Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/dd5a28-df9d-4627-809d-bd5d3f00fbb2/1/m4y5fgdfnx09RijrXCQ7VMToU5Y.roa
File:                     m4y5fgdfnx09RijrXCQ7VMToU5Y.roa (raw, json)
Hash identifier:          tWjiG2OUASXVpT3ffYLAjlEIRDBzeGiEDQesjc0TAds=
Subject key identifier:   9B:8C:B9:7E:07:5F:9F:1D:3D:46:28:EB:5C:24:3B:54:C4:E8:53:96
Certificate issuer:       /CN=9f312e9297bc1d27ebeb476dea0ee15dd756542d
Certificate serial:       018CF1ED2922AF5193D38A6C2EDCC7078E39
Authority key identifier: 9F:31:2E:92:97:BC:1D:27:EB:EB:47:6D:EA:0E:E1:5D:D7:56:54:2D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nzEukpe8HSfr60dt6g7hXddWVC0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3e/dd5a28-df9d-4627-809d-bd5d3f00fbb2/1/m4y5fgdfnx09RijrXCQ7VMToU5Y.roa
Signing time:             Wed 10 Jan 2024 05:51:40 +0000
ROA not before:           Wed 10 Jan 2024 05:51:40 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     213220
IP address blocks:        203.189.233.0/24 maxlen: 24
                          103.76.85.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 12 Jan 2024 13:01:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:f1:ed:29:22:af:51:93:d3:8a:6c:2e:dc:c7:07:8e:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9f312e9297bc1d27ebeb476dea0ee15dd756542d
        Validity
            Not Before: Jan 10 05:51:40 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=9b8cb97e075f9f1d3d4628eb5c243b54c4e85396
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:00:52:02:ef:b8:52:61:68:5a:83:72:f5:19:
                    a9:77:22:e3:a3:bc:e2:05:c8:5d:99:de:21:22:cd:
                    c6:8e:64:60:6e:c6:6b:5c:99:64:80:76:58:e3:63:
                    43:2e:29:c2:d0:f2:76:c6:66:57:ba:bc:51:e7:da:
                    0c:58:a4:b5:60:45:c3:1e:7f:74:33:e1:bd:58:68:
                    c9:54:33:71:ed:b0:80:4c:36:a4:b3:93:59:5b:30:
                    53:05:16:9d:37:37:8f:be:52:6a:08:34:72:14:72:
                    a7:e9:5d:85:e6:dc:22:04:2a:9d:15:dd:20:8e:44:
                    ac:7f:54:bd:bb:66:9c:30:6e:0a:68:f2:02:c8:43:
                    36:f3:bd:89:70:71:69:d3:91:51:0c:af:2c:42:16:
                    27:2a:c9:9e:b4:2c:2b:10:d1:44:2d:aa:21:4c:d2:
                    41:18:a4:f1:7c:cd:32:1b:0e:24:c4:3f:58:fa:19:
                    e5:64:c4:c1:8d:75:46:5d:5f:a6:ec:26:03:49:49:
                    9b:91:a3:bc:60:28:4b:32:c2:e9:a5:d5:ab:ec:f4:
                    37:eb:9a:af:db:e6:20:f9:c3:18:d6:01:a1:af:03:
                    62:84:d9:5e:78:43:83:38:d4:7b:f2:c1:72:c5:37:
                    50:f5:33:76:81:40:fc:ac:cf:3b:ad:13:a8:47:7b:
                    6e:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:8C:B9:7E:07:5F:9F:1D:3D:46:28:EB:5C:24:3B:54:C4:E8:53:96
            X509v3 Authority Key Identifier:
