Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/dd5a28-df9d-4627-809d-bd5d3f00fbb2/1/SExJhBXSQzMDqI5BjJJDg802k1k.roa
File:                     SExJhBXSQzMDqI5BjJJDg802k1k.roa (raw, json)
Hash identifier:          cpie7nox2NtMAM8F12Nndfy395lPislyMq3MS/DJabo=
Subject key identifier:   48:4C:49:84:15:D2:43:33:03:A8:8E:41:8C:92:43:83:CD:36:93:59
Certificate issuer:       /CN=9f312e9297bc1d27ebeb476dea0ee15dd756542d
Certificate serial:       01869CE6FE6372AC93E628510AA9CC31EA93
Authority key identifier: 9F:31:2E:92:97:BC:1D:27:EB:EB:47:6D:EA:0E:E1:5D:D7:56:54:2D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nzEukpe8HSfr60dt6g7hXddWVC0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3e/dd5a28-df9d-4627-809d-bd5d3f00fbb2/1/SExJhBXSQzMDqI5BjJJDg802k1k.roa
Signing time:             Wed 01 Mar 2023 11:20:29 +0000
ROA not before:           Wed 01 Mar 2023 11:20:29 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     213220
IP address blocks:        103.213.248.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 01 Mar 2023 12:35:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:9c:e6:fe:63:72:ac:93:e6:28:51:0a:a9:cc:31:ea:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9f312e9297bc1d27ebeb476dea0ee15dd756542d
        Validity
            Not Before: Mar  1 11:20:29 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=484c498415d2433303a88e418c924383cd369359
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:ce:18:e1:16:bb:d5:2b:e9:8e:79:82:6c:8d:
                    fb:8d:91:a8:3c:f3:06:10:c4:0e:a8:8b:3f:af:9a:
                    2e:fa:e3:a6:5a:15:09:9d:d8:a8:b6:39:df:07:e0:
                    87:34:9d:ad:23:d2:cd:b5:92:bd:f5:bb:c8:34:68:
                    34:e8:fc:25:83:af:81:32:13:6c:e8:2a:ef:0c:a2:
                    18:5f:2e:5a:d4:86:ef:11:6f:5b:74:fe:bb:60:b3:
                    cc:49:11:6d:ab:d6:de:0a:83:1b:f0:34:dc:f7:4a:
                    47:09:c5:80:4e:4d:fc:dd:d8:2d:bd:e1:31:b6:ec:
                    be:d0:18:5d:71:5b:8f:32:76:90:04:7f:09:6c:a0:
                    f9:91:47:04:32:8d:b4:98:8d:62:b3:ae:d2:14:9c:
                    f5:68:6c:c0:bc:aa:ba:39:15:3b:8a:81:84:6a:00:
                    b8:ad:aa:87:1e:89:e1:6f:30:e7:f7:da:25:e3:d9:
                    7f:20:32:32:6d:ba:49:a4:a3:29:4d:ef:ef:7b:52:
                    f8:a9:36:3d:f8:b9:fb:9d:b7:12:7e:e5:8e:42:0d:
                    b5:34:8d:3d:9b:2f:c9:69:12:45:1d:e0:b9:87:86:
                    15:16:6b:28:31:76:f5:d8:37:4b:76:36:08:97:80:
                    4f:24:f5:0e:97:95:8c:d5:8b:b1:a4:2b:a6:6e:23:
                    66:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:4C:49:84:15:D2:43:33:03:A8:8E:41:8C:92:43:83:CD:36:93:59
            X509v3 Authority Key Identifier:
                keyid:9F:31:2E:92:97:BC:1D:27:EB:EB:47:6D:EA:0E:E1:5D:D7:56:54:2D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nzEukpe8HSfr60dt6g7hXddWVC0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/dd5a28-df9d-4627-809d-bd5d3f00fbb2/1/SExJhBXSQzMDqI5BjJJDg802k1k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/dd5a28-df9d-4627-809d-bd5d3f00fbb2/1/nzEukpe8HSfr60dt6g7hXddWVC0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.213.248.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7b:b8:55:9d:99:ec:68:bc:95:72:27:80:a4:9e:b2:fc:43:f5:
         f5:f0:97:31:5e:a1:db:08:56:c2:57:0f:09:93:07:01:95:03:
         e5:e1:08:c1:9e:3e:ba:22:b6:39:7c:c1:15:23:85:f0:2b:93:
         ef:fd:3b:05:cd:73:21:bf:0f:f4:e4:bf:f6:82:60:1a:fa:d6:
         60:45:b7:b6:21:f4:b8:bc:1c:81:f8:31:2d:f7:f1:49:d9:aa:
         51:4d:c6:bb:8a:3c:15:08:d3:38:90:16:84:c3:76:cc:b9:0b:
         90:6e:4e:9c:24:b7:28:dc:2f:bb:8c:61:b9:8d:8c:74:d7:70:
         ee:ae:72:ae:dc:ce:ff:36:e9:20:de:9b:45:2d:cc:c3:cb:3d:
         92:56:57:dc:63:65:79:67:35:7a:9a:34:94:de:4f:91:fe:61:
         aa:bf:ac:7d:90:10:55:b9:b4:4a:13:21:91:ef:b3:75:c2:f8:
         8c:fc:d7:a9:c1:f1:83:83:2f:a6:e3:ae:ff:25:75:2f:00:04:
         ee:b7:08:19:5d:3d:62:0b:ef:03:43:79:7f:20:d8:2d:de:c8:
         57:c8:25:71:2c:aa:41:0d:16:ea:90:c5:1b:c1:75:69:22:cf:
         d1:f4:38:b8:2d:82:22:86:1f:fa:25:bc:94:2e:51:dd:55:80:
         37:57:c1:34
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYac5v5jcqyT5ihRCqnMMeqTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMzEyZTkyOTdiYzFkMjdlYmViNDc2ZGVhMGVlMTVkZDc1
NjU0MmQwHhcNMjMwMzAxMTEyMDI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODRjNDk4NDE1ZDI0MzMzMDNhODhlNDE4YzkyNDM4M2NkMzY5MzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApM4Y4Ra71SvpjnmCbI37jZGoPPMG
EMQOqIs/r5ou+uOmWhUJndiotjnfB+CHNJ2tI9LNtZK99bvINGg06Pwlg6+BMhNs
6CrvDKIYXy5a1IbvEW9bdP67YLPMSRFtq9beCoMb8DTc90pHCcWATk383dgtveEx
tuy+0BhdcVuPMnaQBH8JbKD5kUcEMo20mI1is67SFJz1aGzAvKq6ORU7ioGEagC4
raqHHonhbzDn99ol49l/IDIybbpJpKMpTe/ve1L4qTY9+Ln7nbcSfuWOQg21NI09
my/JaRJFHeC5h4YVFmsoMXb12DdLdjYIl4BPJPUOl5WM1YuxpCumbiNmlwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEhMSYQV0kMzA6iOQYySQ4PNNpNZMB8GA1UdIwQY
MBaAFJ8xLpKXvB0n6+tHbeoO4V3XVlQtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnpFdWtwZThIU2ZyNjBkdDZnN2hYZGRXVkMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS9kZDVhMjgtZGY5ZC00NjI3LTgwOWQt
YmQ1ZDNmMDBmYmIyLzEvU0V4SmhCWFNRek1EcUk1QmpKSkRnODAyazFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS9kZDVhMjgtZGY5ZC00NjI3LTgwOWQtYmQ1ZDNmMDBmYmIy
LzEvbnpFdWtwZThIU2ZyNjBkdDZnN2hYZGRXVkMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ9X4MA0G
CSqGSIb3DQEBCwUAA4IBAQB7uFWdmexovJVyJ4CknrL8Q/X18JcxXqHbCFbCVw8J
kwcBlQPl4QjBnj66IrY5fMEVI4XwK5Pv/TsFzXMhvw/05L/2gmAa+tZgRbe2IfS4
vByB+DEt9/FJ2apRTca7ijwVCNM4kBaEw3bMuQuQbk6cJLco3C+7jGG5jYx013Du
rnKu3M7/Nukg3ptFLczDyz2SVlfcY2V5ZzV6mjSU3k+R/mGqv6x9kBBVubRKEyGR
77N1wviM/NepwfGDgy+m467/JXUvAATutwgZXT1iC+8DQ3l/INgt3shXyCVxLKpB
DRbqkMUbwXVpIs/R9Di4LYIihh/6JbyULlHdVYA3V8E0
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:34 2024 by rpki-client on console-ams.rpki-client.org