Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2TRQvGVe1zd-BpFRnD2f2uHJkfU.roa
File:                     2TRQvGVe1zd-BpFRnD2f2uHJkfU.roa (raw, json)
Hash identifier:          4xiMKuNAqpdV2MuvQu26c6fhjJPFxGAUCMUt6gJg/6E=
Subject key identifier:   D9:34:50:BC:65:5E:D7:37:7E:06:91:51:9C:3D:9F:DA:E1:C9:91:F5
Certificate issuer:       /CN=d8d662dcc6fe3b81ef3de2fca3cfcedc11ebaa43
Certificate serial:       018D55267333E70E3DF6D39CBD1A4D8B1DE6
Authority key identifier: D8:D6:62:DC:C6:FE:3B:81:EF:3D:E2:FC:A3:CF:CE:DC:11:EB:AA:43
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2TRQvGVe1zd-BpFRnD2f2uHJkfU.roa
Signing time:             Mon 29 Jan 2024 12:16:39 +0000
ROA not before:           Mon 29 Jan 2024 12:16:39 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     204203
IP address blocks:        46.36.101.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 17 Feb 2024 18:11:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:55:26:73:33:e7:0e:3d:f6:d3:9c:bd:1a:4d:8b:1d:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d8d662dcc6fe3b81ef3de2fca3cfcedc11ebaa43
        Validity
            Not Before: Jan 29 12:16:39 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d93450bc655ed7377e0691519c3d9fdae1c991f5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:fd:3f:28:47:ed:f0:7c:f8:1e:bb:92:68:fd:
                    cb:13:95:2f:9f:5c:ef:42:5c:a3:73:27:43:65:71:
                    d4:b3:60:e0:5a:a1:43:4e:9e:31:d9:b5:94:c2:53:
                    3e:3a:66:35:af:ab:e1:d7:fa:fb:1a:ff:25:95:79:
                    0e:69:43:8f:f8:e0:3c:cb:c1:96:0d:6a:f9:b4:97:
                    a4:14:4f:13:c5:33:fd:38:dd:f2:7d:06:d9:31:13:
                    db:ba:0c:54:2e:2f:e7:da:46:57:76:2e:8f:33:91:
                    c7:de:60:ee:bd:e1:b4:3a:f0:2d:d2:ad:b2:d3:d0:
                    5d:17:b6:31:b8:53:d5:90:6d:aa:9c:73:ef:69:48:
                    55:dc:24:03:b4:23:19:5d:6e:77:7f:ac:1a:a2:db:
                    c0:13:77:e9:1b:79:1e:a1:51:25:ea:10:b3:ee:4d:
                    e2:b2:41:97:2c:26:cb:6f:f0:f3:85:f4:c5:e2:e3:
                    81:a8:7f:65:ce:49:cb:c9:51:c2:e7:4c:5b:aa:1c:
                    ed:b1:67:a5:35:31:33:c6:a7:0e:4f:dd:33:0e:94:
                    a2:d2:d1:22:46:14:9d:80:98:68:ed:d4:71:59:49:
                    53:71:dd:19:d2:c9:3c:75:40:ed:f2:64:ec:59:69:
                    a1:cd:16:7e:55:d3:eb:42:ee:79:8f:95:73:f3:9e:
                    64:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:34:50:BC:65:5E:D7:37:7E:06:91:51:9C:3D:9F:DA:E1:C9:91:F5
            X509v3 Authority Key Identifier:
                keyid:D8:D6:62:DC:C6:FE:3B:81:EF:3D:E2:FC:A3:CF:CE:DC:11:EB:AA:43

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2TRQvGVe1zd-BpFRnD2f2uHJkfU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/88fff5-dfd9-4008-95b7-785e5883644d/1/2NZi3Mb-O4HvPeL8o8_O3BHrqkM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.36.101.0/24

