Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/JyUHaTXiCinCCbfeokOlTqPyd1c.roa
File:                     JyUHaTXiCinCCbfeokOlTqPyd1c.roa (raw, json)
Hash identifier:          cbhqONSBRmdGJgerTVrDgPfPq1QkUla6msYHIJznddE=
Subject key identifier:   27:25:07:69:35:E2:0A:29:C2:09:B7:DE:A2:43:A5:4E:A3:F2:77:57
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       018C63BC3023C33A6198C8AC8EE98DFD1F42
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/JyUHaTXiCinCCbfeokOlTqPyd1c.roa
Signing time:             Wed 13 Dec 2023 15:12:06 +0000
ROA not before:           Wed 13 Dec 2023 15:12:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     6762
IP address blocks:        93.114.195.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:30:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:63:bc:30:23:c3:3a:61:98:c8:ac:8e:e9:8d:fd:1f:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Dec 13 15:12:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2725076935e20a29c209b7dea243a54ea3f27757
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:02:34:82:ef:cf:9b:cb:76:2d:d3:a9:60:8f:
                    f8:36:1b:1e:2f:40:ec:be:28:f6:33:93:07:54:e6:
                    03:a9:7c:e6:ab:08:1c:4f:65:d8:41:dc:3e:eb:91:
                    53:ea:7c:fc:f9:1f:ec:a6:20:04:86:05:ca:77:f4:
                    ce:78:f8:27:f7:7f:6a:2e:b6:f9:f4:a4:23:87:3e:
                    f7:eb:05:a3:79:5a:2f:f8:1f:54:cc:8b:16:20:c6:
                    65:34:cd:a4:75:a9:e4:62:de:fd:d1:1f:54:d8:53:
                    50:94:54:04:54:c1:17:e8:f5:8b:61:9e:06:19:08:
                    c2:7d:fa:b5:53:10:11:a7:6b:09:9e:7c:cd:2b:33:
                    24:b3:95:e5:f8:02:e6:d2:f8:87:c8:a8:4b:45:ca:
                    7b:07:87:6e:22:32:3c:c2:4a:f3:bd:d3:d1:29:1a:
                    2a:17:ba:9d:5d:f3:89:13:f3:db:78:c9:5f:fd:3e:
                    a0:2c:5b:d2:7b:17:37:6a:06:e5:87:64:72:b8:53:
                    cb:ba:aa:35:a8:34:71:75:f4:0e:96:f6:b3:8f:33:
                    9f:56:0a:00:20:1c:b3:1c:8f:b0:9f:b4:91:13:7c:
                    73:29:dc:41:1c:9c:6a:81:62:05:15:0f:a2:04:dc:
                    6b:33:ec:24:dc:49:87:a3:da:5f:7d:50:ca:e6:cd:
                    af:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:25:07:69:35:E2:0A:29:C2:09:B7:DE:A2:43:A5:4E:A3:F2:77:57
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/JyUHaTXiCinCCbfeokOlTqPyd1c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  93.114.195.0/24

    Signature Algorithm: sha256WithRSAEncryption
         57:64:b4:18:a9:07:c1:ad:e2:cf:45:cf:83:d2:18:bd:2e:3d:
         f8:e3:f4:61:07:2c:10:28:fb:94:08:de:c9:94:d5:0b:6c:3b:
         2d:e7:74:4a:13:14:09:40:3e:b9:ee:70:e3:b9:af:c8:58:44:
         71:7b:41:3f:0c:da:8e:eb:65:d9:31:8f:41:de:38:29:9c:c4:
         f4:f2:d1:99:85:8b:01:55:67:0f:a8:5b:ee:67:67:14:df:a9:
         f1:c8:d9:68:0b:92:9d:03:48:69:f5:fa:e2:f3:aa:e4:84:be:
         7b:70:c5:4d:e4:e8:a8:91:15:76:7a:ec:58:66:ea:ba:c6:a3:
         81:b2:f2:82:21:18:9a:2f:ee:61:0c:a8:99:ba:19:ff:e1:44:
         d0:44:ee:87:29:93:72:1a:d4:32:8a:94:18:23:44:d2:30:28:
         2c:dc:d3:09:84:7e:ef:14:77:5f:63:a8:b5:d4:3a:8e:be:05:
         33:94:dc:2b:e3:b3:a9:6b:18:9e:f4:0a:fd:a8:b3:d2:03:ab:
         ab:c9:72:d2:ac:e6:e8:82:35:8b:59:3e:64:bb:9a:07:30:73:
         db:5b:29:9a:e9:cc:3b:b3:0a:00:e9:9d:82:1f:f6:7b:dc:00:
         f2:40:64:a9:7d:50:e4:ca:37:a9:f6:8f:41:eb:20:a8:2a:ad:
         85:df:e1:89
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxjvDAjwzphmMisjumN/R9CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMjEzMTUxMjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzI1MDc2OTM1ZTIwYTI5YzIwOWI3ZGVhMjQzYTU0ZWEzZjI3NzU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjQI0gu/Pm8t2LdOpYI/4NhseL0Ds
vij2M5MHVOYDqXzmqwgcT2XYQdw+65FT6nz8+R/spiAEhgXKd/TOePgn939qLrb5
9KQjhz736wWjeVov+B9UzIsWIMZlNM2kdankYt790R9U2FNQlFQEVMEX6PWLYZ4G
GQjCffq1UxARp2sJnnzNKzMks5Xl+ALm0viHyKhLRcp7B4duIjI8wkrzvdPRKRoq
F7qdXfOJE/PbeMlf/T6gLFvSexc3agblh2RyuFPLuqo1qDRxdfQOlvazjzOfVgoA
IByzHI+wn7SRE3xzKdxBHJxqgWIFFQ+iBNxrM+wk3EmHo9pffVDK5s2vLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCclB2k14gopwgm33qJDpU6j8ndXMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvSnlVSGFUWGlDaW5DQ2JmZW9rT2xUcVB5ZDFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXXLDMA0G
CSqGSIb3DQEBCwUAA4IBAQBXZLQYqQfBreLPRc+D0hi9Lj344/RhBywQKPuUCN7J
lNULbDst53RKExQJQD657nDjua/IWERxe0E/DNqO62XZMY9B3jgpnMT08tGZhYsB
VWcPqFvuZ2cU36nxyNloC5KdA0hp9fri86rkhL57cMVN5OiokRV2euxYZuq6xqOB
svKCIRiaL+5hDKiZuhn/4UTQRO6HKZNyGtQyipQYI0TSMCgs3NMJhH7vFHdfY6i1
1DqOvgUzlNwr47Opaxie9Ar9qLPSA6uryXLSrObogjWLWT5ku5oHMHPbWyma6cw7
swoA6Z2CH/Z73ADyQGSpfVDkyjep9o9B6yCoKq2F3+GJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:45 2024 by rpki-client on console-fra.rpki-client.org