Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/1d4cfc-8e5c-457c-9620-135c91ec199e/1/NPBT0D49ziyj_KdDVJQjLy2OPuE.roa
File:                     NPBT0D49ziyj_KdDVJQjLy2OPuE.roa (raw, json)
Hash identifier:          Y1PvveuqdO7+aZDXUa3Wi/rnbnVuqitkWHMrQlZbXGo=
Subject key identifier:   34:F0:53:D0:3E:3D:CE:2C:A3:FC:A7:43:54:94:23:2F:2D:8E:3E:E1
Certificate issuer:       /CN=a0dbd5d1f86dd9dd66606a14d31d64cb0eaac83b
Certificate serial:       0188990D1850AE5EC638A9D5334AE26C0B79
Authority key identifier: A0:DB:D5:D1:F8:6D:D9:DD:66:60:6A:14:D3:1D:64:CB:0E:AA:C8:3B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/oNvV0fht2d1mYGoU0x1kyw6qyDs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/1d4cfc-8e5c-457c-9620-135c91ec199e/1/NPBT0D49ziyj_KdDVJQjLy2OPuE.roa
Signing time:             Thu 08 Jun 2023 03:29:12 +0000
ROA not before:           Thu 08 Jun 2023 03:29:12 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     16509
IP address blocks:        185.200.209.0/24 maxlen: 24
                          185.200.211.0/24 maxlen: 24
                          185.200.208.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 08 Jun 2023 09:19:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:99:0d:18:50:ae:5e:c6:38:a9:d5:33:4a:e2:6c:0b:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a0dbd5d1f86dd9dd66606a14d31d64cb0eaac83b
        Validity
            Not Before: Jun  8 03:29:12 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=34f053d03e3dce2ca3fca7435494232f2d8e3ee1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:61:a8:4f:61:55:59:94:13:f4:e2:7d:d7:18:
                    1a:8f:f6:49:8e:5d:e0:c1:31:a2:16:c3:d8:6f:41:
                    3d:36:f9:8f:f1:28:10:6a:8e:6f:8e:bb:66:ab:ab:
                    d0:2f:5d:d0:93:f0:b5:3a:bc:a2:55:84:b8:42:4c:
                    10:69:46:63:25:41:dd:51:91:7f:65:bc:fd:2e:25:
                    20:f3:03:c5:de:57:b6:4c:c5:25:3c:bd:b8:50:6e:
                    e0:7d:d1:c4:99:bf:68:08:49:1d:d0:ab:83:4c:47:
                    7c:66:4e:c5:9a:4f:f0:77:6b:94:d0:11:0d:4c:39:
                    2b:86:af:bb:c6:e2:23:ee:5b:0d:f6:22:76:b4:d7:
                    01:52:80:b6:23:9c:bc:82:2f:80:ef:5a:97:2c:01:
                    11:9c:15:82:6c:c7:7d:e6:bb:57:65:ff:b8:28:4e:
                    85:f1:1e:ca:68:0c:80:e8:ad:ba:d3:b8:03:4d:41:
                    ea:7a:48:cb:fd:e5:2b:69:5b:b8:21:d1:a7:31:04:
                    a3:00:61:f0:18:86:83:5f:d5:bf:89:90:eb:ec:88:
                    d2:8d:d8:84:c9:1f:17:e8:42:a9:06:f1:a1:5e:d5:
                    f1:54:a6:d3:dc:c4:f3:e5:d2:f3:01:e1:50:7f:e8:
                    49:29:7e:c7:f4:10:11:8e:fe:19:63:b0:fc:70:72:
                    26:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:F0:53:D0:3E:3D:CE:2C:A3:FC:A7:43:54:94:23:2F:2D:8E:3E:E1
            X509v3 Authority Key Identifier:
                keyid:A0:DB:D5:D1:F8:6D:D9:DD:66:60:6A:14:D3:1D:64:CB:0E:AA:C8:3B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oNvV0fht2d1mYGoU0x1kyw6qyDs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/1d4cfc-8e5c-457c-9620-135c91ec199e/1/NPBT0D49ziyj_KdDVJQjLy2OPuE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/1d4cfc-8e5c-457c-9620-135c91ec199e/1/oNvV0fht2d1mYGoU0x1kyw6qyDs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.200.208.0/23
                  185.200.211.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6c:c3:99:83:78:c7:b6:e4:79:05:cb:a6:b7:87:7f:66:25:4b:
         c6:de:33:c8:da:da:1c:74:82:63:ed:a7:bd:74:c5:bb:d5:fd:
         49:a3:c6:0b:7a:21:30:ce:89:ee:bb:2a:f3:60:38:cb:cb:eb:
         9a:7c:c3:b5:27:df:91:46:33:c8:ec:8a:15:72:d3:77:09:3d:
         3f:87:43:58:3b:3b:4e:7c:dc:ac:88:f8:ba:0c:23:70:22:e4:
         db:28:2a:4b:68:60:fc:3d:60:f5:43:f0:90:82:e8:1c:f2:b6:
         d9:0f:4f:db:d6:44:8d:d2:6f:f9:4b:72:1f:91:04:15:1a:cb:
         b3:21:d7:26:25:fc:35:8b:b7:df:12:c5:a8:e1:6e:58:ef:3f:
         de:26:f6:a3:3c:09:bb:f7:71:04:19:34:3b:f1:a5:d5:67:9c:
         3d:e0:97:86:67:ac:68:de:7a:70:42:f9:f2:0b:06:48:20:c5:
         28:bf:99:8e:e8:09:49:97:98:1c:e8:44:62:55:b9:40:1e:1e:
         b1:4a:0c:a8:9c:8c:ec:12:4a:44:9c:e6:b7:3d:23:76:fd:da:
         16:0c:8e:65:54:75:bf:eb:8a:ba:7e:c0:da:04:d6:41:5d:3d:
         96:90:1f:ad:9e:d1:29:e7:ec:d2:11:8b:f1:19:4c:e1:5f:06:
         21:df:51:7e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYiZDRhQrl7GOKnVM0ribAt5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZGJkNWQxZjg2ZGQ5ZGQ2NjYwNmExNGQzMWQ2NGNiMGVh
YWM4M2IwHhcNMjMwNjA4MDMyOTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGYwNTNkMDNlM2RjZTJjYTNmY2E3NDM1NDk0MjMyZjJkOGUzZWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGGoT2FVWZQT9OJ91xgaj/ZJjl3g
wTGiFsPYb0E9NvmP8SgQao5vjrtmq6vQL13Qk/C1OryiVYS4QkwQaUZjJUHdUZF/
Zbz9LiUg8wPF3le2TMUlPL24UG7gfdHEmb9oCEkd0KuDTEd8Zk7Fmk/wd2uU0BEN
TDkrhq+7xuIj7lsN9iJ2tNcBUoC2I5y8gi+A71qXLAERnBWCbMd95rtXZf+4KE6F
8R7KaAyA6K2607gDTUHqekjL/eUraVu4IdGnMQSjAGHwGIaDX9W/iZDr7IjSjdiE
yR8X6EKpBvGhXtXxVKbT3MTz5dLzAeFQf+hJKX7H9BARjv4ZY7D8cHImYwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDTwU9A+Pc4so/ynQ1SUIy8tjj7hMB8GA1UdIwQY
MBaAFKDb1dH4bdndZmBqFNMdZMsOqsg7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb052VjBmaHQyZDFtWUdvVTB4MWt5dzZxeURzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy8xZDRjZmMtOGU1Yy00NTdjLTk2MjAt
MTM1YzkxZWMxOTllLzEvTlBCVDBENDl6aXlqX0tkRFZKUWpMeTJPUHVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy8xZDRjZmMtOGU1Yy00NTdjLTk2MjAtMTM1YzkxZWMxOTll
LzEvb052VjBmaHQyZDFtWUdvVTB4MWt5dzZxeURzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBucjQAwQA
ucjTMA0GCSqGSIb3DQEBCwUAA4IBAQBsw5mDeMe25HkFy6a3h39mJUvG3jPI2toc
dIJj7ae9dMW71f1Jo8YLeiEwzonuuyrzYDjLy+uafMO1J9+RRjPI7IoVctN3CT0/
h0NYOztOfNysiPi6DCNwIuTbKCpLaGD8PWD1Q/CQgugc8rbZD0/b1kSN0m/5S3If
kQQVGsuzIdcmJfw1i7ffEsWo4W5Y7z/eJvajPAm793EEGTQ78aXVZ5w94JeGZ6xo
3npwQvnyCwZIIMUov5mO6AlJl5gc6ERiVblAHh6xSgyonIzsEkpEnOa3PSN2/doW
DI5lVHW/64q6fsDaBNZBXT2WkB+tntEp5+zSEYvxGUzhXwYh31F+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:48 2024 by rpki-client on console-fra.rpki-client.org