Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/c7c51d-4f90-4087-a13a-f3c1a9a11d73/1/AQA04uE27JOCqGDdq30GNdZukEc.roa
File:                     AQA04uE27JOCqGDdq30GNdZukEc.roa (raw, json)
Hash identifier:          MvIg8h/9wGAnX8EuMquc2cWjup037BCQwQjVbcTYUiI=
Subject key identifier:   01:00:34:E2:E1:36:EC:93:82:A8:60:DD:AB:7D:06:35:D6:6E:90:47
Certificate issuer:       /CN=9c47ee73c28780b12f152cfa259ade3d8ae0d13b
Certificate serial:       018570CBECBD5849E299D90EEABEBCB69197
Authority key identifier: 9C:47:EE:73:C2:87:80:B1:2F:15:2C:FA:25:9A:DE:3D:8A:E0:D1:3B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nEfuc8KHgLEvFSz6JZrePYrg0Ts.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/c7c51d-4f90-4087-a13a-f3c1a9a11d73/1/AQA04uE27JOCqGDdq30GNdZukEc.roa
Signing time:             Mon 02 Jan 2023 04:44:50 +0000
ROA not before:           Mon 02 Jan 2023 04:44:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     59962
IP address blocks:        194.33.104.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:29:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:cb:ec:bd:58:49:e2:99:d9:0e:ea:be:bc:b6:91:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9c47ee73c28780b12f152cfa259ade3d8ae0d13b
        Validity
            Not Before: Jan  2 04:44:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=010034e2e136ec9382a860ddab7d0635d66e9047
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:d9:75:19:da:1c:30:63:77:bc:e4:6b:a3:02:
                    a9:f0:12:84:ed:1b:14:e8:ed:6e:43:78:99:b1:34:
                    fb:cb:6b:9b:dd:54:b4:bb:27:27:a0:a9:1c:22:e5:
                    b6:ac:97:05:c9:b5:74:2d:dc:16:47:e3:d9:6b:e1:
                    b2:a5:de:88:ae:e9:4d:26:a9:ad:76:70:85:d5:7b:
                    c1:b8:37:05:9e:80:c0:4e:04:41:09:87:e7:8e:ab:
                    8c:5e:11:1e:05:ef:03:77:f1:93:be:0a:65:09:e2:
                    f5:86:77:55:b3:92:e3:73:ad:45:4b:08:d4:bf:57:
                    43:22:9a:e1:22:3a:7a:8f:af:b9:93:aa:aa:17:8f:
                    24:24:5e:51:a4:51:70:50:79:a5:4d:15:3a:1c:a4:
                    77:a1:82:ac:c6:b2:ce:cb:e1:85:e0:01:ba:f5:1c:
                    31:7a:7c:bd:b8:e2:7b:c3:23:41:14:3a:e1:8b:c4:
                    b7:9a:42:54:8f:98:33:18:64:35:da:ed:ff:e4:e9:
                    bb:12:8a:ff:6b:98:84:32:f5:53:7b:38:fc:e7:a4:
                    3e:b2:63:da:d4:f2:2f:31:1d:4e:87:e4:3b:93:da:
                    b1:53:53:25:5d:d9:58:d6:24:bd:00:78:e3:80:28:
                    70:39:df:47:72:50:9a:4c:4c:9f:d2:08:20:ba:30:
                    04:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:00:34:E2:E1:36:EC:93:82:A8:60:DD:AB:7D:06:35:D6:6E:90:47
            X509v3 Authority Key Identifier:
