Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/c2ec61-37ab-405b-a6c2-13ee4c8d3082/1/nc_IjU-2tjUJG2k586hA4cf-Lfo.roa
File:                     nc_IjU-2tjUJG2k586hA4cf-Lfo.roa (raw, json)
Hash identifier:          v7AJEjvoiPDVWb2XSaP5CvOWzDT4SHF9k1iVr8cvvGs=
Subject key identifier:   9D:CF:C8:8D:4F:B6:B6:35:09:1B:69:39:F3:A8:40:E1:C7:FE:2D:FA
Certificate issuer:       /CN=34ba9c223241eb80e2bc71853bb7d2e58286bdd3
Certificate serial:       018CC26D3C8552EC3D16B7D98D03B6BB6F75
Authority key identifier: 34:BA:9C:22:32:41:EB:80:E2:BC:71:85:3B:B7:D2:E5:82:86:BD:D3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NLqcIjJB64DivHGFO7fS5YKGvdM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/de/c2ec61-37ab-405b-a6c2-13ee4c8d3082/1/nc_IjU-2tjUJG2k586hA4cf-Lfo.roa
Signing time:             Mon 01 Jan 2024 00:29:47 +0000
ROA not before:           Mon 01 Jan 2024 00:29:47 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     204877
IP address blocks:        185.141.120.0/22 maxlen: 24
                          2a0d:ff00::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 04 Mar 2024 14:07:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c2:6d:3c:85:52:ec:3d:16:b7:d9:8d:03:b6:bb:6f:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=34ba9c223241eb80e2bc71853bb7d2e58286bdd3
        Validity
            Not Before: Jan  1 00:29:47 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=9dcfc88d4fb6b635091b6939f3a840e1c7fe2dfa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:4e:78:19:8a:22:30:55:31:ad:72:4f:34:fd:
                    e0:de:61:9f:e6:30:be:5a:4d:b6:57:b1:13:d7:43:
                    9e:9e:d1:ec:1c:e7:0f:df:2c:c3:62:d7:5e:b0:fa:
                    b9:0f:c4:3e:1b:47:2b:a3:38:4d:1d:0c:2d:5d:9a:
                    89:ce:b8:c6:d9:1c:9b:20:e1:1d:b1:3d:01:af:89:
                    12:bc:0f:dd:93:64:86:54:ba:33:44:9b:0b:a8:52:
                    74:d0:ce:a3:f9:1a:86:7a:d6:5c:1a:15:e4:0d:a1:
                    da:a2:35:35:d6:24:42:ef:cc:51:8d:d7:66:09:8d:
                    db:28:99:23:65:58:2b:9c:93:4f:1a:3f:50:2b:c9:
                    fb:72:36:fc:58:59:51:3f:56:ef:7d:c9:8e:72:a6:
                    33:de:87:5b:13:f7:bd:51:f3:9b:e8:fb:ac:02:6c:
                    0c:75:85:a6:f2:60:3a:27:d8:e8:9d:99:18:94:5a:
                    26:c3:11:ac:71:f2:1f:39:e5:3c:22:5e:ea:b9:15:
                    f0:16:81:9d:a4:16:a5:0e:12:e9:64:fd:30:c8:18:
                    e5:0a:43:c1:8f:45:84:72:2f:ed:4a:57:e1:57:e5:
                    03:8e:cf:3a:e2:87:8d:f0:5c:de:f2:dd:0b:d1:87:
                    eb:e2:18:39:b8:b1:07:05:f1:23:2b:b3:fd:8d:5b:
                    06:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:CF:C8:8D:4F:B6:B6:35:09:1B:69:39:F3:A8:40:E1:C7:FE:2D:FA
            X509v3 Authority Key Identifier:
