Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/f2ef06-2dd2-4a21-9ce9-defffa5f06e1/1/SBvpqrTBP_8YO2U0elkriaW7mQg.roa
File:                     SBvpqrTBP_8YO2U0elkriaW7mQg.roa (raw, json)
Hash identifier:          HQzeMJ8DJXj3ctb3gnaac6EweBCPaez0nlWdLMtWdW0=
Subject key identifier:   48:1B:E9:AA:B4:C1:3F:FF:18:3B:65:34:7A:59:2B:89:A5:BB:99:08
Certificate issuer:       /CN=66a832244d0e23f5f28b3a6def7afc01b22521c7
Certificate serial:       018B47236F1CC6C841C5AE7B61583C6530A9
Authority key identifier: 66:A8:32:24:4D:0E:23:F5:F2:8B:3A:6D:EF:7A:FC:01:B2:25:21:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZqgyJE0OI_Xyizpt73r8AbIlIcc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/f2ef06-2dd2-4a21-9ce9-defffa5f06e1/1/SBvpqrTBP_8YO2U0elkriaW7mQg.roa
Signing time:             Thu 19 Oct 2023 08:53:06 +0000
ROA not before:           Thu 19 Oct 2023 08:53:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     6730
IP address blocks:        193.36.36.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:29:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:47:23:6f:1c:c6:c8:41:c5:ae:7b:61:58:3c:65:30:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=66a832244d0e23f5f28b3a6def7afc01b22521c7
        Validity
            Not Before: Oct 19 08:53:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=481be9aab4c13fff183b65347a592b89a5bb9908
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:50:c7:64:ee:43:65:3e:ef:63:90:3f:29:7d:
                    84:a9:df:70:35:1f:09:ba:0b:27:99:a5:ff:73:c6:
                    36:30:6c:ca:93:ff:7d:98:70:73:2d:c4:02:a5:18:
                    e9:0d:55:d5:8a:99:60:d0:54:d1:17:d0:a5:70:b7:
                    5c:9c:70:57:34:d1:4a:a4:8c:bc:51:d5:03:66:d2:
                    16:15:9a:5c:7f:b1:b0:8a:20:6a:4a:04:77:7b:07:
                    3d:e0:e2:53:66:c7:4e:8f:e3:b4:6b:f4:05:74:79:
                    86:e3:8f:1f:a5:df:98:7b:35:98:94:e5:93:40:04:
                    48:bc:70:51:70:2e:e1:1b:b6:bf:32:e4:ff:b9:a0:
                    03:f1:98:61:f7:95:6e:19:0d:5a:e1:b9:ff:e2:fc:
                    a9:a8:68:83:54:e2:17:bb:85:44:bf:17:63:e4:65:
                    9c:f5:ba:ff:0d:bd:81:89:cb:cb:94:e4:8e:f5:9a:
                    02:03:fc:d4:0d:3c:fa:ab:3b:e1:11:c7:bf:cb:69:
                    f9:57:f7:69:03:3b:5d:50:37:f1:be:45:fa:c3:eb:
                    19:98:10:98:86:be:62:7a:4f:c8:95:a8:b7:a3:4a:
                    38:48:64:0c:a7:d9:76:b2:13:1c:69:84:57:ae:97:
                    06:0d:78:a5:c5:90:35:91:e2:be:fb:26:f3:98:fd:
                    2a:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:1B:E9:AA:B4:C1:3F:FF:18:3B:65:34:7A:59:2B:89:A5:BB:99:08
            X509v3 Authority Key Identifier:
