Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/iHnQt_dHOvz-eveC_MqQgW0jZGE.roa
File:                     iHnQt_dHOvz-eveC_MqQgW0jZGE.roa (raw, json)
Hash identifier:          QjhExLWjgunMnmtxf6jheHIlRJWfMy0fU5c3bocIEf0=
Subject key identifier:   88:79:D0:B7:F7:47:3A:FC:FE:7A:F7:82:FC:CA:90:81:6D:23:64:61
Certificate issuer:       /CN=568fe35cc962633a2757af10a0e6e8ab6d01f4c9
Certificate serial:       018570028D9BAA76064745F854EC9BD3B151
Authority key identifier: 56:8F:E3:5C:C9:62:63:3A:27:57:AF:10:A0:E6:E8:AB:6D:01:F4:C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Vo_jXMliYzonV68QoOboq20B9Mk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/iHnQt_dHOvz-eveC_MqQgW0jZGE.roa
Signing time:             Mon 02 Jan 2023 01:04:53 +0000
ROA not before:           Mon 02 Jan 2023 01:04:53 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     202444
IP address blocks:        193.243.218.0/24 maxlen: 24
                          81.8.23.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:31:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:02:8d:9b:aa:76:06:47:45:f8:54:ec:9b:d3:b1:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=568fe35cc962633a2757af10a0e6e8ab6d01f4c9
        Validity
            Not Before: Jan  2 01:04:53 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8879d0b7f7473afcfe7af782fcca90816d236461
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:cd:1f:c3:1d:0b:74:82:27:fe:58:63:ec:16:
                    4d:02:b5:51:51:d1:12:27:52:c9:c3:30:87:1a:b2:
                    19:2f:e6:70:7e:c9:37:97:b2:7e:fd:52:cf:43:61:
                    fe:a0:c8:0c:54:ed:ae:b2:42:ea:bd:4e:38:d0:6a:
                    4a:29:a9:fd:0c:26:fe:a6:7b:9d:56:50:25:d9:75:
                    03:56:4d:75:41:02:7f:c0:ae:26:71:89:79:c3:48:
                    7f:a3:18:6f:57:09:92:bd:bb:69:11:0a:74:c3:ee:
                    80:01:88:73:ef:5a:ca:8c:ee:3e:3a:08:db:25:92:
                    16:9d:91:a1:52:11:23:97:bf:6e:d8:2a:a3:4a:a5:
                    49:3d:ac:f5:c6:8f:37:cb:b8:44:8f:cc:fd:8e:0c:
                    09:f5:78:af:95:9e:2f:8e:5e:85:5a:8f:a8:96:7f:
                    63:e0:ed:74:81:9c:dd:bf:83:60:e2:7d:ef:47:ff:
                    11:64:1a:95:59:e6:bf:ac:b9:58:6b:f3:e0:d9:a3:
                    ca:99:94:a0:57:19:38:39:63:fb:39:c1:12:73:a5:
                    38:8b:1c:82:c1:43:4b:cc:0c:0d:3d:1d:ad:30:36:
                    2e:fe:1c:5e:46:61:48:5e:a3:21:d4:4d:53:7b:88:
                    a8:39:85:47:7c:48:78:fe:ee:4c:74:74:4c:60:71:
                    3a:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:79:D0:B7:F7:47:3A:FC:FE:7A:F7:82:FC:CA:90:81:6D:23:64:61
            X509v3 Authority Key Identifier:
                keyid:56:8F:E3:5C:C9:62:63:3A:27:57:AF:10:A0:E6:E8:AB:6D:01:F4:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vo_jXMliYzonV68QoOboq20B9Mk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/iHnQt_dHOvz-eveC_MqQgW0jZGE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/08/37ebe6-8bfe-4c1f-a183-83d648f79746/1/Vo_jXMliYzonV68QoOboq20B9Mk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  81.8.23.0/24
