Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/f0d853-42cc-4a17-81a1-bae1d9eec41a/1/xICVdzzobHefK9yyLI3BuFdX27Y.roa
File:                     xICVdzzobHefK9yyLI3BuFdX27Y.roa (raw, json)
Hash identifier:          pAqdCId5nCjmVhAtzNsbSxW+dfao/UjLUGFKnW6RZOM=
Subject key identifier:   C4:80:95:77:3C:E8:6C:77:9F:2B:DC:B2:2C:8D:C1:B8:57:57:DB:B6
Certificate issuer:       /CN=57c7be29ec13b0ab01897411e86ecf8b0f3b344a
Certificate serial:       018571A793597D867B0E1B79ED0FD5781451
Authority key identifier: 57:C7:BE:29:EC:13:B0:AB:01:89:74:11:E8:6E:CF:8B:0F:3B:34:4A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/V8e-KewTsKsBiXQR6G7Piw87NEo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/f0d853-42cc-4a17-81a1-bae1d9eec41a/1/xICVdzzobHefK9yyLI3BuFdX27Y.roa
Signing time:             Mon 02 Jan 2023 08:44:45 +0000
ROA not before:           Mon 02 Jan 2023 08:44:45 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49821
IP address blocks:        194.1.232.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 14:35:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:a7:93:59:7d:86:7b:0e:1b:79:ed:0f:d5:78:14:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=57c7be29ec13b0ab01897411e86ecf8b0f3b344a
        Validity
            Not Before: Jan  2 08:44:45 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c48095773ce86c779f2bdcb22c8dc1b85757dbb6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:05:f4:55:5b:45:21:a4:bc:27:90:99:fc:1f:
                    7d:f0:4a:bf:c9:25:54:e0:64:f4:67:20:ab:04:4f:
                    e7:b0:b9:7c:2e:3b:73:9a:df:41:a8:88:a5:0c:eb:
                    c7:4f:3a:50:e9:f4:05:3f:f0:0e:e4:06:c2:cb:23:
                    df:7a:7b:3e:04:5e:6c:cd:4b:c5:e3:c9:a1:d5:1f:
                    06:1a:20:25:f6:72:b7:f4:58:03:0f:13:2d:e3:9f:
                    c2:c0:4f:68:88:e9:7a:cf:a8:db:56:61:21:ad:fb:
                    d2:38:f4:11:c0:d1:c7:aa:da:fd:39:62:5c:2a:bf:
                    0d:a2:e7:56:1c:c9:e9:39:45:99:da:aa:23:be:8b:
                    60:c4:7e:75:af:ff:b6:2e:6f:c8:44:ec:23:f6:12:
                    b8:e6:3d:54:eb:2c:3c:42:d4:76:70:a7:cb:29:25:
                    03:17:a5:b0:3d:a3:90:2f:fc:c1:51:77:1f:7d:44:
                    69:d0:16:ba:2b:2e:b1:a7:af:06:6b:58:65:95:eb:
                    a8:d6:45:b2:77:fe:5c:64:43:ca:ec:02:37:06:5d:
                    bf:96:34:9b:7e:2a:a4:e5:cb:ec:0e:7d:d2:8a:db:
                    f1:b0:24:28:37:69:6a:5c:c3:55:cf:6e:1f:13:38:
                    88:58:51:bb:33:53:49:32:6f:e0:71:ea:58:eb:6d:
                    36:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:80:95:77:3C:E8:6C:77:9F:2B:DC:B2:2C:8D:C1:B8:57:57:DB:B6
            X509v3 Authority Key Identifier:
