Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/QFOP0tF_3lWROVjCUGl8CQS5_KE.roa
File:                     QFOP0tF_3lWROVjCUGl8CQS5_KE.roa (raw, json)
Hash identifier:          H16QR4Gb4DCBoa+4igxivLywvJO6PZS7HVJPMm7/sz8=
Subject key identifier:   40:53:8F:D2:D1:7F:DE:55:91:39:58:C2:50:69:7C:09:04:B9:FC:A1
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       0186AB3EBEE12CFDD6769C66B8C667AA1C18
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/QFOP0tF_3lWROVjCUGl8CQS5_KE.roa
Signing time:             Sat 04 Mar 2023 06:11:01 +0000
ROA not before:           Sat 04 Mar 2023 06:11:01 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61138
IP address blocks:        93.115.255.0/24 maxlen: 24
                          188.212.132.0/24 maxlen: 24
                          188.213.202.0/24 maxlen: 24
                          213.232.93.0/24 maxlen: 24
                          213.232.95.0/24 maxlen: 24
                          188.212.159.0/24 maxlen: 24
                          188.214.209.0/24 maxlen: 24
                          185.255.168.0/24 maxlen: 24
                          188.214.208.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 09 Mar 2023 16:27:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:ab:3e:be:e1:2c:fd:d6:76:9c:66:b8:c6:67:aa:1c:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Mar  4 06:11:01 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=40538fd2d17fde55913958c250697c0904b9fca1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:68:7f:f5:52:6f:c2:c8:00:26:83:de:bb:67:
                    8a:20:d9:37:2a:d1:99:69:3b:a8:d3:44:70:f9:03:
                    d7:17:0b:00:43:d8:51:0a:fd:88:0b:49:df:91:6c:
                    8e:1a:f7:9b:7c:a6:f0:e5:2d:b9:48:27:c3:bd:28:
                    31:02:72:af:aa:7b:1a:be:83:34:06:f3:a0:6f:aa:
                    96:90:85:70:c9:96:4e:de:0e:3e:0b:d6:3a:ff:43:
                    f6:f0:8e:31:8d:a8:1d:cc:f4:10:81:00:5e:be:0a:
                    42:14:c3:64:0d:74:ff:cd:ed:6d:97:73:70:d4:0c:
                    38:a1:6c:6c:d1:a8:d5:14:3f:21:7a:f6:45:c6:70:
                    21:22:11:93:fe:e8:53:76:78:bf:e8:1c:ee:af:23:
                    19:58:0d:db:a3:e1:31:2f:a0:f5:25:ec:b8:4f:40:
                    69:6d:9e:cc:42:4b:c4:34:00:73:c6:88:9d:15:b5:
                    f3:1e:73:52:d4:ee:6c:6d:46:28:94:9d:d5:f0:2c:
                    c3:9a:6b:35:c2:63:31:ce:9e:95:24:8d:e9:25:a7:
                    54:f0:b4:b5:2b:4e:c3:e3:17:79:f4:20:c5:6b:b3:
                    28:dc:89:87:dd:30:22:a0:59:5b:50:31:fd:99:8a:
                    35:6e:5e:23:f5:13:b3:b7:d5:80:f9:17:c6:65:65:
                    02:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:53:8F:D2:D1:7F:DE:55:91:39:58:C2:50:69:7C:09:04:B9:FC:A1
