Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/LJInUi71db1USdk6Dc0dloc0QJ8.roa
File:                     LJInUi71db1USdk6Dc0dloc0QJ8.roa (raw, json)
Hash identifier:          SXnDvsFOtcCDYgf/kRbj6SYi/BuOfLICNf3KxD37zgs=
Subject key identifier:   2C:92:27:52:2E:F5:75:BD:54:49:D9:3A:0D:CD:1D:96:87:34:40:9F
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       0186A6A4E4C00B70D4C7DB516D7A9F2FB520
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/LJInUi71db1USdk6Dc0dloc0QJ8.roa
Signing time:             Fri 03 Mar 2023 08:44:29 +0000
ROA not before:           Fri 03 Mar 2023 08:44:29 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     400377
IP address blocks:        93.114.193.0/24 maxlen: 24
                          188.240.68.0/24 maxlen: 24
                          185.255.36.0/24 maxlen: 24
                          185.135.142.0/24 maxlen: 24
                          94.176.111.0/24 maxlen: 24
                          188.240.226.0/24 maxlen: 24
                          188.240.227.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 03 Apr 2023 10:33:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:a6:a4:e4:c0:0b:70:d4:c7:db:51:6d:7a:9f:2f:b5:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Mar  3 08:44:29 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2c9227522ef575bd5449d93a0dcd1d968734409f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:52:23:68:2f:60:21:eb:90:f2:37:07:97:f1:
                    cf:da:86:32:9e:2a:19:f8:bd:e4:8b:f5:82:63:28:
                    ee:91:14:ec:bb:75:69:d3:07:0f:8b:c3:c9:15:7b:
                    d9:41:4e:6c:c4:06:1d:1a:53:fd:48:c3:ab:8c:62:
                    df:aa:70:13:7b:7d:2d:1b:1a:36:1b:64:2f:0f:1c:
                    6c:16:e6:22:35:87:aa:f8:df:6f:63:d6:b2:74:18:
                    a0:fc:cb:44:47:cc:cf:8e:e3:76:f5:70:ec:03:f9:
                    cb:08:a2:3c:3b:e9:36:b9:8c:bc:95:bf:8d:3a:40:
                    aa:fd:99:57:ef:a3:35:f1:08:ca:fb:74:ae:71:67:
                    d5:d4:d6:c9:ba:66:62:4c:2f:76:ce:23:9b:5e:f4:
                    b4:90:d8:a5:2f:e1:13:51:34:00:06:95:77:92:a3:
                    73:70:b9:b7:37:86:30:bd:84:f0:30:a6:bb:41:ab:
                    5f:2e:a9:d7:35:5a:bf:98:9b:fd:42:0a:58:f9:4a:
                    43:15:9f:22:26:c5:10:70:fb:e7:d7:c6:36:ec:7d:
                    10:09:d6:47:2f:f5:50:aa:c9:cd:0d:fe:7e:b1:11:
                    83:c7:b5:0e:5c:c7:be:8f:68:c2:a9:77:3f:48:3b:
                    63:c0:5b:11:00:aa:fb:7e:19:54:7c:65:67:f3:5d:
                    9b:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:92:27:52:2E:F5:75:BD:54:49:D9:3A:0D:CD:1D:96:87:34:40:9F
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/LJInUi71db1USdk6Dc0dloc0QJ8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  93.114.193.0/24
                  94.176.111.0/24
                  185.135.142.0/24
                  185.255.36.0/24
                  188.240.68.0/24
                  188.240.226.0/23

    Signature Algorithm: sha256WithRSAEncryption
         35:58:e8:4b:1e:19:84:2f:ef:2e:a3:e2:1f:e1:2b:f6:5c:54:
         46:70:55:cf:a4:03:7b:13:fe:57:19:8f:93:d4:20:3b:02:3e:
         30:10:6a:4e:02:8f:28:a3:70:3a:fc:e4:01:f8:0f:e9:bd:85:
         d1:8b:fa:39:4d:3d:21:f1:0c:4c:b6:b2:77:01:e4:8c:8c:ee:
         f3:73:1c:66:f1:fc:2e:b8:43:78:e5:8b:14:9c:df:b8:a7:1d:
         12:4c:54:3f:91:cb:01:fa:11:46:2a:37:94:ef:33:76:60:3b:
         80:7f:fb:af:d7:67:33:c2:ea:16:45:67:38:e5:ad:89:27:b1:
         f0:25:4a:90:99:09:e0:eb:e6:4e:1c:b9:55:40:c6:04:e1:bc:
         16:0a:87:a6:9e:cd:26:1e:84:95:af:20:77:a6:25:7b:f5:ed:
         cd:13:55:6d:a2:28:14:ef:83:fa:9d:8c:f9:d2:39:90:25:96:
         ae:57:79:14:67:6c:d5:75:0f:d1:b7:f1:53:f1:ba:fd:7b:fb:
         5d:bd:14:62:c3:8f:bc:c6:ca:36:b4:1b:66:09:21:c4:29:9f:
         ca:c2:f3:83:7e:25:01:85:57:ea:8e:aa:c5:e7:bc:17:66:f7:
         c2:27:f3:24:2c:19:35:44:25:b4:f4:bd:58:aa:1a:b1:3c:91:
         60:3f:79:87
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYampOTAC3DUx9tRbXqfL7UgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMzAzMDg0NDI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzkyMjc1MjJlZjU3NWJkNTQ0OWQ5M2EwZGNkMWQ5Njg3MzQ0MDlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAplIjaC9gIeuQ8jcHl/HP2oYynioZ
+L3ki/WCYyjukRTsu3Vp0wcPi8PJFXvZQU5sxAYdGlP9SMOrjGLfqnATe30tGxo2
G2QvDxxsFuYiNYeq+N9vY9aydBig/MtER8zPjuN29XDsA/nLCKI8O+k2uYy8lb+N
OkCq/ZlX76M18QjK+3SucWfV1NbJumZiTC92ziObXvS0kNilL+ETUTQABpV3kqNz
cLm3N4YwvYTwMKa7QatfLqnXNVq/mJv9QgpY+UpDFZ8iJsUQcPvn18Y27H0QCdZH
L/VQqsnNDf5+sRGDx7UOXMe+j2jCqXc/SDtjwFsRAKr7fhlUfGVn812blQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFCySJ1Iu9XW9VEnZOg3NHZaHNECfMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvTEpJblVpNzFkYjFVU2RrNkRjMGRsb2MwUUo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAXXLBAwQA
XrBvAwQAuYeOAwQAuf8kAwQAvPBEAwQBvPDiMA0GCSqGSIb3DQEBCwUAA4IBAQA1
WOhLHhmEL+8uo+If4Sv2XFRGcFXPpAN7E/5XGY+T1CA7Aj4wEGpOAo8oo3A6/OQB
+A/pvYXRi/o5TT0h8QxMtrJ3AeSMjO7zcxxm8fwuuEN45YsUnN+4px0STFQ/kcsB
+hFGKjeU7zN2YDuAf/uv12czwuoWRWc45a2JJ7HwJUqQmQng6+ZOHLlVQMYE4bwW
Coemns0mHoSVryB3piV79e3NE1VtoigU74P6nYz50jmQJZauV3kUZ2zVdQ/Rt/FT
8br9e/tdvRRiw4+8xso2tBtmCSHEKZ/KwvODfiUBhVfqjqrF57wXZvfCJ/MkLBk1
RCW09L1YqhqxPJFgP3mH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:45 2024 by rpki-client on console-fra.rpki-client.org