Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/2wwBnOSOx5OLb30-UwEuhdVw3uA.roa
File:                     2wwBnOSOx5OLb30-UwEuhdVw3uA.roa (raw, json)
Hash identifier:          s6AfEWZ+VEdLMW2ILLRFiEjxSuAN7qAKzAg5bwttw0M=
Subject key identifier:   DB:0C:01:9C:E4:8E:C7:93:8B:6F:7D:3E:53:01:2E:85:D5:70:DE:E0
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       01874B3AC3A62B4C20F27FEC46EC82C5E9D1
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/2wwBnOSOx5OLb30-UwEuhdVw3uA.roa
Signing time:             Tue 04 Apr 2023 07:45:54 +0000
ROA not before:           Tue 04 Apr 2023 07:45:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     12912
IP address blocks:        223.27.114.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 06 Apr 2023 09:59:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:4b:3a:c3:a6:2b:4c:20:f2:7f:ec:46:ec:82:c5:e9:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Apr  4 07:45:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=db0c019ce48ec7938b6f7d3e53012e85d570dee0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:4d:e1:fd:2d:e0:42:cd:b9:5f:c0:6f:da:1a:
                    b9:a9:33:74:bb:a9:6f:ce:1c:73:fe:e7:2a:ce:84:
                    44:59:de:b5:64:79:e5:27:59:1b:fc:7b:7a:05:79:
                    18:af:53:37:7a:4d:ae:4b:61:c6:66:10:04:a1:dd:
                    76:3a:da:4c:db:8e:01:65:4d:10:34:16:f6:7e:91:
                    bb:1e:99:7e:e5:ca:cf:79:4e:5f:49:89:75:9d:61:
                    5f:6c:81:1d:f1:38:05:8e:42:0c:f0:ca:4f:c3:07:
                    9b:a4:fe:f1:05:f4:d6:8c:61:f7:e4:7f:e9:fe:5b:
                    b2:ea:3b:11:ad:a0:fc:4d:a5:e1:f5:0d:2a:de:18:
                    5b:ae:e2:46:65:73:f4:1a:be:46:c1:e8:d7:f0:cf:
                    09:0c:fc:30:8f:0a:13:12:36:5e:1c:5e:0d:86:14:
                    9a:b2:5e:dd:48:63:b1:a6:5f:d5:69:a2:96:e1:21:
                    05:6c:5c:13:fa:e0:df:e8:9e:2b:ce:65:0e:26:79:
                    40:fd:81:ee:8c:42:14:6f:79:d8:33:ec:ba:9c:a2:
                    c5:28:5d:49:fe:e2:cf:68:42:81:7a:3c:35:b6:b3:
                    0f:3e:19:d9:6c:ac:f4:83:57:0e:ef:06:9a:6a:0b:
                    22:8c:c1:bb:7a:73:8f:ec:b1:c4:ee:b1:c2:08:a7:
                    b4:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:0C:01:9C:E4:8E:C7:93:8B:6F:7D:3E:53:01:2E:85:D5:70:DE:E0
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/2wwBnOSOx5OLb30-UwEuhdVw3uA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  223.27.114.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3b:9c:20:83:e3:95:16:31:d0:ee:3b:46:5f:d3:36:23:30:aa:
         d3:9a:43:5c:94:8e:b3:aa:44:21:9e:ab:e1:4d:19:b8:76:55:
         6c:c1:b5:d0:86:39:9e:b7:79:d0:14:a1:d5:1a:b1:21:c7:60:
         5e:90:28:14:dc:27:77:79:72:0a:04:30:e6:77:b4:9a:44:84:
         c9:73:8e:c2:78:67:22:fc:cb:ad:38:bb:7d:73:60:e3:c6:99:
         1f:ed:66:30:2b:90:64:ce:27:a1:84:cd:0e:4a:f6:b8:44:01:
         07:5d:e0:41:1d:52:d8:e7:e0:bb:db:ff:97:e1:2b:5f:42:23:
         08:f5:f1:66:ba:c5:42:92:b5:00:e1:8c:65:6c:8b:50:85:07:
         d9:51:9b:b6:ff:f2:9d:23:65:63:7d:d4:39:b4:d7:f8:e7:50:
         39:11:48:6b:e2:3e:5c:d4:2a:9e:31:d2:03:81:dc:8c:90:70:
         d0:52:86:e9:61:50:62:ed:9b:ae:86:56:c9:63:93:6a:43:c4:
         59:ba:48:3b:95:b1:e8:59:14:cd:0f:bc:1f:ab:62:88:0b:a9:
         cb:43:6e:6b:be:fd:24:64:f4:a3:3e:2a:36:04:bb:dc:cd:6c:
         b0:90:33:b0:0d:8d:e6:f1:19:4b:e4:39:1f:2a:12:bf:49:91:
         22:7c:0f:d7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYdLOsOmK0wg8n/sRuyCxenRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNDA0MDc0NTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjBjMDE5Y2U0OGVjNzkzOGI2ZjdkM2U1MzAxMmU4NWQ1NzBkZWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjU3h/S3gQs25X8Bv2hq5qTN0u6lv
zhxz/ucqzoREWd61ZHnlJ1kb/Ht6BXkYr1M3ek2uS2HGZhAEod12OtpM244BZU0Q
NBb2fpG7Hpl+5crPeU5fSYl1nWFfbIEd8TgFjkIM8MpPwwebpP7xBfTWjGH35H/p
/luy6jsRraD8TaXh9Q0q3hhbruJGZXP0Gr5GwejX8M8JDPwwjwoTEjZeHF4NhhSa
sl7dSGOxpl/VaaKW4SEFbFwT+uDf6J4rzmUOJnlA/YHujEIUb3nYM+y6nKLFKF1J
/uLPaEKBejw1trMPPhnZbKz0g1cO7waaagsijMG7enOP7LHE7rHCCKe0zQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNsMAZzkjseTi299PlMBLoXVcN7gMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvMnd3Qm5PU094NU9MYjMwLVV3RXVoZFZ3M3VBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA3xtyMA0G
CSqGSIb3DQEBCwUAA4IBAQA7nCCD45UWMdDuO0Zf0zYjMKrTmkNclI6zqkQhnqvh
TRm4dlVswbXQhjmet3nQFKHVGrEhx2BekCgU3Cd3eXIKBDDmd7SaRITJc47CeGci
/MutOLt9c2Djxpkf7WYwK5BkziehhM0OSva4RAEHXeBBHVLY5+C72/+X4StfQiMI
9fFmusVCkrUA4YxlbItQhQfZUZu2//KdI2VjfdQ5tNf451A5EUhr4j5c1CqeMdID
gdyMkHDQUobpYVBi7ZuuhlbJY5NqQ8RZukg7lbHoWRTND7wfq2KIC6nLQ25rvv0k
ZPSjPio2BLvczWywkDOwDY3m8RlL5DkfKhK/SZEifA/X
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:44 2024 by rpki-client on console-fra.rpki-client.org