Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/T3EHSc0su8zNuPt9tHoO85WFcCs.roa
File:                     T3EHSc0su8zNuPt9tHoO85WFcCs.roa (raw, json)
Hash identifier:          0oY3q3COHrHb9r4fWJvFNVsr9qlKOdF62sUy/jJugjw=
Subject key identifier:   4F:71:07:49:CD:2C:BB:CC:CD:B8:FB:7D:B4:7A:0E:F3:95:85:70:2B
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       0186FE5BFF554DEDFF8E1304448A1354A68F
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/T3EHSc0su8zNuPt9tHoO85WFcCs.roa
Signing time:             Mon 20 Mar 2023 09:31:27 +0000
ROA not before:           Mon 20 Mar 2023 09:31:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43260
IP address blocks:        93.114.246.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 27 Mar 2023 07:11:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:fe:5b:ff:55:4d:ed:ff:8e:13:04:44:8a:13:54:a6:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Mar 20 09:31:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4f710749cd2cbbcccdb8fb7db47a0ef39585702b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:fe:c9:67:6d:0a:63:a9:a2:13:4b:e6:10:dc:
                    ea:3b:65:a2:d3:ff:12:7e:0e:12:7a:05:03:62:a4:
                    1a:a9:fd:fa:cc:14:ae:90:c7:82:fb:ff:65:63:54:
                    62:89:f9:1d:93:1c:b2:e0:ce:af:7e:5c:9a:3f:23:
                    b1:ca:03:c1:68:28:51:bf:e6:40:75:86:bf:a7:46:
                    49:48:36:10:69:17:f5:51:8d:88:c3:3f:93:89:0e:
                    35:13:44:58:13:6d:b9:eb:29:61:05:d8:c4:77:c3:
                    c9:67:f7:37:28:a6:6f:48:cf:46:63:4e:74:c0:75:
                    c2:0c:ba:c8:27:ff:9c:0b:43:42:6c:39:42:83:f4:
                    fe:ab:38:f3:b5:16:25:58:4b:29:39:b4:06:9b:7e:
                    be:eb:fc:92:1d:fe:b5:3e:06:4b:69:66:32:27:60:
                    ef:9d:6a:f4:76:5f:e4:d6:ff:3a:be:41:f4:f8:69:
                    83:95:f0:cd:c1:b4:3d:06:60:14:a7:df:3f:6a:89:
                    a6:de:6e:f0:95:92:d7:f6:84:ab:e0:69:88:53:e5:
                    f2:5a:f6:92:82:c3:5b:02:b5:f8:91:62:50:65:5d:
                    6b:83:a7:a0:e0:40:ec:73:5b:26:cf:b8:7b:19:00:
                    68:0c:f1:bf:18:5f:24:80:77:24:ae:be:f5:9a:b8:
                    42:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:71:07:49:CD:2C:BB:CC:CD:B8:FB:7D:B4:7A:0E:F3:95:85:70:2B
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/T3EHSc0su8zNuPt9tHoO85WFcCs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  93.114.246.0/24

    Signature Algorithm: sha256WithRSAEncryption
         48:20:f9:e3:be:b6:fe:e4:4e:8e:5a:f7:06:e2:bd:65:7c:2b:
         86:58:cd:1a:8b:fe:47:8f:2c:e3:f8:8b:af:ed:20:81:34:98:
         6c:df:0a:01:2e:c8:5d:e6:24:92:90:05:a1:ae:15:bc:70:ad:
         06:81:7b:32:7d:3d:93:26:f5:88:3b:b2:3f:b0:eb:7b:90:47:
         6d:07:0c:48:af:97:51:3b:85:3e:fd:9b:92:82:0e:e1:4c:4e:
         4f:bb:80:59:be:d1:68:c0:05:cf:16:cb:50:65:42:68:1e:6a:
         22:eb:ef:0d:3b:96:85:bd:42:7f:29:20:c9:0b:c1:a8:bf:b6:
         83:9e:26:5b:12:1e:35:ab:42:86:96:d5:07:09:4a:ef:aa:3b:
         cf:31:11:09:b7:94:5e:74:c7:58:f8:3d:17:ae:40:e4:93:a0:
         17:09:39:e8:f2:62:50:40:a7:26:73:0a:26:20:6d:52:dc:ca:
         09:df:62:fc:bc:2f:98:5e:68:6c:48:53:9c:68:b9:ee:b0:17:
         46:2a:78:60:13:57:9a:b1:c7:56:e4:97:e4:7d:4f:15:dd:3b:
         56:c5:21:c6:35:02:3e:16:ef:dd:71:27:4f:a6:ff:21:ad:f6:
         c6:a1:e1:df:9f:6a:fc:4e:db:3e:62:e4:a7:b2:8f:e2:91:2b:
         2a:50:5f:f1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYb+W/9VTe3/jhMERIoTVKaPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMzIwMDkzMTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjcxMDc0OWNkMmNiYmNjY2RiOGZiN2RiNDdhMGVmMzk1ODU3MDJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtP7JZ20KY6miE0vmENzqO2Wi0/8S
fg4SegUDYqQaqf36zBSukMeC+/9lY1Riifkdkxyy4M6vflyaPyOxygPBaChRv+ZA
dYa/p0ZJSDYQaRf1UY2Iwz+TiQ41E0RYE2256ylhBdjEd8PJZ/c3KKZvSM9GY050
wHXCDLrIJ/+cC0NCbDlCg/T+qzjztRYlWEspObQGm36+6/ySHf61PgZLaWYyJ2Dv
nWr0dl/k1v86vkH0+GmDlfDNwbQ9BmAUp98/aomm3m7wlZLX9oSr4GmIU+XyWvaS
gsNbArX4kWJQZV1rg6eg4EDsc1smz7h7GQBoDPG/GF8kgHckrr71mrhCaQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE9xB0nNLLvMzbj7fbR6DvOVhXArMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvVDNFSFNjMHN1OHpOdVB0OXRIb084NVdGY0NzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXXL2MA0G
CSqGSIb3DQEBCwUAA4IBAQBIIPnjvrb+5E6OWvcG4r1lfCuGWM0ai/5Hjyzj+Iuv
7SCBNJhs3woBLshd5iSSkAWhrhW8cK0GgXsyfT2TJvWIO7I/sOt7kEdtBwxIr5dR
O4U+/ZuSgg7hTE5Pu4BZvtFowAXPFstQZUJoHmoi6+8NO5aFvUJ/KSDJC8Gov7aD
niZbEh41q0KGltUHCUrvqjvPMREJt5RedMdY+D0XrkDkk6AXCTno8mJQQKcmcwom
IG1S3MoJ32L8vC+YXmhsSFOcaLnusBdGKnhgE1eascdW5JfkfU8V3TtWxSHGNQI+
Fu/dcSdPpv8hrfbGoeHfn2r8Tts+YuSnso/ikSsqUF/x
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:46 2024 by rpki-client on console-fra.rpki-client.org