Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/ebf381-00c8-480d-a66c-76a1d4d83197/1/Nrm4H1_47dj5hjWLvqPA-OrOiDs.roa
File:                     Nrm4H1_47dj5hjWLvqPA-OrOiDs.roa (raw, json)
Hash identifier:          f36Y3oxXp02d0WRsijnv1V5dTz6Y3p135Ndbznq5lbM=
Subject key identifier:   36:B9:B8:1F:5F:F8:ED:D8:F9:86:35:8B:BE:A3:C0:F8:EA:CE:88:3B
Certificate issuer:       /CN=3ad734cf90c773428806b968209515b914831a9d
Certificate serial:       018F5705EB458761EF2018F0C22E3588C523
Authority key identifier: 3A:D7:34:CF:90:C7:73:42:88:06:B9:68:20:95:15:B9:14:83:1A:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Otc0z5DHc0KIBrloIJUVuRSDGp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/41/ebf381-00c8-480d-a66c-76a1d4d83197/1/Nrm4H1_47dj5hjWLvqPA-OrOiDs.roa
Signing time:             Wed 08 May 2024 07:05:56 +0000
ROA not before:           Wed 08 May 2024 07:05:56 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     400866
IP address blocks:        103.69.227.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 07 Jun 2024 11:22:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:57:05:eb:45:87:61:ef:20:18:f0:c2:2e:35:88:c5:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3ad734cf90c773428806b968209515b914831a9d
        Validity
            Not Before: May  8 07:05:56 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=36b9b81f5ff8edd8f986358bbea3c0f8eace883b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:fe:01:10:3e:e8:65:db:18:9b:65:60:1d:29:
                    e7:63:0f:d0:15:0f:d5:f7:2d:3e:55:27:ee:5e:a2:
                    ca:e3:8b:b1:ae:68:19:8a:b7:9e:7e:ef:14:03:42:
                    c4:ea:e5:c0:ba:cd:76:39:4c:43:80:7d:71:9c:74:
                    57:0a:c8:bc:54:28:62:d7:6d:10:58:50:20:7a:28:
                    da:d9:4c:10:33:9c:d6:34:0a:92:8d:95:2c:24:ef:
                    24:42:97:00:c0:a1:82:70:93:d8:8f:df:f4:4d:5e:
                    84:e9:e8:6e:f5:86:db:18:58:b6:76:c8:52:39:0e:
                    52:27:b6:f6:ae:2c:2e:61:d6:8c:9a:61:73:df:23:
                    24:fa:eb:ff:36:8c:13:52:e9:86:55:14:dd:00:38:
                    ca:5a:b1:4b:81:b6:e6:9a:f4:d5:4e:99:c1:c8:bc:
                    1e:7a:73:2a:d5:50:52:85:30:d0:ef:c6:92:98:b6:
                    9d:6b:5e:71:36:53:aa:70:fc:93:ec:8d:00:d6:6f:
                    54:34:a8:5f:0e:a4:b6:12:10:6a:13:6d:83:7e:99:
                    fc:df:1b:43:46:4e:0b:63:82:cd:34:f5:48:39:6e:
                    fe:93:08:64:09:06:d3:92:00:26:ae:4a:f4:54:3e:
                    65:6a:54:40:19:c2:bb:37:61:36:21:6c:1b:20:1b:
                    2d:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:B9:B8:1F:5F:F8:ED:D8:F9:86:35:8B:BE:A3:C0:F8:EA:CE:88:3B
            X509v3 Authority Key Identifier:
                keyid:3A:D7:34:CF:90:C7:73:42:88:06:B9:68:20:95:15:B9:14:83:1A:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Otc0z5DHc0KIBrloIJUVuRSDGp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/ebf381-00c8-480d-a66c-76a1d4d83197/1/Nrm4H1_47dj5hjWLvqPA-OrOiDs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/41/ebf381-00c8-480d-a66c-76a1d4d83197/1/Otc0z5DHc0KIBrloIJUVuRSDGp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.69.227.0/24

    Signature Algorithm: sha256WithRSAEncryption
         52:ee:69:6d:91:5f:ac:9a:33:e0:90:3e:af:b4:cc:6a:37:d8:
         95:5a:aa:3c:5d:9d:5c:ba:44:95:d8:90:74:e6:55:90:12:a3:
         99:39:77:ab:a0:98:25:db:be:30:0f:68:39:b3:9b:94:e2:70:
         ae:93:ed:bb:2c:b7:e0:c6:81:cb:e0:b6:40:b9:26:44:4a:69:
         79:3b:7c:ed:27:6b:ae:54:57:78:89:ba:31:31:1d:82:38:b2:
         43:2b:fb:98:58:88:dd:d3:10:31:a8:99:c0:34:d0:d2:ce:52:
         a8:9d:04:24:7a:5c:21:01:91:db:ad:63:2f:fd:39:b1:c5:cc:
         ff:6d:db:89:f4:ad:d4:18:95:03:af:9a:de:fa:ac:97:b9:24:
         76:c6:06:36:f0:0f:2c:83:42:7c:38:69:06:b6:1a:50:db:a7:
         47:28:9e:94:2b:41:8e:24:7a:69:6b:7f:01:df:db:1b:55:60:
         96:44:a2:f8:09:f2:f3:54:0d:52:93:a2:cc:21:5e:f7:73:6f:
         6c:45:f6:c0:21:ff:ca:71:17:60:a6:6d:f1:c4:a3:fa:1f:e5:
         b5:c9:b6:80:f2:73:dc:33:18:62:b9:b8:47:73:4d:f2:6c:cd:
         d9:b3:db:67:e5:bf:d8:2b:ae:62:8c:ec:7d:ea:2c:a3:26:75:
         84:9f:d1:7a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY9XBetFh2HvIBjwwi41iMUjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZDczNGNmOTBjNzczNDI4ODA2Yjk2ODIwOTUxNWI5MTQ4
MzFhOWQwHhcNMjQwNTA4MDcwNTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmI5YjgxZjVmZjhlZGQ4Zjk4NjM1OGJiZWEzYzBmOGVhY2U4ODNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtf4BED7oZdsYm2VgHSnnYw/QFQ/V
9y0+VSfuXqLK44uxrmgZireefu8UA0LE6uXAus12OUxDgH1xnHRXCsi8VChi120Q
WFAgeija2UwQM5zWNAqSjZUsJO8kQpcAwKGCcJPYj9/0TV6E6ehu9YbbGFi2dshS
OQ5SJ7b2riwuYdaMmmFz3yMk+uv/NowTUumGVRTdADjKWrFLgbbmmvTVTpnByLwe
enMq1VBShTDQ78aSmLada15xNlOqcPyT7I0A1m9UNKhfDqS2EhBqE22Dfpn83xtD
Rk4LY4LNNPVIOW7+kwhkCQbTkgAmrkr0VD5lalRAGcK7N2E2IWwbIBst/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDa5uB9f+O3Y+YY1i76jwPjqzog7MB8GA1UdIwQY
MBaAFDrXNM+Qx3NCiAa5aCCVFbkUgxqdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3RjMHo1REhjMEtJQnJsb0lKVVZ1UlNER3AwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9lYmYzODEtMDBjOC00ODBkLWE2NmMt
NzZhMWQ0ZDgzMTk3LzEvTnJtNEgxXzQ3ZGo1aGpXTHZxUEEtT3JPaURzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9lYmYzODEtMDBjOC00ODBkLWE2NmMtNzZhMWQ0ZDgzMTk3
LzEvT3RjMHo1REhjMEtJQnJsb0lKVVZ1UlNER3AwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ0XjMA0G
CSqGSIb3DQEBCwUAA4IBAQBS7mltkV+smjPgkD6vtMxqN9iVWqo8XZ1cukSV2JB0
5lWQEqOZOXeroJgl274wD2g5s5uU4nCuk+27LLfgxoHL4LZAuSZESml5O3ztJ2uu
VFd4iboxMR2COLJDK/uYWIjd0xAxqJnANNDSzlKonQQkelwhAZHbrWMv/Tmxxcz/
bduJ9K3UGJUDr5re+qyXuSR2xgY28A8sg0J8OGkGthpQ26dHKJ6UK0GOJHppa38B
39sbVWCWRKL4CfLzVA1Sk6LMIV73c29sRfbAIf/KcRdgpm3xxKP6H+W1ybaA8nPc
MxhiubhHc03ybM3Zs9tn5b/YK65ijOx96iyjJnWEn9F6
-----END CERTIFICATE-----
Generated at Fri Jun 7 14:45:29 2024 by rpki-client on console-fra.rpki-client.org