                  193.243.218.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a7:19:ab:24:0b:22:99:41:e1:df:f9:0d:44:2c:5a:19:1b:d9:
         e1:cb:11:ce:fd:bb:4e:81:a0:ce:6d:43:d2:f5:36:ba:cb:7c:
         b1:a0:7b:98:7e:e5:e4:21:80:71:65:61:2c:59:38:2d:cd:db:
         a5:c2:53:27:20:60:c4:0c:33:05:86:2b:ca:65:9d:46:22:97:
         5f:01:02:35:5e:04:35:7c:a7:92:eb:6d:2d:da:91:ce:a3:be:
         8b:da:e9:e2:59:fc:32:ba:66:ac:08:ec:26:9b:0c:db:b6:9f:
         a7:80:18:a2:46:fc:c9:aa:f6:50:35:ed:cf:33:33:42:1e:ef:
         95:4e:ce:a3:95:a5:99:48:04:19:92:e9:75:d4:ea:ed:10:e0:
         45:57:08:69:e9:c2:0f:6c:b6:03:36:11:7b:e4:9d:86:74:4d:
         72:35:8b:e4:f3:f5:62:71:0d:31:ea:12:b1:f3:ab:ab:3f:8e:
         50:23:08:5a:5b:5a:c2:4c:ed:83:e9:e9:09:df:18:28:1f:65:
         5e:26:00:b0:6c:e7:a1:85:5b:8b:54:11:c4:71:25:33:68:58:
         18:4a:16:06:a1:36:af:1a:42:ba:e6:cf:c3:7c:79:32:bc:75:
         4d:62:19:be:5e:c7:c3:34:bc:da:2e:45:d9:5d:19:db:6d:73:
         b7:af:14:cc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwAo2bqnYGR0X4VOyb07FRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2OGZlMzVjYzk2MjYzM2EyNzU3YWYxMGEwZTZlOGFiNmQw
MWY0YzkwHhcNMjMwMTAyMDEwNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODc5ZDBiN2Y3NDczYWZjZmU3YWY3ODJmY2NhOTA4MTZkMjM2NDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi80fwx0LdIIn/lhj7BZNArVRUdES
J1LJwzCHGrIZL+Zwfsk3l7J+/VLPQ2H+oMgMVO2uskLqvU440GpKKan9DCb+pnud
VlAl2XUDVk11QQJ/wK4mcYl5w0h/oxhvVwmSvbtpEQp0w+6AAYhz71rKjO4+Ogjb
JZIWnZGhUhEjl79u2CqjSqVJPaz1xo83y7hEj8z9jgwJ9XivlZ4vjl6FWo+oln9j
4O10gZzdv4Ng4n3vR/8RZBqVWea/rLlYa/Pg2aPKmZSgVxk4OWP7OcESc6U4ixyC
wUNLzAwNPR2tMDYu/hxeRmFIXqMh1E1Te4ioOYVHfEh4/u5MdHRMYHE6IQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIh50Lf3Rzr8/nr3gvzKkIFtI2RhMB8GA1UdIwQY
MBaAFFaP41zJYmM6J1evEKDm6KttAfTJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVm9falhNbGlZem9uVjY4UW9PYm9xMjBCOU1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC8zN2ViZTYtOGJmZS00YzFmLWExODMt
ODNkNjQ4Zjc5NzQ2LzEvaUhuUXRfZEhPdnotZXZlQ19NcVFnVzBqWkdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC8zN2ViZTYtOGJmZS00YzFmLWExODMtODNkNjQ4Zjc5NzQ2
LzEvVm9falhNbGlZem9uVjY4UW9PYm9xMjBCOU1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUQgXAwQA
wfPaMA0GCSqGSIb3DQEBCwUAA4IBAQCnGaskCyKZQeHf+Q1ELFoZG9nhyxHO/btO
gaDObUPS9Ta6y3yxoHuYfuXkIYBxZWEsWTgtzdulwlMnIGDEDDMFhivKZZ1GIpdf
AQI1XgQ1fKeS620t2pHOo76L2uniWfwyumasCOwmmwzbtp+ngBiiRvzJqvZQNe3P
MzNCHu+VTs6jlaWZSAQZkul11OrtEOBFVwhp6cIPbLYDNhF75J2GdE1yNYvk8/Vi
cQ0x6hKx86urP45QIwhaW1rCTO2D6ekJ3xgoH2VeJgCwbOehhVuLVBHEcSUzaFgY
ShYGoTavGkK65s/DfHkyvHVNYhm+XsfDNLzaLkXZXRnbbXO3rxTM
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:37 2024 by rpki-client on console-ams.rpki-client.org