Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/9a86d2-4dd5-40f0-a622-318b0e996ad1/1/NfRCrgpFF6ilztARCxhVEt-ZRdg.roa
File:                     NfRCrgpFF6ilztARCxhVEt-ZRdg.roa (raw, json)
Hash identifier:          pw+sj6RqUFvYkM9Bs80yCA87ECw2Ast9lMK9elEeoLE=
Subject key identifier:   35:F4:42:AE:0A:45:17:A8:A5:CE:D0:11:0B:18:55:12:DF:99:45:D8
Certificate issuer:       /CN=815887f45abbc081aa469a65c1798de6110d9c89
Certificate serial:       01856BAEB50B5BE37207EECAD8A5922DEAC5
Authority key identifier: 81:58:87:F4:5A:BB:C0:81:AA:46:9A:65:C1:79:8D:E6:11:0D:9C:89
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gViH9Fq7wIGqRpplwXmN5hENnIk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/da/9a86d2-4dd5-40f0-a622-318b0e996ad1/1/NfRCrgpFF6ilztARCxhVEt-ZRdg.roa
Signing time:             Sun 01 Jan 2023 04:54:49 +0000
ROA not before:           Sun 01 Jan 2023 04:54:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     3303
IP address blocks:        194.48.215.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:33:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:ae:b5:0b:5b:e3:72:07:ee:ca:d8:a5:92:2d:ea:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=815887f45abbc081aa469a65c1798de6110d9c89
        Validity
            Not Before: Jan  1 04:54:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=35f442ae0a4517a8a5ced0110b185512df9945d8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:ff:18:a6:b7:93:d7:ea:ad:09:b3:93:be:bb:
                    37:f5:23:5e:0e:32:0a:5b:23:d0:8f:a0:4b:a6:75:
                    e1:b0:d5:8d:29:8f:a4:90:e8:fc:fc:9a:24:fa:8d:
                    a1:11:36:b2:a9:54:df:00:ea:c7:5b:21:a9:47:56:
                    42:b4:34:94:43:bf:58:41:64:60:10:c8:be:0c:5c:
                    ae:82:99:1d:a5:b4:ee:6b:02:55:28:97:85:66:85:
                    91:67:c7:9e:85:d8:7f:a1:1a:a8:be:61:9a:e5:9d:
                    03:b1:3f:71:b6:98:42:b0:e4:bd:8d:d5:30:94:da:
                    a2:4d:3c:25:4c:f6:d3:24:bd:50:3e:93:56:e8:8e:
                    86:c3:f7:4f:78:b5:24:56:6e:84:4a:0a:00:28:a7:
                    93:9e:c8:6c:d7:42:01:09:ac:8d:3e:5d:8c:20:89:
                    df:14:32:67:d1:2c:6f:02:2f:f7:6e:07:27:b6:a7:
                    d6:16:b9:2c:14:a6:d9:9b:2b:90:20:d4:80:9a:99:
                    92:66:82:aa:9b:32:c0:ad:b5:22:a4:d5:60:9c:fc:
                    10:e3:a6:2c:de:4c:b9:a6:4f:a6:d0:fa:ae:ec:fe:
                    c0:ff:40:ec:6d:ed:73:7a:51:e7:80:d0:a9:5c:a9:
                    0b:95:80:e1:15:22:57:80:67:31:bf:4d:d9:63:8c:
                    71:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:F4:42:AE:0A:45:17:A8:A5:CE:D0:11:0B:18:55:12:DF:99:45:D8
            X509v3 Authority Key Identifier:
                keyid:81:58:87:F4:5A:BB:C0:81:AA:46:9A:65:C1:79:8D:E6:11:0D:9C:89