                keyid:66:A8:32:24:4D:0E:23:F5:F2:8B:3A:6D:EF:7A:FC:01:B2:25:21:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZqgyJE0OI_Xyizpt73r8AbIlIcc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/f2ef06-2dd2-4a21-9ce9-defffa5f06e1/1/SBvpqrTBP_8YO2U0elkriaW7mQg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/f2ef06-2dd2-4a21-9ce9-defffa5f06e1/1/ZqgyJE0OI_Xyizpt73r8AbIlIcc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.36.36.0/24

    Signature Algorithm: sha256WithRSAEncryption
         80:86:2e:3c:e7:ef:a1:98:65:b3:ef:42:7d:07:39:72:fb:d8:
         e5:fb:f1:19:e4:3e:29:01:78:05:9f:96:f9:17:99:12:74:df:
         4a:e1:db:05:06:4a:02:ff:c9:c8:ab:c0:52:39:5b:25:f5:26:
         62:21:56:4c:df:8a:9c:43:60:3f:a2:ba:53:07:74:cc:11:a0:
         3d:df:49:17:3e:53:41:95:d2:5a:3d:4b:2a:45:a0:17:4c:e6:
         05:ff:c2:3e:9e:12:ab:05:e2:1f:05:82:c4:c8:63:f5:d6:63:
         70:3d:8f:af:23:ff:b8:43:46:00:0a:53:48:d0:1b:38:f5:7a:
         a1:20:7c:a1:71:0d:6e:a1:14:84:4f:ce:39:b1:7e:13:3f:5a:
         f9:8a:f1:14:57:bb:33:a2:f8:b2:da:37:49:67:64:af:27:16:
         f8:32:b1:8c:fc:e1:30:d5:4d:c6:45:f9:34:63:3e:0a:1f:ad:
         f1:e2:d2:cb:94:5a:09:4d:0d:35:9c:4c:39:d3:62:e0:b5:ca:
         7c:7f:cf:97:b9:15:8e:57:57:08:d8:fe:80:20:74:2d:82:ce:
         ed:f6:51:86:17:64:e9:26:e2:b2:a0:a1:a3:87:05:70:5d:aa:
         ad:62:b6:30:51:33:d5:81:56:6a:25:53:a8:03:6f:cf:29:a0:
         cf:77:3c:99
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYtHI28cxshBxa57YVg8ZTCpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2YTgzMjI0NGQwZTIzZjVmMjhiM2E2ZGVmN2FmYzAxYjIy
NTIxYzcwHhcNMjMxMDE5MDg1MzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODFiZTlhYWI0YzEzZmZmMTgzYjY1MzQ3YTU5MmI4OWE1YmI5OTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp1DHZO5DZT7vY5A/KX2Eqd9wNR8J
ugsnmaX/c8Y2MGzKk/99mHBzLcQCpRjpDVXViplg0FTRF9ClcLdcnHBXNNFKpIy8
UdUDZtIWFZpcf7GwiiBqSgR3ewc94OJTZsdOj+O0a/QFdHmG448fpd+YezWYlOWT
QARIvHBRcC7hG7a/MuT/uaAD8Zhh95VuGQ1a4bn/4vypqGiDVOIXu4VEvxdj5GWc
9br/Db2BicvLlOSO9ZoCA/zUDTz6qzvhEce/y2n5V/dpAztdUDfxvkX6w+sZmBCY
hr5iek/Ilai3o0o4SGQMp9l2shMcaYRXrpcGDXilxZA1keK++ybzmP0q9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEgb6aq0wT//GDtlNHpZK4mlu5kIMB8GA1UdIwQY
MBaAFGaoMiRNDiP18os6be96/AGyJSHHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnFneUpFME9JX1h5aXpwdDczcjhBYklsSWNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9mMmVmMDYtMmRkMi00YTIxLTljZTkt
ZGVmZmZhNWYwNmUxLzEvU0J2cHFyVEJQXzhZTzJVMGVsa3JpYVc3bVFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9mMmVmMDYtMmRkMi00YTIxLTljZTktZGVmZmZhNWYwNmUx
LzEvWnFneUpFME9JX1h5aXpwdDczcjhBYklsSWNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSQkMA0G
CSqGSIb3DQEBCwUAA4IBAQCAhi485++hmGWz70J9Bzly+9jl+/EZ5D4pAXgFn5b5
F5kSdN9K4dsFBkoC/8nIq8BSOVsl9SZiIVZM34qcQ2A/orpTB3TMEaA930kXPlNB
ldJaPUsqRaAXTOYF/8I+nhKrBeIfBYLEyGP11mNwPY+vI/+4Q0YAClNI0Bs49Xqh
IHyhcQ1uoRSET845sX4TP1r5ivEUV7szoviy2jdJZ2SvJxb4MrGM/OEw1U3GRfk0
Yz4KH63x4tLLlFoJTQ01nEw502Lgtcp8f8+XuRWOV1cI2P6AIHQtgs7t9lGGF2Tp
JuKyoKGjhwVwXaqtYrYwUTPVgVZqJVOoA2/PKaDPdzyZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:38 2024 by rpki-client on console-ams.rpki-client.org