Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/1LhD7g_EXpNe8JJqaA-vJf9UCg8.roa
File:                     1LhD7g_EXpNe8JJqaA-vJf9UCg8.roa (raw, json)
Hash identifier:          jd5acsXNIkelqxn+vzqt6nSWr6wFf24YtWKDwc1XUwM=
Subject key identifier:   D4:B8:43:EE:0F:C4:5E:93:5E:F0:92:6A:68:0F:AF:25:FF:54:0A:0F
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       01857102FA1C30096F64B5658E6075247683
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/1LhD7g_EXpNe8JJqaA-vJf9UCg8.roa
Signing time:             Mon 02 Jan 2023 05:44:58 +0000
ROA not before:           Mon 02 Jan 2023 05:44:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     6233
IP address blocks:        194.242.2.0/24 maxlen: 24
                          193.19.108.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:30:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:02:fa:1c:30:09:6f:64:b5:65:8e:60:75:24:76:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Jan  2 05:44:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d4b843ee0fc45e935ef0926a680faf25ff540a0f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:0b:c8:7e:a9:63:9a:f2:19:5d:92:99:6b:07:
                    5a:92:44:2a:12:c0:53:64:04:5a:6b:92:52:ed:e5:
                    06:9d:73:29:7b:dc:48:ad:45:0b:7b:92:a0:c3:39:
                    27:e8:83:77:8f:5a:9c:3f:af:8b:17:56:2e:1d:65:
                    4f:84:c8:0b:17:57:2f:2b:cf:3e:37:5f:61:6b:1c:
                    9f:37:46:23:d7:f3:86:a8:6d:b9:3d:55:8b:15:88:
                    9a:56:75:4e:2c:5e:fa:db:9a:63:f4:af:78:c5:50:
                    0d:24:fd:b4:f6:fd:e1:24:bd:db:3c:41:65:e6:c9:
                    71:1b:01:bb:d6:0b:60:34:54:eb:fe:e4:64:8b:0b:
                    81:8b:c6:ae:49:71:06:77:6b:34:07:4b:4f:03:75:
                    38:38:18:b3:0a:70:d1:70:83:16:f1:aa:69:00:35:
                    ed:d3:98:7b:09:2a:0d:62:85:6a:b0:72:98:d4:85:
                    a9:69:4e:e2:7f:33:09:81:d8:45:e8:f5:54:0b:00:
                    49:f8:1e:3c:b2:84:e3:b2:44:b3:c5:6e:b2:4f:0f:
                    8a:2a:ee:93:a8:20:be:32:d5:b4:f2:89:c9:1e:92:
                    43:52:0e:29:b8:06:9e:1d:a4:68:60:0b:da:e7:95:
                    96:16:a1:e4:90:0b:18:5c:54:3e:a5:38:f4:8a:fc:
                    d5:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:B8:43:EE:0F:C4:5E:93:5E:F0:92:6A:68:0F:AF:25:FF:54:0A:0F
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/1LhD7g_EXpNe8JJqaA-vJf9UCg8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.19.108.0/24
                  194.242.2.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2c:3b:ed:40:f5:5f:c0:bf:93:c0:b8:70:96:a2:5d:a0:06:43:
         99:76:75:7a:85:d3:a1:af:c0:61:62:1b:9a:f7:38:15:36:44:
         e4:10:4d:33:4b:ed:b4:4c:be:0c:42:b8:40:5a:d7:5b:44:0b:
         c0:fc:b9:51:4e:3f:0f:bc:28:74:5f:69:9d:1c:df:ba:44:0e:
         1a:2d:1b:cb:30:bd:c0:7e:8d:3e:53:a2:de:23:d4:35:b5:8c:
         1e:b7:43:ce:c5:a7:d5:1a:fb:05:ed:53:62:fa:74:78:f8:c3:
         e3:2b:b6:ec:3b:6f:30:41:17:6a:ea:bf:b6:d4:c3:29:e6:7d:
         83:8d:b6:db:1a:fe:01:be:71:14:c5:80:e6:06:0b:f7:af:5b:
         a2:4e:94:98:de:57:db:58:2e:1e:ef:46:1d:64:01:a2:64:fb:
         73:cb:84:2c:ed:40:1b:7b:18:e7:95:f5:60:6e:33:71:ed:4f:
         34:f8:c5:7c:80:93:5e:2c:54:60:90:82:66:0d:0e:c0:e2:ab:
         98:9c:82:bc:bf:85:da:22:5b:dc:d3:9c:56:7d:90:13:17:9c:
         e6:16:bf:bb:0c:6c:61:76:bd:58:7e:eb:2e:b4:f4:82:f9:6b:
         89:b5:74:d7:19:84:48:e7:ca:0f:2e:f7:eb:a1:41:4c:be:ec:
         77:26:a5:3b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxAvocMAlvZLVljmB1JHaDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMTAyMDU0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGI4NDNlZTBmYzQ1ZTkzNWVmMDkyNmE2ODBmYWYyNWZmNTQwYTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQvIfqljmvIZXZKZawdakkQqEsBT
ZARaa5JS7eUGnXMpe9xIrUULe5Kgwzkn6IN3j1qcP6+LF1YuHWVPhMgLF1cvK88+
N19haxyfN0Yj1/OGqG25PVWLFYiaVnVOLF7625pj9K94xVANJP209v3hJL3bPEFl
5slxGwG71gtgNFTr/uRkiwuBi8auSXEGd2s0B0tPA3U4OBizCnDRcIMW8appADXt
05h7CSoNYoVqsHKY1IWpaU7ifzMJgdhF6PVUCwBJ+B48soTjskSzxW6yTw+KKu6T
qCC+MtW08onJHpJDUg4puAaeHaRoYAva55WWFqHkkAsYXFQ+pTj0ivzVuwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNS4Q+4PxF6TXvCSamgPryX/VAoPMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvMUxoRDdnX0VYcE5lOEpKcWFBLXZKZjlVQ2c4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwRNsAwQA
wvICMA0GCSqGSIb3DQEBCwUAA4IBAQAsO+1A9V/Av5PAuHCWol2gBkOZdnV6hdOh
r8BhYhua9zgVNkTkEE0zS+20TL4MQrhAWtdbRAvA/LlRTj8PvCh0X2mdHN+6RA4a
LRvLML3Afo0+U6LeI9Q1tYwet0POxafVGvsF7VNi+nR4+MPjK7bsO28wQRdq6r+2
1MMp5n2DjbbbGv4BvnEUxYDmBgv3r1uiTpSY3lfbWC4e70YdZAGiZPtzy4Qs7UAb
exjnlfVgbjNx7U80+MV8gJNeLFRgkIJmDQ7A4quYnIK8v4XaIlvc05xWfZATF5zm
Fr+7DGxhdr1YfusutPSC+WuJtXTXGYRI58oPLvfroUFMvux3JqU7
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:08 2024 by rpki-client on console-ams.rpki-client.org