Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/908143-f916-4718-8f97-4bd3392d55d1/1/Nqo0VVwDSjEWT9dAvmefUdfM_s4.roa
File:                     Nqo0VVwDSjEWT9dAvmefUdfM_s4.roa (raw, json)
Hash identifier:          XYOH6xo89o1sLewSWiFxhasehGLjWr2Jqn62kYboLUE=
Subject key identifier:   36:AA:34:55:5C:03:4A:31:16:4F:D7:40:BE:67:9F:51:D7:CC:FE:CE
Certificate issuer:       /CN=46fe7b56722245116d4234be484a02a48a1dde1f
Certificate serial:       01890BA0D7174667F4D3A90AC7174C6D1F32
Authority key identifier: 46:FE:7B:56:72:22:45:11:6D:42:34:BE:48:4A:02:A4:8A:1D:DE:1F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Rv57VnIiRRFtQjS-SEoCpIod3h8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fd/908143-f916-4718-8f97-4bd3392d55d1/1/Nqo0VVwDSjEWT9dAvmefUdfM_s4.roa
Signing time:             Fri 30 Jun 2023 09:27:17 +0000
ROA not before:           Fri 30 Jun 2023 09:27:17 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     205029
IP address blocks:        185.79.201.0/24 maxlen: 24
                          185.79.200.0/24 maxlen: 24
                          2a03:5e20::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:0b:a0:d7:17:46:67:f4:d3:a9:0a:c7:17:4c:6d:1f:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=46fe7b56722245116d4234be484a02a48a1dde1f
        Validity
            Not Before: Jun 30 09:27:17 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=36aa34555c034a31164fd740be679f51d7ccfece
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:5c:9b:92:8c:4a:b5:0b:94:49:2a:6d:ab:d3:
                    cc:b9:2d:ba:ba:1e:88:35:df:53:e1:2a:c9:e2:aa:
                    69:51:74:bc:e5:c1:63:31:8b:24:d1:d3:36:d6:c4:
                    31:c2:9e:b5:b3:af:58:7c:59:7a:03:17:cf:81:c6:
                    43:f2:b8:4e:86:63:fd:7e:9a:8b:1f:18:d2:57:5b:
                    c0:2e:71:73:66:88:77:60:dd:d2:ee:cf:69:c6:9e:
                    a4:78:1b:bc:14:4d:74:8a:eb:6f:ae:38:5b:dd:87:
                    c1:c2:f9:aa:d6:97:22:7e:cf:f2:d9:df:3f:23:b7:
                    90:f4:dd:5f:18:e2:9e:02:bb:9f:0e:f4:b6:60:4d:
                    5b:cc:13:8f:bd:f8:ea:e7:71:9a:3d:6b:c4:11:a3:
                    ca:35:b8:0e:39:8f:a3:43:5c:38:61:9d:a3:06:e3:
                    3a:11:75:b7:c7:5a:6f:2f:ca:43:91:3f:97:28:69:
                    78:b0:ec:91:ec:17:ee:a3:a4:07:5d:08:94:f3:f1:
                    b4:71:3f:d6:ab:36:27:de:dd:b6:17:98:ef:81:28:
                    3c:77:76:73:0e:6f:43:91:ae:b3:f2:b4:e9:1c:39:
                    71:52:07:d8:2e:fb:a9:50:aa:ea:3a:08:fa:04:d1:
                    f1:84:00:0d:7e:38:dd:d0:90:3f:19:e0:32:21:9a:
                    dc:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:AA:34:55:5C:03:4A:31:16:4F:D7:40:BE:67:9F:51:D7:CC:FE:CE
            X509v3 Authority Key Identifier:
                keyid:46:FE:7B:56:72:22:45:11:6D:42:34:BE:48:4A:02:A4:8A:1D:DE:1F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rv57VnIiRRFtQjS-SEoCpIod3h8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/908143-f916-4718-8f97-4bd3392d55d1/1/Nqo0VVwDSjEWT9dAvmefUdfM_s4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/908143-f916-4718-8f97-4bd3392d55d1/1/Rv57VnIiRRFtQjS-SEoCpIod3h8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.79.200.0/23
