Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/d16e96-0313-4c9b-9c09-a95fe3102645/1/BKiRQNtrzM8GaGZfh6zodkZXmX4.roa
File:                     BKiRQNtrzM8GaGZfh6zodkZXmX4.roa (raw, json)
Hash identifier:          3DLylj+VCkAnaZRHyKEnomv8H4fGAkUn6BGsI2gSFAo=
Subject key identifier:   04:A8:91:40:DB:6B:CC:CF:06:68:66:5F:87:AC:E8:76:46:57:99:7E
Certificate issuer:       /CN=af93102511e660263f8ef6e4c1f9ab32393839b2
Certificate serial:       01857070487BEC36341972E1FBE759712F0D
Authority key identifier: AF:93:10:25:11:E6:60:26:3F:8E:F6:E4:C1:F9:AB:32:39:38:39:B2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/r5MQJRHmYCY_jvbkwfmrMjk4ObI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/04/d16e96-0313-4c9b-9c09-a95fe3102645/1/BKiRQNtrzM8GaGZfh6zodkZXmX4.roa
Signing time:             Mon 02 Jan 2023 03:04:44 +0000
ROA not before:           Mon 02 Jan 2023 03:04:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     62121
IP address blocks:        193.200.90.0/23 maxlen: 23
                          2001:67c:564::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:30:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:70:48:7b:ec:36:34:19:72:e1:fb:e7:59:71:2f:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=af93102511e660263f8ef6e4c1f9ab32393839b2
        Validity
            Not Before: Jan  2 03:04:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=04a89140db6bcccf0668665f87ace8764657997e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:11:dc:70:1f:bd:0b:ad:5f:4c:7f:11:83:dd:
                    26:56:48:59:e1:bb:70:5a:82:a9:82:9b:dc:3f:94:
                    36:45:dc:63:5a:57:1c:f6:1a:f6:99:5f:b5:47:ea:
                    7f:76:35:48:b2:e8:f1:ba:f7:31:c5:b4:38:cb:76:
                    1e:df:da:cb:ea:17:13:6d:9f:ff:82:3b:df:88:df:
                    07:c9:e7:7a:6f:2c:7f:d7:6e:89:ab:31:e3:34:e4:
                    d7:05:3c:fd:1d:79:28:5b:e9:05:de:85:58:0e:76:
                    3b:cb:1a:80:62:72:8d:af:ed:27:d1:86:32:5f:fc:
                    70:20:79:1e:06:2d:03:c6:2a:38:93:40:ad:05:1b:
                    c2:b6:03:b6:29:8a:7a:77:2c:16:e5:53:15:5e:06:
                    b4:86:07:34:48:8e:54:a9:0d:61:8a:c3:15:19:8e:
                    79:68:20:12:bb:55:34:8b:70:b0:f5:a6:28:21:08:
                    39:c7:f5:0b:60:7b:19:49:b1:86:72:02:21:d1:00:
                    b3:0f:c4:39:d5:fc:04:0a:d1:f5:04:09:5c:85:49:
                    dc:e8:48:a1:cb:8b:c3:ca:3d:f4:20:f1:a9:2a:f0:
                    ad:65:56:1b:6c:9a:b5:fc:1b:68:a2:af:a8:40:18:
                    72:ef:50:49:34:09:b7:4a:09:c0:95:61:d0:6e:1f:
                    d8:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:A8:91:40:DB:6B:CC:CF:06:68:66:5F:87:AC:E8:76:46:57:99:7E
            X509v3 Authority Key Identifier:
                keyid:AF:93:10:25:11:E6:60:26:3F:8E:F6:E4:C1:F9:AB:32:39:38:39:B2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r5MQJRHmYCY_jvbkwfmrMjk4ObI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/d16e96-0313-4c9b-9c09-a95fe3102645/1/BKiRQNtrzM8GaGZfh6zodkZXmX4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/04/d16e96-0313-4c9b-9c09-a95fe3102645/1/r5MQJRHmYCY_jvbkwfmrMjk4ObI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.200.90.0/23
