Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/rFIWvCAMEc0Mku9MWKBlpT1o6A4.roa
File:                     rFIWvCAMEc0Mku9MWKBlpT1o6A4.roa (raw, json)
Hash identifier:          Sxnl9L8pBtOiUf7h8N/M2pwI25eK1oDYWIP50m/Uh6w=
Subject key identifier:   AC:52:16:BC:20:0C:11:CD:0C:92:EF:4C:58:A0:65:A5:3D:68:E8:0E
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       01862F72FA5B2143D4702C27F0AB62828A0D
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/rFIWvCAMEc0Mku9MWKBlpT1o6A4.roa
Signing time:             Wed 08 Feb 2023 05:15:09 +0000
ROA not before:           Wed 08 Feb 2023 05:15:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     3507
IP address blocks:        93.114.192.0/24 maxlen: 24
                          89.35.154.0/24 maxlen: 24
                          45.156.158.0/24 maxlen: 24
                          188.212.155.0/24 maxlen: 24
                          45.156.157.0/24 maxlen: 24
                          89.33.84.0/24 maxlen: 24
                          93.115.109.0/24 maxlen: 24
                          188.240.232.0/24 maxlen: 24
                          188.241.214.0/24 maxlen: 24
                          89.37.62.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 09 Feb 2023 08:42:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:2f:72:fa:5b:21:43:d4:70:2c:27:f0:ab:62:82:8a:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Feb  8 05:15:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ac5216bc200c11cd0c92ef4c58a065a53d68e80e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:9b:19:02:6b:15:0a:2e:ac:4c:63:af:64:db:
                    a7:fb:2b:5a:f3:89:f1:53:8a:99:c4:25:3c:a7:4d:
                    3d:ca:86:50:4e:fb:56:8d:f5:93:95:8e:42:0b:06:
                    18:3b:43:d8:4e:4d:7c:13:1d:e0:00:b0:6f:6e:06:
                    bd:40:49:48:22:c6:71:80:d3:bf:58:84:d9:ff:e6:
                    3a:81:39:4f:44:2a:87:a2:0e:a7:be:c3:e8:86:69:
                    41:d8:27:8f:fd:ed:4b:d1:18:96:6a:36:8c:32:76:
                    5e:d2:9f:64:4e:d2:6f:22:8a:38:b2:e5:6b:7e:cf:
                    81:40:93:72:56:29:b0:39:0b:88:4f:fd:9a:2a:40:
                    80:8f:c9:ad:f4:11:9f:da:76:ab:07:8c:b6:52:31:
                    50:b7:94:b6:83:21:05:41:0a:7d:47:3b:ba:ff:c9:
                    24:de:00:7a:3e:ef:ba:21:fa:3b:d0:52:72:3c:75:
                    ec:e0:84:82:e5:ba:6a:08:55:aa:57:d2:63:1c:e4:
                    ba:da:fa:89:b3:17:e5:dd:40:52:ba:ec:4b:be:bf:
                    63:dc:f4:06:2e:cd:57:4a:82:20:ff:79:84:70:23:
                    5b:ef:f0:bf:35:4e:d4:35:e1:df:e4:e4:81:b7:4e:
                    19:a0:cb:6d:40:50:33:8b:e5:c0:1b:f9:7e:11:5a:
                    15:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:52:16:BC:20:0C:11:CD:0C:92:EF:4C:58:A0:65:A5:3D:68:E8:0E
