Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/RIkSp0uKnu6-kEyO0kBJFW82xek.roa
File:                     RIkSp0uKnu6-kEyO0kBJFW82xek.roa (raw, json)
Hash identifier:          4QqikIHMhEbuwD+TmRNcN7YcZwUy92JeK+pDOlhstyw=
Subject key identifier:   44:89:12:A7:4B:8A:9E:EE:BE:90:4C:8E:D2:40:49:15:6F:36:C5:E9
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       018CC5011BAA6AA105A407F0C7A2B4C84DD4
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/RIkSp0uKnu6-kEyO0kBJFW82xek.roa
Signing time:             Mon 01 Jan 2024 12:30:33 +0000
ROA not before:           Mon 01 Jan 2024 12:30:33 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     136359
IP address blocks:        103.212.81.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 17 Jan 2024 13:05:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:01:1b:aa:6a:a1:05:a4:07:f0:c7:a2:b4:c8:4d:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Jan  1 12:30:33 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=448912a74b8a9eeebe904c8ed24049156f36c5e9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:2e:d8:30:b8:78:78:9a:f4:e4:c7:21:b7:1d:
                    14:00:2c:49:0f:c7:88:13:99:25:98:99:1a:43:e8:
                    18:39:af:a9:cc:a0:4d:45:9c:71:ae:d3:8f:46:0e:
                    d2:78:73:9e:98:96:f6:40:e5:e8:c4:93:b3:b3:7c:
                    95:09:29:bd:30:73:9a:71:c4:d0:21:4f:1b:78:12:
                    d2:bf:00:98:ce:fb:4c:ae:5a:3d:60:6e:97:78:e7:
                    5e:cb:36:ff:c5:fe:67:6b:94:10:13:fc:96:a4:7b:
                    d3:dd:2d:ae:26:4e:80:a2:8d:c9:58:49:7d:e8:9f:
                    f4:6e:df:c2:e0:ed:f6:26:3d:c0:11:c5:ae:30:73:
                    37:cc:23:7c:dc:0d:d3:97:40:62:c3:5a:3b:2d:10:
                    74:af:13:df:42:63:14:1a:a4:c8:8b:b1:37:18:71:
                    07:f9:51:ae:b4:54:83:89:ae:9d:38:6f:b5:b9:7c:
                    8f:a0:1a:29:d3:9d:38:c8:2d:32:a7:a6:67:22:63:
                    83:fb:b9:a3:d6:e8:a9:92:53:25:0f:37:31:d3:f2:
                    9e:67:83:39:69:eb:a4:80:11:3a:2a:83:c3:da:f3:
                    24:f1:d2:22:40:2d:99:0d:2c:c2:45:b4:bb:aa:af:
                    f6:98:2a:70:69:10:88:8d:82:f7:7e:f0:0a:44:5e:
                    60:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:89:12:A7:4B:8A:9E:EE:BE:90:4C:8E:D2:40:49:15:6F:36:C5:E9
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/RIkSp0uKnu6-kEyO0kBJFW82xek.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.212.81.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3c:53:e9:61:ce:87:5a:dc:c4:43:68:f9:08:fd:c3:0c:6d:ad:
         49:41:1c:f6:1f:00:c3:7a:df:27:bf:89:11:28:75:14:a2:92:
         38:81:b9:a6:2e:fa:14:8b:73:37:df:1e:23:b9:f3:2c:c4:5e:
         e6:65:c0:0a:01:e0:06:91:b7:f2:a6:0a:d9:ec:07:88:df:f3:
         23:15:59:2b:19:11:e7:b1:db:f3:95:99:2a:a9:d4:4f:a9:21:
         bf:ec:cf:d8:d4:75:7e:90:69:bd:9f:73:b5:64:db:f8:74:1b:
         2f:aa:49:3d:a4:bc:e7:66:19:4a:f2:98:fc:56:56:7d:1c:85:
         b0:47:05:0b:25:93:c0:65:bc:b4:69:c0:8e:b8:dc:14:38:a6:
         12:43:5f:a0:22:ff:f0:84:f1:24:b8:92:e2:fd:d6:83:4c:66:
         43:c1:c6:4e:db:71:c8:8a:82:79:6f:7f:06:87:7a:e5:8a:ab:
         32:95:cc:9b:7c:63:f0:95:5c:7d:ee:4c:56:b0:34:dd:c9:51:
         73:89:92:35:94:10:23:e7:78:8a:82:93:fd:bc:8f:6d:8a:dc:
         4e:d8:1e:9d:0b:f5:21:d9:36:e3:9d:4d:f8:88:1f:de:2b:64:
         18:fd:87:aa:bb:7c:1f:27:2e:7e:9e:8d:c4:a3:28:94:a6:82:
         68:fc:a8:b5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFARuqaqEFpAfwx6K0yE3UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwMTAxMTIzMDMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDg5MTJhNzRiOGE5ZWVlYmU5MDRjOGVkMjQwNDkxNTZmMzZjNWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkC7YMLh4eJr05Mchtx0UACxJD8eI
E5klmJkaQ+gYOa+pzKBNRZxxrtOPRg7SeHOemJb2QOXoxJOzs3yVCSm9MHOaccTQ
IU8beBLSvwCYzvtMrlo9YG6XeOdeyzb/xf5na5QQE/yWpHvT3S2uJk6Aoo3JWEl9
6J/0bt/C4O32Jj3AEcWuMHM3zCN83A3Tl0Biw1o7LRB0rxPfQmMUGqTIi7E3GHEH
+VGutFSDia6dOG+1uXyPoBop0504yC0yp6ZnImOD+7mj1uipklMlDzcx0/KeZ4M5
aeukgBE6KoPD2vMk8dIiQC2ZDSzCRbS7qq/2mCpwaRCIjYL3fvAKRF5gNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFESJEqdLip7uvpBMjtJASRVvNsXpMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvUklrU3AwdUtudTYta0V5TzBrQkpGVzgyeGVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ9RRMA0G
CSqGSIb3DQEBCwUAA4IBAQA8U+lhzoda3MRDaPkI/cMMba1JQRz2HwDDet8nv4kR
KHUUopI4gbmmLvoUi3M33x4jufMsxF7mZcAKAeAGkbfypgrZ7AeI3/MjFVkrGRHn
sdvzlZkqqdRPqSG/7M/Y1HV+kGm9n3O1ZNv4dBsvqkk9pLznZhlK8pj8VlZ9HIWw
RwULJZPAZby0acCOuNwUOKYSQ1+gIv/whPEkuJLi/daDTGZDwcZO23HIioJ5b38G
h3rliqsylcybfGPwlVx97kxWsDTdyVFziZI1lBAj53iKgpP9vI9titxO2B6dC/Uh
2TbjnU34iB/eK2QY/Yequ3wfJy5+no3EoyiUpoJo/Ki1
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:10 2024 by rpki-client on console-ams.rpki-client.org