dgnlR0QZJN8E_iINFjH7yw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.83.28.0/24
                  84.54.33.0/24
                  193.218.34.0/24
                IPv6:
                  2a0b:64c4::/30

    Signature Algorithm: sha256WithRSAEncryption
         1e:72:7a:b5:36:16:60:3d:71:65:2c:47:19:4b:eb:fa:00:bc:
         f5:88:ea:6b:0d:ab:d2:69:e9:ee:28:07:94:77:7a:84:8d:00:
         c4:26:56:1a:96:18:e7:2a:19:4d:95:65:47:da:ae:9a:6d:a7:
         cb:21:13:d8:59:c4:f9:cc:a4:c5:dd:f5:4a:de:fb:b9:49:37:
         91:a6:38:8b:fb:99:59:73:94:ca:58:f9:c0:a2:f4:46:17:52:
         cb:ef:94:84:c3:cf:49:e9:0c:59:01:5a:b7:1d:65:1f:c1:ba:
         37:bf:53:07:1d:e5:3e:da:43:42:c3:6a:24:c4:26:93:a3:24:
         83:4e:ae:02:70:f7:24:e8:25:4c:02:1d:ee:0b:02:c1:7f:f5:
         0f:fb:d5:b5:54:0b:f9:5c:70:fa:e4:2e:76:4a:08:6a:83:c3:
         9c:49:3c:32:10:ab:bf:a7:06:6f:4f:81:88:e6:81:f2:fa:96:
         18:19:f9:8f:2d:89:96:cb:02:98:3f:d9:78:a6:37:9c:90:92:
         73:de:7f:9d:aa:ff:34:d4:9b:07:05:f5:be:98:9c:d4:fd:7f:
         94:35:d0:b1:21:ca:9b:8c:6d:77:a9:b2:f1:7e:16:6b:ec:b7:
         f3:8d:8e:23:af:53:c2:1d:a0:e1:1a:53:8b:82:ae:d2:fa:64:
         0b:3c:ea:f7
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYmGrYh8xv+2Yj0udGbfbn3hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNzI0MDY1NDI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWE5YTVkZGQ4Mjc5NTFkMTA2NDkzN2MxM2Y4ODgzNDU4YzdlZjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnKxjkS6opKAh4nyAQHynGFg3zSJ+
w3by3Wgr8rL9FcTmOY57x94+KtRio7TrC1BI6315b1q7TgUEYlS2b+7BmV0U1HNM
34kfL+5cJi7Y67XcXzh5EYu2YZ6NHdfyrzs2UkWa2AW8dWQE4+aTayRicEtvTj0g
vnkbErvIwUAgei++4obt52aScDgXKklAXNo3Ywm6+1tEvIMzbmbkdD2Fz6Rwbzkh
NL49MjD35jmfcCwEor2LQliin8P35fkpeEAPTwwqHwvS9std2CeRIgaIWOBKAsRb
XSkMC4bzM/+PoRl/YKviEHUa+XaVcEyY3jO9+Ftuwy43WWymGteFRdW8twIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFLmppd3YJ5UdEGSTfBP4iDRYx+8sMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvdWFtbDNkZ25sUjBRWkpOOEVfaUlORmpIN3l3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQALVMcAwQA
VDYhAwQAwdoiMA0EAgACMAcDBQIqC2TEMA0GCSqGSIb3DQEBCwUAA4IBAQAecnq1
NhZgPXFlLEcZS+v6ALz1iOprDavSaenuKAeUd3qEjQDEJlYalhjnKhlNlWVH2q6a
bafLIRPYWcT5zKTF3fVK3vu5STeRpjiL+5lZc5TKWPnAovRGF1LL75SEw89J6QxZ
AVq3HWUfwbo3v1MHHeU+2kNCw2okxCaToySDTq4CcPck6CVMAh3uCwLBf/UP+9W1
VAv5XHD65C52Sghqg8OcSTwyEKu/pwZvT4GI5oHy+pYYGfmPLYmWywKYP9l4pjec
kJJz3n+dqv801JsHBfW+mJzU/X+UNdCxIcqbjG13qbLxfhZr7LfzjY4jr1PCHaDh
GlOLgq7S+mQLPOr3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:48 2024 by rpki-client on console-fra.rpki-client.org