Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/rda-OU4CdqV9lEdRSQjNp76ltvs.roa
File:                     rda-OU4CdqV9lEdRSQjNp76ltvs.roa (raw, json)
Hash identifier:          uAw66ngUyNRejnPFBm8Yo7WQHQAVtV+wA4MlKG8i4QU=
Subject key identifier:   AD:D6:BE:39:4E:02:76:A5:7D:94:47:51:49:08:CD:A7:BE:A5:B6:FB
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       01875A15AC930E2128E42DD602BBF2ABAAB8
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/rda-OU4CdqV9lEdRSQjNp76ltvs.roa
Signing time:             Fri 07 Apr 2023 04:59:42 +0000
ROA not before:           Fri 07 Apr 2023 04:59:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     174
IP address blocks:        78.142.242.0/24 maxlen: 24
                          203.0.8.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 08 Apr 2023 07:43:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:5a:15:ac:93:0e:21:28:e4:2d:d6:02:bb:f2:ab:aa:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Apr  7 04:59:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=add6be394e0276a57d9447514908cda7bea5b6fb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:77:71:3e:3e:11:f9:c3:fe:39:4f:20:5d:83:
                    62:c5:c8:ac:f0:25:be:aa:cf:e1:6f:35:04:9a:12:
                    6f:be:c5:16:b6:94:90:7e:b5:57:45:21:8c:29:c8:
                    df:8e:b3:94:a7:84:87:fc:6b:55:38:14:1f:40:a6:
                    b7:e9:0d:cc:5f:b7:cf:3e:2f:32:65:c6:50:93:2f:
                    54:54:43:17:0a:e2:2a:0d:3c:b5:18:84:da:2b:93:
                    07:bd:94:52:a0:15:a2:6b:ab:88:1d:2e:61:f1:1b:
                    6d:21:86:e9:2b:bb:61:f9:fa:5b:be:30:4e:cc:9c:
                    21:4c:f2:79:1d:e3:30:6a:05:d6:82:3c:09:89:57:
                    3a:20:ee:9e:1b:ae:88:48:12:da:03:a6:90:06:b0:
                    e1:55:fd:1f:d2:a0:db:08:07:96:ae:89:f5:61:8b:
                    ab:76:4c:f2:d8:93:b2:63:eb:72:e3:b5:b8:de:04:
                    9f:42:15:42:ba:62:6c:28:24:4d:4d:96:b8:c1:91:
                    1b:8f:79:1f:dc:f3:ad:e3:d5:eb:5b:29:5f:cc:d4:
                    9b:2c:5f:6b:06:48:76:d7:ca:cb:86:73:aa:a1:75:
                    cf:da:3f:87:96:c8:3c:3c:a1:d7:40:03:ed:8f:0d:
                    a5:55:13:39:f6:3b:0a:ef:24:6a:ee:81:42:14:2a:
                    e5:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:D6:BE:39:4E:02:76:A5:7D:94:47:51:49:08:CD:A7:BE:A5:B6:FB
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/rda-OU4CdqV9lEdRSQjNp76ltvs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  78.142.242.0/24
                  203.0.8.0/24

    Signature Algorithm: sha256WithRSAEncryption
         10:ea:37:98:d9:09:8d:47:49:54:89:12:26:4f:af:82:7e:6c:
         a0:33:7d:8a:23:4a:dd:de:5d:62:6d:7f:fd:de:10:9d:e4:b2:
         e0:c8:72:eb:69:14:fd:2b:61:3a:71:f7:1e:85:d7:08:0f:30:
         ca:2b:f7:f7:b4:a8:12:d3:8f:3d:ca:15:a2:e2:2c:f2:ee:df:
         ff:17:c5:ce:7f:67:96:1f:ce:8a:20:4c:3e:af:d9:ba:2d:53:
         8b:b1:85:d6:fc:9b:cd:a5:2a:7a:45:f1:d4:60:7c:ec:70:32:
         cd:56:ff:aa:bc:41:5d:d6:48:96:7f:96:03:db:57:df:f8:e7:
         b2:f6:26:1e:09:d2:c0:e7:18:5f:4e:ac:7a:cd:9a:df:59:d7:
         59:11:64:f7:6d:d6:ae:40:b7:1c:5f:85:da:97:a7:46:b7:73:
         2a:c6:5f:0a:d6:35:b2:08:74:97:d0:34:b5:53:02:72:c3:f1:
         72:69:0a:74:54:dc:df:df:67:e8:75:1a:b0:a0:58:69:71:90:
         20:f9:96:5e:cd:2a:a0:df:81:e7:45:69:da:98:e2:39:a4:8b:
         5c:f7:3d:c9:47:88:f9:ea:57:d1:06:0a:e1:55:10:7f:bc:0b:
         5b:3a:69:fa:96:b6:68:06:85:8f:25:d3:e5:78:1a:99:25:a1:
         8c:7c:a0:1b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYdaFayTDiEo5C3WArvyq6q4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNDA3MDQ1OTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGQ2YmUzOTRlMDI3NmE1N2Q5NDQ3NTE0OTA4Y2RhN2JlYTViNmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnndxPj4R+cP+OU8gXYNixcis8CW+
qs/hbzUEmhJvvsUWtpSQfrVXRSGMKcjfjrOUp4SH/GtVOBQfQKa36Q3MX7fPPi8y
ZcZQky9UVEMXCuIqDTy1GITaK5MHvZRSoBWia6uIHS5h8RttIYbpK7th+fpbvjBO
zJwhTPJ5HeMwagXWgjwJiVc6IO6eG66ISBLaA6aQBrDhVf0f0qDbCAeWron1YYur
dkzy2JOyY+ty47W43gSfQhVCumJsKCRNTZa4wZEbj3kf3POt49XrWylfzNSbLF9r
Bkh218rLhnOqoXXP2j+Hlsg8PKHXQAPtjw2lVRM59jsK7yRq7oFCFCrlGwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFK3WvjlOAnalfZRHUUkIzae+pbb7MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvcmRhLU9VNENkcVY5bEVkUlNRak5wNzZsdHZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATo7yAwQA
ywAIMA0GCSqGSIb3DQEBCwUAA4IBAQAQ6jeY2QmNR0lUiRImT6+CfmygM32KI0rd
3l1ibX/93hCd5LLgyHLraRT9K2E6cfcehdcIDzDKK/f3tKgS0489yhWi4izy7t//
F8XOf2eWH86KIEw+r9m6LVOLsYXW/JvNpSp6RfHUYHzscDLNVv+qvEFd1kiWf5YD
21ff+Oey9iYeCdLA5xhfTqx6zZrfWddZEWT3bdauQLccX4Xal6dGt3Mqxl8K1jWy
CHSX0DS1UwJyw/FyaQp0VNzf32fodRqwoFhpcZAg+ZZezSqg34HnRWnamOI5pItc
9z3JR4j56lfRBgrhVRB/vAtbOmn6lrZoBoWPJdPleBqZJaGMfKAb
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:14 2024 by rpki-client on console-ams.rpki-client.org