Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/kXF4EoIQmAmKYJufq2oO9wPQLZo.roa
File:                     kXF4EoIQmAmKYJufq2oO9wPQLZo.roa (raw, json)
Hash identifier:          7Acq5xEC/HGcMp3h1Hj56rQ0PRFhM4pEYlqHN6uoXJQ=
Subject key identifier:   91:71:78:12:82:10:98:09:8A:60:9B:9F:AB:6A:0E:F7:03:D0:2D:9A
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       018612385F7B19898812B1FA829F6AE1B09D
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/kXF4EoIQmAmKYJufq2oO9wPQLZo.roa
Signing time:             Thu 02 Feb 2023 13:02:09 +0000
ROA not before:           Thu 02 Feb 2023 13:02:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212609
IP address blocks:        223.27.113.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:30:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:12:38:5f:7b:19:89:88:12:b1:fa:82:9f:6a:e1:b0:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Feb  2 13:02:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=91717812821098098a609b9fab6a0ef703d02d9a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:2b:bc:36:b2:8f:2e:0f:00:d0:1c:30:66:ba:
                    57:df:71:76:80:85:99:65:d5:8f:56:2c:d1:4b:27:
                    76:74:ca:66:14:a8:2f:29:b3:74:75:8c:d0:73:a1:
                    c4:d2:60:16:4c:5c:48:81:9b:9d:73:37:9c:b1:af:
                    d6:c7:2d:db:39:0c:cb:ef:0f:e3:76:90:ce:a9:5b:
                    53:9f:b7:44:90:46:df:ab:02:03:6b:4c:02:22:8d:
                    1e:a4:e5:6d:19:d8:b2:c9:43:b2:86:2e:47:27:5e:
                    63:4e:69:be:9d:8d:ff:d6:ee:ec:ac:5c:3b:49:e0:
                    9f:81:43:b7:7d:f7:5b:93:e1:b1:2e:e6:31:51:ee:
                    45:dc:1b:f0:b1:c4:33:f9:5e:cb:e3:2e:a1:a9:ed:
                    db:20:a0:83:b0:b4:93:79:e1:c8:93:73:98:db:a8:
                    91:a7:80:2d:68:6d:c9:88:3d:e4:9e:e3:82:e7:dc:
                    df:4d:dd:9c:a6:b7:1c:8d:ec:4e:ed:1f:a5:29:45:
                    06:86:f7:cd:4b:d9:87:6e:fc:80:bd:cd:20:4e:56:
                    9a:23:5a:27:c7:0c:bb:33:f7:7e:0e:82:47:f5:c5:
                    c5:a9:82:0e:1d:71:93:7e:51:e5:34:cc:ad:17:60:
                    da:df:fc:ca:a3:f2:13:d7:db:53:9c:de:86:b7:af:
                    f5:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:71:78:12:82:10:98:09:8A:60:9B:9F:AB:6A:0E:F7:03:D0:2D:9A
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/kXF4EoIQmAmKYJufq2oO9wPQLZo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  223.27.113.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5a:a6:c1:e3:0b:d2:a9:87:cd:d1:00:2c:6c:17:26:93:7b:e4:
         ce:8b:cb:b9:17:c3:15:e7:40:f3:89:db:5e:f0:78:57:0e:9a:
         89:3a:08:06:f4:4f:11:18:f6:2d:fa:53:0b:8c:00:61:1c:08:
         2e:71:cf:76:ac:29:4e:e1:cb:22:71:05:d2:e1:75:cb:bb:0b:
         6b:24:49:4d:07:7d:1e:d0:6f:16:59:85:28:24:48:be:5d:4f:
         5c:af:01:ad:52:06:b8:b5:19:f9:2e:cc:4b:63:e8:19:38:4d:
         56:50:8f:50:48:78:dc:9c:73:f6:93:0e:29:e3:ac:1c:cf:dd:
         f8:7f:bb:7f:ce:dc:c5:10:3c:93:9c:89:24:2a:05:06:5a:eb:
         1e:d4:ac:ae:73:f9:ff:0e:55:47:12:78:ba:b1:7e:25:3f:35:
         ac:62:38:7a:fa:67:da:d7:f0:e3:b5:94:3d:ea:20:2c:9e:37:
         3a:b0:72:a6:fc:39:fe:f6:73:7b:df:28:50:d1:e1:1e:af:a7:
         65:db:58:ac:6b:03:36:55:44:9d:cc:27:c2:a0:6c:08:3e:38:
         e0:1d:59:45:cd:35:a7:3c:2b:00:a5:af:96:96:51:52:64:e0:
         1c:f4:6f:fe:2a:50:1a:29:f9:14:1b:2e:7b:24:3b:1a:01:3b:
         b1:69:05:4b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYYSOF97GYmIErH6gp9q4bCdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMjAyMTMwMjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTcxNzgxMjgyMTA5ODA5OGE2MDliOWZhYjZhMGVmNzAzZDAyZDlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhCu8NrKPLg8A0BwwZrpX33F2gIWZ
ZdWPVizRSyd2dMpmFKgvKbN0dYzQc6HE0mAWTFxIgZudczecsa/Wxy3bOQzL7w/j
dpDOqVtTn7dEkEbfqwIDa0wCIo0epOVtGdiyyUOyhi5HJ15jTmm+nY3/1u7srFw7
SeCfgUO3ffdbk+GxLuYxUe5F3BvwscQz+V7L4y6hqe3bIKCDsLSTeeHIk3OY26iR
p4AtaG3JiD3knuOC59zfTd2cprccjexO7R+lKUUGhvfNS9mHbvyAvc0gTlaaI1on
xwy7M/d+DoJH9cXFqYIOHXGTflHlNMytF2Da3/zKo/IT19tTnN6Gt6/13QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJFxeBKCEJgJimCbn6tqDvcD0C2aMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEva1hGNEVvSVFtQW1LWUp1ZnEyb085d1BRTFpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA3xtxMA0G
CSqGSIb3DQEBCwUAA4IBAQBapsHjC9Kph83RACxsFyaTe+TOi8u5F8MV50Dzidte
8HhXDpqJOggG9E8RGPYt+lMLjABhHAgucc92rClO4csicQXS4XXLuwtrJElNB30e
0G8WWYUoJEi+XU9crwGtUga4tRn5LsxLY+gZOE1WUI9QSHjcnHP2kw4p46wcz934
f7t/ztzFEDyTnIkkKgUGWuse1Kyuc/n/DlVHEni6sX4lPzWsYjh6+mfa1/DjtZQ9
6iAsnjc6sHKm/Dn+9nN73yhQ0eEer6dl21isawM2VUSdzCfCoGwIPjjgHVlFzTWn
PCsApa+WllFSZOAc9G/+KlAaKfkUGy57JDsaATuxaQVL
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:48 2024 by rpki-client on console-fra.rpki-client.org