                IPv6:
                  2a03:5e20::/32

    Signature Algorithm: sha256WithRSAEncryption
         3f:7e:0d:b5:6c:66:66:5d:b7:7c:b8:21:45:34:d2:42:09:ff:
         cc:5b:83:58:93:8f:23:3d:74:ba:9a:65:0c:23:42:fd:ea:ab:
         cf:1b:d6:f7:e7:01:d4:bf:db:94:4f:66:57:62:30:c3:a9:fe:
         75:97:05:f8:20:1f:5d:65:07:70:2b:f5:44:4b:a3:a1:95:99:
         0f:b8:1f:84:fb:90:59:00:b9:30:e8:98:6c:cc:94:c2:7c:e7:
         31:8e:c9:cc:fe:3a:b9:13:32:13:2b:4a:29:ac:c5:aa:d2:0f:
         72:4e:ae:48:89:56:18:84:c7:c2:5f:8a:11:37:d8:1f:ae:35:
         00:08:f2:7f:1b:71:c6:7d:95:43:e1:f2:eb:51:5d:0e:70:96:
         74:2e:8a:f1:43:43:02:dc:87:0c:77:29:bc:db:88:db:4a:7c:
         c1:d5:0b:5a:f8:7a:b9:32:c2:50:68:f3:c5:66:f9:e0:28:81:
         5b:72:e9:b6:df:36:53:38:9e:fb:24:79:88:97:e0:97:5b:54:
         d4:2f:78:66:18:69:95:32:4b:c8:80:ce:6c:c5:71:f0:2e:0c:
         24:f0:92:c4:95:cd:b1:dd:f7:7a:b0:8d:d7:bf:86:4b:7c:b7:
         ce:bd:d4:45:d3:2b:4a:98:2c:4d:24:51:3a:38:e3:7c:b1:3c:
         40:a9:10:44
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYkLoNcXRmf006kKxxdMbR8yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2ZmU3YjU2NzIyMjQ1MTE2ZDQyMzRiZTQ4NGEwMmE0OGEx
ZGRlMWYwHhcNMjMwNjMwMDkyNzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmFhMzQ1NTVjMDM0YTMxMTY0ZmQ3NDBiZTY3OWY1MWQ3Y2NmZWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq1ybkoxKtQuUSSptq9PMuS26uh6I
Nd9T4SrJ4qppUXS85cFjMYsk0dM21sQxwp61s69YfFl6AxfPgcZD8rhOhmP9fpqL
HxjSV1vALnFzZoh3YN3S7s9pxp6keBu8FE10iutvrjhb3YfBwvmq1pcifs/y2d8/
I7eQ9N1fGOKeArufDvS2YE1bzBOPvfjq53GaPWvEEaPKNbgOOY+jQ1w4YZ2jBuM6
EXW3x1pvL8pDkT+XKGl4sOyR7Bfuo6QHXQiU8/G0cT/WqzYn3t22F5jvgSg8d3Zz
Dm9Dka6z8rTpHDlxUgfYLvupUKrqOgj6BNHxhAANfjjd0JA/GeAyIZrc1wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDaqNFVcA0oxFk/XQL5nn1HXzP7OMB8GA1UdIwQY
MBaAFEb+e1ZyIkURbUI0vkhKAqSKHd4fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnY1N1ZuSWlSUkZ0UWpTLVNFb0NwSW9kM2g4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85MDgxNDMtZjkxNi00NzE4LThmOTct
NGJkMzM5MmQ1NWQxLzEvTnFvMFZWd0RTakVXVDlkQXZtZWZVZGZNX3M0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85MDgxNDMtZjkxNi00NzE4LThmOTctNGJkMzM5MmQ1NWQx
LzEvUnY1N1ZuSWlSUkZ0UWpTLVNFb0NwSW9kM2g4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBuU/IMA0E
AgACMAcDBQAqA14gMA0GCSqGSIb3DQEBCwUAA4IBAQA/fg21bGZmXbd8uCFFNNJC
Cf/MW4NYk48jPXS6mmUMI0L96qvPG9b35wHUv9uUT2ZXYjDDqf51lwX4IB9dZQdw
K/VES6OhlZkPuB+E+5BZALkw6JhszJTCfOcxjsnM/jq5EzITK0oprMWq0g9yTq5I
iVYYhMfCX4oRN9gfrjUACPJ/G3HGfZVD4fLrUV0OcJZ0LorxQ0MC3IcMdym824jb
SnzB1Qta+Hq5MsJQaPPFZvngKIFbcum23zZTOJ77JHmIl+CXW1TUL3hmGGmVMkvI
gM5sxXHwLgwk8JLElc2x3fd6sI3Xv4ZLfLfOvdRF0ytKmCxNJFE6OON8sTxAqRBE
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:54 2024 by rpki-client on console-fra.rpki-client.org