Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/krP9s5v10dzT9nbbzattNM_kViw.roa
File:                     krP9s5v10dzT9nbbzattNM_kViw.roa (raw, json)
Hash identifier:          z47hueLWcyhA8bJUW8IRJBebk4vm77rcAzcFQu1afhc=
Subject key identifier:   92:B3:FD:B3:9B:F5:D1:DC:D3:F6:76:DB:CD:AB:6D:34:CF:E4:56:2C
Certificate issuer:       /CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
Certificate serial:       0186507AD563FE5487C7B436E5338AE09485
Authority key identifier: 82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/krP9s5v10dzT9nbbzattNM_kViw.roa
Signing time:             Tue 14 Feb 2023 15:11:12 +0000
ROA not before:           Tue 14 Feb 2023 15:11:12 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     11351
IP address blocks:        193.31.74.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:50:7a:d5:63:fe:54:87:c7:b4:36:e5:33:8a:e0:94:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
        Validity
            Not Before: Feb 14 15:11:12 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=92b3fdb39bf5d1dcd3f676dbcdab6d34cfe4562c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:3d:7b:e2:01:2c:97:4b:68:c5:f8:0d:02:68:
                    7f:5d:b3:b4:37:23:8c:ee:53:ad:b7:05:5f:18:cc:
                    a9:55:96:b7:67:05:85:02:a3:b6:49:46:89:0f:e4:
                    78:a1:4c:19:6f:be:3d:69:a1:73:f5:15:93:31:96:
                    ca:a1:86:ac:fb:fb:df:87:de:4a:76:bb:ca:20:ba:
                    78:67:4e:d2:7b:19:2f:36:ac:12:f5:c7:3d:1a:5f:
                    fa:03:3f:d9:f4:9a:86:ba:d7:ff:0d:3a:28:a4:a6:
                    f8:5e:2c:06:b9:31:bf:be:cc:f1:3e:2f:30:db:6f:
                    74:19:a0:1e:8a:6b:cd:93:f0:fd:16:52:ca:7a:d0:
                    6a:6b:41:23:14:4b:c1:25:80:7b:a5:f6:37:5d:20:
                    0f:49:8f:f1:47:a9:63:bf:96:1e:cd:09:c2:f1:2e:
                    0a:61:d0:b7:2d:d1:85:e4:c1:44:31:5c:b5:7a:fb:
                    3b:88:79:2f:07:b0:db:a8:ef:2e:6a:6e:2f:0f:4c:
                    8a:b1:25:f7:4e:37:ac:fe:cc:9b:33:32:78:2c:03:
                    c4:9b:46:34:2e:97:6f:1e:e6:c9:0b:3f:70:4e:1d:
                    18:99:85:4e:9b:0e:fd:3a:75:f7:a8:1d:e5:36:92:
                    43:c9:d5:8c:2b:12:39:f1:88:a9:56:9f:62:b8:70:
                    07:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:B3:FD:B3:9B:F5:D1:DC:D3:F6:76:DB:CD:AB:6D:34:CF:E4:56:2C
            X509v3 Authority Key Identifier:
                keyid:82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/krP9s5v10dzT9nbbzattNM_kViw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.31.74.0/24

    Signature Algorithm: sha256WithRSAEncryption
         24:78:d5:34:00:71:4a:74:45:b9:dc:fe:35:08:85:b8:ac:15:
         0c:6a:f3:f6:e5:fe:7e:bc:92:06:79:1d:a5:59:1b:b0:f9:f5:
         e8:04:e5:66:f2:49:2c:21:3c:38:2d:b9:43:dd:ec:93:e3:0a:
         22:41:5e:58:e4:67:3f:dd:36:38:06:bc:bc:e7:53:2c:35:e2:
         3d:91:8a:31:a7:ca:3e:c5:42:cc:0e:c8:8a:73:44:1d:4e:89:
         61:7f:18:33:79:f5:37:5b:0a:55:52:6d:ce:f1:cb:89:dc:f1:
         05:91:d1:bc:33:90:a1:4d:9c:67:26:53:94:ae:65:28:bf:a0:
         e7:c7:f7:5d:ae:3e:b4:57:b5:a2:b4:94:0a:07:1b:81:44:22:
         3b:ca:64:f5:87:be:f9:4c:01:eb:a7:4d:43:71:dd:85:d6:b6:
         41:40:09:53:8e:aa:6c:10:79:b5:17:36:0f:38:a7:10:31:58:
         58:c2:b9:45:1e:3d:1b:79:ea:4b:80:25:13:d2:55:a0:08:6f:
         e7:5a:79:a7:ee:d6:a3:0b:cf:4e:a2:c9:51:7f:cc:17:50:a6:
         14:ab:ed:c0:49:01:78:ab:e6:c1:cb:4b:23:29:31:6b:90:e0:
         72:b8:93:11:8a:23:c6:41:91:be:83:42:c9:d5:07:25:d1:4f:
         24:f9:c0:d9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYZQetVj/lSHx7Q25TOK4JSFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMWEzZjIxZmIwYzI5NGQ2ZDRhNTI5YjJmMWRiZDRiZDEx
MTliZDcwHhcNMjMwMjE0MTUxMTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmIzZmRiMzliZjVkMWRjZDNmNjc2ZGJjZGFiNmQzNGNmZTQ1NjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuD174gEsl0toxfgNAmh/XbO0NyOM
7lOttwVfGMypVZa3ZwWFAqO2SUaJD+R4oUwZb749aaFz9RWTMZbKoYas+/vfh95K
drvKILp4Z07SexkvNqwS9cc9Gl/6Az/Z9JqGutf/DToopKb4XiwGuTG/vszxPi8w
2290GaAeimvNk/D9FlLKetBqa0EjFEvBJYB7pfY3XSAPSY/xR6ljv5YezQnC8S4K
YdC3LdGF5MFEMVy1evs7iHkvB7DbqO8uam4vD0yKsSX3Tjes/sybMzJ4LAPEm0Y0
LpdvHubJCz9wTh0YmYVOmw79OnX3qB3lNpJDydWMKxI58YipVp9iuHAHfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJKz/bOb9dHc0/Z2282rbTTP5FYsMB8GA1UdIwQY
MBaAFIIaPyH7DClNbUpSmy8dvUvREZvXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMt
YjZmMmFjODZlZjI3LzEva3JQOXM1djEwZHpUOW5iYnphdHROTV9rVml3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMtYjZmMmFjODZlZjI3
LzEvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwR9KMA0G
CSqGSIb3DQEBCwUAA4IBAQAkeNU0AHFKdEW53P41CIW4rBUMavP25f5+vJIGeR2l
WRuw+fXoBOVm8kksITw4LblD3eyT4woiQV5Y5Gc/3TY4Bry851MsNeI9kYoxp8o+
xULMDsiKc0QdTolhfxgzefU3WwpVUm3O8cuJ3PEFkdG8M5ChTZxnJlOUrmUov6Dn
x/ddrj60V7WitJQKBxuBRCI7ymT1h775TAHrp01Dcd2F1rZBQAlTjqpsEHm1FzYP
OKcQMVhYwrlFHj0beepLgCUT0lWgCG/nWnmn7tajC89OoslRf8wXUKYUq+3ASQF4
q+bBy0sjKTFrkOByuJMRiiPGQZG+g0LJ1Qcl0U8k+cDZ
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:17 2023 by rpki-client on console-fra.rpki-client.org