                keyid:9F:31:2E:92:97:BC:1D:27:EB:EB:47:6D:EA:0E:E1:5D:D7:56:54:2D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nzEukpe8HSfr60dt6g7hXddWVC0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/dd5a28-df9d-4627-809d-bd5d3f00fbb2/1/m4y5fgdfnx09RijrXCQ7VMToU5Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/dd5a28-df9d-4627-809d-bd5d3f00fbb2/1/nzEukpe8HSfr60dt6g7hXddWVC0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.76.85.0/24
                  203.189.233.0/24

    Signature Algorithm: sha256WithRSAEncryption
         bd:76:aa:9f:41:83:44:d8:7a:7a:7c:87:15:db:4b:41:a2:e7:
         42:8d:3a:e1:f4:e1:b7:47:54:bf:25:ee:b9:ab:4b:8f:6a:62:
         d4:80:53:09:1d:b3:3e:a7:9e:ce:b2:be:f7:a3:a2:4d:b0:05:
         b1:62:6a:ad:54:2c:5e:ee:70:1c:fd:44:45:63:85:b4:0e:dd:
         a9:cd:61:d2:76:e5:00:31:ea:95:04:bc:f9:b7:1a:b0:cf:2b:
         42:37:80:31:92:f9:9d:ec:ab:f9:17:3a:1e:07:b5:10:93:ad:
         ec:02:98:7d:73:b1:e2:f0:b9:19:dd:56:43:95:c2:12:6f:ad:
         b9:17:6c:5d:2f:d6:17:91:d9:4f:49:b5:4f:9e:d3:da:53:1c:
         4c:d2:7b:ae:5b:14:4a:8e:3e:1e:1b:94:59:d8:2c:05:b4:66:
         b5:8e:07:94:b0:a2:c0:3a:cb:52:ed:ec:81:59:4c:14:21:ff:
         54:41:b5:99:23:a8:28:7d:29:71:2c:74:43:79:13:34:0b:24:
         c5:3e:6c:01:a4:7c:93:ea:a2:ca:b1:56:bd:1b:48:23:15:91:
         ac:ed:2e:7d:07:53:8c:d2:bc:04:e2:56:08:65:d1:52:e0:aa:
         10:1c:52:49:58:96:55:3a:df:fe:b3:1c:b4:47:8c:5c:cd:65:
         fb:9d:b9:b2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzx7Skir1GT04psLtzHB445MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMzEyZTkyOTdiYzFkMjdlYmViNDc2ZGVhMGVlMTVkZDc1
NjU0MmQwHhcNMjQwMTEwMDU1MTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjhjYjk3ZTA3NWY5ZjFkM2Q0NjI4ZWI1YzI0M2I1NGM0ZTg1Mzk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhABSAu+4UmFoWoNy9RmpdyLjo7zi
Bchdmd4hIs3GjmRgbsZrXJlkgHZY42NDLinC0PJ2xmZXurxR59oMWKS1YEXDHn90
M+G9WGjJVDNx7bCATDaks5NZWzBTBRadNzePvlJqCDRyFHKn6V2F5twiBCqdFd0g
jkSsf1S9u2acMG4KaPICyEM2872JcHFp05FRDK8sQhYnKsmetCwrENFELaohTNJB
GKTxfM0yGw4kxD9Y+hnlZMTBjXVGXV+m7CYDSUmbkaO8YChLMsLppdWr7PQ365qv
2+Yg+cMY1gGhrwNihNleeEODONR78sFyxTdQ9TN2gUD8rM87rROoR3tuyQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJuMuX4HX58dPUYo61wkO1TE6FOWMB8GA1UdIwQY
MBaAFJ8xLpKXvB0n6+tHbeoO4V3XVlQtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnpFdWtwZThIU2ZyNjBkdDZnN2hYZGRXVkMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS9kZDVhMjgtZGY5ZC00NjI3LTgwOWQt
YmQ1ZDNmMDBmYmIyLzEvbTR5NWZnZGZueDA5UmlqclhDUTdWTVRvVTVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS9kZDVhMjgtZGY5ZC00NjI3LTgwOWQtYmQ1ZDNmMDBmYmIy
LzEvbnpFdWtwZThIU2ZyNjBkdDZnN2hYZGRXVkMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAZ0xVAwQA
y73pMA0GCSqGSIb3DQEBCwUAA4IBAQC9dqqfQYNE2Hp6fIcV20tBoudCjTrh9OG3
R1S/Je65q0uPamLUgFMJHbM+p57Osr73o6JNsAWxYmqtVCxe7nAc/URFY4W0Dt2p
zWHSduUAMeqVBLz5txqwzytCN4Axkvmd7Kv5FzoeB7UQk63sAph9c7Hi8LkZ3VZD
lcISb625F2xdL9YXkdlPSbVPntPaUxxM0nuuWxRKjj4eG5RZ2CwFtGa1jgeUsKLA
OstS7eyBWUwUIf9UQbWZI6gofSlxLHRDeRM0CyTFPmwBpHyT6qLKsVa9G0gjFZGs
7S59B1OM0rwE4lYIZdFS4KoQHFJJWJZVOt/+sxy0R4xczWX7nbmy
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:33 2024 by rpki-client on console-fra.rpki-client.org