Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/bQziYiJqbZBUu4lp2h3aAfbGz4A.roa
File:                     bQziYiJqbZBUu4lp2h3aAfbGz4A.roa (raw, json)
Hash identifier:          1LB8/wncPFBKfBjEIffn59tYjNqnaH3tb/QHVd2JMv0=
Subject key identifier:   6D:0C:E2:62:22:6A:6D:90:54:BB:89:69:DA:1D:DA:01:F6:C6:CF:80
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       01888F0D07C2FC019B22B060E0B08EFEA482
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/bQziYiJqbZBUu4lp2h3aAfbGz4A.roa
Signing time:             Tue 06 Jun 2023 04:52:55 +0000
ROA not before:           Tue 06 Jun 2023 04:52:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     12912
IP address blocks:        223.27.114.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 04 Sep 2023 06:47:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:8f:0d:07:c2:fc:01:9b:22:b0:60:e0:b0:8e:fe:a4:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Jun  6 04:52:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6d0ce262226a6d9054bb8969da1dda01f6c6cf80
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:a6:2e:4b:c4:64:a6:9f:b3:d0:a7:68:c0:e1:
                    80:d3:fa:c8:fb:c1:1e:f8:e1:23:bb:77:d8:86:e3:
                    4d:a1:eb:60:46:91:d7:5d:41:43:5d:6d:0a:5d:58:
                    e0:79:4b:66:67:3f:4c:27:7c:a1:44:a5:93:2a:23:
                    5a:a9:34:f8:ec:97:48:b8:ce:fe:b1:b9:9c:cd:83:
                    ae:83:c0:bd:27:64:30:95:94:70:3f:ff:c8:76:5f:
                    c8:5b:aa:76:10:9e:a1:b3:12:50:c0:82:1f:1c:4c:
                    eb:58:6b:ac:47:09:e3:db:a5:ca:fb:20:6e:2a:5f:
                    8e:cd:d0:b6:70:5a:9a:64:18:16:1e:44:5f:41:ef:
                    26:f1:fb:e1:67:a8:7b:fc:8e:95:0b:49:77:c1:a4:
                    fb:1b:35:ef:54:74:2e:16:81:6a:b2:8f:d7:ee:d4:
                    dc:3c:f2:cc:cb:a1:0c:7e:bf:af:ab:a4:82:43:df:
                    1a:91:0f:14:21:3a:e5:77:88:08:fa:40:94:ce:3f:
                    1c:59:1c:17:f8:d0:92:1f:95:9b:62:28:52:04:4f:
                    cb:d8:77:e4:33:a3:15:a2:97:76:e7:3d:58:9f:d7:
                    cd:f0:08:54:fb:65:77:90:43:f8:c4:7d:08:d6:9c:
                    0e:da:07:15:98:4b:7d:d7:22:f2:36:a4:88:59:67:
                    f2:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:0C:E2:62:22:6A:6D:90:54:BB:89:69:DA:1D:DA:01:F6:C6:CF:80
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/bQziYiJqbZBUu4lp2h3aAfbGz4A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  223.27.114.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3b:64:be:95:88:ab:18:06:e7:94:bd:b0:f5:cb:e6:b8:1a:e5:
         7c:e0:d8:54:2d:53:cb:aa:bd:7b:6a:d3:13:5e:e8:e8:0d:c9:
         4a:13:5a:8b:e9:7d:8c:d3:a2:a2:9c:9f:d4:7e:0b:e8:f7:2f:
         c8:85:dc:cf:a5:49:77:b6:67:b1:48:3c:dd:e8:df:d3:e5:39:
         a3:38:c1:72:82:ad:d6:06:76:ab:fa:56:54:cc:3a:12:4a:9d:
         2b:4f:18:d8:3f:55:96:79:75:ff:ce:91:73:3d:19:9f:19:0a:
         6e:6c:e3:5c:c0:bf:67:d8:9b:b8:4e:27:ba:b8:b7:07:27:52:
         2d:9a:90:47:5c:c3:57:7c:8c:3b:a5:69:c9:63:bb:0f:9d:79:
         76:45:0f:67:51:88:7e:a2:d0:1d:5c:6e:ca:7e:5c:90:92:37:
         4e:b3:da:93:bb:90:a3:ff:0d:a7:71:d5:51:12:e7:c1:45:f1:
         9f:91:1e:d8:51:83:5c:83:62:22:9d:be:31:35:35:ff:0a:73:
         35:d7:b7:3f:66:b7:72:1f:2e:ec:d4:43:42:8b:05:e8:ae:cb:
         93:c3:3f:fa:86:d2:03:b2:c4:40:9c:e3:92:72:c3:a9:7a:e7:
         cf:73:f3:24:d4:9a:de:37:29:b9:40:af:2d:a6:60:25:ca:0d:
         93:5e:29:5e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYiPDQfC/AGbIrBg4LCO/qSCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNjA2MDQ1MjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDBjZTI2MjIyNmE2ZDkwNTRiYjg5NjlkYTFkZGEwMWY2YzZjZjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk6YuS8Rkpp+z0KdowOGA0/rI+8Ee
+OEju3fYhuNNoetgRpHXXUFDXW0KXVjgeUtmZz9MJ3yhRKWTKiNaqTT47JdIuM7+
sbmczYOug8C9J2QwlZRwP//Idl/IW6p2EJ6hsxJQwIIfHEzrWGusRwnj26XK+yBu
Kl+OzdC2cFqaZBgWHkRfQe8m8fvhZ6h7/I6VC0l3waT7GzXvVHQuFoFqso/X7tTc
PPLMy6EMfr+vq6SCQ98akQ8UITrld4gI+kCUzj8cWRwX+NCSH5WbYihSBE/L2Hfk
M6MVopd25z1Yn9fN8AhU+2V3kEP4xH0I1pwO2gcVmEt91yLyNqSIWWfy5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG0M4mIiam2QVLuJadod2gH2xs+AMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvYlF6aVlpSnFiWkJVdTRscDJoM2FBZmJHejRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA3xtyMA0G
CSqGSIb3DQEBCwUAA4IBAQA7ZL6ViKsYBueUvbD1y+a4GuV84NhULVPLqr17atMT
XujoDclKE1qL6X2M06KinJ/Ufgvo9y/IhdzPpUl3tmexSDzd6N/T5TmjOMFygq3W
Bnar+lZUzDoSSp0rTxjYP1WWeXX/zpFzPRmfGQpubONcwL9n2Ju4Tie6uLcHJ1It
mpBHXMNXfIw7pWnJY7sPnXl2RQ9nUYh+otAdXG7KflyQkjdOs9qTu5Cj/w2ncdVR
EufBRfGfkR7YUYNcg2Iinb4xNTX/CnM117c/ZrdyHy7s1ENCiwXorsuTwz/6htID
ssRAnOOScsOpeufPc/Mk1JreNym5QK8tpmAlyg2TXile
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:46 2024 by rpki-client on console-fra.rpki-client.org