Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/582b17-f46f-41eb-8fd4-eb5093b231c1/1/1-tKdPboYvMb2LBzkMzU3MKfwEA.roa
File:                     1-tKdPboYvMb2LBzkMzU3MKfwEA.roa (raw, json)
Hash identifier:          svSSXE1YtmNaJBBTZbyi3UjWglpVbixfLFx3IwueLhU=
Subject key identifier:   D7:EB:4A:74:F6:E8:62:F3:1B:D8:B0:73:90:CC:D4:DC:C2:9F:C0:40
Certificate issuer:       /CN=fd261d45319e8375187436da44bf5b9adb044a7f
Certificate serial:       0185730C9802DC8D2A4053D4EFD04103ED48
Authority key identifier: FD:26:1D:45:31:9E:83:75:18:74:36:DA:44:BF:5B:9A:DB:04:4A:7F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_SYdRTGeg3UYdDbaRL9bmtsESn8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/582b17-f46f-41eb-8fd4-eb5093b231c1/1/1-tKdPboYvMb2LBzkMzU3MKfwEA.roa
Signing time:             Mon 02 Jan 2023 15:14:43 +0000
ROA not before:           Mon 02 Jan 2023 15:14:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     20560
IP address blocks:        194.50.34.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:30:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:0c:98:02:dc:8d:2a:40:53:d4:ef:d0:41:03:ed:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fd261d45319e8375187436da44bf5b9adb044a7f
        Validity
            Not Before: Jan  2 15:14:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d7eb4a74f6e862f31bd8b07390ccd4dcc29fc040
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:6a:55:f2:3c:b2:12:b1:09:2d:cb:95:17:44:
                    29:75:40:ef:8d:7b:69:51:50:2d:a0:c2:d9:3a:cf:
                    2b:aa:fa:12:64:4d:86:ef:ef:c2:33:e6:73:b7:69:
                    dd:c6:48:59:e7:ab:fd:38:b1:c5:4e:ac:e8:37:51:
                    e3:c0:77:ea:23:fd:ab:5e:fc:25:ea:bb:96:2c:ac:
                    03:6d:b7:c8:75:05:fe:1e:16:9c:a7:f7:99:9d:fa:
                    5e:93:4b:38:db:e4:13:56:87:3c:77:4b:d5:f6:3b:
                    9d:d4:bd:4b:9d:2a:4e:cf:b4:60:d2:75:64:e9:58:
                    5b:d9:c7:f3:49:50:0b:4e:10:0f:03:f3:84:9a:f4:
                    e0:54:8b:44:74:80:98:01:76:a5:d5:49:59:27:dc:
                    ea:4d:c0:e0:84:92:df:31:70:78:12:3d:59:96:cf:
                    f3:ed:05:7b:08:86:91:26:e8:d9:d7:3d:3e:4c:3c:
                    7f:b4:d1:7f:76:15:1f:d9:ad:00:04:7d:0b:a3:12:
                    97:73:c5:12:76:9c:5b:e6:44:2c:9b:89:8d:e0:ee:
                    dc:cb:75:9e:33:ea:81:9c:18:f1:8b:76:e5:8b:38:
                    46:0e:31:78:9f:4d:54:b2:f4:44:9a:ad:9a:df:50:
                    a3:18:73:3d:c7:44:9b:8c:ee:7e:c0:a5:b9:64:53:
                    70:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:EB:4A:74:F6:E8:62:F3:1B:D8:B0:73:90:CC:D4:DC:C2:9F:C0:40
            X509v3 Authority Key Identifier:
