Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/U01tlYE4OsuGXBsIZFTLpM6DwFI.roa
File:                     U01tlYE4OsuGXBsIZFTLpM6DwFI.roa (raw, json)
Hash identifier:          8ajHcvqiHv5M0z88rqh7bldoWPF4hOjDSGr36wuA5VY=
Subject key identifier:   53:4D:6D:95:81:38:3A:CB:86:5C:1B:08:64:54:CB:A4:CE:83:C0:52
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       018CAF6C483787DB6C4C316FBBB19CFD439E
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/U01tlYE4OsuGXBsIZFTLpM6DwFI.roa
Signing time:             Thu 28 Dec 2023 07:55:58 +0000
ROA not before:           Thu 28 Dec 2023 07:55:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     47392
IP address blocks:        93.115.255.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:30:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:af:6c:48:37:87:db:6c:4c:31:6f:bb:b1:9c:fd:43:9e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Dec 28 07:55:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=534d6d9581383acb865c1b086454cba4ce83c052
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:52:e2:5c:b7:06:f2:67:c2:9f:24:b5:8a:7c:
                    c7:60:3f:03:e4:fd:05:a7:b1:d3:b8:99:dc:89:cf:
                    bd:d0:4e:ce:c1:23:18:74:7e:8f:b2:97:c4:33:b3:
                    a7:78:03:7e:e1:41:a9:ca:81:df:6e:b8:59:b4:47:
                    f6:25:9f:ed:e8:c1:0d:b2:36:23:ea:34:87:86:c7:
                    c6:24:2a:c1:b1:e3:0e:dd:9b:07:7b:d4:4e:50:21:
                    79:16:3e:56:9a:f3:82:da:96:00:86:2a:96:5c:0b:
                    16:e4:88:b1:10:b1:98:76:0d:79:d0:ce:2e:70:20:
                    fe:0a:05:65:3b:9a:35:38:4f:70:d2:e2:0b:21:fd:
                    e7:07:5a:4f:9b:9d:cf:8a:0d:58:0e:ac:12:50:5e:
                    93:9f:ae:ff:dc:9b:bc:30:36:02:9f:d8:7a:46:bf:
                    f0:4c:5e:23:44:e5:94:7c:d5:a1:60:3e:47:92:f8:
                    93:d2:0a:72:6f:4a:ff:e1:48:fd:1e:84:e2:81:4c:
                    51:b0:2b:cf:06:b5:e2:cb:31:1f:38:14:97:7e:36:
                    83:9c:f2:62:8a:0e:b1:3d:fe:55:d7:3f:80:ad:fd:
                    46:b8:7e:99:34:f8:8d:44:54:60:d5:2c:f1:a1:34:
                    df:48:ef:13:73:75:e2:80:1a:24:68:d0:aa:72:5d:
                    0d:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:4D:6D:95:81:38:3A:CB:86:5C:1B:08:64:54:CB:A4:CE:83:C0:52
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/U01tlYE4OsuGXBsIZFTLpM6DwFI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  93.115.255.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8e:e6:7d:5a:3b:a3:01:7c:84:1b:24:41:c6:9e:76:8a:2a:68:
         aa:cd:2c:40:23:42:73:84:ed:4b:e0:02:e9:4a:ea:ee:e1:70:
         66:0f:6f:2b:b3:88:d8:90:53:23:da:a4:a7:89:dc:71:75:15:
         55:60:f8:c6:f2:82:4f:1c:b0:3f:5b:81:88:e1:4e:86:cd:c3:
         02:38:99:e6:92:98:59:4f:45:c0:0c:4e:75:8b:25:b8:d7:22:
         33:af:e0:98:83:29:88:10:49:23:01:fd:52:f1:ed:d3:67:38:
         10:9a:67:8d:e4:42:ee:c8:66:91:3a:64:6b:9d:d9:1a:3c:30:
         64:e1:b2:17:99:50:65:22:39:5d:64:be:fa:5b:5b:bc:47:43:
         9b:6d:75:6c:6a:71:46:b3:ff:87:b5:64:d1:18:40:5e:29:a5:
         46:fd:9a:eb:96:4b:5e:8d:21:9b:10:ab:33:84:bd:22:bc:37:
         b6:c5:a1:25:a6:6f:a1:92:df:e2:54:5c:68:40:a0:ab:e5:ba:
         87:db:ee:26:3d:dc:c0:1d:27:f1:d1:8c:9b:82:38:29:74:3d:
         6c:2f:48:73:bc:b4:a2:94:1c:31:b5:13:0f:b0:ac:10:8a:bf:
         3d:65:a8:5d:b4:fe:f6:9e:55:bf:39:9a:28:d6:a8:da:eb:08:
         a1:79:38:e2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYyvbEg3h9tsTDFvu7Gc/UOeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMxMjI4MDc1NTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzRkNmQ5NTgxMzgzYWNiODY1YzFiMDg2NDU0Y2JhNGNlODNjMDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgVLiXLcG8mfCnyS1inzHYD8D5P0F
p7HTuJncic+90E7OwSMYdH6PspfEM7OneAN+4UGpyoHfbrhZtEf2JZ/t6MENsjYj
6jSHhsfGJCrBseMO3ZsHe9ROUCF5Fj5WmvOC2pYAhiqWXAsW5IixELGYdg150M4u
cCD+CgVlO5o1OE9w0uILIf3nB1pPm53Pig1YDqwSUF6Tn67/3Ju8MDYCn9h6Rr/w
TF4jROWUfNWhYD5HkviT0gpyb0r/4Uj9HoTigUxRsCvPBrXiyzEfOBSXfjaDnPJi
ig6xPf5V1z+Arf1GuH6ZNPiNRFRg1SzxoTTfSO8Tc3XigBokaNCqcl0NlQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFNNbZWBODrLhlwbCGRUy6TOg8BSMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvVTAxdGxZRTRPc3VHWEJzSVpGVExwTTZEd0ZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXXP/MA0G
CSqGSIb3DQEBCwUAA4IBAQCO5n1aO6MBfIQbJEHGnnaKKmiqzSxAI0JzhO1L4ALp
Suru4XBmD28rs4jYkFMj2qSnidxxdRVVYPjG8oJPHLA/W4GI4U6GzcMCOJnmkphZ
T0XADE51iyW41yIzr+CYgymIEEkjAf1S8e3TZzgQmmeN5ELuyGaROmRrndkaPDBk
4bIXmVBlIjldZL76W1u8R0ObbXVsanFGs/+HtWTRGEBeKaVG/ZrrlktejSGbEKsz
hL0ivDe2xaElpm+hkt/iVFxoQKCr5bqH2+4mPdzAHSfx0YybgjgpdD1sL0hzvLSi
lBwxtRMPsKwQir89ZahdtP72nlW/OZoo1qja6wiheTji
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:46 2024 by rpki-client on console-fra.rpki-client.org