                keyid:57:C7:BE:29:EC:13:B0:AB:01:89:74:11:E8:6E:CF:8B:0F:3B:34:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V8e-KewTsKsBiXQR6G7Piw87NEo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/f0d853-42cc-4a17-81a1-bae1d9eec41a/1/xICVdzzobHefK9yyLI3BuFdX27Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/f0d853-42cc-4a17-81a1-bae1d9eec41a/1/V8e-KewTsKsBiXQR6G7Piw87NEo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.1.232.0/22

    Signature Algorithm: sha256WithRSAEncryption
         a2:a1:4c:94:87:ab:15:eb:03:99:97:c5:5e:35:53:49:0e:67:
         a2:ed:e7:34:ea:25:d0:93:6e:50:23:f1:30:9c:6e:c3:ee:dc:
         0e:7b:c1:5f:c6:a6:ee:54:70:33:59:5d:94:9f:83:71:50:19:
         a9:75:87:69:34:16:ce:d2:15:2a:15:9c:2c:7b:60:81:be:1b:
         19:af:58:c2:9d:8d:13:94:a5:39:92:e1:9f:30:f4:37:31:d8:
         6e:85:12:4c:b5:cf:1e:b9:f1:03:de:30:a1:f9:ea:29:48:c7:
         04:34:55:0b:2d:52:83:41:d2:cf:23:7a:18:4e:14:7b:eb:7a:
         12:95:ef:e4:41:85:c2:3f:17:b2:dd:87:d5:af:39:80:f5:98:
         46:b1:c2:02:dd:e6:1a:c2:9c:e6:c2:71:be:47:0c:72:a5:5b:
         80:74:a2:1b:17:fe:c8:bd:49:98:a9:57:c5:07:87:bd:ef:4d:
         91:2d:80:10:14:41:d8:af:34:f7:9a:94:db:67:a3:cb:b8:f9:
         22:37:85:48:1c:ef:a0:ea:48:a5:20:77:22:d9:fa:c2:1c:cb:
         15:68:1f:8b:57:b4:6d:02:22:d2:30:4c:3b:52:8a:61:da:7d:
         7b:cd:71:0f:26:87:71:49:2a:6c:42:4a:4a:c9:05:93:f9:d9:
         66:4d:d2:05
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxp5NZfYZ7Dht57Q/VeBRRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3YzdiZTI5ZWMxM2IwYWIwMTg5NzQxMWU4NmVjZjhiMGYz
YjM0NGEwHhcNMjMwMTAyMDg0NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDgwOTU3NzNjZTg2Yzc3OWYyYmRjYjIyYzhkYzFiODU3NTdkYmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlAX0VVtFIaS8J5CZ/B998Eq/ySVU
4GT0ZyCrBE/nsLl8Ljtzmt9BqIilDOvHTzpQ6fQFP/AO5AbCyyPfens+BF5szUvF
48mh1R8GGiAl9nK39FgDDxMt45/CwE9oiOl6z6jbVmEhrfvSOPQRwNHHqtr9OWJc
Kr8NoudWHMnpOUWZ2qojvotgxH51r/+2Lm/IROwj9hK45j1U6yw8QtR2cKfLKSUD
F6WwPaOQL/zBUXcffURp0Ba6Ky6xp68Ga1hlleuo1kWyd/5cZEPK7AI3Bl2/ljSb
fiqk5cvsDn3SitvxsCQoN2lqXMNVz24fEziIWFG7M1NJMm/gcepY6202SwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMSAlXc86Gx3nyvcsiyNwbhXV9u2MB8GA1UdIwQY
MBaAFFfHvinsE7CrAYl0Eehuz4sPOzRKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjhlLUtld1RzS3NCaVhRUjZHN1Bpdzg3TkVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9mMGQ4NTMtNDJjYy00YTE3LTgxYTEt
YmFlMWQ5ZWVjNDFhLzEveElDVmR6em9iSGVmSzl5eUxJM0J1RmRYMjdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9mMGQ4NTMtNDJjYy00YTE3LTgxYTEtYmFlMWQ5ZWVjNDFh
LzEvVjhlLUtld1RzS3NCaVhRUjZHN1Bpdzg3TkVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwgHoMA0G
CSqGSIb3DQEBCwUAA4IBAQCioUyUh6sV6wOZl8VeNVNJDmei7ec06iXQk25QI/Ew
nG7D7twOe8FfxqbuVHAzWV2Un4NxUBmpdYdpNBbO0hUqFZwse2CBvhsZr1jCnY0T
lKU5kuGfMPQ3MdhuhRJMtc8eufED3jCh+eopSMcENFULLVKDQdLPI3oYThR763oS
le/kQYXCPxey3YfVrzmA9ZhGscIC3eYawpzmwnG+RwxypVuAdKIbF/7IvUmYqVfF
B4e9702RLYAQFEHYrzT3mpTbZ6PLuPkiN4VIHO+g6kilIHci2frCHMsVaB+LV7Rt
AiLSMEw7Uoph2n17zXEPJodxSSpsQkpKyQWT+dlmTdIF
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:53 2024 by rpki-client on console-ams.rpki-client.org