Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/SDmMXbEkKur99TmCL9SwGWHlkRI.roa
File:                     SDmMXbEkKur99TmCL9SwGWHlkRI.roa (raw, json)
Hash identifier:          gXKM4AbzD0nI9/4JA7c9wp88yXs5pyToB2neLPDUz4M=
Subject key identifier:   48:39:8C:5D:B1:24:2A:EA:FD:F5:39:82:2F:D4:B0:19:61:E5:91:12
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       0187559536E73D8B025B87C8BADFC414E60C
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/SDmMXbEkKur99TmCL9SwGWHlkRI.roa
Signing time:             Thu 06 Apr 2023 08:00:54 +0000
ROA not before:           Thu 06 Apr 2023 08:00:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     3320
IP address blocks:        193.23.129.0/24 maxlen: 24
                          193.23.128.0/24 maxlen: 24
                          188.240.225.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 09 Apr 2023 07:22:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:55:95:36:e7:3d:8b:02:5b:87:c8:ba:df:c4:14:e6:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Apr  6 08:00:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=48398c5db1242aeafdf539822fd4b01961e59112
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:46:b0:d7:83:2b:cb:8c:94:7c:e3:f0:85:cb:
                    9e:fa:43:e4:b3:0e:6f:44:69:d1:b8:5d:ea:a0:a2:
                    20:b5:41:eb:d3:bd:0f:b0:46:52:67:65:ad:75:1c:
                    e4:f7:01:66:8a:46:7b:84:41:68:c3:db:e2:d7:f3:
                    07:01:40:af:50:17:68:89:72:26:a5:83:e0:22:ee:
                    6f:bf:13:35:77:cf:19:9c:b4:34:5a:ce:f2:4d:b0:
                    69:9a:11:1a:be:d2:53:65:9d:48:cf:66:cc:ce:08:
                    d8:ae:e2:73:56:c9:58:1b:78:0c:eb:84:c7:6f:31:
                    3c:3e:17:7b:05:4b:d9:33:1a:a0:c7:fa:0d:7c:b2:
                    9e:9c:f2:5f:f2:fd:89:8e:a9:3a:f9:ee:d5:27:bd:
                    53:1a:c6:d2:a0:08:b6:7e:94:45:71:d9:59:1a:b6:
                    0e:25:89:27:cf:9e:be:63:43:26:f3:dc:bb:35:10:
                    cb:d5:0c:60:b2:9c:0e:e0:68:3f:6e:8e:5e:b1:e8:
                    0d:50:9f:bb:06:61:a2:e2:6b:ce:c8:b8:10:19:57:
                    de:eb:10:c3:fb:76:2f:df:32:94:27:b1:65:13:47:
                    40:20:b1:4e:48:a5:38:c5:78:34:e6:10:c2:b5:e3:
                    93:0e:c5:ca:99:da:50:c9:8c:69:c2:41:f7:ce:7d:
                    76:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:39:8C:5D:B1:24:2A:EA:FD:F5:39:82:2F:D4:B0:19:61:E5:91:12
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/SDmMXbEkKur99TmCL9SwGWHlkRI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.240.225.0/24
                  193.23.128.0/23

    Signature Algorithm: sha256WithRSAEncryption
         2e:2b:bb:4f:65:a2:16:a8:39:df:41:a8:22:1c:8c:8b:54:f9:
         e3:c0:50:fb:be:07:e4:4d:10:cb:5b:69:78:30:3c:ca:89:a6:
         a3:3f:d5:52:78:c1:76:3b:1d:47:94:02:ad:c1:ce:c7:e4:ff:
         ba:2f:62:04:ce:4b:4c:1b:2c:01:50:3d:24:0d:36:18:92:c6:
         43:46:99:0f:fe:18:9b:17:1b:2b:89:35:d7:ac:52:4a:58:48:
         af:9b:bb:92:2b:55:05:18:c8:c2:2a:17:a6:4b:6c:a6:1e:3a:
         61:e0:25:50:b4:1c:50:89:9e:b0:0a:3d:ca:8b:4e:bc:11:d1:
         62:00:34:6f:30:15:0d:75:00:4c:18:5d:ba:9a:cc:f6:fa:97:
         09:63:3f:52:7f:a6:c1:e2:40:7b:0b:fd:d5:41:87:6d:c7:70:
         3f:e1:29:88:d7:e8:5b:b5:0f:9e:92:25:60:48:9c:38:c6:f6:
         08:e7:31:b8:a9:1c:b4:71:ed:de:c1:8c:bd:47:ae:20:75:d8:
         b6:6f:1b:da:6d:24:f3:93:ea:e2:c2:3c:ab:6d:f1:d8:28:e6:
         6f:34:d7:2f:27:5a:74:c2:ee:fa:39:2b:21:33:dd:8e:f3:09:
         ab:58:c9:e8:0f:e1:31:f8:b7:8e:a3:78:2e:45:7b:ee:c2:ab:
         b1:2d:c6:69
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYdVlTbnPYsCW4fIut/EFOYMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNDA2MDgwMDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODM5OGM1ZGIxMjQyYWVhZmRmNTM5ODIyZmQ0YjAxOTYxZTU5MTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArEaw14Mry4yUfOPwhcue+kPksw5v
RGnRuF3qoKIgtUHr070PsEZSZ2WtdRzk9wFmikZ7hEFow9vi1/MHAUCvUBdoiXIm
pYPgIu5vvxM1d88ZnLQ0Ws7yTbBpmhEavtJTZZ1Iz2bMzgjYruJzVslYG3gM64TH
bzE8Phd7BUvZMxqgx/oNfLKenPJf8v2Jjqk6+e7VJ71TGsbSoAi2fpRFcdlZGrYO
JYknz56+Y0Mm89y7NRDL1QxgspwO4Gg/bo5esegNUJ+7BmGi4mvOyLgQGVfe6xDD
+3Yv3zKUJ7FlE0dAILFOSKU4xXg05hDCteOTDsXKmdpQyYxpwkH3zn12yQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEg5jF2xJCrq/fU5gi/UsBlh5ZESMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvU0RtTVhiRWtLdXI5OVRtQ0w5U3dHV0hsa1JJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAvPDhAwQB
wReAMA0GCSqGSIb3DQEBCwUAA4IBAQAuK7tPZaIWqDnfQagiHIyLVPnjwFD7vgfk
TRDLW2l4MDzKiaajP9VSeMF2Ox1HlAKtwc7H5P+6L2IEzktMGywBUD0kDTYYksZD
RpkP/hibFxsriTXXrFJKWEivm7uSK1UFGMjCKhemS2ymHjph4CVQtBxQiZ6wCj3K
i068EdFiADRvMBUNdQBMGF26msz2+pcJYz9Sf6bB4kB7C/3VQYdtx3A/4SmI1+hb
tQ+ekiVgSJw4xvYI5zG4qRy0ce3ewYy9R64gddi2bxvabSTzk+riwjyrbfHYKOZv
NNcvJ1p0wu76OSshM92O8wmrWMnoD+Ex+LeOo3guRXvuwquxLcZp
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:11 2024 by rpki-client on console-ams.rpki-client.org