Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/33d71a-9350-4345-b6b8-a83d6c3cf053/1/L48Aq3J17Mqb26gYi8PEXNDyb5g.roa
File:                     L48Aq3J17Mqb26gYi8PEXNDyb5g.roa (raw, json)
Hash identifier:          Ek40BzNOkxvSHPsnxNGkFY1/bwnGa+R6keMjXE6wOFE=
Subject key identifier:   2F:8F:00:AB:72:75:EC:CA:9B:DB:A8:18:8B:C3:C4:5C:D0:F2:6F:98
Certificate issuer:       /CN=a63c6dbaf2bcf52f27e58c2d89c6c1c55b95df26
Certificate serial:       01882A56D6F119E09D454684347442887BDD
Authority key identifier: A6:3C:6D:BA:F2:BC:F5:2F:27:E5:8C:2D:89:C6:C1:C5:5B:95:DF:26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pjxtuvK89S8n5YwticbBxVuV3yY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/19/33d71a-9350-4345-b6b8-a83d6c3cf053/1/L48Aq3J17Mqb26gYi8PEXNDyb5g.roa
Signing time:             Wed 17 May 2023 15:31:54 +0000
ROA not before:           Wed 17 May 2023 15:31:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     14618
IP address blocks:        193.17.209.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:31:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:2a:56:d6:f1:19:e0:9d:45:46:84:34:74:42:88:7b:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a63c6dbaf2bcf52f27e58c2d89c6c1c55b95df26
        Validity
            Not Before: May 17 15:31:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2f8f00ab7275ecca9bdba8188bc3c45cd0f26f98
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:16:4c:a3:22:9e:77:ef:93:89:8c:7d:10:f0:
                    23:82:0f:35:d9:07:55:41:54:c8:b2:42:c2:74:86:
                    18:ea:a8:22:64:6c:77:24:05:f1:68:bd:7e:82:fc:
                    17:7b:50:a0:d4:68:3c:d1:18:6f:af:97:23:07:81:
                    74:e1:da:87:99:18:72:a9:06:65:84:41:9c:8b:3f:
                    4c:d6:e9:81:cf:ef:05:8b:4a:76:63:3f:ed:34:c4:
                    2e:39:5c:86:61:bd:cf:ca:6e:35:60:f2:c7:92:21:
                    02:37:1f:3c:14:e2:8f:a0:9b:16:8f:d0:73:a0:a8:
                    bc:c2:eb:b5:51:58:34:ec:16:f0:c3:bc:84:c0:45:
                    8e:1f:55:14:49:c5:a9:ad:a5:d6:25:73:1d:d3:50:
                    15:bf:76:47:31:9b:34:02:24:5b:83:d4:61:51:d4:
                    51:87:63:b1:72:d6:39:d2:67:4b:0f:64:98:49:86:
                    cc:fe:8c:fc:be:85:4b:1e:6c:32:a5:5c:2a:51:e2:
                    22:66:0b:23:cd:8d:c7:a3:ff:77:19:8d:7c:5b:1a:
                    ff:3c:10:61:6a:68:b2:da:9b:96:3e:1b:d9:ea:67:
                    c8:78:05:ad:47:8d:d3:5c:ea:74:b4:a6:83:8b:be:
                    c7:bd:f4:0b:3f:8d:ee:a9:ec:c5:09:9a:ec:92:05:
                    ff:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:8F:00:AB:72:75:EC:CA:9B:DB:A8:18:8B:C3:C4:5C:D0:F2:6F:98
            X509v3 Authority Key Identifier:
