Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/IAH3X7Ai2zxRvKFwA3UtILAiYws.roa
File:                     IAH3X7Ai2zxRvKFwA3UtILAiYws.roa (raw, json)
Hash identifier:          tamEex0zvubQz9l6Yc/HIZ5ANbSDjoZuzvs/Ai4xGjQ=
Subject key identifier:   20:01:F7:5F:B0:22:DB:3C:51:BC:A1:70:03:75:2D:20:B0:22:63:0B
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       018773E03E3D626BECBC06E3B445AB5CC1F4
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/IAH3X7Ai2zxRvKFwA3UtILAiYws.roa
Signing time:             Wed 12 Apr 2023 05:11:28 +0000
ROA not before:           Wed 12 Apr 2023 05:11:28 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     400377
IP address blocks:        93.114.193.0/24 maxlen: 24
                          185.255.36.0/24 maxlen: 24
                          185.135.142.0/24 maxlen: 24
                          188.240.226.0/24 maxlen: 24
                          188.240.227.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 26 Apr 2023 05:08:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:73:e0:3e:3d:62:6b:ec:bc:06:e3:b4:45:ab:5c:c1:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Apr 12 05:11:28 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2001f75fb022db3c51bca17003752d20b022630b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:2b:43:6a:d4:b1:df:ba:b2:49:e3:ed:2a:ce:
                    3a:bc:8d:93:a5:ac:b6:0e:5f:9d:d1:1b:ba:a6:b8:
                    bd:52:c5:a2:ff:31:4d:ff:fa:4e:52:6b:cc:53:81:
                    0e:0e:95:a5:20:07:28:96:d2:e5:2a:cc:c0:fa:a9:
                    84:95:25:2d:07:0d:a1:0c:6f:41:09:ed:bf:48:94:
                    e6:8a:d2:c8:95:4a:9f:b3:fa:bf:88:af:d0:a3:e1:
                    03:c7:49:52:1f:50:cc:55:cb:90:e9:b5:4c:aa:cb:
                    cc:ba:79:bd:d3:4b:0a:8f:e7:18:be:1d:ee:4c:c7:
                    4d:f0:71:d6:cf:c4:11:55:2e:dc:ee:92:ad:f5:c4:
                    ee:e4:81:24:8f:44:9f:8e:d9:9e:e5:b3:53:60:25:
                    36:cd:cb:0e:3a:da:d0:13:69:40:42:c8:9c:c9:7c:
                    e0:e3:7a:b1:a2:01:86:98:fd:31:c2:d3:e5:f9:5e:
                    8c:14:f6:95:ed:31:ab:03:5e:e2:2a:70:b1:25:d2:
                    80:38:1b:8a:88:48:f9:78:e4:2e:71:54:14:2d:24:
                    e8:6f:cc:4a:45:4a:1e:a7:15:9b:46:3a:dd:c0:93:
                    25:4f:3f:64:01:21:02:56:3c:85:fa:da:f7:81:89:
                    8d:66:2b:7d:ce:f9:7d:71:aa:db:7d:30:c4:9f:b6:
                    a0:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:01:F7:5F:B0:22:DB:3C:51:BC:A1:70:03:75:2D:20:B0:22:63:0B
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/IAH3X7Ai2zxRvKFwA3UtILAiYws.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  93.114.193.0/24
                  185.135.142.0/24
                  185.255.36.0/24
                  188.240.226.0/23

    Signature Algorithm: sha256WithRSAEncryption
         88:02:48:8e:ed:2d:39:ba:eb:3f:a3:40:11:4d:f5:44:c0:97:
         0a:9d:46:4f:d0:f8:e5:a6:e5:7f:dd:38:a7:46:02:d9:83:d7:
         0a:90:e9:58:e5:9b:ce:6b:2a:8e:79:da:d9:c9:64:f1:57:99:
         a7:56:32:ca:82:82:43:f9:b4:af:f4:fc:d8:ac:c9:88:a2:22:
         19:63:18:19:1e:86:ec:b9:a1:fc:68:8d:d2:5f:88:d6:6d:6d:
         14:a0:c3:23:9b:de:bc:84:40:07:22:01:00:b3:fb:ed:0e:b9:
         b0:ca:15:70:a0:e9:2e:52:9d:a3:b7:b0:64:53:0a:67:a8:6b:
         4b:5b:c1:32:12:de:97:83:ba:9c:0a:55:bb:7c:01:23:0c:21:
         45:c5:84:79:35:f0:43:5b:c1:fe:b8:fe:de:b5:19:eb:05:67:
         8f:f4:7d:3a:68:2f:19:b4:2a:23:44:90:76:d7:d6:10:27:6b:
         12:e1:67:30:3e:73:35:ef:82:da:8d:50:83:fa:4f:25:2d:3b:
         be:f8:0d:75:b4:d7:46:ce:17:03:d3:b1:5a:34:d8:c2:ac:36:
         54:08:5a:9f:c9:52:4d:1f:e9:3b:39:16:fa:53:0f:15:b8:30:
         ef:5a:59:f2:18:42:87:42:74:b1:a0:2a:4c:54:4f:cb:44:9d:
         01:39:f2:69
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYdz4D49YmvsvAbjtEWrXMH0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNDEyMDUxMTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDAxZjc1ZmIwMjJkYjNjNTFiY2ExNzAwMzc1MmQyMGIwMjI2MzBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4CtDatSx37qySePtKs46vI2Tpay2
Dl+d0Ru6pri9UsWi/zFN//pOUmvMU4EODpWlIAcoltLlKszA+qmElSUtBw2hDG9B
Ce2/SJTmitLIlUqfs/q/iK/Qo+EDx0lSH1DMVcuQ6bVMqsvMunm900sKj+cYvh3u
TMdN8HHWz8QRVS7c7pKt9cTu5IEkj0Sfjtme5bNTYCU2zcsOOtrQE2lAQsicyXzg
43qxogGGmP0xwtPl+V6MFPaV7TGrA17iKnCxJdKAOBuKiEj5eOQucVQULSTob8xK
RUoepxWbRjrdwJMlTz9kASECVjyF+tr3gYmNZit9zvl9carbfTDEn7agfwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCAB91+wIts8UbyhcAN1LSCwImMLMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvSUFIM1g3QWkyenhSdktGd0EzVXRJTEFpWXdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAXXLBAwQA
uYeOAwQAuf8kAwQBvPDiMA0GCSqGSIb3DQEBCwUAA4IBAQCIAkiO7S05uus/o0AR
TfVEwJcKnUZP0PjlpuV/3TinRgLZg9cKkOlY5ZvOayqOedrZyWTxV5mnVjLKgoJD
+bSv9PzYrMmIoiIZYxgZHobsuaH8aI3SX4jWbW0UoMMjm968hEAHIgEAs/vtDrmw
yhVwoOkuUp2jt7BkUwpnqGtLW8EyEt6Xg7qcClW7fAEjDCFFxYR5NfBDW8H+uP7e
tRnrBWeP9H06aC8ZtCojRJB219YQJ2sS4WcwPnM174LajVCD+k8lLTu++A11tNdG
zhcD07FaNNjCrDZUCFqfyVJNH+k7ORb6Uw8VuDDvWlnyGEKHQnSxoCpMVE/LRJ0B
OfJp
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:10 2024 by rpki-client on console-ams.rpki-client.org