Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/9c2508-f69b-444b-b860-dc0e81a9d7b4/1/xioZa6jRskvU896OG2hputbiRf0.roa
File:                     xioZa6jRskvU896OG2hputbiRf0.roa (raw, json)
Hash identifier:          DNMOcGYR1mVpTI8sXkpRY/9Ie5dUWv9OxyjRK8z6+Sw=
Subject key identifier:   C6:2A:19:6B:A8:D1:B2:4B:D4:F3:DE:8E:1B:68:69:BA:D6:E2:45:FD
Certificate issuer:       /CN=32ad80d411acb93685f558aa7e12f46bd170a7fb
Certificate serial:       01856DCAE33288407B94E21E2DB30516BD64
Authority key identifier: 32:AD:80:D4:11:AC:B9:36:85:F5:58:AA:7E:12:F4:6B:D1:70:A7:FB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Mq2A1BGsuTaF9ViqfhL0a9Fwp_s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/9c2508-f69b-444b-b860-dc0e81a9d7b4/1/xioZa6jRskvU896OG2hputbiRf0.roa
Signing time:             Sun 01 Jan 2023 14:44:51 +0000
ROA not before:           Sun 01 Jan 2023 14:44:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     16509
IP address blocks:        147.189.19.0/24 maxlen: 24
                          147.189.18.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 24 Apr 2023 17:54:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:ca:e3:32:88:40:7b:94:e2:1e:2d:b3:05:16:bd:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=32ad80d411acb93685f558aa7e12f46bd170a7fb
        Validity
            Not Before: Jan  1 14:44:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c62a196ba8d1b24bd4f3de8e1b6869bad6e245fd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:ad:33:3a:1e:13:cc:06:ae:5a:c5:bb:e9:c2:
                    a8:6f:9c:de:ea:b8:3e:02:90:6b:b2:50:c6:0c:8c:
                    3d:ab:f3:46:49:30:57:e3:55:88:e6:0e:3a:85:69:
                    c8:2c:21:c2:8d:38:56:c1:45:34:35:05:eb:68:ef:
                    34:d3:f7:49:92:3a:b3:8d:e3:27:5b:5f:9f:4d:a6:
                    e7:47:b1:b1:69:83:33:bd:bf:32:21:77:82:63:6b:
                    6f:f3:e8:db:89:0a:8b:8d:ea:70:ab:93:47:58:7d:
                    02:46:34:a4:aa:e1:a0:97:dd:7e:5c:98:08:fa:33:
                    a0:c8:cb:54:ab:91:9f:d0:06:81:ae:fe:4d:9c:7a:
                    8b:22:c3:e4:57:61:c7:b3:39:e0:76:8a:6d:12:88:
                    96:10:b6:ec:ee:d9:8e:9b:df:3a:52:13:10:84:8a:
                    ba:f0:d6:21:a3:9c:58:8a:63:36:2b:2a:a7:50:f2:
                    1f:6f:f9:c1:c1:8c:64:a7:91:75:b3:4d:93:3d:b0:
                    7b:5a:30:aa:df:b8:7b:ef:8c:07:0e:1e:1d:a5:9e:
                    4b:bb:77:87:f4:ea:e0:ba:fd:bb:6c:49:84:88:73:
                    87:40:1a:1e:d9:47:63:27:95:9b:59:03:34:ec:8b:
                    c2:a2:28:35:ab:19:98:67:92:95:6c:63:98:14:a5:
                    9b:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:2A:19:6B:A8:D1:B2:4B:D4:F3:DE:8E:1B:68:69:BA:D6:E2:45:FD
            X509v3 Authority Key Identifier:
