Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/8e7e30-c2b8-4591-8cfe-7b8e9d335ca8/1/O36xQTYHUI1WJmUEMu7QIPBTQDw.roa
File:                     O36xQTYHUI1WJmUEMu7QIPBTQDw.roa (raw, json)
Hash identifier:          uV75wxm1TYAb4ngGUFKFKkPBGQeFTVBCSrnfanhsuqs=
Subject key identifier:   3B:7E:B1:41:36:07:50:8D:56:26:65:04:32:EE:D0:20:F0:53:40:3C
Certificate issuer:       /CN=f7742725862b90bda4510a02e804fef3ad1142dc
Certificate serial:       018C5CA76FF58139134FF4B67F77777D5BD4
Authority key identifier: F7:74:27:25:86:2B:90:BD:A4:51:0A:02:E8:04:FE:F3:AD:11:42:DC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/93QnJYYrkL2kUQoC6AT-860RQtw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/46/8e7e30-c2b8-4591-8cfe-7b8e9d335ca8/1/O36xQTYHUI1WJmUEMu7QIPBTQDw.roa
Signing time:             Tue 12 Dec 2023 06:12:06 +0000
ROA not before:           Tue 12 Dec 2023 06:12:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43588
IP address blocks:        87.255.76.0/24 maxlen: 24
                          87.255.82.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:29:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:5c:a7:6f:f5:81:39:13:4f:f4:b6:7f:77:77:7d:5b:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f7742725862b90bda4510a02e804fef3ad1142dc
        Validity
            Not Before: Dec 12 06:12:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3b7eb1413607508d5626650432eed020f053403c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:f6:30:96:55:03:44:22:8b:16:49:06:95:96:
                    05:d1:b5:50:dc:7f:04:11:dd:9c:d1:0d:88:01:2e:
                    b2:64:33:a4:cf:67:7d:bb:23:03:26:1d:a6:01:5d:
                    e0:d6:73:a0:20:96:39:b8:4c:be:03:2f:63:10:59:
                    03:be:ee:85:75:7d:6c:7d:ae:27:f0:fe:18:75:c4:
                    4c:e2:e0:26:72:b6:97:c1:fe:a1:7e:e1:9b:89:ca:
                    c0:bc:2a:63:b0:bd:19:ee:83:75:40:be:6a:47:2b:
                    fd:1d:70:0d:9d:14:7a:78:7f:d9:93:65:4f:f2:52:
                    19:52:4b:da:8c:e1:bd:6e:22:08:9b:42:c5:28:36:
                    8d:da:72:e1:29:7c:c2:c6:e6:41:00:5b:e6:8a:a3:
                    9c:14:2b:a5:93:1e:7d:aa:37:d5:2c:e8:a4:af:4d:
                    e0:f5:fb:69:89:38:cb:97:f7:4c:7a:55:80:e1:51:
                    cb:01:b8:46:78:55:39:ac:4e:e8:fb:56:61:db:68:
                    05:30:b1:8e:f1:ad:f0:08:ce:6e:58:4f:cc:4f:c4:
                    12:3e:7c:00:f3:fd:16:ba:c9:a1:79:ad:fa:3e:d8:
                    2c:18:04:1a:6a:d0:e7:2c:eb:dd:d6:05:d0:55:6d:
                    38:29:21:9c:29:60:07:81:89:4d:1d:cb:23:0e:fe:
                    4d:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:7E:B1:41:36:07:50:8D:56:26:65:04:32:EE:D0:20:F0:53:40:3C
            X509v3 Authority Key Identifier:
