Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/fp27qAL6f4hC10IoXEST_QhMa0U.roa
File:                     fp27qAL6f4hC10IoXEST_QhMa0U.roa (raw, json)
Hash identifier:          R1gYvgzOtMeAl2zNmh9c8Q382/uIZ4gzlJt//mJInzg=
Subject key identifier:   7E:9D:BB:A8:02:FA:7F:88:42:D7:42:28:5C:44:93:FD:08:4C:6B:45
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       018AB78BA747298B6363499B793C6A983D59
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/fp27qAL6f4hC10IoXEST_QhMa0U.roa
Signing time:             Thu 21 Sep 2023 11:41:37 +0000
ROA not before:           Thu 21 Sep 2023 11:41:37 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     21082
IP address blocks:        188.214.209.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:30:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:b7:8b:a7:47:29:8b:63:63:49:9b:79:3c:6a:98:3d:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Sep 21 11:41:37 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7e9dbba802fa7f8842d742285c4493fd084c6b45
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:1c:5d:fc:f0:bf:4e:f7:91:c5:fe:8f:65:69:
                    67:ae:7d:b7:b0:16:46:69:7b:47:83:6b:fd:ce:b8:
                    f9:cd:45:d2:2f:08:f3:b5:08:f9:44:47:6a:90:5b:
                    1a:49:6a:04:c1:13:8a:75:4c:a2:c9:01:57:16:b2:
                    be:a2:d1:8a:e6:e9:80:73:38:80:2a:41:1c:ba:2f:
                    eb:9f:02:c7:17:42:56:75:bf:10:8a:15:63:8d:53:
                    af:a1:8f:52:95:a3:c2:e8:43:75:87:b6:ca:4c:3c:
                    ed:79:56:2b:a4:7f:4f:68:6c:7a:5d:48:8d:cb:6d:
                    ee:0d:21:c0:c7:b2:57:d9:1b:1a:4a:8b:54:6b:00:
                    03:f8:0d:e6:6a:37:dd:2b:85:13:37:13:fc:e0:26:
                    9b:c4:0f:4c:a9:aa:d9:ee:66:47:af:8d:b9:f2:16:
                    ba:85:0e:94:bb:b8:cb:89:29:98:02:82:c8:98:a5:
                    ce:f4:c6:26:31:6c:8a:b5:a2:33:41:a7:23:55:e8:
                    b1:5d:56:8a:1d:31:ce:79:b3:0d:36:fd:37:1a:5d:
                    3a:40:cb:01:b2:d0:6b:4d:86:44:e5:b1:89:65:d6:
                    89:b7:8a:37:7e:ef:6c:cc:19:d8:94:f9:16:e2:31:
                    43:ed:aa:e2:ad:99:88:0f:66:49:78:9b:e1:03:bf:
                    6d:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:9D:BB:A8:02:FA:7F:88:42:D7:42:28:5C:44:93:FD:08:4C:6B:45
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/fp27qAL6f4hC10IoXEST_QhMa0U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.214.209.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2a:ce:d1:6c:01:cd:18:c8:48:ed:a6:90:ff:f2:9a:85:72:03:
         cc:ba:c9:13:9f:56:59:87:bd:34:89:96:c9:38:c1:58:54:d0:
         ed:d0:2b:66:aa:f0:15:51:86:91:64:08:cc:1b:04:32:74:24:
         49:62:92:e3:f7:c3:40:20:9b:c9:ee:46:d6:d9:77:7f:b0:bd:
         c6:6a:90:73:40:62:3e:a7:3d:55:ce:6d:3c:ec:97:57:b7:26:
         f9:da:80:eb:b6:48:60:93:ab:e0:74:56:0b:9c:61:24:ed:ee:
         0f:e3:a0:2e:c7:ae:41:c1:32:2b:14:a6:f9:d0:cb:d9:60:73:
         e0:c4:0c:89:51:8b:ef:e6:72:68:d2:1a:1d:58:37:f9:c4:ba:
         75:de:89:ea:8f:e0:c2:cf:19:fd:a5:73:5e:23:a1:84:ec:a8:
         f9:23:50:14:f1:ac:c9:a5:eb:b3:50:31:32:c4:e8:eb:e3:7c:
         95:d1:4f:bb:6f:5b:61:6f:0d:3d:c1:62:76:8f:af:44:7a:9d:
         5c:09:43:dc:69:bb:e7:27:20:7d:cc:e0:83:82:99:fd:aa:ac:
         55:c7:80:4d:d2:41:65:8b:09:ed:4a:60:54:a5:a3:43:ea:40:
         d0:06:55:fd:2b:a3:25:69:2b:28:74:c7:c6:e2:e4:f8:f0:47:
         76:f7:a8:37
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYq3i6dHKYtjY0mbeTxqmD1ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwOTIxMTE0MTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTlkYmJhODAyZmE3Zjg4NDJkNzQyMjg1YzQ0OTNmZDA4NGM2YjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnRxd/PC/TveRxf6PZWlnrn23sBZG
aXtHg2v9zrj5zUXSLwjztQj5REdqkFsaSWoEwROKdUyiyQFXFrK+otGK5umAcziA
KkEcui/rnwLHF0JWdb8QihVjjVOvoY9SlaPC6EN1h7bKTDzteVYrpH9PaGx6XUiN
y23uDSHAx7JX2RsaSotUawAD+A3majfdK4UTNxP84CabxA9MqarZ7mZHr4258ha6
hQ6Uu7jLiSmYAoLImKXO9MYmMWyKtaIzQacjVeixXVaKHTHOebMNNv03Gl06QMsB
stBrTYZE5bGJZdaJt4o3fu9szBnYlPkW4jFD7arirZmID2ZJeJvhA79tewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH6du6gC+n+IQtdCKFxEk/0ITGtFMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvZnAyN3FBTDZmNGhDMTBJb1hFU1RfUWhNYTBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvNbRMA0G
CSqGSIb3DQEBCwUAA4IBAQAqztFsAc0YyEjtppD/8pqFcgPMuskTn1ZZh700iZbJ
OMFYVNDt0CtmqvAVUYaRZAjMGwQydCRJYpLj98NAIJvJ7kbW2Xd/sL3GapBzQGI+
pz1Vzm087JdXtyb52oDrtkhgk6vgdFYLnGEk7e4P46Aux65BwTIrFKb50MvZYHPg
xAyJUYvv5nJo0hodWDf5xLp13onqj+DCzxn9pXNeI6GE7Kj5I1AU8azJpeuzUDEy
xOjr43yV0U+7b1thbw09wWJ2j69Eep1cCUPcabvnJyB9zOCDgpn9qqxVx4BN0kFl
iwntSmBUpaND6kDQBlX9K6MlaSsodMfG4uT48Ed296g3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:47 2024 by rpki-client on console-fra.rpki-client.org