Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/9d4274-fb10-42a4-bf9b-1c8be25eb686/1/4SrHq0rgFL2xR-cqbix3jqzDn4k.roa
File:                     4SrHq0rgFL2xR-cqbix3jqzDn4k.roa (raw, json)
Hash identifier:          EU5q0C2UrrJJhg03l2MGlq03mqHEFi8A1P04u7UOEXY=
Subject key identifier:   E1:2A:C7:AB:4A:E0:14:BD:B1:47:E7:2A:6E:2C:77:8E:AC:C3:9F:89
Certificate issuer:       /CN=3918700ea9c7be2df5688affbedd8a4e55392de6
Certificate serial:       018AF55EC80960913450F89DD1A05F9DB87D
Authority key identifier: 39:18:70:0E:A9:C7:BE:2D:F5:68:8A:FF:BE:DD:8A:4E:55:39:2D:E6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ORhwDqnHvi31aIr_vt2KTlU5LeY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0e/9d4274-fb10-42a4-bf9b-1c8be25eb686/1/4SrHq0rgFL2xR-cqbix3jqzDn4k.roa
Signing time:             Tue 03 Oct 2023 11:49:04 +0000
ROA not before:           Tue 03 Oct 2023 11:49:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60650
IP address blocks:        193.53.8.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:31:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:f5:5e:c8:09:60:91:34:50:f8:9d:d1:a0:5f:9d:b8:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3918700ea9c7be2df5688affbedd8a4e55392de6
        Validity
            Not Before: Oct  3 11:49:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e12ac7ab4ae014bdb147e72a6e2c778eacc39f89
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:e1:d7:71:1b:ac:0e:40:cc:54:d8:21:9f:07:
                    79:66:6c:65:e0:a1:e8:fe:60:41:54:d8:44:4a:64:
                    a2:dc:b3:40:46:31:f2:34:3d:6f:82:d6:d7:64:1c:
                    f6:4b:e1:c1:a8:57:22:a1:63:02:c5:fc:d3:da:74:
                    a3:ec:4d:98:6a:17:0e:53:9d:7b:24:7e:65:b7:e6:
                    60:b1:2c:f4:1f:8c:79:44:be:f5:5c:24:db:6a:59:
                    c0:65:d8:d0:17:db:f2:69:87:5d:fd:0d:fb:34:0a:
                    da:6b:1a:a2:e5:61:5e:f0:ef:36:e1:bd:2c:9d:3d:
                    c3:c5:2f:80:94:a7:00:ae:cc:ec:93:2b:8e:ca:8c:
                    c9:1a:fa:f7:bb:e9:b3:56:02:d3:71:46:1c:e2:1d:
                    95:f4:cd:65:9c:65:d8:5f:96:ef:c9:d4:a1:0e:d0:
                    7c:98:41:37:49:7e:85:85:ee:f0:ee:2c:ea:de:bc:
                    08:12:c9:f2:02:62:a2:1d:37:3a:54:46:bc:3b:db:
                    d8:ab:81:59:1d:7e:1e:87:2a:5d:f0:c9:74:b9:61:
                    bd:4b:d3:63:59:3d:cc:bc:fd:bd:84:c9:06:18:d1:
                    00:f3:28:d0:62:6e:de:e6:14:42:48:c6:b5:50:b1:
                    86:7f:52:6b:97:f8:03:4f:ef:63:11:4d:0f:51:08:
                    00:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:2A:C7:AB:4A:E0:14:BD:B1:47:E7:2A:6E:2C:77:8E:AC:C3:9F:89
            X509v3 Authority Key Identifier:
                keyid:39:18:70:0E:A9:C7:BE:2D:F5:68:8A:FF:BE:DD:8A:4E:55:39:2D:E6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ORhwDqnHvi31aIr_vt2KTlU5LeY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/9d4274-fb10-42a4-bf9b-1c8be25eb686/1/4SrHq0rgFL2xR-cqbix3jqzDn4k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/9d4274-fb10-42a4-bf9b-1c8be25eb686/1/ORhwDqnHvi31aIr_vt2KTlU5LeY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.53.8.0/23

    Signature Algorithm: sha256WithRSAEncryption
         45:0f:54:5f:90:54:5e:a9:24:3f:c6:8a:d7:a3:ac:04:bc:5b:
         e9:86:b2:a9:3e:62:8a:c2:42:a9:41:16:f4:6d:fe:b1:c2:07:
         9b:35:ea:b1:c9:e9:34:a2:12:ae:7b:e4:ef:69:e8:fe:94:d7:
         da:4e:df:a2:44:59:43:90:9e:0e:46:31:9c:b2:c3:04:57:15:
         1d:f1:4f:a8:54:04:a1:8d:9d:ec:68:e4:2d:c4:10:11:94:27:
         e2:cf:32:3e:3b:84:ba:19:f1:04:ba:d4:16:61:b9:3f:d3:6d:
         ba:ac:9f:6b:cd:7d:a8:1d:8d:61:c5:44:cf:56:10:44:dd:67:
         40:15:46:89:a2:47:d1:ee:60:95:1a:26:0e:75:8a:ff:6e:8f:
         bf:00:a0:cf:e9:25:0b:38:82:ff:e4:3c:42:c6:52:38:62:63:
         7d:e9:93:e2:2a:19:cd:eb:aa:a6:f9:90:45:57:14:b1:d3:a4:
         e3:71:69:81:c9:e1:8d:7a:45:b4:6f:28:47:8a:23:d4:26:3c:
         7b:90:2c:4d:31:18:84:ba:bb:fe:5a:c4:9d:74:5d:49:29:30:
         d5:0d:30:46:26:23:f5:b6:bc:74:de:5e:2d:ea:62:02:86:10:
         63:52:3f:41:51:2b:7a:da:3f:3b:a3:3b:9b:df:61:c1:10:37:
         24:3e:08:46
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYr1XsgJYJE0UPid0aBfnbh9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MTg3MDBlYTljN2JlMmRmNTY4OGFmZmJlZGQ4YTRlNTUz
OTJkZTYwHhcNMjMxMDAzMTE0OTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTJhYzdhYjRhZTAxNGJkYjE0N2U3MmE2ZTJjNzc4ZWFjYzM5Zjg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAveHXcRusDkDMVNghnwd5Zmxl4KHo
/mBBVNhESmSi3LNARjHyND1vgtbXZBz2S+HBqFcioWMCxfzT2nSj7E2YahcOU517
JH5lt+ZgsSz0H4x5RL71XCTbalnAZdjQF9vyaYdd/Q37NAraaxqi5WFe8O824b0s
nT3DxS+AlKcArszskyuOyozJGvr3u+mzVgLTcUYc4h2V9M1lnGXYX5bvydShDtB8
mEE3SX6Fhe7w7izq3rwIEsnyAmKiHTc6VEa8O9vYq4FZHX4ehypd8Ml0uWG9S9Nj
WT3MvP29hMkGGNEA8yjQYm7e5hRCSMa1ULGGf1Jrl/gDT+9jEU0PUQgA3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOEqx6tK4BS9sUfnKm4sd46sw5+JMB8GA1UdIwQY
MBaAFDkYcA6px74t9WiK/77dik5VOS3mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1Jod0Rxbkh2aTMxYUlyX3Z0MktUbFU1TGVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS85ZDQyNzQtZmIxMC00MmE0LWJmOWIt
MWM4YmUyNWViNjg2LzEvNFNySHEwcmdGTDJ4Ui1jcWJpeDNqcXpEbjRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS85ZDQyNzQtZmIxMC00MmE0LWJmOWItMWM4YmUyNWViNjg2
LzEvT1Jod0Rxbkh2aTMxYUlyX3Z0MktUbFU1TGVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwTUIMA0G
CSqGSIb3DQEBCwUAA4IBAQBFD1RfkFReqSQ/xorXo6wEvFvphrKpPmKKwkKpQRb0
bf6xwgebNeqxyek0ohKue+Tvaej+lNfaTt+iRFlDkJ4ORjGcssMEVxUd8U+oVASh
jZ3saOQtxBARlCfizzI+O4S6GfEEutQWYbk/0226rJ9rzX2oHY1hxUTPVhBE3WdA
FUaJokfR7mCVGiYOdYr/bo+/AKDP6SULOIL/5DxCxlI4YmN96ZPiKhnN66qm+ZBF
VxSx06TjcWmByeGNekW0byhHiiPUJjx7kCxNMRiEurv+WsSddF1JKTDVDTBGJiP1
trx03l4t6mIChhBjUj9BUSt62j87ozub32HBEDckPghG
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:06 2024 by rpki-client on console-ams.rpki-client.org