Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/521235-ff7e-4bc7-a29e-38d73a23e7ac/1/IhE8uDsvS0DazwiOOgq4k1CjKT0.roa
File:                     IhE8uDsvS0DazwiOOgq4k1CjKT0.roa (raw, json)
Hash identifier:          cJwEkE7vzWmBta+d+jqXHrtm15MUZSOOqvpqIrVYKHw=
Subject key identifier:   22:11:3C:B8:3B:2F:4B:40:DA:CF:08:8E:3A:0A:B8:93:50:A3:29:3D
Certificate issuer:       /CN=21e7a588f0759ba8f658b3f3d68e55bcfe9c5bbe
Certificate serial:       01857343819CF57CD83EB01E5737F7B61A14
Authority key identifier: 21:E7:A5:88:F0:75:9B:A8:F6:58:B3:F3:D6:8E:55:BC:FE:9C:5B:BE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IeeliPB1m6j2WLPz1o5VvP6cW74.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1f/521235-ff7e-4bc7-a29e-38d73a23e7ac/1/IhE8uDsvS0DazwiOOgq4k1CjKT0.roa
Signing time:             Mon 02 Jan 2023 16:14:41 +0000
ROA not before:           Mon 02 Jan 2023 16:14:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     42999
IP address blocks:        193.200.188.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:30:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:43:81:9c:f5:7c:d8:3e:b0:1e:57:37:f7:b6:1a:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=21e7a588f0759ba8f658b3f3d68e55bcfe9c5bbe
        Validity
            Not Before: Jan  2 16:14:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=22113cb83b2f4b40dacf088e3a0ab89350a3293d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:6f:4b:86:61:88:98:77:77:bb:6f:f2:5b:f5:
                    2e:f1:20:6a:54:10:a2:dd:9f:ef:4b:b5:f5:42:16:
                    67:92:ac:f1:28:84:20:09:fd:e9:99:06:05:25:fd:
                    97:4b:b6:21:9f:49:91:cb:f0:3b:b8:4e:03:22:61:
                    a3:76:9e:5a:2b:6b:95:db:0c:75:fb:24:1e:c4:29:
                    6b:23:6a:5b:1d:77:00:7a:c1:69:b3:38:3d:75:f5:
                    75:38:1f:03:7b:dc:01:de:48:bb:1d:f0:94:af:2e:
                    a2:18:84:63:d1:26:a0:d0:ee:d0:02:e9:f0:7c:4d:
                    dc:6f:b1:4d:6b:d1:4e:f1:27:a3:a3:5d:25:98:3d:
                    39:a2:37:96:18:3b:4f:8b:e0:88:46:7a:6c:c8:d5:
                    ba:78:e4:53:4d:cf:5f:a5:10:3a:90:4f:3a:b8:60:
                    b6:62:95:35:07:84:d9:0a:fa:bc:30:ff:92:e2:81:
                    4c:6c:36:da:db:97:a0:fc:4f:39:74:c8:da:8b:52:
                    71:38:42:e6:84:04:24:6b:83:46:a8:cb:dc:be:af:
                    f9:a7:ec:c5:31:c8:62:ee:2d:8c:7b:26:4e:bd:b9:
                    81:69:2a:90:e8:0e:52:ae:28:45:2e:e9:4f:4a:a1:
                    21:43:1e:1b:db:1d:b5:f0:59:c9:08:12:25:ca:4b:
                    2f:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:11:3C:B8:3B:2F:4B:40:DA:CF:08:8E:3A:0A:B8:93:50:A3:29:3D
            X509v3 Authority Key Identifier:
