Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/30d4e8-e090-4bf2-8185-3687c818ede5/1/Nrd8w9eo3muqik4ojIpwC2dGRXM.roa
File:                     Nrd8w9eo3muqik4ojIpwC2dGRXM.roa (raw, json)
Hash identifier:          4CGzd0DqjVyqmQkquxs/PrCj1PWOkIQNnfLa1EJhaKk=
Subject key identifier:   36:B7:7C:C3:D7:A8:DE:6B:AA:8A:4E:28:8C:8A:70:0B:67:46:45:73
Certificate issuer:       /CN=a316c7659af1d56bc718faf614f092758f5edc7f
Certificate serial:       01856EEFE2A712B83F492D8EEE5E3DD46EF5
Authority key identifier: A3:16:C7:65:9A:F1:D5:6B:C7:18:FA:F6:14:F0:92:75:8F:5E:DC:7F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oxbHZZrx1WvHGPr2FPCSdY9e3H8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cc/30d4e8-e090-4bf2-8185-3687c818ede5/1/Nrd8w9eo3muqik4ojIpwC2dGRXM.roa
Signing time:             Sun 01 Jan 2023 20:04:52 +0000
ROA not before:           Sun 01 Jan 2023 20:04:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     213151
IP address blocks:        185.221.84.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 09 Jun 2023 08:38:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:ef:e2:a7:12:b8:3f:49:2d:8e:ee:5e:3d:d4:6e:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a316c7659af1d56bc718faf614f092758f5edc7f
        Validity
            Not Before: Jan  1 20:04:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=36b77cc3d7a8de6baa8a4e288c8a700b67464573
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:8a:6b:1b:ae:f7:70:23:ac:31:8f:28:3c:02:
                    80:c7:fa:e5:3b:fa:a0:a5:76:27:3b:33:fb:65:28:
                    aa:81:76:b0:38:79:96:12:b7:d8:a8:75:e0:2e:d5:
                    18:8b:4d:f0:3f:d7:7e:da:2d:b8:de:31:15:45:34:
                    4b:e1:05:f9:8b:c6:99:52:d0:2c:22:a6:19:d1:c8:
                    83:61:af:c2:f2:09:b7:72:b4:6d:6d:16:7e:35:99:
                    3d:d5:da:cb:59:af:a7:d7:96:30:18:57:fa:72:1f:
                    b2:20:90:e7:34:2c:76:01:5e:13:68:aa:ca:01:a0:
                    c3:ca:9e:19:99:eb:66:49:8e:99:da:41:26:87:4b:
                    28:99:30:13:42:52:2f:71:78:ac:e3:4f:bb:02:fa:
                    b1:64:05:5a:7b:48:ce:71:2b:d5:e2:a8:f0:0d:bc:
                    a5:85:3a:c5:2a:0d:ef:f8:ba:55:0c:57:c7:d6:10:
                    80:b0:94:e0:e5:ef:38:1a:30:f9:c1:83:06:3f:ca:
                    2b:c0:cc:c0:88:31:34:1c:07:e6:27:77:30:34:04:
                    fe:15:08:84:ee:02:1f:b8:e5:e1:88:cc:b9:24:e7:
                    5a:98:ea:20:56:d3:5c:b0:c5:eb:19:d6:53:e8:ab:
                    21:b5:a2:d0:00:36:1e:5e:bd:aa:55:71:91:b5:3e:
                    60:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:B7:7C:C3:D7:A8:DE:6B:AA:8A:4E:28:8C:8A:70:0B:67:46:45:73
            X509v3 Authority Key Identifier:
                keyid:A3:16:C7:65:9A:F1:D5:6B:C7:18:FA:F6:14:F0:92:75:8F:5E:DC:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oxbHZZrx1WvHGPr2FPCSdY9e3H8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/30d4e8-e090-4bf2-8185-3687c818ede5/1/Nrd8w9eo3muqik4ojIpwC2dGRXM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/30d4e8-e090-4bf2-8185-3687c818ede5/1/oxbHZZrx1WvHGPr2FPCSdY9e3H8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.221.84.0/24

    Signature Algorithm: sha256WithRSAEncryption
         45:a5:5c:33:d0:d9:83:80:4d:cf:2e:08:2a:7e:2b:dc:2b:c9:
         11:3d:69:cd:45:6f:c7:52:9e:b1:3b:ea:0e:55:3d:d3:42:66:
         7d:a7:c2:ea:82:7e:fb:a9:79:35:cc:ef:b7:7e:5c:52:7c:ca:
         97:11:9b:b1:a0:9c:62:61:03:9c:08:34:38:b2:08:9a:f8:15:
         a3:27:46:c4:91:e3:51:93:4c:38:c5:41:ee:df:66:1a:e7:27:
         33:d3:0b:13:0a:7b:27:7d:84:7e:3e:47:99:5a:80:27:bb:70:
         3e:b0:88:a3:8e:86:65:00:96:91:eb:d8:52:d3:2c:c2:78:3c:
         9d:fb:ad:28:7e:02:a0:a1:12:b4:51:5b:bb:40:54:43:81:fc:
         21:0e:3f:7e:5a:8f:d9:47:72:9d:a2:22:a7:f1:f1:a6:a5:f6:
         97:5a:4e:e8:ef:24:93:ab:fb:e4:5e:6d:fc:f5:96:a9:e7:62:
         50:54:f6:cc:6e:e6:00:b8:bb:29:73:48:d0:95:d2:34:b5:91:
         dd:ba:b7:e4:b3:d1:63:4f:4a:f6:3f:b1:6a:27:a0:10:71:ac:
         0c:69:be:d8:9e:ec:75:f3:8b:35:a2:40:d7:a7:c3:9a:0a:d6:
         f7:ed:b7:73:90:5c:48:40:f3:b0:46:e8:82:92:43:39:6d:5e:
         db:4e:30:88
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVu7+KnErg/SS2O7l491G71MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMTZjNzY1OWFmMWQ1NmJjNzE4ZmFmNjE0ZjA5Mjc1OGY1
ZWRjN2YwHhcNMjMwMTAxMjAwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmI3N2NjM2Q3YThkZTZiYWE4YTRlMjg4YzhhNzAwYjY3NDY0NTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiYprG673cCOsMY8oPAKAx/rlO/qg
pXYnOzP7ZSiqgXawOHmWErfYqHXgLtUYi03wP9d+2i243jEVRTRL4QX5i8aZUtAs
IqYZ0ciDYa/C8gm3crRtbRZ+NZk91drLWa+n15YwGFf6ch+yIJDnNCx2AV4TaKrK
AaDDyp4ZmetmSY6Z2kEmh0somTATQlIvcXis40+7AvqxZAVae0jOcSvV4qjwDbyl
hTrFKg3v+LpVDFfH1hCAsJTg5e84GjD5wYMGP8orwMzAiDE0HAfmJ3cwNAT+FQiE
7gIfuOXhiMy5JOdamOogVtNcsMXrGdZT6KshtaLQADYeXr2qVXGRtT5gGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDa3fMPXqN5rqopOKIyKcAtnRkVzMB8GA1UdIwQY
MBaAFKMWx2Wa8dVrxxj69hTwknWPXtx/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3hiSFpacngxV3ZIR1ByMkZQQ1NkWTllM0g4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy8zMGQ0ZTgtZTA5MC00YmYyLTgxODUt
MzY4N2M4MThlZGU1LzEvTnJkOHc5ZW8zbXVxaWs0b2pJcHdDMmRHUlhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy8zMGQ0ZTgtZTA5MC00YmYyLTgxODUtMzY4N2M4MThlZGU1
LzEvb3hiSFpacngxV3ZIR1ByMkZQQ1NkWTllM0g4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAud1UMA0G
CSqGSIb3DQEBCwUAA4IBAQBFpVwz0NmDgE3PLggqfivcK8kRPWnNRW/HUp6xO+oO
VT3TQmZ9p8Lqgn77qXk1zO+3flxSfMqXEZuxoJxiYQOcCDQ4sgia+BWjJ0bEkeNR
k0w4xUHu32Ya5ycz0wsTCnsnfYR+PkeZWoAnu3A+sIijjoZlAJaR69hS0yzCeDyd
+60ofgKgoRK0UVu7QFRDgfwhDj9+Wo/ZR3KdoiKn8fGmpfaXWk7o7ySTq/vkXm38
9Zap52JQVPbMbuYAuLspc0jQldI0tZHdurfks9FjT0r2P7FqJ6AQcawMab7Ynux1
84s1okDXp8OaCtb37bdzkFxIQPOwRuiCkkM5bV7bTjCI
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:34 2024 by rpki-client on console-ams.rpki-client.org