Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/ba8c25-40ef-4bab-aa3a-9a7e1464862a/1/NPCt9wQzqrr4yOIqKckgmN8TYw8.roa
File:                     NPCt9wQzqrr4yOIqKckgmN8TYw8.roa (raw, json)
Hash identifier:          dlfGa+hD0kdmtyg8jwUMYBbblScyfmQkcZdVywrsrmw=
Subject key identifier:   34:F0:AD:F7:04:33:AA:BA:F8:C8:E2:2A:29:C9:20:98:DF:13:63:0F
Certificate issuer:       /CN=7d477ba40a72752bf50e42c0003765e4d7473e46
Certificate serial:       01856F54C01475B290D05BB48B72A268E466
Authority key identifier: 7D:47:7B:A4:0A:72:75:2B:F5:0E:42:C0:00:37:65:E4:D7:47:3E:46
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fUd7pApydSv1DkLAADdl5NdHPkY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cf/ba8c25-40ef-4bab-aa3a-9a7e1464862a/1/NPCt9wQzqrr4yOIqKckgmN8TYw8.roa
Signing time:             Sun 01 Jan 2023 21:55:03 +0000
ROA not before:           Sun 01 Jan 2023 21:55:03 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     206138
IP address blocks:        91.206.60.0/23 maxlen: 24
                          195.34.64.0/23 maxlen: 24
                          2001:67c:518::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 00:29:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:54:c0:14:75:b2:90:d0:5b:b4:8b:72:a2:68:e4:66
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7d477ba40a72752bf50e42c0003765e4d7473e46
        Validity
            Not Before: Jan  1 21:55:03 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=34f0adf70433aabaf8c8e22a29c92098df13630f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:aa:fc:d2:2b:eb:e9:c5:e6:87:fb:5e:87:e8:
                    d5:56:57:dd:1f:7e:0e:c7:21:fb:36:0f:4b:f1:2b:
                    e5:3d:21:a5:9f:05:b3:9f:2c:ac:6f:dc:d4:e2:07:
                    88:54:5a:26:5f:b5:05:10:4f:da:6b:df:6d:1a:e7:
                    e4:47:20:e2:1f:00:44:45:fc:c0:9b:ab:d6:a4:d6:
                    95:40:dd:ed:77:f6:20:9b:03:b4:3d:09:50:dc:e2:
                    80:a2:9c:d2:3c:90:8c:de:a3:4e:77:1f:b7:0a:b1:
                    04:be:77:ee:38:a5:e8:c7:d1:0d:2c:3c:63:0a:97:
                    30:ae:dd:68:ff:31:2b:21:e9:39:35:ea:ce:06:fd:
                    b2:ca:4a:6d:c9:96:ba:3f:65:fe:9a:0d:81:a7:22:
                    ef:4f:4c:d1:d2:97:26:9c:fd:9a:1e:92:35:e2:ac:
                    f4:da:08:cd:91:9d:00:26:dd:0f:48:24:0a:d5:15:
                    0f:0c:2f:18:c8:74:27:c9:7a:eb:ac:21:a8:24:6a:
                    8c:5c:66:19:f7:fe:4d:89:7b:89:67:91:78:ee:76:
                    bd:c0:26:d5:e8:07:68:bf:b6:ac:5c:bd:1e:2c:1e:
                    e0:1d:87:61:42:8a:48:a6:a2:35:b6:95:19:62:2f:
                    d9:cc:ea:e4:13:19:f4:74:ef:aa:d0:14:02:83:09:
                    47:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:F0:AD:F7:04:33:AA:BA:F8:C8:E2:2A:29:C9:20:98:DF:13:63:0F
            X509v3 Authority Key Identifier:
                keyid:7D:47:7B:A4:0A:72:75:2B:F5:0E:42:C0:00:37:65:E4:D7:47:3E:46