    Signature Algorithm: sha256WithRSAEncryption
         67:d5:2f:ca:83:d8:34:23:a1:8a:86:d8:1c:6a:11:6f:d9:50:
         fb:6c:43:c6:bf:66:04:c9:d7:58:f5:8e:1b:86:ba:63:27:b1:
         66:70:70:09:d6:16:b5:c4:a7:24:01:a9:87:d6:0c:d2:ef:1d:
         99:d3:e1:94:7a:53:ff:cb:f6:c2:72:f9:5a:dd:bd:e7:f7:ba:
         2d:8c:92:61:00:08:ab:f2:21:68:bf:2e:10:0f:39:83:6e:b9:
         54:4c:5d:5c:fa:2e:b4:42:86:c1:f9:36:ed:97:5f:4a:92:13:
         a2:d8:00:cd:46:e9:28:e1:ee:b5:5a:0d:13:2b:e9:66:57:5f:
         37:df:d1:61:c0:07:e0:41:64:5e:fd:d3:6d:f1:f4:b0:ea:fd:
         c4:1c:99:14:7f:5d:43:16:0e:07:a6:92:77:24:fd:8e:b9:c2:
         ce:09:5f:f5:5e:82:1f:40:c1:32:f8:20:96:10:5e:89:43:00:
         be:21:e2:c5:cb:00:a5:13:bd:82:a9:e2:2d:ca:7b:e0:d9:49:
         e9:f0:bd:7e:c0:21:00:eb:81:d8:1b:cf:90:53:e4:6c:9e:26:
         70:d8:0e:62:7d:08:16:cc:f3:bc:0a:7c:13:bd:37:74:4e:17:
         65:6c:7c:46:ad:04:c3:63:ca:b2:a8:5d:cd:c5:5d:68:f5:b8:
         6d:98:95:23
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY1VJnMz5w499tOcvRpNix3mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4ZDY2MmRjYzZmZTNiODFlZjNkZTJmY2EzY2ZjZWRjMTFl
YmFhNDMwHhcNMjQwMTI5MTIxNjM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTM0NTBiYzY1NWVkNzM3N2UwNjkxNTE5YzNkOWZkYWUxYzk5MWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg/0/KEft8Hz4HruSaP3LE5Uvn1zv
QlyjcydDZXHUs2DgWqFDTp4x2bWUwlM+OmY1r6vh1/r7Gv8llXkOaUOP+OA8y8GW
DWr5tJekFE8TxTP9ON3yfQbZMRPbugxULi/n2kZXdi6PM5HH3mDuveG0OvAt0q2y
09BdF7YxuFPVkG2qnHPvaUhV3CQDtCMZXW53f6waotvAE3fpG3keoVEl6hCz7k3i
skGXLCbLb/DzhfTF4uOBqH9lzknLyVHC50xbqhztsWelNTEzxqcOT90zDpSi0tEi
RhSdgJho7dRxWUlTcd0Z0sk8dUDt8mTsWWmhzRZ+VdPrQu55j5Vz855kXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNk0ULxlXtc3fgaRUZw9n9rhyZH1MB8GA1UdIwQY
MBaAFNjWYtzG/juB7z3i/KPPztwR66pDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk5aaTNNYi1PNEh2UGVMOG84X08zQkhycWtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS84OGZmZjUtZGZkOS00MDA4LTk1Yjct
Nzg1ZTU4ODM2NDRkLzEvMlRSUXZHVmUxemQtQnBGUm5EMmYydUhKa2ZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS84OGZmZjUtZGZkOS00MDA4LTk1YjctNzg1ZTU4ODM2NDRk
LzEvMk5aaTNNYi1PNEh2UGVMOG84X08zQkhycWtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALiRlMA0G
CSqGSIb3DQEBCwUAA4IBAQBn1S/Kg9g0I6GKhtgcahFv2VD7bEPGv2YEyddY9Y4b
hrpjJ7FmcHAJ1ha1xKckAamH1gzS7x2Z0+GUelP/y/bCcvla3b3n97otjJJhAAir
8iFovy4QDzmDbrlUTF1c+i60QobB+Tbtl19KkhOi2ADNRuko4e61Wg0TK+lmV183
39FhwAfgQWRe/dNt8fSw6v3EHJkUf11DFg4HppJ3JP2OucLOCV/1XoIfQMEy+CCW
EF6JQwC+IeLFywClE72CqeItynvg2Unp8L1+wCEA64HYG8+QU+RsniZw2A5ifQgW
zPO8CnwTvTd0ThdlbHxGrQTDY8qyqF3NxV1o9bhtmJUj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:17 2024 by rpki-client on console-fra.rpki-client.org