Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/QPfSLSwfor0k9GcN1uY362f78Oc.roa
File:                     QPfSLSwfor0k9GcN1uY362f78Oc.roa (raw, json)
Hash identifier:          CQ2WcZzx6GH19c6X3YzQUJZ3A1MzvB39yTV8nfgcU5w=
Subject key identifier:   40:F7:D2:2D:2C:1F:A2:BD:24:F4:67:0D:D6:E6:37:EB:67:FB:F0:E7
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       018920F89E4D6569AC4CF8FDE18F7E8F786D
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/QPfSLSwfor0k9GcN1uY362f78Oc.roa
Signing time:             Tue 04 Jul 2023 12:55:11 +0000
ROA not before:           Tue 04 Jul 2023 12:55:11 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207459
IP address blocks:        188.240.68.0/24 maxlen: 24
                          188.212.132.0/24 maxlen: 24
                          188.212.159.0/24 maxlen: 24
                          93.115.109.0/24 maxlen: 24
                          188.241.110.0/24 maxlen: 24
                          188.241.214.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 26 Aug 2023 11:10:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:20:f8:9e:4d:65:69:ac:4c:f8:fd:e1:8f:7e:8f:78:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Jul  4 12:55:11 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=40f7d22d2c1fa2bd24f4670dd6e637eb67fbf0e7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:71:25:23:54:04:d7:99:02:b1:39:cb:35:47:
                    8d:60:35:0e:40:df:a1:3b:42:fd:df:67:c4:a1:ed:
                    81:0c:8e:6c:7c:d2:bd:82:ce:06:d9:18:6b:4a:02:
                    bc:1f:b5:ab:3d:fd:10:3f:c3:46:4d:39:cf:2f:4c:
                    2a:e5:b5:ae:a8:49:32:c9:88:ca:1f:50:60:48:00:
                    7e:44:2d:be:12:57:8f:38:5b:46:fd:8e:6a:81:5c:
                    15:ea:aa:67:9f:49:21:88:65:08:26:fd:10:80:68:
                    2b:3d:2e:14:06:ab:2e:84:16:41:18:63:51:4f:83:
                    e7:78:2a:00:eb:a5:c5:8f:54:dd:75:ae:b1:d5:c4:
                    e2:f2:c5:72:c5:66:5f:30:b5:8b:63:2d:22:11:7c:
                    7d:ff:d6:01:25:b3:75:d2:c0:16:33:42:ba:a6:db:
                    91:fe:03:da:b7:5c:38:96:12:b2:18:5c:3a:b8:39:
                    fc:0a:d2:01:d4:bf:31:8b:f3:a7:d2:35:ba:ed:dd:
                    ed:94:71:a5:09:98:ea:c5:e5:b1:f7:71:b9:de:33:
                    d9:dd:d4:61:3b:46:14:60:7e:51:ff:5c:ec:7b:7a:
                    17:c0:f7:13:9c:0b:92:8f:77:87:65:9d:e3:68:1c:
                    94:0d:0b:7d:18:ae:4f:87:3a:de:c3:98:c8:0f:9c:
                    83:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:F7:D2:2D:2C:1F:A2:BD:24:F4:67:0D:D6:E6:37:EB:67:FB:F0:E7
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/QPfSLSwfor0k9GcN1uY362f78Oc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  93.115.109.0/24
                  188.212.132.0/24
                  188.212.159.0/24
                  188.240.68.0/24
                  188.241.110.0/24
                  188.241.214.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7e:1d:6a:46:18:1f:39:c5:5e:e5:a6:90:b2:f1:b4:4a:3a:2c:
         85:b8:de:7c:12:cc:6c:b1:01:cf:4d:5c:f4:fc:b0:26:ff:69:
         1e:31:d8:e0:f8:a4:ac:14:0e:f9:02:f4:13:19:65:06:e9:a8:
         a7:1f:d8:8e:65:95:5a:99:a0:21:f3:92:1b:80:4d:0f:29:63:
         1a:81:f2:0e:7e:75:63:75:34:91:49:be:18:79:a2:2f:53:6b:
         46:8a:ba:25:49:42:85:bf:70:e1:b0:d6:04:ef:dd:3a:58:50:
         1d:4c:fd:7b:c0:27:b1:ef:cb:c0:15:17:db:e0:b3:94:07:85:
         35:50:bb:6d:91:c5:96:21:26:71:be:d8:e7:32:84:6c:45:14:
         5d:48:86:a6:33:1c:b3:f7:c6:b5:69:13:37:75:03:21:b8:b9:
         1a:da:87:cb:3d:b2:8c:7b:fd:6d:82:4a:ba:69:15:fb:af:f0:
         ff:a0:a4:8d:c4:a0:c0:07:34:81:10:7e:3f:ca:76:9d:0a:4f:
         f6:79:fa:d0:12:71:7d:7a:2d:a9:78:06:6c:f3:b0:ac:e7:50:
         80:e8:9d:78:bc:6a:1e:91:4c:db:61:53:a1:92:b6:06:df:f1:
         a9:3c:e2:a7:7c:41:91:d2:35:37:68:01:5d:6d:72:29:c2:d3:
         47:7e:a2:15
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYkg+J5NZWmsTPj94Y9+j3htMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNzA0MTI1NTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGY3ZDIyZDJjMWZhMmJkMjRmNDY3MGRkNmU2MzdlYjY3ZmJmMGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt3ElI1QE15kCsTnLNUeNYDUOQN+h
O0L932fEoe2BDI5sfNK9gs4G2RhrSgK8H7WrPf0QP8NGTTnPL0wq5bWuqEkyyYjK
H1BgSAB+RC2+ElePOFtG/Y5qgVwV6qpnn0khiGUIJv0QgGgrPS4UBqsuhBZBGGNR
T4PneCoA66XFj1Tdda6x1cTi8sVyxWZfMLWLYy0iEXx9/9YBJbN10sAWM0K6ptuR
/gPat1w4lhKyGFw6uDn8CtIB1L8xi/On0jW67d3tlHGlCZjqxeWx93G53jPZ3dRh
O0YUYH5R/1zse3oXwPcTnAuSj3eHZZ3jaByUDQt9GK5Phzrew5jID5yDOwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFED30i0sH6K9JPRnDdbmN+tn+/DnMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvUVBmU0xTd2ZvcjBrOUdjTjF1WTM2MmY3OE9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAXXNtAwQA
vNSEAwQAvNSfAwQAvPBEAwQAvPFuAwQAvPHWMA0GCSqGSIb3DQEBCwUAA4IBAQB+
HWpGGB85xV7lppCy8bRKOiyFuN58EsxssQHPTVz0/LAm/2keMdjg+KSsFA75AvQT
GWUG6ainH9iOZZVamaAh85IbgE0PKWMagfIOfnVjdTSRSb4YeaIvU2tGirolSUKF
v3DhsNYE7906WFAdTP17wCex78vAFRfb4LOUB4U1ULttkcWWISZxvtjnMoRsRRRd
SIamMxyz98a1aRM3dQMhuLka2ofLPbKMe/1tgkq6aRX7r/D/oKSNxKDABzSBEH4/
ynadCk/2efrQEnF9ei2peAZs87Cs51CA6J14vGoekUzbYVOhkrYG3/GpPOKnfEGR
0jU3aAFdbXIpwtNHfqIV
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:10 2024 by rpki-client on console-ams.rpki-client.org