                keyid:9C:47:EE:73:C2:87:80:B1:2F:15:2C:FA:25:9A:DE:3D:8A:E0:D1:3B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nEfuc8KHgLEvFSz6JZrePYrg0Ts.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/c7c51d-4f90-4087-a13a-f3c1a9a11d73/1/AQA04uE27JOCqGDdq30GNdZukEc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/c7c51d-4f90-4087-a13a-f3c1a9a11d73/1/nEfuc8KHgLEvFSz6JZrePYrg0Ts.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.33.104.0/24

    Signature Algorithm: sha256WithRSAEncryption
         35:d0:8f:aa:40:74:e6:63:7a:f3:d0:8c:f2:d6:8b:60:18:5c:
         6c:7d:e6:a2:22:05:d1:78:7d:da:5f:df:d4:2f:d7:66:ed:9a:
         31:07:67:b3:0a:0a:83:a4:2c:a2:e3:c5:45:ba:49:cb:0f:3e:
         2d:0f:c3:4b:8f:fa:61:14:cf:41:35:3c:4d:fd:17:89:0a:ea:
         ae:49:2a:e1:b3:90:f8:3e:f1:72:c7:c7:2b:99:c2:16:22:ec:
         d9:f4:a6:38:e5:71:93:df:e0:17:14:1c:c3:94:98:6c:5d:a9:
         a9:99:2d:ea:af:95:2c:95:56:dc:03:96:e7:b3:39:87:1e:72:
         95:b7:cb:fa:c5:bd:ce:ac:b4:49:36:9d:d8:9f:d1:25:e7:9b:
         51:b3:63:a5:c4:c9:79:83:31:9e:25:da:e6:f2:d1:1f:9e:11:
         f2:bc:6e:f7:5c:97:ae:54:24:f4:fb:43:22:5e:59:e6:a8:0a:
         06:1b:99:d7:bf:e2:62:ba:18:5a:ea:3e:02:b2:df:0a:d9:f2:
         5a:c6:97:54:e0:68:91:e2:ed:c1:ee:39:dd:1f:df:7f:c2:4c:
         0f:55:d9:ee:3d:b4:b7:00:f1:c0:de:92:54:9b:75:c0:fa:1e:
         3f:56:db:f8:40:c3:64:c8:da:f2:94:ba:6f:20:e6:37:c7:0a:
         d5:9e:30:12
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwy+y9WEnimdkO6r68tpGXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljNDdlZTczYzI4NzgwYjEyZjE1MmNmYTI1OWFkZTNkOGFl
MGQxM2IwHhcNMjMwMTAyMDQ0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTAwMzRlMmUxMzZlYzkzODJhODYwZGRhYjdkMDYzNWQ2NmU5MDQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArNl1GdocMGN3vORrowKp8BKE7RsU
6O1uQ3iZsTT7y2ub3VS0uycnoKkcIuW2rJcFybV0LdwWR+PZa+Gypd6IrulNJqmt
dnCF1XvBuDcFnoDATgRBCYfnjquMXhEeBe8Dd/GTvgplCeL1hndVs5Ljc61FSwjU
v1dDIprhIjp6j6+5k6qqF48kJF5RpFFwUHmlTRU6HKR3oYKsxrLOy+GF4AG69Rwx
eny9uOJ7wyNBFDrhi8S3mkJUj5gzGGQ12u3/5Om7Eor/a5iEMvVTezj856Q+smPa
1PIvMR1Oh+Q7k9qxU1MlXdlY1iS9AHjjgChwOd9HclCaTEyf0gggujAEiwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAEANOLhNuyTgqhg3at9BjXWbpBHMB8GA1UdIwQY
MBaAFJxH7nPCh4CxLxUs+iWa3j2K4NE7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkVmdWM4S0hnTEV2RlN6NkpacmVQWXJnMFRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9jN2M1MWQtNGY5MC00MDg3LWExM2Et
ZjNjMWE5YTExZDczLzEvQVFBMDR1RTI3Sk9DcUdEZHEzMEdOZFp1a0VjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9jN2M1MWQtNGY5MC00MDg3LWExM2EtZjNjMWE5YTExZDcz
LzEvbkVmdWM4S0hnTEV2RlN6NkpacmVQWXJnMFRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwiFoMA0G
CSqGSIb3DQEBCwUAA4IBAQA10I+qQHTmY3rz0Izy1otgGFxsfeaiIgXReH3aX9/U
L9dm7ZoxB2ezCgqDpCyi48VFuknLDz4tD8NLj/phFM9BNTxN/ReJCuquSSrhs5D4
PvFyx8crmcIWIuzZ9KY45XGT3+AXFBzDlJhsXampmS3qr5UslVbcA5bnszmHHnKV
t8v6xb3OrLRJNp3Yn9El55tRs2OlxMl5gzGeJdrm8tEfnhHyvG73XJeuVCT0+0Mi
XlnmqAoGG5nXv+Jiuhha6j4Cst8K2fJaxpdU4GiR4u3B7jndH99/wkwPVdnuPbS3
APHA3pJUm3XA+h4/Vtv4QMNkyNrylLpvIOY3xwrVnjAS
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:39 2024 by rpki-client on console-fra.rpki-client.org