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gViH9Fq7wIGqRpplwXmN5hENnIk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/9a86d2-4dd5-40f0-a622-318b0e996ad1/1/NfRCrgpFF6ilztARCxhVEt-ZRdg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/da/9a86d2-4dd5-40f0-a622-318b0e996ad1/1/gViH9Fq7wIGqRpplwXmN5hENnIk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.48.215.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6d:3c:d4:f1:79:d4:d9:c2:52:bd:92:c6:5c:c8:9d:28:6a:9b:
         da:95:9b:6f:25:d5:05:e2:2c:d5:6f:ea:26:95:7c:53:3e:c3:
         27:a5:96:ec:25:02:26:5b:7e:ab:a2:39:3a:57:85:65:13:17:
         c9:ba:bb:66:ad:5d:d2:a4:f3:c4:48:48:91:a0:44:ac:40:4c:
         dc:e6:31:59:84:28:ca:b4:64:40:66:3c:3f:e1:71:2f:c6:ff:
         45:f5:b2:19:6e:a9:a4:a3:fe:d1:3e:fa:08:b6:cb:22:92:af:
         a0:1a:d9:e6:af:d0:48:ec:d3:28:c0:fb:47:f6:b0:67:d8:4d:
         9a:c5:c1:f3:93:2f:fd:75:2d:c2:2e:92:09:2e:1a:7d:37:45:
         71:9a:ad:40:95:a0:f7:3b:a8:a5:b2:2e:db:56:77:11:c2:78:
         98:7c:c3:4f:3d:87:a2:aa:b9:ea:08:02:1f:41:1c:04:56:3b:
         0d:3f:19:97:67:07:61:d9:34:52:30:78:ed:c9:be:0c:6d:0b:
         83:a5:43:fb:61:4a:24:97:9c:e7:19:32:be:f6:05:6e:b3:50:
         b5:15:df:8d:63:b3:be:29:58:ff:2e:19:76:48:83:9d:7b:2c:
         d6:d7:45:25:db:0f:aa:a7:ab:df:1a:24:c4:28:16:00:4d:c2:
         69:72:1c:a3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrrrULW+NyB+7K2KWSLerFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxNTg4N2Y0NWFiYmMwODFhYTQ2OWE2NWMxNzk4ZGU2MTEw
ZDljODkwHhcNMjMwMTAxMDQ1NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWY0NDJhZTBhNDUxN2E4YTVjZWQwMTEwYjE4NTUxMmRmOTk0NWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArP8YpreT1+qtCbOTvrs39SNeDjIK
WyPQj6BLpnXhsNWNKY+kkOj8/Jok+o2hETayqVTfAOrHWyGpR1ZCtDSUQ79YQWRg
EMi+DFyugpkdpbTuawJVKJeFZoWRZ8eehdh/oRqovmGa5Z0DsT9xtphCsOS9jdUw
lNqiTTwlTPbTJL1QPpNW6I6Gw/dPeLUkVm6ESgoAKKeTnshs10IBCayNPl2MIInf
FDJn0SxvAi/3bgcntqfWFrksFKbZmyuQINSAmpmSZoKqmzLArbUipNVgnPwQ46Ys
3ky5pk+m0Pqu7P7A/0Dsbe1zelHngNCpXKkLlYDhFSJXgGcxv03ZY4xx2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDX0Qq4KRReopc7QEQsYVRLfmUXYMB8GA1UdIwQY
MBaAFIFYh/Rau8CBqkaaZcF5jeYRDZyJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1ZpSDlGcTd3SUdxUnBwbHdYbU41aEVObklrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS85YTg2ZDItNGRkNS00MGYwLWE2MjIt
MzE4YjBlOTk2YWQxLzEvTmZSQ3JncEZGNmlsenRBUkN4aFZFdC1aUmRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS85YTg2ZDItNGRkNS00MGYwLWE2MjItMzE4YjBlOTk2YWQx
LzEvZ1ZpSDlGcTd3SUdxUnBwbHdYbU41aEVObklrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwjDXMA0G
CSqGSIb3DQEBCwUAA4IBAQBtPNTxedTZwlK9ksZcyJ0oapvalZtvJdUF4izVb+om
lXxTPsMnpZbsJQImW36rojk6V4VlExfJurtmrV3SpPPESEiRoESsQEzc5jFZhCjK
tGRAZjw/4XEvxv9F9bIZbqmko/7RPvoItssikq+gGtnmr9BI7NMowPtH9rBn2E2a
xcHzky/9dS3CLpIJLhp9N0Vxmq1AlaD3O6ilsi7bVncRwniYfMNPPYeiqrnqCAIf
QRwEVjsNPxmXZwdh2TRSMHjtyb4MbQuDpUP7YUokl5znGTK+9gVus1C1Fd+NY7O+
KVj/Lhl2SIOdeyzW10Ul2w+qp6vfGiTEKBYATcJpchyj
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:26 2024 by rpki-client on console-ams.rpki-client.org