                keyid:34:BA:9C:22:32:41:EB:80:E2:BC:71:85:3B:B7:D2:E5:82:86:BD:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NLqcIjJB64DivHGFO7fS5YKGvdM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/c2ec61-37ab-405b-a6c2-13ee4c8d3082/1/nc_IjU-2tjUJG2k586hA4cf-Lfo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/de/c2ec61-37ab-405b-a6c2-13ee4c8d3082/1/NLqcIjJB64DivHGFO7fS5YKGvdM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.141.120.0/22
                IPv6:
                  2a0d:ff00::/29

    Signature Algorithm: sha256WithRSAEncryption
         83:96:5e:65:1c:82:de:74:4c:c9:dc:aa:0b:8e:d6:3b:02:66:
         9c:a6:6b:4e:4a:11:80:1d:7a:29:fa:d2:2f:c6:d4:15:a4:99:
         7c:75:77:31:ab:5d:b5:ef:34:06:f9:82:95:d1:af:10:b4:88:
         9b:ae:fe:e8:b2:58:15:82:22:03:fb:80:85:40:98:aa:09:d1:
         84:43:23:94:99:3e:2d:26:45:e9:d2:dc:e0:0c:72:21:8f:8c:
         ff:c5:dc:f9:78:b5:62:47:f8:97:15:72:8a:41:d0:ff:55:ac:
         d5:63:e5:17:b1:71:d6:dc:ca:c7:fe:b3:19:f8:23:be:2f:d4:
         e8:42:a8:a6:fc:2f:fe:90:26:5e:ea:d7:83:08:ae:24:34:46:
         20:78:74:e9:55:9f:d5:53:e7:96:03:82:c4:da:24:1b:25:f0:
         a8:0b:3e:2d:9a:1a:a3:28:25:de:0a:0f:1a:56:b7:81:30:9c:
         32:88:04:8d:ea:4a:86:a4:dc:99:00:b3:51:81:e7:89:70:a9:
         f9:25:ab:be:eb:05:72:17:5a:1a:35:59:50:ef:68:69:c6:9b:
         92:b5:b3:b0:62:3c:1f:64:2e:51:16:a3:76:41:21:14:ea:bf:
         da:67:2e:f7:42:2c:33:93:ed:83:4e:7b:e6:3b:73:7b:b5:06:
         17:7a:48:1b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzCbTyFUuw9FrfZjQO2u291MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0YmE5YzIyMzI0MWViODBlMmJjNzE4NTNiYjdkMmU1ODI4
NmJkZDMwHhcNMjQwMTAxMDAyOTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGNmYzg4ZDRmYjZiNjM1MDkxYjY5MzlmM2E4NDBlMWM3ZmUyZGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmE54GYoiMFUxrXJPNP3g3mGf5jC+
Wk22V7ET10OentHsHOcP3yzDYtdesPq5D8Q+G0crozhNHQwtXZqJzrjG2RybIOEd
sT0Br4kSvA/dk2SGVLozRJsLqFJ00M6j+RqGetZcGhXkDaHaojU11iRC78xRjddm
CY3bKJkjZVgrnJNPGj9QK8n7cjb8WFlRP1bvfcmOcqYz3odbE/e9UfOb6PusAmwM
dYWm8mA6J9jonZkYlFomwxGscfIfOeU8Il7quRXwFoGdpBalDhLpZP0wyBjlCkPB
j0WEci/tSlfhV+UDjs864oeN8Fze8t0L0Yfr4hg5uLEHBfEjK7P9jVsGsQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJ3PyI1PtrY1CRtpOfOoQOHH/i36MB8GA1UdIwQY
MBaAFDS6nCIyQeuA4rxxhTu30uWChr3TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkxxY0lqSkI2NERpdkhHRk83ZlM1WUtHdmRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9jMmVjNjEtMzdhYi00MDViLWE2YzIt
MTNlZTRjOGQzMDgyLzEvbmNfSWpVLTJ0alVKRzJrNTg2aEE0Y2YtTGZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9jMmVjNjEtMzdhYi00MDViLWE2YzItMTNlZTRjOGQzMDgy
LzEvTkxxY0lqSkI2NERpdkhHRk83ZlM1WUtHdmRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuY14MA0E
AgACMAcDBQMqDf8AMA0GCSqGSIb3DQEBCwUAA4IBAQCDll5lHILedEzJ3KoLjtY7
AmacpmtOShGAHXop+tIvxtQVpJl8dXcxq1217zQG+YKV0a8QtIibrv7oslgVgiID
+4CFQJiqCdGEQyOUmT4tJkXp0tzgDHIhj4z/xdz5eLViR/iXFXKKQdD/VazVY+UX
sXHW3MrH/rMZ+CO+L9ToQqim/C/+kCZe6teDCK4kNEYgeHTpVZ/VU+eWA4LE2iQb
JfCoCz4tmhqjKCXeCg8aVreBMJwyiASN6kqGpNyZALNRgeeJcKn5Jau+6wVyF1oa
NVlQ72hpxpuStbOwYjwfZC5RFqN2QSEU6r/aZy73Qiwzk+2DTnvmO3N7tQYXekgb
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:09 2024 by rpki-client on console-ams.rpki-client.org