                keyid:FD:26:1D:45:31:9E:83:75:18:74:36:DA:44:BF:5B:9A:DB:04:4A:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_SYdRTGeg3UYdDbaRL9bmtsESn8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/582b17-f46f-41eb-8fd4-eb5093b231c1/1/1-tKdPboYvMb2LBzkMzU3MKfwEA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/582b17-f46f-41eb-8fd4-eb5093b231c1/1/_SYdRTGeg3UYdDbaRL9bmtsESn8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.50.34.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b1:36:d1:20:bb:2a:0e:f4:df:25:4a:eb:8c:1f:3f:ed:d4:7b:
         30:fc:2b:55:5c:b0:64:d8:4c:f2:af:68:69:cf:0b:3f:5b:d8:
         0f:5b:ea:8a:29:b4:a2:36:e1:95:85:52:c8:6e:e4:b3:98:a4:
         ba:64:ad:14:67:e2:87:e5:5a:4a:89:f4:fe:97:3c:9f:b9:45:
         a4:49:97:f0:45:8a:f5:18:16:1b:bc:49:c5:79:e0:40:05:f2:
         7e:19:1f:1a:37:ea:97:3a:75:52:4e:c6:cd:3c:ee:5d:d6:42:
         cd:d3:55:25:f2:43:91:db:57:0c:df:d7:d5:da:58:28:7a:4a:
         95:c5:b2:98:c7:41:c1:59:0d:bb:65:28:c2:62:9c:c7:50:42:
         4d:33:46:62:40:3b:5a:05:2c:0a:23:fc:80:0d:cf:95:27:cb:
         e8:af:76:62:13:4d:01:a0:bd:06:c3:dd:85:0d:91:ed:48:db:
         9b:19:8f:1d:7b:3c:a7:6e:41:80:0d:a4:e4:67:d9:1e:e0:c9:
         6f:04:90:47:24:78:5c:48:fc:f0:6b:4a:d3:8a:a7:44:43:93:
         ce:ea:9f:fb:02:f5:4f:54:6a:90:f4:8e:16:9d:62:df:66:f3:
         0d:f3:d9:21:5d:5b:48:b1:e6:ab:a5:62:3a:2b:c7:8c:7e:e8:
         df:c5:7a:b7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzDJgC3I0qQFPU79BBA+1IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkMjYxZDQ1MzE5ZTgzNzUxODc0MzZkYTQ0YmY1YjlhZGIw
NDRhN2YwHhcNMjMwMTAyMTUxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2ViNGE3NGY2ZTg2MmYzMWJkOGIwNzM5MGNjZDRkY2MyOWZjMDQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApmpV8jyyErEJLcuVF0QpdUDvjXtp
UVAtoMLZOs8rqvoSZE2G7+/CM+Zzt2ndxkhZ56v9OLHFTqzoN1HjwHfqI/2rXvwl
6ruWLKwDbbfIdQX+Hhacp/eZnfpek0s42+QTVoc8d0vV9jud1L1LnSpOz7Rg0nVk
6Vhb2cfzSVALThAPA/OEmvTgVItEdICYAXal1UlZJ9zqTcDghJLfMXB4Ej1Zls/z
7QV7CIaRJujZ1z0+TDx/tNF/dhUf2a0ABH0LoxKXc8USdpxb5kQsm4mN4O7cy3We
M+qBnBjxi3blizhGDjF4n01UsvREmq2a31CjGHM9x0SbjO5+wKW5ZFNwlwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNfrSnT26GLzG9iwc5DM1NzCn8BAMB8GA1UdIwQY
MBaAFP0mHUUxnoN1GHQ22kS/W5rbBEp/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1NZZFJUR2VnM1VZZERiYVJMOWJtdHNFU244LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS81ODJiMTctZjQ2Zi00MWViLThmZDQt
ZWI1MDkzYjIzMWMxLzEvMS10S2RQYm9Zdk1iMkxCemtNelUzTUtmd0VBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS81ODJiMTctZjQ2Zi00MWViLThmZDQtZWI1MDkzYjIzMWMx
LzEvX1NZZFJUR2VnM1VZZERiYVJMOWJtdHNFU244LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwjIiMA0G
CSqGSIb3DQEBCwUAA4IBAQCxNtEguyoO9N8lSuuMHz/t1Hsw/CtVXLBk2Ezyr2hp
zws/W9gPW+qKKbSiNuGVhVLIbuSzmKS6ZK0UZ+KH5VpKifT+lzyfuUWkSZfwRYr1
GBYbvEnFeeBABfJ+GR8aN+qXOnVSTsbNPO5d1kLN01Ul8kOR21cM39fV2lgoekqV
xbKYx0HBWQ27ZSjCYpzHUEJNM0ZiQDtaBSwKI/yADc+VJ8vor3ZiE00BoL0Gw92F
DZHtSNubGY8dezynbkGADaTkZ9ke4MlvBJBHJHhcSPzwa0rTiqdEQ5PO6p/7AvVP
VGqQ9I4WnWLfZvMN89khXVtIsearpWI6K8eMfujfxXq3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:10 2024 by rpki-client on console-fra.rpki-client.org