Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/kHtDAmYBLxNUQ2CSfeHDqYznC5s.roa
File:                     kHtDAmYBLxNUQ2CSfeHDqYznC5s.roa (raw, json)
Hash identifier:          BP8xWuADcbwNndc4uciLGwZUpDA0a8N94ltJZIRlXBs=
Subject key identifier:   90:7B:43:02:66:01:2F:13:54:43:60:92:7D:E1:C3:A9:8C:E7:0B:9B
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       01872BBFE6ADA284354BDA53AD3048909D8C
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/kHtDAmYBLxNUQ2CSfeHDqYznC5s.roa
Signing time:             Wed 29 Mar 2023 05:03:29 +0000
ROA not before:           Wed 29 Mar 2023 05:03:29 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211373
IP address blocks:        178.239.204.0/24 maxlen: 24
                          185.135.140.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 20 Apr 2023 10:42:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:2b:bf:e6:ad:a2:84:35:4b:da:53:ad:30:48:90:9d:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Mar 29 05:03:29 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=907b430266012f13544360927de1c3a98ce70b9b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:b7:b5:2a:d6:3c:f2:c5:a1:60:3c:97:73:1d:
                    c8:f2:c4:45:4e:fc:4f:c4:01:09:73:f7:2d:1f:86:
                    fd:00:b4:1e:64:d9:93:58:51:38:c6:01:6d:ab:e1:
                    10:3d:35:a5:2c:d4:15:52:f0:2b:f7:1c:bd:f7:34:
                    53:31:88:e9:5c:c3:98:84:7d:a1:c4:7d:66:01:f9:
                    5b:43:63:ff:5f:07:e1:5c:16:47:26:4b:7d:d6:d4:
                    ff:99:b0:11:7b:c1:a7:97:cb:1a:05:99:3e:04:7e:
                    d8:9b:02:f7:14:7a:05:ff:44:0d:63:d1:ba:9f:1a:
                    04:ca:00:5b:62:8a:5c:69:a2:83:46:2e:8a:93:19:
                    c9:da:77:d4:31:31:0b:30:12:37:d6:e2:e2:b3:0c:
                    40:e5:36:a7:88:c5:f5:3b:8d:26:05:f6:86:40:bb:
                    61:f0:08:f1:de:b3:ba:0a:bb:12:7e:19:3f:39:62:
                    dc:87:37:52:37:c8:ae:59:cc:65:89:2a:33:0c:9d:
                    8f:cd:24:6c:bf:04:b3:61:15:20:ce:d7:58:d5:36:
                    7f:34:1e:ff:97:73:6d:9d:2c:b8:ef:75:ce:1b:a3:
                    92:a5:4a:93:24:4c:21:e0:d8:83:8b:2e:79:3b:65:
                    c1:3f:00:d2:5b:ed:4e:84:24:a2:ab:b5:a2:ad:ad:
                    6a:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:7B:43:02:66:01:2F:13:54:43:60:92:7D:E1:C3:A9:8C:E7:0B:9B
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/kHtDAmYBLxNUQ2CSfeHDqYznC5s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.239.204.0/24
                  185.135.140.0/24

    Signature Algorithm: sha256WithRSAEncryption
         97:4a:99:12:ae:a5:d9:b2:2f:ee:16:c7:9e:5c:af:5d:79:c6:
         35:ee:ca:0e:f0:1c:95:b5:df:20:df:49:83:4e:d8:03:82:5c:
         ec:80:af:d4:56:ef:3d:9e:a9:73:1e:2b:10:ac:14:90:80:ef:
         0e:ef:1e:f0:f6:7a:c8:9a:a6:ba:9c:e4:64:11:c7:d7:38:f2:
         f6:e2:39:75:c0:06:40:01:69:46:90:71:c5:dd:ac:2a:89:cd:
         43:63:bc:08:a2:52:53:9c:c0:69:2d:76:ca:43:e8:a8:5b:a9:
         d5:2d:99:7f:78:1f:c7:92:1d:2e:9f:56:41:f8:ff:f0:9a:d2:
         c8:e9:8f:a7:02:c7:cb:a5:2b:44:66:91:e8:44:17:ba:a2:92:
         8c:ed:87:1b:56:9f:42:a3:d9:1d:b3:40:7a:5a:bb:60:07:27:
         b9:3c:c8:29:09:8d:6e:fb:58:64:b1:49:7d:83:47:61:45:36:
         73:5d:37:34:e8:ac:c3:9e:28:a6:42:f3:35:f4:30:f5:16:af:
         3e:09:7e:1d:8d:f9:58:f6:b8:af:8e:20:b1:7d:85:ff:9f:41:
         2b:b6:20:43:3c:8f:63:1a:4d:dc:53:d9:b7:84:cc:3f:d8:11:
         4d:8b:47:6d:16:fd:2a:04:d8:51:97:cb:63:20:cf:4e:30:cc:
         32:86:e1:3c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYcrv+atooQ1S9pTrTBIkJ2MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMzI5MDUwMzI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDdiNDMwMjY2MDEyZjEzNTQ0MzYwOTI3ZGUxYzNhOThjZTcwYjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhre1KtY88sWhYDyXcx3I8sRFTvxP
xAEJc/ctH4b9ALQeZNmTWFE4xgFtq+EQPTWlLNQVUvAr9xy99zRTMYjpXMOYhH2h
xH1mAflbQ2P/XwfhXBZHJkt91tT/mbARe8Gnl8saBZk+BH7YmwL3FHoF/0QNY9G6
nxoEygBbYopcaaKDRi6KkxnJ2nfUMTELMBI31uLiswxA5TaniMX1O40mBfaGQLth
8Ajx3rO6CrsSfhk/OWLchzdSN8iuWcxliSozDJ2PzSRsvwSzYRUgztdY1TZ/NB7/
l3NtnSy473XOG6OSpUqTJEwh4NiDiy55O2XBPwDSW+1OhCSiq7Wira1qowIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJB7QwJmAS8TVENgkn3hw6mM5wubMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEva0h0REFtWUJMeE5VUTJDU2ZlSERxWXpuQzVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAsu/MAwQA
uYeMMA0GCSqGSIb3DQEBCwUAA4IBAQCXSpkSrqXZsi/uFseeXK9decY17soO8ByV
td8g30mDTtgDglzsgK/UVu89nqlzHisQrBSQgO8O7x7w9nrImqa6nORkEcfXOPL2
4jl1wAZAAWlGkHHF3awqic1DY7wIolJTnMBpLXbKQ+ioW6nVLZl/eB/Hkh0un1ZB
+P/wmtLI6Y+nAsfLpStEZpHoRBe6opKM7YcbVp9Co9kds0B6WrtgBye5PMgpCY1u
+1hksUl9g0dhRTZzXTc06KzDniimQvM19DD1Fq8+CX4djflY9rivjiCxfYX/n0Er
tiBDPI9jGk3cU9m3hMw/2BFNi0dtFv0qBNhRl8tjIM9OMMwyhuE8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:13 2024 by rpki-client on console-ams.rpki-client.org