                keyid:21:E7:A5:88:F0:75:9B:A8:F6:58:B3:F3:D6:8E:55:BC:FE:9C:5B:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IeeliPB1m6j2WLPz1o5VvP6cW74.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/521235-ff7e-4bc7-a29e-38d73a23e7ac/1/IhE8uDsvS0DazwiOOgq4k1CjKT0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/521235-ff7e-4bc7-a29e-38d73a23e7ac/1/IeeliPB1m6j2WLPz1o5VvP6cW74.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.200.188.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2d:cd:18:a1:e8:ed:d0:38:24:12:b6:d5:e3:0b:9a:e7:91:86:
         7a:7c:59:ba:af:12:7f:0e:d1:53:05:d4:92:3f:d9:5e:1f:c8:
         c2:c7:8f:1c:f3:85:af:ef:29:c2:ec:34:97:28:7f:46:24:bd:
         46:06:44:b7:43:65:96:35:f7:c7:17:8e:e3:49:2e:b3:67:05:
         10:7a:8c:b0:f2:a4:0b:35:8c:f7:dc:66:bc:d8:86:37:24:11:
         cf:94:6f:20:6d:29:e8:2c:f9:77:ed:89:47:a8:91:a4:b9:33:
         94:74:a8:f2:46:e8:10:43:86:5f:42:8d:6d:a1:fa:0c:de:e1:
         6c:94:e3:c1:15:cf:03:0d:f9:bf:5c:0f:a6:dd:ab:7f:0e:00:
         0b:12:78:d4:06:ab:a0:73:f6:e6:c9:d6:3e:5b:38:c3:39:33:
         d1:51:dd:59:80:64:f3:00:25:93:7a:38:70:46:30:7e:02:a8:
         e2:ac:e0:62:af:75:16:b8:18:b1:e7:a0:52:95:be:e8:d6:0e:
         c2:d8:89:60:8d:49:77:3f:e8:74:b9:77:25:af:06:f0:24:6a:
         74:c4:d6:d4:4b:5a:d9:bc:8a:29:0f:a5:48:3c:db:34:8b:4e:
         2f:34:85:77:3e:fb:69:cb:54:89:c8:d9:05:4d:9a:2d:65:bb:
         57:0f:b2:bd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzQ4Gc9XzYPrAeVzf3thoUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxZTdhNTg4ZjA3NTliYThmNjU4YjNmM2Q2OGU1NWJjZmU5
YzViYmUwHhcNMjMwMTAyMTYxNDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjExM2NiODNiMmY0YjQwZGFjZjA4OGUzYTBhYjg5MzUwYTMyOTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3W9LhmGImHd3u2/yW/Uu8SBqVBCi
3Z/vS7X1QhZnkqzxKIQgCf3pmQYFJf2XS7Yhn0mRy/A7uE4DImGjdp5aK2uV2wx1
+yQexClrI2pbHXcAesFpszg9dfV1OB8De9wB3ki7HfCUry6iGIRj0Sag0O7QAunw
fE3cb7FNa9FO8Sejo10lmD05ojeWGDtPi+CIRnpsyNW6eORTTc9fpRA6kE86uGC2
YpU1B4TZCvq8MP+S4oFMbDba25eg/E85dMjai1JxOELmhAQka4NGqMvcvq/5p+zF
Mchi7i2MeyZOvbmBaSqQ6A5SrihFLulPSqEhQx4b2x218FnJCBIlyksvXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCIRPLg7L0tA2s8IjjoKuJNQoyk9MB8GA1UdIwQY
MBaAFCHnpYjwdZuo9liz89aOVbz+nFu+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWVlbGlQQjFtNmoyV0xQejFvNVZ2UDZjVzc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi81MjEyMzUtZmY3ZS00YmM3LWEyOWUt
MzhkNzNhMjNlN2FjLzEvSWhFOHVEc3ZTMERhendpT09ncTRrMUNqS1QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi81MjEyMzUtZmY3ZS00YmM3LWEyOWUtMzhkNzNhMjNlN2Fj
LzEvSWVlbGlQQjFtNmoyV0xQejFvNVZ2UDZjVzc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwci8MA0G
CSqGSIb3DQEBCwUAA4IBAQAtzRih6O3QOCQSttXjC5rnkYZ6fFm6rxJ/DtFTBdSS
P9leH8jCx48c84Wv7ynC7DSXKH9GJL1GBkS3Q2WWNffHF47jSS6zZwUQeoyw8qQL
NYz33Ga82IY3JBHPlG8gbSnoLPl37YlHqJGkuTOUdKjyRugQQ4ZfQo1tofoM3uFs
lOPBFc8DDfm/XA+m3at/DgALEnjUBqugc/bmydY+WzjDOTPRUd1ZgGTzACWTejhw
RjB+AqjirOBir3UWuBix56BSlb7o1g7C2IlgjUl3P+h0uXclrwbwJGp0xNbUS1rZ
vIopD6VIPNs0i04vNIV3Pvtpy1SJyNkFTZotZbtXD7K9
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:27 2024 by rpki-client on console-ams.rpki-client.org