Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/CxyxI7NQZSOKN0Y5tWtt39HH12U.roa
File:                     CxyxI7NQZSOKN0Y5tWtt39HH12U.roa (raw, json)
Hash identifier:          0fDAFOUbZyvtwvSm/kVCoQ7U0uCcvwp52yJirvVjUvM=
Subject key identifier:   0B:1C:B1:23:B3:50:65:23:8A:37:46:39:B5:6B:6D:DF:D1:C7:D7:65
Certificate issuer:       /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial:       018E85ECB00B6620F120FB6D407EEBD4E603
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/CxyxI7NQZSOKN0Y5tWtt39HH12U.roa
Signing time:             Thu 28 Mar 2024 16:37:45 +0000
ROA not before:           Thu 28 Mar 2024 16:37:45 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     8930
IP address blocks:        193.230.230.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 19 Apr 2024 10:33:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:85:ec:b0:0b:66:20:f1:20:fb:6d:40:7e:eb:d4:e6:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
        Validity
            Not Before: Mar 28 16:37:45 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=0b1cb123b35065238a374639b56b6ddfd1c7d765
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:ee:7c:e2:40:2a:19:59:3b:3c:a1:5b:ad:75:
                    96:6c:bb:5e:15:50:e6:46:97:b5:c6:19:96:03:87:
                    ed:2a:19:ee:fc:3d:fa:47:f7:32:9b:08:48:45:20:
                    1c:45:19:a5:2a:de:0a:08:aa:3e:cf:07:4a:e6:5b:
                    df:7b:be:67:07:93:92:ab:15:03:5f:1d:3c:15:3b:
                    9f:b2:6f:58:55:9d:8f:80:fe:5b:cb:ba:fb:68:98:
                    3b:3c:f7:79:38:1c:c3:66:d5:db:02:05:d2:ee:8d:
                    3d:d7:03:88:c2:f3:8b:0d:7f:4d:a0:a1:6b:86:8d:
                    c6:b2:d7:5b:15:cb:c3:de:9a:25:69:63:42:c7:32:
                    d1:78:19:e2:09:14:f6:c6:6f:4f:3e:45:ad:38:c2:
                    e5:e0:8f:76:d0:67:d6:0a:d1:c4:4e:08:ed:8f:9a:
                    6f:16:57:9a:db:7d:77:a5:03:f0:5f:0d:2b:46:89:
                    90:59:8c:ef:d9:a1:74:b9:ee:60:11:26:90:b8:af:
                    02:63:e0:f8:28:0d:a2:09:15:8c:c1:3d:2f:ad:5b:
                    48:0e:67:e4:a4:50:2e:52:47:0c:0d:6e:e7:2a:d2:
                    60:97:bb:35:b1:50:63:9c:78:dc:1e:ec:8c:a6:16:
                    9f:19:ab:84:71:a9:79:02:a0:c8:c5:31:f9:c0:56:
                    0b:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:1C:B1:23:B3:50:65:23:8A:37:46:39:B5:6B:6D:DF:D1:C7:D7:65
            X509v3 Authority Key Identifier:
                keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/CxyxI7NQZSOKN0Y5tWtt39HH12U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.230.230.0/24

    Signature Algorithm: sha256WithRSAEncryption
         11:93:7c:91:17:59:f2:38:55:e9:32:eb:b0:09:3c:18:b6:c6:
         64:78:9a:58:2b:ba:73:4f:90:74:6c:3f:f1:a8:bd:da:3c:44:
         f8:d4:85:6a:fb:67:7a:e0:36:70:50:4d:82:05:38:94:44:4b:
         a5:b4:e2:7e:2f:5b:cc:15:55:f0:b1:61:f8:d7:33:d2:3f:91:
         05:1c:91:9d:c4:2b:3f:7b:0c:e7:f5:bd:e3:ba:56:71:63:04:
         40:f5:d7:b9:7c:c7:de:d9:47:f3:66:9b:57:2f:73:b0:56:7f:
         78:28:0f:75:90:b3:97:d6:2a:18:76:fe:af:0e:23:82:9f:37:
         73:fe:88:f6:c8:87:53:79:04:e1:56:dd:6b:b1:bd:4d:1c:24:
         df:8a:0c:b0:de:48:c6:eb:14:e3:35:93:1b:9e:6f:bc:e5:ae:
         c2:eb:4d:53:03:4e:41:43:18:6c:32:e1:12:61:f3:3b:36:7b:
         46:d6:0d:bf:28:a0:ee:cf:cf:83:36:41:34:43:30:86:57:0a:
         f7:91:ca:af:4e:59:42:4a:28:78:d4:5b:04:d8:16:95:70:58:
         40:0d:64:36:2a:68:56:4b:de:33:e0:b0:8b:db:b1:63:a7:42:
         30:98:c9:ad:d5:84:a0:0e:f4:03:73:4d:0c:36:ee:d5:cb:68:
         72:2c:cf:97
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY6F7LALZiDxIPttQH7r1OYDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjQwMzI4MTYzNzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjFjYjEyM2IzNTA2NTIzOGEzNzQ2MzliNTZiNmRkZmQxYzdkNzY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+584kAqGVk7PKFbrXWWbLteFVDm
Rpe1xhmWA4ftKhnu/D36R/cymwhIRSAcRRmlKt4KCKo+zwdK5lvfe75nB5OSqxUD
Xx08FTufsm9YVZ2PgP5by7r7aJg7PPd5OBzDZtXbAgXS7o091wOIwvOLDX9NoKFr
ho3GstdbFcvD3polaWNCxzLReBniCRT2xm9PPkWtOMLl4I920GfWCtHETgjtj5pv
Flea2313pQPwXw0rRomQWYzv2aF0ue5gESaQuK8CY+D4KA2iCRWMwT0vrVtIDmfk
pFAuUkcMDW7nKtJgl7s1sVBjnHjcHuyMphafGauEcal5AqDIxTH5wFYLDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAscsSOzUGUjijdGObVrbd/Rx9dlMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvQ3h5eEk3TlFaU09LTjBZNXRXdHQzOUhIMTJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwebmMA0G
CSqGSIb3DQEBCwUAA4IBAQARk3yRF1nyOFXpMuuwCTwYtsZkeJpYK7pzT5B0bD/x
qL3aPET41IVq+2d64DZwUE2CBTiUREultOJ+L1vMFVXwsWH41zPSP5EFHJGdxCs/
ewzn9b3julZxYwRA9de5fMfe2UfzZptXL3OwVn94KA91kLOX1ioYdv6vDiOCnzdz
/oj2yIdTeQThVt1rsb1NHCTfigyw3kjG6xTjNZMbnm+85a7C601TA05BQxhsMuES
YfM7NntG1g2/KKDuz8+DNkE0QzCGVwr3kcqvTllCSih41FsE2BaVcFhADWQ2KmhW
S94z4LCL27Fjp0IwmMmt1YSgDvQDc00MNu7Vy2hyLM+X
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:04 2024 by rpki-client on console-ams.rpki-client.org