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fUd7pApydSv1DkLAADdl5NdHPkY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/ba8c25-40ef-4bab-aa3a-9a7e1464862a/1/NPCt9wQzqrr4yOIqKckgmN8TYw8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/ba8c25-40ef-4bab-aa3a-9a7e1464862a/1/fUd7pApydSv1DkLAADdl5NdHPkY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.206.60.0/23
                  195.34.64.0/23
                IPv6:
                  2001:67c:518::/48

    Signature Algorithm: sha256WithRSAEncryption
         6a:44:89:25:dc:6a:7f:86:42:8e:9f:d2:b2:4a:15:3c:0e:90:
         7d:a2:0c:41:a7:d7:02:ff:d5:bf:ed:88:ed:ee:65:be:c1:24:
         80:89:c4:e5:21:d7:a0:2f:0f:14:46:89:61:aa:40:10:a9:f2:
         e8:46:ba:be:db:8f:61:34:a6:9b:11:4d:b6:2f:84:81:be:31:
         35:12:24:4b:de:79:07:ae:82:0f:72:d5:57:74:47:75:2b:6b:
         7f:ab:37:07:18:45:ef:49:a8:f5:59:f6:40:9e:f2:99:e3:e2:
         35:5d:27:8b:b5:f0:9b:00:cd:6d:96:23:7f:86:5b:41:4a:4e:
         ff:07:b8:2e:5a:df:39:af:9e:b1:4d:e8:ac:f2:0f:88:59:d2:
         df:b6:d8:39:8a:83:ce:4a:d7:f6:4c:e7:94:41:95:26:8d:20:
         17:be:fe:f2:58:e1:bb:1d:9c:14:46:97:6b:8b:d9:db:e7:48:
         fb:65:b8:7e:77:ea:ac:35:ba:75:18:32:19:dd:a0:9f:a2:72:
         53:db:99:97:46:dd:ad:ef:cf:04:32:d0:0d:d9:a9:5a:eb:0f:
         23:fd:27:3c:49:63:71:37:03:eb:d4:c0:5b:9c:98:0e:64:aa:
         57:16:e4:53:7f:d8:67:0e:77:64:94:fe:1f:82:a1:a5:58:59:
         8c:92:fb:66
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVvVMAUdbKQ0Fu0i3KiaORmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNDc3YmE0MGE3Mjc1MmJmNTBlNDJjMDAwMzc2NWU0ZDc0
NzNlNDYwHhcNMjMwMTAxMjE1NTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGYwYWRmNzA0MzNhYWJhZjhjOGUyMmEyOWM5MjA5OGRmMTM2MzBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuqr80ivr6cXmh/teh+jVVlfdH34O
xyH7Ng9L8SvlPSGlnwWznyysb9zU4geIVFomX7UFEE/aa99tGufkRyDiHwBERfzA
m6vWpNaVQN3td/YgmwO0PQlQ3OKAopzSPJCM3qNOdx+3CrEEvnfuOKXox9ENLDxj
Cpcwrt1o/zErIek5NerOBv2yykptyZa6P2X+mg2BpyLvT0zR0pcmnP2aHpI14qz0
2gjNkZ0AJt0PSCQK1RUPDC8YyHQnyXrrrCGoJGqMXGYZ9/5NiXuJZ5F47na9wCbV
6Adov7asXL0eLB7gHYdhQopIpqI1tpUZYi/ZzOrkExn0dO+q0BQCgwlHqwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFDTwrfcEM6q6+MjiKinJIJjfE2MPMB8GA1UdIwQY
MBaAFH1He6QKcnUr9Q5CwAA3ZeTXRz5GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlVkN3BBcHlkU3YxRGtMQUFEZGw1TmRIUGtZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9iYThjMjUtNDBlZi00YmFiLWFhM2Et
OWE3ZTE0NjQ4NjJhLzEvTlBDdDl3UXpxcnI0eU9JcUtja2dtTjhUWXc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9iYThjMjUtNDBlZi00YmFiLWFhM2EtOWE3ZTE0NjQ4NjJh
LzEvZlVkN3BBcHlkU3YxRGtMQUFEZGw1TmRIUGtZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBW848AwQB
wyJAMA8EAgACMAkDBwAgAQZ8BRgwDQYJKoZIhvcNAQELBQADggEBAGpEiSXcan+G
Qo6f0rJKFTwOkH2iDEGn1wL/1b/tiO3uZb7BJICJxOUh16AvDxRGiWGqQBCp8uhG
ur7bj2E0ppsRTbYvhIG+MTUSJEveeQeugg9y1Vd0R3Ura3+rNwcYRe9JqPVZ9kCe
8pnj4jVdJ4u18JsAzW2WI3+GW0FKTv8HuC5a3zmvnrFN6KzyD4hZ0t+22DmKg85K
1/ZM55RBlSaNIBe+/vJY4bsdnBRGl2uL2dvnSPtluH536qw1unUYMhndoJ+iclPb
mZdG3a3vzwQy0A3ZqVrrDyP9JzxJY3E3A+vUwFucmA5kqlcW5FN/2GcOd2SU/h+C
oaVYWYyS+2Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:10 2024 by rpki-client on console-ams.rpki-client.org