Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/TGizaMAsXZ9z2TIw9i7EHOx16e4.roa
File:                     TGizaMAsXZ9z2TIw9i7EHOx16e4.roa (raw, json)
Hash identifier:          nxFSsvUSL7Y19Kw8a8d29RZ02A0x7nKVJEUiOrG+ze0=
Subject key identifier:   4C:68:B3:68:C0:2C:5D:9F:73:D9:32:30:F6:2E:C4:1C:EC:75:E9:EE
Certificate issuer:       /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial:       018FD322DCC2F7A441EE283FEAE7F35F9159
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/TGizaMAsXZ9z2TIw9i7EHOx16e4.roa
Signing time:             Sat 01 Jun 2024 09:30:28 +0000
ROA not before:           Sat 01 Jun 2024 09:30:28 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     206728
IP address blocks:        93.115.203.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 16 Sep 2024 10:38:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:d3:22:dc:c2:f7:a4:41:ee:28:3f:ea:e7:f3:5f:91:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
        Validity
            Not Before: Jun  1 09:30:28 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=4c68b368c02c5d9f73d93230f62ec41cec75e9ee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:8d:03:92:35:6d:14:c4:04:95:93:01:86:e5:
                    36:ed:0f:66:98:34:79:5d:49:fd:26:f9:1c:8d:9d:
                    3a:be:2a:f8:c4:25:b7:60:dc:73:4d:fc:5d:3f:08:
                    b6:18:01:fc:27:22:de:2e:ff:58:3a:52:b5:95:b0:
                    f9:a0:7a:8e:cc:5f:9b:61:b1:7a:c2:dc:66:71:10:
                    13:89:80:5d:49:69:18:02:7f:a2:3e:cf:1b:82:6f:
                    f3:d9:ce:14:52:ea:cf:fb:70:5a:76:f2:78:ea:b6:
                    04:ff:58:40:da:e7:73:ab:94:dc:c9:91:ab:da:ec:
                    71:2b:4a:25:6b:13:52:ed:9e:5d:7b:02:d4:f2:30:
                    bb:77:54:48:27:ed:99:95:2a:1c:11:94:3a:e7:38:
                    d5:c1:c2:f3:8a:92:ca:4b:d3:52:52:0e:83:2b:d4:
                    c3:30:6e:55:24:80:f3:fc:0d:d9:e4:1a:6c:7b:2a:
                    75:a9:95:5e:33:df:96:56:5d:a8:51:d8:ee:18:9c:
                    35:ae:d1:56:c3:da:d9:04:ee:ba:75:f6:8e:f1:c6:
                    45:c7:98:ac:43:ff:0d:b2:0a:5d:82:2c:2f:07:55:
                    0b:a5:e9:0e:8e:63:4c:27:7f:51:66:a5:66:33:c5:
                    8b:23:2a:cb:0c:aa:11:11:df:ec:f5:7a:de:48:de:
                    56:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:68:B3:68:C0:2C:5D:9F:73:D9:32:30:F6:2E:C4:1C:EC:75:E9:EE
            X509v3 Authority Key Identifier:
                keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/TGizaMAsXZ9z2TIw9i7EHOx16e4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  93.115.203.0/24

    Signature Algorithm: sha256WithRSAEncryption
         75:d4:ac:81:63:b8:11:c9:7b:8f:58:9f:d5:07:b4:20:fb:91:
         7f:d6:85:d7:bf:69:d2:e1:fc:3a:0e:e5:df:17:bf:7e:d7:00:
         98:43:b1:aa:18:7a:7f:1c:54:81:e6:bd:92:0a:e7:83:bc:8d:
         32:8e:ec:b1:55:5d:c3:96:f3:70:d1:63:f8:fb:d9:3d:15:b8:
         3d:0a:fb:9e:94:16:f8:b7:03:24:ad:38:82:64:91:6d:e5:94:
         57:8b:c8:46:f2:a5:49:d9:54:99:41:46:8e:3d:d4:f4:00:b3:
         24:fb:ec:21:6e:b9:17:63:76:35:0e:d4:98:b4:c6:df:04:06:
         94:8c:59:16:48:0a:a8:f2:89:dd:95:ca:a1:e7:09:20:61:be:
         ea:a3:0e:7e:c4:22:c0:84:20:cc:5c:65:6a:1e:3f:f1:c7:8e:
         d9:16:10:6e:46:09:15:a5:1d:99:06:42:46:a5:f0:ce:e6:c7:
         9f:cd:ea:56:09:ad:4f:06:89:9d:63:f4:2e:25:27:f2:d1:15:
         35:f4:cf:25:c9:a7:da:b4:e5:62:d8:a5:1a:85:e6:07:64:1a:
         a4:b4:87:85:32:bb:1d:06:08:f2:fa:71:a4:2b:81:35:13:87:
         08:dd:be:58:34:d3:f9:56:cf:32:21:c1:40:1c:f0:95:b6:ce:
         6d:4c:f2:fd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY/TItzC96RB7ig/6ufzX5FZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjQwNjAxMDkzMDI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzY4YjM2OGMwMmM1ZDlmNzNkOTMyMzBmNjJlYzQxY2VjNzVlOWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtI0DkjVtFMQElZMBhuU27Q9mmDR5
XUn9JvkcjZ06vir4xCW3YNxzTfxdPwi2GAH8JyLeLv9YOlK1lbD5oHqOzF+bYbF6
wtxmcRATiYBdSWkYAn+iPs8bgm/z2c4UUurP+3BadvJ46rYE/1hA2udzq5TcyZGr
2uxxK0olaxNS7Z5dewLU8jC7d1RIJ+2ZlSocEZQ65zjVwcLzipLKS9NSUg6DK9TD
MG5VJIDz/A3Z5Bpseyp1qZVeM9+WVl2oUdjuGJw1rtFWw9rZBO66dfaO8cZFx5is
Q/8NsgpdgiwvB1ULpekOjmNMJ39RZqVmM8WLIyrLDKoREd/s9XreSN5W0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFExos2jALF2fc9kyMPYuxBzsdenuMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvVEdpemFNQXNYWjl6MlRJdzlpN0VIT3gxNmU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXXPLMA0G
CSqGSIb3DQEBCwUAA4IBAQB11KyBY7gRyXuPWJ/VB7Qg+5F/1oXXv2nS4fw6DuXf
F79+1wCYQ7GqGHp/HFSB5r2SCueDvI0yjuyxVV3DlvNw0WP4+9k9Fbg9CvuelBb4
twMkrTiCZJFt5ZRXi8hG8qVJ2VSZQUaOPdT0ALMk++whbrkXY3Y1DtSYtMbfBAaU
jFkWSAqo8ondlcqh5wkgYb7qow5+xCLAhCDMXGVqHj/xx47ZFhBuRgkVpR2ZBkJG
pfDO5sefzepWCa1PBomdY/QuJSfy0RU19M8lyafatOVi2KUaheYHZBqktIeFMrsd
Bgjy+nGkK4E1E4cI3b5YNNP5Vs8yIcFAHPCVts5tTPL9
-----END CERTIFICATE-----
Generated at Mon Sep 16 14:52:52 2024 by rpki-client on console-ams.rpki-client.org