                keyid:A6:3C:6D:BA:F2:BC:F5:2F:27:E5:8C:2D:89:C6:C1:C5:5B:95:DF:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pjxtuvK89S8n5YwticbBxVuV3yY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/33d71a-9350-4345-b6b8-a83d6c3cf053/1/L48Aq3J17Mqb26gYi8PEXNDyb5g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/19/33d71a-9350-4345-b6b8-a83d6c3cf053/1/pjxtuvK89S8n5YwticbBxVuV3yY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.17.209.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4c:95:6b:6d:1c:f4:4f:c9:83:2b:4c:fd:c1:5e:45:60:04:54:
         5b:72:92:17:e6:e0:e4:ca:b7:4b:de:aa:23:c8:d9:5a:15:6c:
         b4:d2:93:74:11:67:10:a3:39:03:fd:38:e5:35:05:72:cf:6d:
         20:d9:25:74:af:02:28:9f:18:05:f5:d2:3d:a1:14:f0:c1:cb:
         db:06:d1:ed:bc:cd:22:82:2b:2a:38:b5:c7:88:5d:92:b5:3a:
         44:b5:eb:38:de:04:2f:0d:ea:a3:71:fd:ef:56:06:d1:31:b8:
         2a:e5:96:9c:5b:c6:d8:d3:90:6b:a5:f9:7f:cf:42:83:81:72:
         7c:a1:9c:23:ea:95:14:85:10:dd:b3:76:d9:8f:e7:f2:ab:a4:
         62:cc:3a:8e:4a:28:22:1d:fa:89:48:1f:8d:94:98:c7:eb:e1:
         6b:3e:b4:9b:cd:3b:3d:6a:f7:63:76:aa:8a:1b:4c:17:15:ce:
         c9:db:de:f7:9b:12:2a:c5:75:10:cc:4e:80:a5:19:ff:83:a9:
         83:8c:bb:04:94:42:4f:b3:ce:15:c0:42:e1:af:e7:88:cb:56:
         52:e7:cf:07:f1:07:56:17:61:d1:66:ad:f2:66:57:8d:1f:78:
         8f:0c:98:d7:cc:67:fb:e9:d0:43:85:6f:d7:15:31:b4:d5:7c:
         60:d2:2b:11
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYgqVtbxGeCdRUaENHRCiHvdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2M2M2ZGJhZjJiY2Y1MmYyN2U1OGMyZDg5YzZjMWM1NWI5
NWRmMjYwHhcNMjMwNTE3MTUzMTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjhmMDBhYjcyNzVlY2NhOWJkYmE4MTg4YmMzYzQ1Y2QwZjI2Zjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiRZMoyKed++TiYx9EPAjgg812QdV
QVTIskLCdIYY6qgiZGx3JAXxaL1+gvwXe1Cg1Gg80Rhvr5cjB4F04dqHmRhyqQZl
hEGciz9M1umBz+8Fi0p2Yz/tNMQuOVyGYb3Pym41YPLHkiECNx88FOKPoJsWj9Bz
oKi8wuu1UVg07Bbww7yEwEWOH1UUScWpraXWJXMd01AVv3ZHMZs0AiRbg9RhUdRR
h2OxctY50mdLD2SYSYbM/oz8voVLHmwypVwqUeIiZgsjzY3Ho/93GY18Wxr/PBBh
amiy2puWPhvZ6mfIeAWtR43TXOp0tKaDi77HvfQLP43uqezFCZrskgX/wwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC+PAKtydezKm9uoGIvDxFzQ8m+YMB8GA1UdIwQY
MBaAFKY8bbryvPUvJ+WMLYnGwcVbld8mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGp4dHV2Szg5UzhuNVl3dGljYkJ4VnVWM3lZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8zM2Q3MWEtOTM1MC00MzQ1LWI2Yjgt
YTgzZDZjM2NmMDUzLzEvTDQ4QXEzSjE3TXFiMjZnWWk4UEVYTkR5YjVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8zM2Q3MWEtOTM1MC00MzQ1LWI2YjgtYTgzZDZjM2NmMDUz
LzEvcGp4dHV2Szg5UzhuNVl3dGljYkJ4VnVWM3lZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwRHRMA0G
CSqGSIb3DQEBCwUAA4IBAQBMlWttHPRPyYMrTP3BXkVgBFRbcpIX5uDkyrdL3qoj
yNlaFWy00pN0EWcQozkD/TjlNQVyz20g2SV0rwIonxgF9dI9oRTwwcvbBtHtvM0i
gisqOLXHiF2StTpEtes43gQvDeqjcf3vVgbRMbgq5ZacW8bY05Brpfl/z0KDgXJ8
oZwj6pUUhRDds3bZj+fyq6RizDqOSigiHfqJSB+NlJjH6+FrPrSbzTs9avdjdqqK
G0wXFc7J2973mxIqxXUQzE6ApRn/g6mDjLsElEJPs84VwELhr+eIy1ZS588H8QdW
F2HRZq3yZleNH3iPDJjXzGf76dBDhW/XFTG01Xxg0isR
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:56 2024 by rpki-client on console-ams.rpki-client.org