                IPv6:
                  2001:67c:564::/48

    Signature Algorithm: sha256WithRSAEncryption
         22:c6:9c:4a:f1:3a:0d:fd:0d:da:57:68:53:b0:aa:6c:1a:88:
         3f:02:5a:d8:35:66:79:97:4f:5a:e1:fd:00:c2:98:cd:78:d2:
         2a:3f:65:e6:ce:97:20:c5:bd:5b:9d:17:88:95:95:3e:84:e5:
         d2:92:a6:01:4e:52:f0:48:96:50:35:9d:d8:0c:2c:b1:15:06:
         ea:a2:08:c0:0a:5a:68:b9:84:0e:3b:c0:7b:37:43:f6:c0:44:
         db:57:9d:d8:c6:53:84:96:9b:36:b1:90:e9:e3:63:67:5f:17:
         9a:94:ee:ea:fb:aa:0b:58:76:19:71:fe:b7:37:0d:a0:36:f4:
         ed:51:d8:be:00:e5:61:62:cd:94:a1:b2:7d:09:95:33:ad:e8:
         0c:17:92:a9:6b:92:b1:f6:8e:30:24:0a:c2:88:a1:29:ef:e3:
         41:5d:56:f8:f8:9c:35:5f:e9:53:ba:56:ad:bb:02:43:e0:c3:
         30:57:02:49:21:cc:2f:ff:1d:8b:cc:4a:94:16:6a:e0:f8:3f:
         8b:8e:24:3e:d7:1a:bf:7f:dc:d7:13:03:26:9f:bd:55:c4:7f:
         69:94:13:1f:b3:e1:9a:76:42:13:7a:72:7e:28:e5:af:2f:59:
         20:7d:c6:c7:f7:92:9f:ac:14:10:37:1a:7d:25:34:bd:4e:e1:
         ce:5b:c6:25
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVwcEh77DY0GXLh++dZcS8NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmOTMxMDI1MTFlNjYwMjYzZjhlZjZlNGMxZjlhYjMyMzkz
ODM5YjIwHhcNMjMwMTAyMDMwNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGE4OTE0MGRiNmJjY2NmMDY2ODY2NWY4N2FjZTg3NjQ2NTc5OTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhxHccB+9C61fTH8Rg90mVkhZ4btw
WoKpgpvcP5Q2RdxjWlcc9hr2mV+1R+p/djVIsujxuvcxxbQ4y3Ye39rL6hcTbZ//
gjvfiN8Hyed6byx/126JqzHjNOTXBTz9HXkoW+kF3oVYDnY7yxqAYnKNr+0n0YYy
X/xwIHkeBi0Dxio4k0CtBRvCtgO2KYp6dywW5VMVXga0hgc0SI5UqQ1hisMVGY55
aCASu1U0i3Cw9aYoIQg5x/ULYHsZSbGGcgIh0QCzD8Q51fwECtH1BAlchUnc6Eih
y4vDyj30IPGpKvCtZVYbbJq1/Btooq+oQBhy71BJNAm3SgnAlWHQbh/YMwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFASokUDba8zPBmhmX4es6HZGV5l+MB8GA1UdIwQY
MBaAFK+TECUR5mAmP4725MH5qzI5ODmyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjVNUUpSSG1ZQ1lfanZia3dmbXJNams0T2JJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9kMTZlOTYtMDMxMy00YzliLTljMDkt
YTk1ZmUzMTAyNjQ1LzEvQktpUlFOdHJ6TThHYUdaZmg2em9ka1pYbVg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC9kMTZlOTYtMDMxMy00YzliLTljMDktYTk1ZmUzMTAyNjQ1
LzEvcjVNUUpSSG1ZQ1lfanZia3dmbXJNams0T2JJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBwchaMA8E
AgACMAkDBwAgAQZ8BWQwDQYJKoZIhvcNAQELBQADggEBACLGnErxOg39DdpXaFOw
qmwaiD8CWtg1ZnmXT1rh/QDCmM140io/ZebOlyDFvVudF4iVlT6E5dKSpgFOUvBI
llA1ndgMLLEVBuqiCMAKWmi5hA47wHs3Q/bARNtXndjGU4SWmzaxkOnjY2dfF5qU
7ur7qgtYdhlx/rc3DaA29O1R2L4A5WFizZShsn0JlTOt6AwXkqlrkrH2jjAkCsKI
oSnv40FdVvj4nDVf6VO6Vq27AkPgwzBXAkkhzC//HYvMSpQWauD4P4uOJD7XGr9/
3NcTAyafvVXEf2mUEx+z4Zp2QhN6cn4o5a8vWSB9xsf3kp+sFBA3Gn0lNL1O4c5b
xiU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:59 2024 by rpki-client on console-ams.rpki-client.org