Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/0f24dd-ef4a-4dbf-b20d-b039c24b99ca/1/fDvp_x0pcbRHv_EvKw0-NtN4qBw.roa
File:                     fDvp_x0pcbRHv_EvKw0-NtN4qBw.roa (raw, json)
Hash identifier:          I+cuQdXdiZ9yD+RUEM4pi+EiFPd8Gw1u/mO5PDIzlLs=
Subject key identifier:   7C:3B:E9:FF:1D:29:71:B4:47:BF:F1:2F:2B:0D:3E:36:D3:78:A8:1C
Certificate issuer:       /CN=64aec8024caa103a8412696c7e72f77803cd8695
Certificate serial:       018570DE6019FD54BEAC662E2C2D88FF74DB
Authority key identifier: 64:AE:C8:02:4C:AA:10:3A:84:12:69:6C:7E:72:F7:78:03:CD:86:95
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZK7IAkyqEDqEEmlsfnL3eAPNhpU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/11/0f24dd-ef4a-4dbf-b20d-b039c24b99ca/1/fDvp_x0pcbRHv_EvKw0-NtN4qBw.roa
Signing time:             Mon 02 Jan 2023 05:04:59 +0000
ROA not before:           Mon 02 Jan 2023 05:04:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     15525
IP address blocks:        193.43.40.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:29:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:de:60:19:fd:54:be:ac:66:2e:2c:2d:88:ff:74:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=64aec8024caa103a8412696c7e72f77803cd8695
        Validity
            Not Before: Jan  2 05:04:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7c3be9ff1d2971b447bff12f2b0d3e36d378a81c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:84:14:a7:30:98:98:75:5a:ce:9e:c9:36:40:
                    19:4b:41:65:e7:f0:1b:0d:64:90:4c:62:4f:b2:b9:
                    8d:72:02:3a:2c:3b:64:71:c3:c2:df:f5:44:be:7c:
                    07:58:10:b7:b4:71:6d:91:09:4e:6e:10:87:e8:0a:
                    40:c3:2c:c5:9a:e4:74:23:f7:03:e3:0a:bc:52:38:
                    0d:53:60:79:06:cf:e6:2e:0e:86:73:73:ca:21:45:
                    3f:f6:25:e8:23:d1:6f:3a:f6:13:30:98:5e:ae:d2:
                    bc:59:cf:7f:36:ff:b0:10:1f:bd:92:84:7b:15:d1:
                    db:ff:0d:c1:44:b4:5b:9c:dd:b2:9c:a6:1c:3e:d5:
                    81:f0:17:a9:dd:ba:d1:3b:25:16:ea:9a:f0:71:30:
                    40:d4:50:d1:61:6d:7f:09:00:ff:12:53:0c:30:8b:
                    01:a5:06:d2:18:ca:3e:5f:65:8e:eb:b5:21:10:6b:
                    2a:c9:4c:30:92:a9:6f:f0:4b:bd:24:99:fd:ed:4f:
                    41:14:42:14:6e:21:1a:a0:61:22:4e:63:30:ce:fe:
                    85:ee:60:54:e8:e8:b7:51:58:e5:9b:44:8e:f8:24:
                    b4:38:c7:17:6b:8f:f9:58:7c:13:9b:eb:49:75:5b:
                    cf:9e:81:fc:a6:0e:cf:a6:49:ac:7b:67:79:1f:da:
                    1d:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:3B:E9:FF:1D:29:71:B4:47:BF:F1:2F:2B:0D:3E:36:D3:78:A8:1C
            X509v3 Authority Key Identifier:
                keyid:64:AE:C8:02:4C:AA:10:3A:84:12:69:6C:7E:72:F7:78:03:CD:86:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZK7IAkyqEDqEEmlsfnL3eAPNhpU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/0f24dd-ef4a-4dbf-b20d-b039c24b99ca/1/fDvp_x0pcbRHv_EvKw0-NtN4qBw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/11/0f24dd-ef4a-4dbf-b20d-b039c24b99ca/1/ZK7IAkyqEDqEEmlsfnL3eAPNhpU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.43.40.0/24

    Signature Algorithm: sha256WithRSAEncryption
         67:5f:97:a6:09:9a:47:0e:ee:ff:71:ae:d8:21:9e:67:70:53:
         17:26:ff:3b:42:fd:41:52:f1:4e:f9:65:4b:bf:58:65:9f:b2:
         22:93:d1:42:79:46:6b:e6:09:2f:a1:21:85:49:63:74:a7:8f:
         47:a5:ef:b7:92:ec:09:c5:09:c9:22:15:e4:93:a7:ce:62:a2:
         a0:86:73:a1:af:94:0b:c9:c7:b8:54:41:a9:65:67:e6:0d:76:
         53:4f:22:c6:a2:6e:b9:0e:24:70:91:60:dd:b6:6a:eb:e3:82:
         d4:e9:72:58:96:9b:c8:e0:76:ca:52:c8:f4:01:65:35:2f:9b:
         85:f9:ca:b8:59:68:e9:02:98:f6:f1:25:08:52:db:93:49:b8:
         af:25:15:52:0f:b7:ed:9b:9d:93:dc:99:3d:cd:82:0c:de:aa:
         cb:ac:3b:42:b4:45:1b:88:38:2f:30:79:36:b9:5a:ca:f9:a2:
         19:42:56:93:c5:9f:72:6f:25:e5:1f:54:2f:2c:37:ac:0f:04:
         4d:a4:1c:d6:40:89:f6:e4:54:e5:23:dc:93:32:b4:d7:10:d0:
         50:19:ee:99:9f:62:49:ca:75:ed:56:8c:32:dd:0e:f6:e8:ea:
         92:45:f1:ab:79:e9:ae:2b:8f:e9:03:62:02:d1:8b:70:02:79:
         99:3c:b9:de
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw3mAZ/VS+rGYuLC2I/3TbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0YWVjODAyNGNhYTEwM2E4NDEyNjk2YzdlNzJmNzc4MDNj
ZDg2OTUwHhcNMjMwMTAyMDUwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzNiZTlmZjFkMjk3MWI0NDdiZmYxMmYyYjBkM2UzNmQzNzhhODFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqYQUpzCYmHVazp7JNkAZS0Fl5/Ab
DWSQTGJPsrmNcgI6LDtkccPC3/VEvnwHWBC3tHFtkQlObhCH6ApAwyzFmuR0I/cD
4wq8UjgNU2B5Bs/mLg6Gc3PKIUU/9iXoI9FvOvYTMJhertK8Wc9/Nv+wEB+9koR7
FdHb/w3BRLRbnN2ynKYcPtWB8Bep3brROyUW6prwcTBA1FDRYW1/CQD/ElMMMIsB
pQbSGMo+X2WO67UhEGsqyUwwkqlv8Eu9JJn97U9BFEIUbiEaoGEiTmMwzv6F7mBU
6Oi3UVjlm0SO+CS0OMcXa4/5WHwTm+tJdVvPnoH8pg7Ppkmse2d5H9oddwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHw76f8dKXG0R7/xLysNPjbTeKgcMB8GA1UdIwQY
MBaAFGSuyAJMqhA6hBJpbH5y93gDzYaVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWks3SUFreXFFRHFFRW1sc2ZuTDNlQVBOaHBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS8wZjI0ZGQtZWY0YS00ZGJmLWIyMGQt
YjAzOWMyNGI5OWNhLzEvZkR2cF94MHBjYlJIdl9Fdkt3MC1OdE40cUJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS8wZjI0ZGQtZWY0YS00ZGJmLWIyMGQtYjAzOWMyNGI5OWNh
LzEvWks3SUFreXFFRHFFRW1sc2ZuTDNlQVBOaHBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSsoMA0G
CSqGSIb3DQEBCwUAA4IBAQBnX5emCZpHDu7/ca7YIZ5ncFMXJv87Qv1BUvFO+WVL
v1hln7Iik9FCeUZr5gkvoSGFSWN0p49Hpe+3kuwJxQnJIhXkk6fOYqKghnOhr5QL
yce4VEGpZWfmDXZTTyLGom65DiRwkWDdtmrr44LU6XJYlpvI4HbKUsj0AWU1L5uF
+cq4WWjpApj28SUIUtuTSbivJRVSD7ftm52T3Jk9zYIM3qrLrDtCtEUbiDgvMHk2
uVrK+aIZQlaTxZ9ybyXlH1QvLDesDwRNpBzWQIn25FTlI9yTMrTXENBQGe6Zn2JJ
ynXtVowy3Q726OqSRfGreemuK4/pA2IC0YtwAnmZPLne
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:33 2024 by rpki-client on console-fra.rpki-client.org