Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/cI8JkZPL-XjRXB4pzy136G-5ASU.roa
File:                     cI8JkZPL-XjRXB4pzy136G-5ASU.roa (raw, json)
Hash identifier:          N3t6FO/jTDYl1Y+BqsmT0zElC2dODalJQ3DATxG31ag=
Subject key identifier:   70:8F:09:91:93:CB:F9:78:D1:5C:1E:29:CF:2D:77:E8:6F:B9:01:25
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       018D694E03300516340ACC229A13E84A12C3
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/cI8JkZPL-XjRXB4pzy136G-5ASU.roa
Signing time:             Fri 02 Feb 2024 10:12:16 +0000
ROA not before:           Fri 02 Feb 2024 10:12:16 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     29802
IP address blocks:        93.123.74.0/24 maxlen: 24
                          193.58.122.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 28 Feb 2024 00:03:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:69:4e:03:30:05:16:34:0a:cc:22:9a:13:e8:4a:12:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Feb  2 10:12:16 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=708f099193cbf978d15c1e29cf2d77e86fb90125
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:3d:a2:b1:f3:6e:ac:06:31:69:b6:9d:ca:ca:
                    c2:3f:07:b4:65:c3:c6:c4:3d:1f:9e:b3:03:0f:b8:
                    f3:ef:d8:df:68:ce:15:94:df:cd:dd:f3:47:44:f3:
                    cd:f6:3a:4a:aa:b9:68:34:16:42:dc:d5:80:c7:f1:
                    3d:c1:3c:b6:71:a1:d9:08:b6:bb:03:fb:5a:88:d2:
                    cc:78:ba:d0:ff:de:ae:16:c9:79:c6:77:6f:e5:13:
                    c0:83:b7:dc:50:79:a8:21:f1:bb:29:1a:6d:f7:42:
                    3e:19:29:06:d5:b7:b6:4f:70:0b:dc:16:7f:c6:82:
                    1b:40:35:3f:c2:12:82:4a:2b:84:9c:ed:52:e0:26:
                    22:ea:98:3e:c8:22:58:69:bb:5d:92:bb:dc:b2:a8:
                    0b:c2:80:7c:50:07:73:30:37:99:98:77:68:a6:d4:
                    b8:a4:69:f5:75:60:69:8d:3c:bd:42:e7:f3:a8:a0:
                    de:29:be:56:d3:61:88:34:b1:6b:52:8c:09:c3:1b:
                    0a:4f:a6:cb:df:38:8c:ed:0e:d5:a6:3d:d4:ca:a4:
                    17:5a:ab:83:d3:04:b4:59:c7:e2:47:96:1e:b8:92:
                    40:ef:66:cd:7c:e8:8f:44:3a:98:44:90:c0:68:bb:
                    ee:b8:9d:71:e4:00:ea:93:cb:d5:5c:c8:68:15:a5:
                    1a:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:8F:09:91:93:CB:F9:78:D1:5C:1E:29:CF:2D:77:E8:6F:B9:01:25
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/cI8JkZPL-XjRXB4pzy136G-5ASU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  93.123.74.0/24
                  193.58.122.0/24

    Signature Algorithm: sha256WithRSAEncryption
         39:74:e3:28:a7:2b:e9:31:ed:b6:f5:74:60:6b:3c:54:4d:8b:
         0e:7b:ea:ae:c5:23:4d:e8:17:32:50:f6:fa:69:36:de:bb:a2:
         a8:e4:4f:92:fd:2e:b7:59:ec:fe:01:bd:c7:ba:4a:ae:b6:74:
         fe:7a:6f:72:ac:c1:e9:f0:ac:15:cb:21:4f:01:54:5d:f5:9c:
         aa:8e:b9:b3:64:d7:f4:f1:46:c4:2e:53:fb:73:c2:d2:3b:3f:
         b5:f2:e7:50:d8:4a:0b:45:de:53:58:3b:da:5b:5d:f7:67:0b:
         f4:8e:b3:f2:08:f1:54:ce:c4:6c:6e:d9:56:0e:7e:ba:d0:3a:
         5f:4a:11:d6:a4:20:87:ec:d4:7b:42:e7:b0:de:d0:c3:25:02:
         02:d3:40:28:27:78:92:2f:08:67:38:be:42:dd:a8:7c:36:86:
         a2:5c:87:7d:c0:c1:1f:1d:72:95:90:82:dc:01:d8:51:34:99:
         3f:a8:65:5b:ce:8f:d3:93:7f:cb:69:31:ae:bf:b9:0d:2b:c4:
         41:02:a6:04:ae:11:ec:a4:7e:a9:dc:af:a0:36:c7:be:97:85:
         bf:98:8d:65:c4:12:6c:56:b4:ba:8c:30:2c:83:88:c8:3d:b3:
         dc:ce:db:ba:73:c2:34:4e:51:ec:fb:dc:2b:ec:11:d7:5d:29:
         95:c6:70:96
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY1pTgMwBRY0CswimhPoShLDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMjAyMTAxMjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDhmMDk5MTkzY2JmOTc4ZDE1YzFlMjljZjJkNzdlODZmYjkwMTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoz2isfNurAYxabadysrCPwe0ZcPG
xD0fnrMDD7jz79jfaM4VlN/N3fNHRPPN9jpKqrloNBZC3NWAx/E9wTy2caHZCLa7
A/taiNLMeLrQ/96uFsl5xndv5RPAg7fcUHmoIfG7KRpt90I+GSkG1be2T3AL3BZ/
xoIbQDU/whKCSiuEnO1S4CYi6pg+yCJYabtdkrvcsqgLwoB8UAdzMDeZmHdoptS4
pGn1dWBpjTy9QufzqKDeKb5W02GINLFrUowJwxsKT6bL3ziM7Q7Vpj3UyqQXWquD
0wS0WcfiR5YeuJJA72bNfOiPRDqYRJDAaLvuuJ1x5ADqk8vVXMhoFaUarwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHCPCZGTy/l40VweKc8td+hvuQElMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvY0k4SmtaUEwtWGpSWEI0cHp5MTM2Ry01QVNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXXtKAwQA
wTp6MA0GCSqGSIb3DQEBCwUAA4IBAQA5dOMopyvpMe229XRgazxUTYsOe+quxSNN
6BcyUPb6aTbeu6Ko5E+S/S63Wez+Ab3HukqutnT+em9yrMHp8KwVyyFPAVRd9Zyq
jrmzZNf08UbELlP7c8LSOz+18udQ2EoLRd5TWDvaW133Zwv0jrPyCPFUzsRsbtlW
Dn660DpfShHWpCCH7NR7Quew3tDDJQIC00AoJ3iSLwhnOL5C3ah8NoaiXId9wMEf
HXKVkILcAdhRNJk/qGVbzo/Tk3/LaTGuv7kNK8RBAqYErhHspH6p3K+gNse+l4W/
mI1lxBJsVrS6jDAsg4jIPbPcztu6c8I0TlHs+9wr7BHXXSmVxnCW
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:38 2024 by rpki-client on console-ams.rpki-client.org