Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/ooRvRR8EJA-q6lo8v0WF1-igXPI.roa
File:                     ooRvRR8EJA-q6lo8v0WF1-igXPI.roa (raw, json)
Hash identifier:          lCdMFjR5LZubX6tu/IsqEP+VHlmRvHATmF2xxcoSJi4=
Subject key identifier:   A2:84:6F:45:1F:04:24:0F:AA:EA:5A:3C:BF:45:85:D7:E8:A0:5C:F2
Certificate issuer:       /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial:       01856CE613105A0375EFBFF7580B33FA059D
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/ooRvRR8EJA-q6lo8v0WF1-igXPI.roa
Signing time:             Sun 01 Jan 2023 10:34:55 +0000
ROA not before:           Sun 01 Jan 2023 10:34:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     34936
IP address blocks:        204.11.3.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:33:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:e6:13:10:5a:03:75:ef:bf:f7:58:0b:33:fa:05:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
        Validity
            Not Before: Jan  1 10:34:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a2846f451f04240faaea5a3cbf4585d7e8a05cf2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:39:7c:d8:a3:da:dd:30:fe:ce:00:8c:83:17:
                    4d:9a:cd:7a:88:39:74:b4:66:22:eb:13:f2:9a:24:
                    eb:76:ad:9b:2c:ca:1c:84:5e:ca:e4:02:c2:1d:a1:
                    aa:f6:2a:40:30:2a:08:8e:35:dc:b4:2f:77:76:d8:
                    23:80:89:c1:22:e8:4a:c9:2c:ad:71:66:be:35:d2:
                    18:52:35:18:b1:05:a5:39:4f:89:5f:57:36:97:ed:
                    0e:ec:28:20:0b:be:3a:4d:86:24:de:81:e2:61:8b:
                    c4:0a:35:92:f5:a4:f3:65:11:c6:94:3b:29:f3:60:
                    70:ea:ab:b1:0d:14:67:0c:c1:b2:bd:88:be:70:78:
                    e6:e0:d7:b7:c2:a4:f6:ba:a9:6e:35:c3:dc:8d:29:
                    58:ae:f8:59:e2:ad:94:ec:53:c6:99:ca:f3:3d:90:
                    5b:28:6c:47:27:91:6b:5c:76:2c:16:38:de:76:09:
                    49:50:0d:9b:a4:2e:54:fa:71:03:82:ab:53:b4:4c:
                    b9:5b:24:57:ca:90:33:da:a7:89:00:7b:63:c4:af:
                    2d:c8:79:fe:21:61:71:36:36:6b:3d:31:a3:34:b3:
                    b7:6e:85:f6:c0:80:2a:e9:8d:6c:52:6f:9f:45:af:
                    6f:f9:f6:f2:7d:8a:46:f6:e4:73:d7:51:75:6f:6b:
                    ef:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:84:6F:45:1F:04:24:0F:AA:EA:5A:3C:BF:45:85:D7:E8:A0:5C:F2
            X509v3 Authority Key Identifier:
                keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/ooRvRR8EJA-q6lo8v0WF1-igXPI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  204.11.3.0/24

    Signature Algorithm: sha256WithRSAEncryption
         09:d9:72:46:1c:f5:1c:a2:30:f2:05:eb:09:05:42:dd:06:4f:
         bb:72:79:51:ca:54:94:c1:b9:43:ee:cc:33:84:dd:78:41:ff:
         cf:f8:48:7c:60:d1:34:3d:38:f4:ba:b6:51:1d:51:6a:48:c4:
         56:0f:f4:0f:4c:14:cb:18:73:ba:5d:f7:aa:e0:ad:9f:50:f9:
         12:12:df:34:2c:57:c0:b2:b4:e7:0b:22:04:5a:65:37:4b:2c:
         ae:58:38:ee:ca:50:fb:b0:6e:d7:27:6d:c6:94:2f:da:5f:fb:
         5c:60:79:86:ab:54:6d:70:31:98:29:ab:99:7d:af:99:ee:9e:
         4e:db:0d:80:89:42:30:6d:ad:50:c0:be:1d:29:c4:14:da:e7:
         ec:d9:69:7c:84:2d:5d:ab:cd:c8:22:b4:9b:ac:36:81:1d:88:
         f5:00:98:18:2b:9d:0f:98:0d:9b:61:41:50:c7:02:85:df:b5:
         12:13:3d:55:4a:31:65:15:54:11:3d:f5:03:2c:8e:37:1f:2e:
         ae:c4:50:bc:b5:03:b0:98:cd:05:f6:ac:d6:5e:51:d9:72:fe:
         ab:ea:df:0e:5a:97:c4:b0:53:36:8e:71:2a:01:be:aa:d6:e8:
         d3:63:e5:42:d3:e5:a6:ca:f0:ef:0a:9d:94:79:2b:99:30:e7:
         68:81:2d:e0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVs5hMQWgN177/3WAsz+gWdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjMwMTAxMTAzNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjg0NmY0NTFmMDQyNDBmYWFlYTVhM2NiZjQ1ODVkN2U4YTA1Y2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgTl82KPa3TD+zgCMgxdNms16iDl0
tGYi6xPymiTrdq2bLMochF7K5ALCHaGq9ipAMCoIjjXctC93dtgjgInBIuhKySyt
cWa+NdIYUjUYsQWlOU+JX1c2l+0O7CggC746TYYk3oHiYYvECjWS9aTzZRHGlDsp
82Bw6quxDRRnDMGyvYi+cHjm4Ne3wqT2uqluNcPcjSlYrvhZ4q2U7FPGmcrzPZBb
KGxHJ5FrXHYsFjjedglJUA2bpC5U+nEDgqtTtEy5WyRXypAz2qeJAHtjxK8tyHn+
IWFxNjZrPTGjNLO3boX2wIAq6Y1sUm+fRa9v+fbyfYpG9uRz11F1b2vvIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKKEb0UfBCQPqupaPL9FhdfooFzyMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvb29SdlJSOEVKQS1xNmxvOHYwV0YxLWlnWFBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAzAsDMA0G
CSqGSIb3DQEBCwUAA4IBAQAJ2XJGHPUcojDyBesJBULdBk+7cnlRylSUwblD7swz
hN14Qf/P+Eh8YNE0PTj0urZRHVFqSMRWD/QPTBTLGHO6Xfeq4K2fUPkSEt80LFfA
srTnCyIEWmU3SyyuWDjuylD7sG7XJ23GlC/aX/tcYHmGq1RtcDGYKauZfa+Z7p5O
2w2AiUIwba1QwL4dKcQU2ufs2Wl8hC1dq83IIrSbrDaBHYj1AJgYK50PmA2bYUFQ
xwKF37USEz1VSjFlFVQRPfUDLI43Hy6uxFC8tQOwmM0F9qzWXlHZcv6r6t8OWpfE
sFM2jnEqAb6q1ujTY+VC0+WmyvDvCp2UeSuZMOdogS3g
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:28 2024 by rpki-client on console-fra.rpki-client.org