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/QFOP0tF_3lWROVjCUGl8CQS5_KE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  93.115.255.0/24
                  185.255.168.0/24
                  188.212.132.0/24
                  188.212.159.0/24
                  188.213.202.0/24
                  188.214.208.0/23
                  213.232.93.0/24
                  213.232.95.0/24

    Signature Algorithm: sha256WithRSAEncryption
         48:46:24:a4:8b:7c:27:6d:71:e1:b4:cf:39:1b:01:09:1e:d0:
         e7:6a:0e:37:2a:7f:d3:ef:4b:79:8c:c9:8c:f6:5f:d6:24:6c:
         03:57:28:7e:e7:45:bf:80:68:97:aa:8c:ff:3f:e4:d6:58:ad:
         06:4a:0c:00:1e:e4:b1:0d:ad:00:9e:d8:55:70:f0:53:f3:93:
         09:f4:4a:4a:54:24:c2:ce:3b:c9:99:58:1a:84:9b:8f:b9:7f:
         c7:18:43:54:fa:60:84:27:1c:f1:4d:32:00:f7:45:86:52:87:
         18:bc:2e:61:01:b7:08:3b:fa:13:24:6f:78:ae:94:de:1c:0b:
         98:0c:8f:8c:21:3b:aa:b9:69:d5:85:55:28:f8:89:14:eb:84:
         8e:85:94:3d:0b:1c:aa:02:9b:33:a0:18:ec:ef:be:cd:9e:05:
         33:cb:2c:73:45:86:cf:26:97:aa:b0:0e:bc:56:2a:cf:7a:ff:
         34:c8:5a:46:22:bb:76:e7:96:26:59:c5:00:54:8d:83:2a:a9:
         c3:42:91:ad:c8:d3:66:73:e2:b5:6c:35:7a:94:57:87:f5:1c:
         bb:da:d6:96:05:d4:e1:77:41:5b:9a:d1:0c:36:50:54:b6:09:
         ae:3c:21:e7:6a:ac:ba:eb:cd:d6:75:95:26:67:3a:f9:49:8e:
         28:37:3d:c9
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYarPr7hLP3WdpxmuMZnqhwYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMzA0MDYxMTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDUzOGZkMmQxN2ZkZTU1OTEzOTU4YzI1MDY5N2MwOTA0YjlmY2ExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzWh/9VJvwsgAJoPeu2eKINk3KtGZ
aTuo00Rw+QPXFwsAQ9hRCv2IC0nfkWyOGvebfKbw5S25SCfDvSgxAnKvqnsavoM0
BvOgb6qWkIVwyZZO3g4+C9Y6/0P28I4xjagdzPQQgQBevgpCFMNkDXT/ze1tl3Nw
1Aw4oWxs0ajVFD8hevZFxnAhIhGT/uhTdni/6BzuryMZWA3bo+ExL6D1Jey4T0Bp
bZ7MQkvENABzxoidFbXzHnNS1O5sbUYolJ3V8CzDmms1wmMxzp6VJI3pJadU8LS1
K07D4xd59CDFa7Mo3ImH3TAioFlbUDH9mYo1bl4j9ROzt9WA+RfGZWUCWwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFEBTj9LRf95VkTlYwlBpfAkEufyhMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvUUZPUDB0Rl8zbFdST1ZqQ1VHbDhDUVM1X0tFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAXXP/AwQA
uf+oAwQAvNSEAwQAvNSfAwQAvNXKAwQBvNbQAwQA1ehdAwQA1ehfMA0GCSqGSIb3
DQEBCwUAA4IBAQBIRiSki3wnbXHhtM85GwEJHtDnag43Kn/T70t5jMmM9l/WJGwD
Vyh+50W/gGiXqoz/P+TWWK0GSgwAHuSxDa0AnthVcPBT85MJ9EpKVCTCzjvJmVga
hJuPuX/HGENU+mCEJxzxTTIA90WGUocYvC5hAbcIO/oTJG94rpTeHAuYDI+MITuq
uWnVhVUo+IkU64SOhZQ9CxyqApszoBjs777NngUzyyxzRYbPJpeqsA68VirPev80
yFpGIrt255YmWcUAVI2DKqnDQpGtyNNmc+K1bDV6lFeH9Ry72taWBdThd0FbmtEM
NlBUtgmuPCHnaqy6683WdZUmZzr5SY4oNz3J
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:10 2024 by rpki-client on console-ams.rpki-client.org