Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/x5OTtnAOc-rZEGCuPO1Mp9SlwjE.roa
File:                     x5OTtnAOc-rZEGCuPO1Mp9SlwjE.roa (raw, json)
Hash identifier:          66ufm9/0kUrkb88QD1kL3Jqcu5h9KL1OdbA6eFl6wNs=
Subject key identifier:   C7:93:93:B6:70:0E:73:EA:D9:10:60:AE:3C:ED:4C:A7:D4:A5:C2:31
Certificate issuer:       /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial:       018CAACB972B1405204E4D0EE874E75F796A
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/x5OTtnAOc-rZEGCuPO1Mp9SlwjE.roa
Signing time:             Wed 27 Dec 2023 10:21:58 +0000
ROA not before:           Wed 27 Dec 2023 10:21:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     41944
IP address blocks:        92.118.204.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:33:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:aa:cb:97:2b:14:05:20:4e:4d:0e:e8:74:e7:5f:79:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
        Validity
            Not Before: Dec 27 10:21:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c79393b6700e73ead91060ae3ced4ca7d4a5c231
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:f4:e6:f9:80:56:d7:e9:7d:3b:96:12:d6:34:
                    96:66:17:e3:74:88:d4:ef:73:76:b1:0b:19:d5:ac:
                    0a:19:40:c2:b9:4a:54:dd:52:d3:6e:2d:0d:26:04:
                    89:be:15:34:a2:83:76:c2:a2:a2:af:8a:cd:a3:1a:
                    50:82:1e:c9:c4:97:8f:94:c9:96:06:ea:24:58:64:
                    ee:e4:7f:c9:47:f0:6a:84:07:da:9d:ce:92:e8:93:
                    7b:0d:ad:94:89:fa:af:76:ab:67:5e:db:4b:7b:2d:
                    e6:9b:b4:f1:1a:22:15:ac:e2:02:62:73:a4:fc:bf:
                    63:a5:9f:33:47:85:af:5b:47:a7:1f:07:88:9a:2c:
                    60:e2:a4:46:42:7a:45:4e:3c:ed:ba:46:d8:ee:43:
                    f6:b9:00:1e:82:d3:bd:55:e2:36:09:c5:f2:9d:5d:
                    d6:3e:cc:3c:2c:7a:f6:5a:59:79:64:f7:14:56:90:
                    cc:f6:72:a8:91:13:4d:5c:ad:17:49:a4:d2:45:69:
                    8a:5f:64:5c:3c:25:a9:6b:a4:36:aa:d8:a0:f7:f0:
                    c8:68:39:d5:92:b0:04:4e:86:e3:1d:0d:79:40:aa:
                    5a:73:56:9b:54:8c:94:55:79:12:81:dd:ea:c7:d3:
                    0e:4b:f0:f9:40:a8:42:68:6a:5e:17:fa:73:d4:c6:
                    66:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:93:93:B6:70:0E:73:EA:D9:10:60:AE:3C:ED:4C:A7:D4:A5:C2:31
            X509v3 Authority Key Identifier:
                keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/x5OTtnAOc-rZEGCuPO1Mp9SlwjE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  92.118.204.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1d:a4:f4:50:7c:13:9a:a0:9d:26:b5:13:34:07:e1:9a:38:42:
         03:70:d0:05:6c:4c:89:3f:17:32:0f:3b:b6:55:16:46:9b:a8:
         0f:5d:c9:93:d7:86:d1:e6:56:ce:a7:aa:e9:2b:1f:2b:07:e7:
         ff:87:36:1b:8d:7d:19:ca:58:cd:a5:2f:3f:b8:e6:cb:18:86:
         8e:df:f3:ce:1f:1f:e6:e3:fb:e1:39:11:16:d6:a0:4f:81:19:
         88:e2:f7:41:95:39:38:98:6a:bb:4f:13:33:20:23:d7:59:5c:
         a1:2e:cc:16:ae:6c:8e:d8:30:11:04:1e:7e:79:82:80:7b:3e:
         e4:ac:84:9a:7d:0d:8f:c4:da:a5:8d:0c:f2:d8:51:59:11:aa:
         5f:74:bb:8d:8e:5f:fd:07:82:cc:b9:53:cd:69:75:c1:18:86:
         00:f9:4e:68:5d:90:aa:e0:be:50:50:1c:ab:eb:50:53:97:69:
         69:63:1d:35:f1:3b:3b:b8:46:ac:fa:5e:96:c2:ab:17:1e:4b:
         e1:5d:b6:25:bb:5e:6d:a5:5a:94:1b:30:4d:b6:e8:20:35:cb:
         fe:92:8e:52:ec:59:4a:08:e2:0d:0f:c3:5a:ca:c1:65:21:54:
         96:ee:94:0d:ee:82:cb:b7:92:11:ec:2b:c6:51:a5:e1:24:eb:
         8c:a8:f2:58
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYyqy5crFAUgTk0O6HTnX3lqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjMxMjI3MTAyMTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzkzOTNiNjcwMGU3M2VhZDkxMDYwYWUzY2VkNGNhN2Q0YTVjMjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkvTm+YBW1+l9O5YS1jSWZhfjdIjU
73N2sQsZ1awKGUDCuUpU3VLTbi0NJgSJvhU0ooN2wqKir4rNoxpQgh7JxJePlMmW
BuokWGTu5H/JR/BqhAfanc6S6JN7Da2UifqvdqtnXttLey3mm7TxGiIVrOICYnOk
/L9jpZ8zR4WvW0enHweImixg4qRGQnpFTjztukbY7kP2uQAegtO9VeI2CcXynV3W
Psw8LHr2Wll5ZPcUVpDM9nKokRNNXK0XSaTSRWmKX2RcPCWpa6Q2qtig9/DIaDnV
krAETobjHQ15QKpac1abVIyUVXkSgd3qx9MOS/D5QKhCaGpeF/pz1MZmHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMeTk7ZwDnPq2RBgrjztTKfUpcIxMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEveDVPVHRuQU9jLXJaRUdDdVBPMU1wOVNsd2pFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXHbMMA0G
CSqGSIb3DQEBCwUAA4IBAQAdpPRQfBOaoJ0mtRM0B+GaOEIDcNAFbEyJPxcyDzu2
VRZGm6gPXcmT14bR5lbOp6rpKx8rB+f/hzYbjX0ZyljNpS8/uObLGIaO3/POHx/m
4/vhOREW1qBPgRmI4vdBlTk4mGq7TxMzICPXWVyhLswWrmyO2DARBB5+eYKAez7k
rISafQ2PxNqljQzy2FFZEapfdLuNjl/9B4LMuVPNaXXBGIYA+U5oXZCq4L5QUByr
61BTl2lpYx018Ts7uEas+l6WwqsXHkvhXbYlu15tpVqUGzBNtuggNcv+ko5S7FlK
COIND8NaysFlIVSW7pQN7oLLt5IR7CvGUaXhJOuMqPJY
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:28 2024 by rpki-client on console-fra.rpki-client.org