                keyid:F7:74:27:25:86:2B:90:BD:A4:51:0A:02:E8:04:FE:F3:AD:11:42:DC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/93QnJYYrkL2kUQoC6AT-860RQtw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/8e7e30-c2b8-4591-8cfe-7b8e9d335ca8/1/O36xQTYHUI1WJmUEMu7QIPBTQDw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/46/8e7e30-c2b8-4591-8cfe-7b8e9d335ca8/1/93QnJYYrkL2kUQoC6AT-860RQtw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  87.255.76.0/24
                  87.255.82.0/24

    Signature Algorithm: sha256WithRSAEncryption
         eb:a2:b9:d5:3f:50:fc:57:f7:4a:7d:8d:b5:87:a3:5d:06:f3:
         dd:2b:6d:d6:d5:f2:fc:56:6d:22:e5:62:d6:f5:ad:58:f3:0e:
         67:ba:74:d8:8d:cc:3c:34:68:30:3e:7a:0f:4c:f2:31:27:2e:
         3e:bf:27:ae:ab:79:f4:d4:f2:28:b2:ba:02:83:79:28:d4:13:
         b3:0c:1c:ce:02:51:5a:db:80:99:88:a9:2e:90:ef:2c:c1:b3:
         bc:bf:0e:1d:ff:18:74:53:51:08:fc:e6:e8:3e:bb:52:11:d0:
         ff:f1:3c:1a:2d:8a:89:cd:11:c3:26:bc:76:0f:c2:da:74:3d:
         a0:25:46:c6:96:ec:44:d0:16:8f:38:45:0f:b6:cc:11:85:8a:
         16:bb:ed:21:79:22:70:10:c8:87:1b:95:fc:01:66:63:7a:95:
         f7:a2:99:58:2d:f8:c3:11:c0:aa:d5:33:6a:4e:d8:77:23:db:
         d6:d6:d9:98:ee:37:7b:99:97:fe:ba:83:b6:eb:c0:d2:93:8a:
         c4:7f:e6:0a:93:f2:27:0c:aa:5c:ae:50:0d:7d:63:cb:d6:ae:
         60:a0:84:a5:5f:3f:41:1d:23:39:c6:e0:10:7c:82:2a:6d:12:
         f4:2c:77:ac:43:55:77:6e:ec:b6:8b:2c:69:31:ed:5f:2b:25:
         d4:59:9c:87
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYxcp2/1gTkTT/S2f3d3fVvUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NzQyNzI1ODYyYjkwYmRhNDUxMGEwMmU4MDRmZWYzYWQx
MTQyZGMwHhcNMjMxMjEyMDYxMjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjdlYjE0MTM2MDc1MDhkNTYyNjY1MDQzMmVlZDAyMGYwNTM0MDNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApPYwllUDRCKLFkkGlZYF0bVQ3H8E
Ed2c0Q2IAS6yZDOkz2d9uyMDJh2mAV3g1nOgIJY5uEy+Ay9jEFkDvu6FdX1sfa4n
8P4YdcRM4uAmcraXwf6hfuGbicrAvCpjsL0Z7oN1QL5qRyv9HXANnRR6eH/Zk2VP
8lIZUkvajOG9biIIm0LFKDaN2nLhKXzCxuZBAFvmiqOcFCulkx59qjfVLOikr03g
9ftpiTjLl/dMelWA4VHLAbhGeFU5rE7o+1Zh22gFMLGO8a3wCM5uWE/MT8QSPnwA
8/0Wusmhea36PtgsGAQaatDnLOvd1gXQVW04KSGcKWAHgYlNHcsjDv5NUQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDt+sUE2B1CNViZlBDLu0CDwU0A8MB8GA1UdIwQY
MBaAFPd0JyWGK5C9pFEKAugE/vOtEULcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTNRbkpZWXJrTDJrVVFvQzZBVC04NjBSUXR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni84ZTdlMzAtYzJiOC00NTkxLThjZmUt
N2I4ZTlkMzM1Y2E4LzEvTzM2eFFUWUhVSTFXSm1VRU11N1FJUEJUUUR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni84ZTdlMzAtYzJiOC00NTkxLThjZmUtN2I4ZTlkMzM1Y2E4
LzEvOTNRbkpZWXJrTDJrVVFvQzZBVC04NjBSUXR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAV/9MAwQA
V/9SMA0GCSqGSIb3DQEBCwUAA4IBAQDrornVP1D8V/dKfY21h6NdBvPdK23W1fL8
Vm0i5WLW9a1Y8w5nunTYjcw8NGgwPnoPTPIxJy4+vyeuq3n01PIosroCg3ko1BOz
DBzOAlFa24CZiKkukO8swbO8vw4d/xh0U1EI/OboPrtSEdD/8TwaLYqJzRHDJrx2
D8LadD2gJUbGluxE0BaPOEUPtswRhYoWu+0heSJwEMiHG5X8AWZjepX3oplYLfjD
EcCq1TNqTth3I9vW1tmY7jd7mZf+uoO268DSk4rEf+YKk/InDKpcrlANfWPL1q5g
oISlXz9BHSM5xuAQfIIqbRL0LHesQ1V3buy2iyxpMe1fKyXUWZyH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:41 2024 by rpki-client on console-fra.rpki-client.org