Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/I86Xw5H5CxY6gCoN9pIplKnx6is.roa
File:                     I86Xw5H5CxY6gCoN9pIplKnx6is.roa (raw, json)
Hash identifier:          bFvtPclTnlKqtBOQVCH9koVWVT48ivIAHIpz8cJ/AL8=
Subject key identifier:   23:CE:97:C3:91:F9:0B:16:3A:80:2A:0D:F6:92:29:94:A9:F1:EA:2B
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       018A5FF40F9524CF03931AB04AC998ED6BC3
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/I86Xw5H5CxY6gCoN9pIplKnx6is.roa
Signing time:             Mon 04 Sep 2023 11:29:04 +0000
ROA not before:           Mon 04 Sep 2023 11:29:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     47890
IP address blocks:        193.37.41.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:29:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:5f:f4:0f:95:24:cf:03:93:1a:b0:4a:c9:98:ed:6b:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Sep  4 11:29:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=23ce97c391f90b163a802a0df6922994a9f1ea2b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:14:51:f1:c9:9f:43:b6:e8:f9:a9:44:1e:c3:
                    b3:61:62:ea:c2:ce:75:80:07:c6:15:7f:86:8f:d2:
                    80:4d:24:b1:7a:9e:a6:fd:01:d8:2d:8c:8c:49:8f:
                    d2:77:c0:4f:00:48:41:a7:47:b7:0e:8c:25:15:55:
                    63:78:23:d8:18:3c:35:89:45:28:e4:f3:c3:86:c7:
                    7b:7b:50:e4:4f:b6:83:6c:46:3d:10:70:e9:ec:5f:
                    b9:2b:80:67:71:c3:7f:9a:cf:bb:76:a3:72:95:8f:
                    45:36:3d:c9:3b:b8:3d:05:60:02:55:9b:84:52:6e:
                    8c:f5:5d:72:d2:cd:f5:b2:5c:54:f0:70:6b:7f:c9:
                    f6:27:f5:5f:40:86:d6:13:a9:27:4e:6d:fb:d3:d5:
                    b3:e4:85:54:ca:29:7d:db:dd:86:f6:ae:e6:0b:9e:
                    52:e9:ad:53:96:f5:0a:34:d4:58:8b:c4:23:06:19:
                    25:5b:4e:a5:b3:fb:ca:13:58:50:0f:63:ca:69:22:
                    9d:e5:21:17:8d:20:1f:23:1b:02:ff:35:05:0a:a3:
                    a0:96:6f:47:36:b1:b4:5e:2f:a2:fb:78:3b:8b:dc:
                    0a:60:00:0b:fc:c5:3f:8f:86:d3:87:c7:58:f7:01:
                    e5:34:98:c8:66:4d:1f:d4:50:c4:27:cf:69:88:69:
                    86:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:CE:97:C3:91:F9:0B:16:3A:80:2A:0D:F6:92:29:94:A9:F1:EA:2B
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/I86Xw5H5CxY6gCoN9pIplKnx6is.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.37.41.0/24

    Signature Algorithm: sha256WithRSAEncryption
         89:df:5d:fc:84:ae:83:54:8a:c6:79:91:1e:c9:7b:64:e8:c4:
         eb:91:38:36:33:ff:77:23:7c:47:92:cf:c7:23:e0:62:fe:97:
         18:0d:fd:c3:38:31:ff:86:fe:3e:7a:34:0c:20:cc:75:79:14:
         e7:65:ba:02:af:9d:cd:3f:18:11:9c:fe:0e:2b:d8:05:3d:2c:
         e4:d1:2a:fd:a5:21:d9:bf:d7:d2:3b:8f:59:0f:cc:83:bb:89:
         cf:18:ff:b1:59:a0:6c:2c:df:07:fb:c7:cc:d3:d6:b6:9a:50:
         a7:c8:d9:b3:12:f4:15:bd:e5:06:ae:95:21:a0:24:28:fa:0e:
         c8:a9:21:fd:13:5d:00:ee:d4:33:3b:e4:40:5b:61:50:04:fd:
         0a:75:4b:1f:68:fc:db:cb:54:f9:2f:57:47:3c:c5:84:9f:d9:
         87:3e:bc:ad:0a:f8:83:8f:9a:f4:65:62:2f:97:72:c6:bf:5a:
         55:8b:3a:5e:40:0e:65:79:3b:af:d7:86:42:61:38:27:22:0c:
         c2:33:19:c0:62:3e:32:3b:c0:38:aa:7d:5e:75:47:4c:d9:7b:
         7f:ab:05:e6:8e:e0:c1:c1:32:c7:43:27:2f:85:45:b6:59:f0:
         4f:f1:8b:23:05:6c:78:93:29:59:db:a5:87:3c:01:44:df:3e:
         9b:e9:9a:53
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYpf9A+VJM8DkxqwSsmY7WvDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwOTA0MTEyOTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2NlOTdjMzkxZjkwYjE2M2E4MDJhMGRmNjkyMjk5NGE5ZjFlYTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3RRR8cmfQ7bo+alEHsOzYWLqws51
gAfGFX+Gj9KATSSxep6m/QHYLYyMSY/Sd8BPAEhBp0e3DowlFVVjeCPYGDw1iUUo
5PPDhsd7e1DkT7aDbEY9EHDp7F+5K4BnccN/ms+7dqNylY9FNj3JO7g9BWACVZuE
Um6M9V1y0s31slxU8HBrf8n2J/VfQIbWE6knTm3709Wz5IVUyil9292G9q7mC55S
6a1TlvUKNNRYi8QjBhklW06ls/vKE1hQD2PKaSKd5SEXjSAfIxsC/zUFCqOglm9H
NrG0Xi+i+3g7i9wKYAAL/MU/j4bTh8dY9wHlNJjIZk0f1FDEJ89piGmGRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCPOl8OR+QsWOoAqDfaSKZSp8eorMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvSTg2WHc1SDVDeFk2Z0NvTjlwSXBsS254NmlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSUpMA0G
CSqGSIb3DQEBCwUAA4IBAQCJ3138hK6DVIrGeZEeyXtk6MTrkTg2M/93I3xHks/H
I+Bi/pcYDf3DODH/hv4+ejQMIMx1eRTnZboCr53NPxgRnP4OK9gFPSzk0Sr9pSHZ
v9fSO49ZD8yDu4nPGP+xWaBsLN8H+8fM09a2mlCnyNmzEvQVveUGrpUhoCQo+g7I
qSH9E10A7tQzO+RAW2FQBP0KdUsfaPzby1T5L1dHPMWEn9mHPrytCviDj5r0ZWIv
l3LGv1pVizpeQA5leTuv14ZCYTgnIgzCMxnAYj4yO8A4qn1edUdM2Xt/qwXmjuDB
wTLHQycvhUW2WfBP8YsjBWx4kylZ26WHPAFE3z6b6ZpT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:04 2024 by rpki-client on console-fra.rpki-client.org