Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/AX01YikaciPBMHhzxfLP6BOAhXo.roa
File:                     AX01YikaciPBMHhzxfLP6BOAhXo.roa (raw, json)
Hash identifier:          v88Eoq+Pqeoia/n5UZLLl/G+/hQ6iSWiAeubNjynIGo=
Subject key identifier:   01:7D:35:62:29:1A:72:23:C1:30:78:73:C5:F2:CF:E8:13:80:85:7A
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       01887C5E9102211C737E18C077C4EEDA7EC0
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/AX01YikaciPBMHhzxfLP6BOAhXo.roa
Signing time:             Fri 02 Jun 2023 13:49:12 +0000
ROA not before:           Fri 02 Jun 2023 13:49:12 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     29066
IP address blocks:        185.217.119.0/24 maxlen: 24
                          103.212.80.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:30:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:7c:5e:91:02:21:1c:73:7e:18:c0:77:c4:ee:da:7e:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Jun  2 13:49:12 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=017d3562291a7223c1307873c5f2cfe81380857a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:e9:96:0d:cf:03:54:4b:6b:bd:d9:fb:54:56:
                    4e:ee:0d:16:a7:0d:ee:4d:91:47:4e:22:27:d9:8f:
                    7d:0c:02:aa:00:75:d7:c8:51:e4:e6:f3:ec:8f:58:
                    0b:6a:b9:96:1b:f9:71:dc:b8:ca:b2:73:12:0a:bf:
                    2f:fd:f9:59:1a:6a:9a:16:5e:e3:4e:6b:d4:04:d7:
                    c1:57:76:e7:21:95:0b:a7:d0:c7:49:ed:0f:88:38:
                    d4:3f:f4:f0:52:f4:d2:5b:47:b4:54:26:2a:2f:b2:
                    38:5c:cb:46:6c:6e:3e:84:b5:36:25:9d:07:c9:5a:
                    4e:c3:20:9f:3c:99:75:f0:e4:5e:c9:ae:61:c9:1f:
                    48:55:1b:51:50:34:b0:3b:3d:8b:74:ec:70:be:b3:
                    70:c5:87:c9:c7:22:7c:43:ae:36:e4:ce:76:f2:fb:
                    65:31:27:a8:b2:dc:a9:8a:72:eb:ab:de:25:ed:0d:
                    ad:09:93:43:2d:a8:91:04:13:aa:b5:7b:94:de:30:
                    fa:81:af:b4:6d:4c:9f:94:48:b0:35:93:7d:ec:75:
                    bd:53:c1:c9:ca:57:90:23:df:ce:1f:1e:b8:bc:b3:
                    4a:3c:14:95:7a:cc:0d:69:15:da:e7:4c:9d:75:32:
                    5c:a1:eb:58:06:ae:da:93:8b:f4:30:9c:d1:da:60:
                    5d:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:7D:35:62:29:1A:72:23:C1:30:78:73:C5:F2:CF:E8:13:80:85:7A
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/AX01YikaciPBMHhzxfLP6BOAhXo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.212.80.0/24
                  185.217.119.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6a:8b:68:ae:1d:ce:4f:4a:60:dc:e5:6d:c6:8e:a1:b7:df:e4:
         f1:0f:b0:3d:c7:ab:a2:6f:66:f6:86:fb:ec:f4:34:7b:44:37:
         7d:2b:a0:25:ea:92:28:c2:7e:99:97:1b:65:f8:71:99:48:69:
         69:57:c5:f0:2f:55:b9:10:48:de:44:05:f1:ee:d6:d0:2d:0b:
         c9:7a:1c:65:f2:73:e2:a1:76:40:a8:ed:0d:ba:9e:3f:8a:ad:
         b2:02:c8:10:ef:0c:01:a3:3e:a6:db:79:49:c2:23:57:21:8e:
         8b:05:c2:4e:5e:1e:40:ee:d1:65:0b:6b:4d:81:54:17:19:09:
         5e:8a:1f:4c:98:dd:e9:c1:fc:99:38:e6:50:ad:20:68:13:b3:
         a2:66:d4:f9:b2:b6:2f:11:bf:8a:06:08:e3:e7:f8:70:dd:f8:
         4a:2d:37:39:45:d7:fc:af:74:0b:a9:5e:1e:e3:e3:94:42:38:
         92:67:96:a0:8f:3f:56:0e:bb:81:69:12:07:9f:5f:7f:3b:06:
         aa:7e:db:52:08:1a:76:93:9a:9b:df:b9:cc:f0:89:df:23:1c:
         a6:19:7d:11:26:c2:ae:bd:4f:6c:50:f3:17:fd:ed:31:73:b0:
         04:20:82:ed:bf:46:41:63:cf:6d:82:a9:14:cb:9b:d0:25:1a:
         02:35:e5:e0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYh8XpECIRxzfhjAd8Tu2n7AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNjAyMTM0OTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTdkMzU2MjI5MWE3MjIzYzEzMDc4NzNjNWYyY2ZlODEzODA4NTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlOmWDc8DVEtrvdn7VFZO7g0Wpw3u
TZFHTiIn2Y99DAKqAHXXyFHk5vPsj1gLarmWG/lx3LjKsnMSCr8v/flZGmqaFl7j
TmvUBNfBV3bnIZULp9DHSe0PiDjUP/TwUvTSW0e0VCYqL7I4XMtGbG4+hLU2JZ0H
yVpOwyCfPJl18OReya5hyR9IVRtRUDSwOz2LdOxwvrNwxYfJxyJ8Q6425M528vtl
MSeostypinLrq94l7Q2tCZNDLaiRBBOqtXuU3jD6ga+0bUyflEiwNZN97HW9U8HJ
yleQI9/OHx64vLNKPBSVeswNaRXa50yddTJcoetYBq7ak4v0MJzR2mBdcQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAF9NWIpGnIjwTB4c8Xyz+gTgIV6MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvQVgwMVlpa2FjaVBCTUhoenhmTFA2Qk9BaFhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAZ9RQAwQA
udl3MA0GCSqGSIb3DQEBCwUAA4IBAQBqi2iuHc5PSmDc5W3GjqG33+TxD7A9x6ui
b2b2hvvs9DR7RDd9K6Al6pIown6Zlxtl+HGZSGlpV8XwL1W5EEjeRAXx7tbQLQvJ
ehxl8nPioXZAqO0Nup4/iq2yAsgQ7wwBoz6m23lJwiNXIY6LBcJOXh5A7tFlC2tN
gVQXGQleih9MmN3pwfyZOOZQrSBoE7OiZtT5srYvEb+KBgjj5/hw3fhKLTc5Rdf8
r3QLqV4e4+OUQjiSZ5agjz9WDruBaRIHn19/OwaqfttSCBp2k5qb37nM8InfIxym
GX0RJsKuvU9sUPMX/e0xc7AEIILtv0ZBY89tgqkUy5vQJRoCNeXg
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:44 2024 by rpki-client on console-fra.rpki-client.org