                keyid:32:AD:80:D4:11:AC:B9:36:85:F5:58:AA:7E:12:F4:6B:D1:70:A7:FB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mq2A1BGsuTaF9ViqfhL0a9Fwp_s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/9c2508-f69b-444b-b860-dc0e81a9d7b4/1/xioZa6jRskvU896OG2hputbiRf0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/9c2508-f69b-444b-b860-dc0e81a9d7b4/1/Mq2A1BGsuTaF9ViqfhL0a9Fwp_s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  147.189.18.0/23

    Signature Algorithm: sha256WithRSAEncryption
         6f:60:1d:fb:95:2a:03:26:f2:1f:26:1f:e0:b3:b0:31:43:f5:
         75:72:e4:3b:a3:1c:51:fb:f4:74:0f:3a:e6:20:ff:0a:2b:66:
         57:f6:48:c3:6d:79:2b:1f:f5:aa:da:cb:c4:c5:71:aa:46:77:
         79:24:d1:e6:07:3f:73:ac:8d:2a:ba:53:80:80:f8:58:d5:84:
         66:d0:81:ff:66:36:b8:4c:dc:c2:18:59:07:91:dc:6a:5e:39:
         f8:ba:e4:24:82:09:ee:e8:1e:19:5b:80:5f:cf:6b:9f:ff:a9:
         7f:ee:c2:88:ae:87:7d:51:51:c8:85:fb:e8:32:e6:92:3b:94:
         9e:db:f5:aa:17:1f:fd:a8:f7:2c:dd:68:10:2b:d9:ab:67:2b:
         38:a2:f3:cf:88:c5:6a:78:0e:cf:7b:90:45:2d:08:2e:3b:45:
         89:80:5f:c8:4b:11:36:fc:66:31:03:6b:ad:73:70:0f:c1:29:
         b9:eb:8c:ae:c9:87:78:bb:16:57:d5:de:48:02:70:0a:8b:38:
         e5:d9:70:2d:2a:55:33:3e:92:71:9e:9a:fd:89:f1:39:e5:93:
         7a:84:99:57:88:52:bc:33:ab:4a:46:5b:71:0c:86:6e:a2:93:
         4b:e4:56:17:3a:f8:05:14:1b:76:d5:3c:ea:8c:11:78:fe:d2:
         4c:d5:f8:bc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtyuMyiEB7lOIeLbMFFr1kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyYWQ4MGQ0MTFhY2I5MzY4NWY1NThhYTdlMTJmNDZiZDE3
MGE3ZmIwHhcNMjMwMTAxMTQ0NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjJhMTk2YmE4ZDFiMjRiZDRmM2RlOGUxYjY4NjliYWQ2ZTI0NWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAga0zOh4TzAauWsW76cKob5ze6rg+
ApBrslDGDIw9q/NGSTBX41WI5g46hWnILCHCjThWwUU0NQXraO800/dJkjqzjeMn
W1+fTabnR7GxaYMzvb8yIXeCY2tv8+jbiQqLjepwq5NHWH0CRjSkquGgl91+XJgI
+jOgyMtUq5Gf0AaBrv5NnHqLIsPkV2HHszngdoptEoiWELbs7tmOm986UhMQhIq6
8NYho5xYimM2KyqnUPIfb/nBwYxkp5F1s02TPbB7WjCq37h774wHDh4dpZ5Lu3eH
9Orguv27bEmEiHOHQBoe2UdjJ5WbWQM07IvCoig1qxmYZ5KVbGOYFKWbowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMYqGWuo0bJL1PPejhtoabrW4kX9MB8GA1UdIwQY
MBaAFDKtgNQRrLk2hfVYqn4S9GvRcKf7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXEyQTFCR3N1VGFGOVZpcWZoTDBhOUZ3cF9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS85YzI1MDgtZjY5Yi00NDRiLWI4NjAt
ZGMwZTgxYTlkN2I0LzEveGlvWmE2alJza3ZVODk2T0cyaHB1dGJpUmYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS85YzI1MDgtZjY5Yi00NDRiLWI4NjAtZGMwZTgxYTlkN2I0
LzEvTXEyQTFCR3N1VGFGOVZpcWZoTDBhOUZ3cF9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBk70SMA0G
CSqGSIb3DQEBCwUAA4IBAQBvYB37lSoDJvIfJh/gs7AxQ/V1cuQ7oxxR+/R0Dzrm
IP8KK2ZX9kjDbXkrH/Wq2svExXGqRnd5JNHmBz9zrI0qulOAgPhY1YRm0IH/Zja4
TNzCGFkHkdxqXjn4uuQkggnu6B4ZW4Bfz2uf/6l/7sKIrod9UVHIhfvoMuaSO5Se
2/WqFx/9qPcs3WgQK9mrZys4ovPPiMVqeA7Pe5BFLQguO0WJgF/ISxE2/GYxA2ut
c3APwSm564yuyYd4uxZX1d5IAnAKizjl2XAtKlUzPpJxnpr9ifE55ZN6hJlXiFK8
M6tKRltxDIZuopNL5FYXOvgFFBt21TzqjBF4/tJM1fi8
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:00 2024 by rpki-client on console-ams.rpki-client.org