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/rFIWvCAMEc0Mku9MWKBlpT1o6A4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.156.157.0-45.156.158.255
                  89.33.84.0/24
                  89.35.154.0/24
                  89.37.62.0/24
                  93.114.192.0/24
                  93.115.109.0/24
                  188.212.155.0/24
                  188.240.232.0/24
                  188.241.214.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4f:b1:67:d8:90:7e:58:76:d2:13:c6:31:ae:c2:af:00:ba:ac:
         07:4a:0d:44:43:0f:99:85:83:49:e3:5e:f5:76:3d:26:f3:f0:
         34:9f:a6:c1:e3:98:77:45:35:18:c7:32:24:79:60:06:35:08:
         18:2b:a0:ba:0d:d3:ea:8b:a3:74:11:1a:03:43:2b:12:57:3c:
         5c:93:e3:22:01:10:9e:5c:7a:7a:ff:4a:eb:79:16:a6:7d:08:
         9e:27:31:c2:7a:d2:82:7d:e4:97:38:ed:00:46:3f:9e:09:a3:
         d8:d7:00:b5:81:95:03:b6:18:9a:a2:36:93:78:83:27:f6:d3:
         a2:60:d2:8d:30:2b:23:2c:83:88:0c:6c:01:c2:b9:7e:f8:5f:
         5c:1a:68:21:78:54:c7:d7:e2:0b:fa:89:fb:4f:ee:89:d6:44:
         fd:88:c2:0f:fd:52:10:59:f3:8d:44:83:17:5e:0e:51:7d:e6:
         11:30:d3:49:cd:d7:60:32:d2:59:91:60:63:fe:fc:bd:77:22:
         3b:eb:a3:19:c1:89:7e:4e:a3:7b:52:a0:97:0a:bf:b5:52:cb:
         b0:ca:0c:51:a1:e3:5e:a0:7f:2a:37:95:c4:dd:79:e3:3c:bc:
         5e:33:77:8b:ff:e4:4d:b9:ba:c2:e5:8f:43:8d:e4:fb:18:be:
         a1:17:66:6a
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYYvcvpbIUPUcCwn8KtigooNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMjA4MDUxNTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzUyMTZiYzIwMGMxMWNkMGM5MmVmNGM1OGEwNjVhNTNkNjhlODBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg5sZAmsVCi6sTGOvZNun+yta84nx
U4qZxCU8p009yoZQTvtWjfWTlY5CCwYYO0PYTk18Ex3gALBvbga9QElIIsZxgNO/
WITZ/+Y6gTlPRCqHog6nvsPohmlB2CeP/e1L0RiWajaMMnZe0p9kTtJvIoo4suVr
fs+BQJNyVimwOQuIT/2aKkCAj8mt9BGf2narB4y2UjFQt5S2gyEFQQp9Rzu6/8kk
3gB6Pu+6Ifo70FJyPHXs4ISC5bpqCFWqV9JjHOS62vqJsxfl3UBSuuxLvr9j3PQG
Ls1XSoIg/3mEcCNb7/C/NU7UNeHf5OSBt04ZoMttQFAzi+XAG/l+EVoVUQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFKxSFrwgDBHNDJLvTFigZaU9aOgOMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvckZJV3ZDQU1FYzBNa3U5TVdLQmxwVDFvNkE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+MAwDBAAtnJ0D
BAAtnJ4DBABZIVQDBABZI5oDBABZJT4DBABdcsADBABdc20DBAC81JsDBAC88OgD
BAC88dYwDQYJKoZIhvcNAQELBQADggEBAE+xZ9iQflh20hPGMa7CrwC6rAdKDURD
D5mFg0njXvV2PSbz8DSfpsHjmHdFNRjHMiR5YAY1CBgroLoN0+qLo3QRGgNDKxJX
PFyT4yIBEJ5cenr/Sut5FqZ9CJ4nMcJ60oJ95Jc47QBGP54Jo9jXALWBlQO2GJqi
NpN4gyf206Jg0o0wKyMsg4gMbAHCuX74X1waaCF4VMfX4gv6iftP7onWRP2Iwg/9
UhBZ841EgxdeDlF95hEw00nN12Ay0lmRYGP+/L13IjvroxnBiX5Oo3tSoJcKv7VS
y7DKDFGh416gfyo3lcTdeeM8vF4zd4v/5E25usLlj0ON5PsYvqEXZmo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:14 2024 by rpki-client on console-ams.rpki-client.org