Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/bea847-a783-489d-ae4b-53f57504ef35/1/VgHOK_oH2uDLGcoieR9q-KTjIu0.roa
File:                     VgHOK_oH2uDLGcoieR9q-KTjIu0.roa (raw, json)
Hash identifier:          jl8H1cLx6gIGEEt66CDeRB2sNZvBSXCggycoPJPtoaU=
Subject key identifier:   56:01:CE:2B:FA:07:DA:E0:CB:19:CA:22:79:1F:6A:F8:A4:E3:22:ED
Certificate issuer:       /CN=9863354a111af6d5e1ad10da38ad8144b6be868e
Certificate serial:       018AFEB7E09CA988B26A7D9083D96610F6FC
Authority key identifier: 98:63:35:4A:11:1A:F6:D5:E1:AD:10:DA:38:AD:81:44:B6:BE:86:8E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mGM1ShEa9tXhrRDaOK2BRLa-ho4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/bea847-a783-489d-ae4b-53f57504ef35/1/VgHOK_oH2uDLGcoieR9q-KTjIu0.roa
Signing time:             Thu 05 Oct 2023 07:22:58 +0000
ROA not before:           Thu 05 Oct 2023 07:22:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     14618
IP address blocks:        193.135.101.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 06 Oct 2023 12:17:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:fe:b7:e0:9c:a9:88:b2:6a:7d:90:83:d9:66:10:f6:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9863354a111af6d5e1ad10da38ad8144b6be868e
        Validity
            Not Before: Oct  5 07:22:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5601ce2bfa07dae0cb19ca22791f6af8a4e322ed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:db:72:2c:df:cc:73:b8:f0:f5:31:de:58:dd:
                    08:d7:a7:6e:69:7c:9d:91:b7:51:ee:b3:1d:f0:02:
                    92:08:0e:f6:4b:8a:4a:91:d7:ba:14:bb:2e:72:4c:
                    4d:88:c3:fe:2f:cc:49:e0:92:3b:ea:e1:da:37:48:
                    48:4e:d4:3a:c6:f7:3c:50:7a:5c:66:4c:42:52:71:
                    5c:9d:8a:a2:10:3b:23:f6:90:4d:d1:dc:26:ef:21:
                    d6:ea:cd:ab:b5:10:21:23:3c:2d:8e:ed:bd:b2:73:
                    21:cd:6d:b1:25:db:f6:04:39:a9:ce:96:61:78:fb:
                    34:e7:45:89:e0:3a:9e:61:3c:9c:ab:c9:32:0a:11:
                    84:86:24:6b:05:d7:4f:72:47:01:a4:65:31:74:ae:
                    68:a3:a0:33:e4:c2:29:05:67:49:53:c5:38:34:81:
                    de:63:f7:84:15:b9:da:5a:20:8c:2d:cc:07:91:e1:
                    d5:57:26:7d:6c:8e:bf:b6:c1:39:c7:28:e9:cd:74:
                    cb:0a:e0:a3:0e:0f:73:fb:b9:f1:1f:f3:06:40:d6:
                    22:d8:d5:56:68:40:bf:7d:f6:0a:5e:4f:78:5d:9c:
                    1a:f9:3f:7f:9d:e5:74:90:d4:09:0b:1f:44:1a:fb:
                    4f:4c:b5:be:4f:82:f0:6c:46:5d:51:c4:0b:92:73:
                    47:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:01:CE:2B:FA:07:DA:E0:CB:19:CA:22:79:1F:6A:F8:A4:E3:22:ED
            X509v3 Authority Key Identifier:
                keyid:98:63:35:4A:11:1A:F6:D5:E1:AD:10:DA:38:AD:81:44:B6:BE:86:8E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mGM1ShEa9tXhrRDaOK2BRLa-ho4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/bea847-a783-489d-ae4b-53f57504ef35/1/VgHOK_oH2uDLGcoieR9q-KTjIu0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/bea847-a783-489d-ae4b-53f57504ef35/1/mGM1ShEa9tXhrRDaOK2BRLa-ho4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.135.101.0/24

    Signature Algorithm: sha256WithRSAEncryption
         40:ae:96:0b:3a:38:4c:31:7c:c6:12:3e:55:f5:eb:2b:83:a9:
         01:c8:bb:66:d3:54:85:8c:15:c5:ff:33:ce:75:df:53:5f:07:
         3c:ae:96:6c:a2:c5:06:7d:fa:ac:a9:f5:88:db:29:fb:17:66:
         48:c4:d3:21:8b:ea:2b:5b:10:d2:51:4a:19:85:ff:f0:2d:15:
         13:cd:1d:aa:0b:b3:86:05:a3:0c:3e:a5:22:6c:4c:0b:55:dc:
         c0:59:2c:3f:12:bc:57:59:2b:fb:ef:9d:da:e6:5f:a6:d5:61:
         9a:05:7e:56:5a:aa:98:7e:fa:09:bc:54:24:9c:61:de:fb:9e:
         c5:3c:a5:55:13:f0:50:40:7a:a2:28:e4:18:b6:a8:23:99:23:
         58:83:fe:4c:b5:17:c5:71:ae:28:1e:a0:4d:c0:db:36:86:9f:
         0e:23:33:a9:5e:1b:97:f4:08:87:40:0e:c8:15:20:d9:db:45:
         12:45:34:23:e5:7a:7e:91:b3:06:9e:87:ad:52:6d:c6:3a:f1:
         6a:26:9c:9a:5d:d1:80:51:65:eb:62:b8:63:5d:05:ff:b0:27:
         be:a2:12:45:db:2a:21:cd:36:97:56:cf:28:f8:17:5e:83:0e:
         b7:89:99:25:fa:2c:f6:89:2e:e3:f3:f3:21:bc:3a:f2:2c:36:
         a7:e9:33:f2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYr+t+CcqYiyan2Qg9lmEPb8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4NjMzNTRhMTExYWY2ZDVlMWFkMTBkYTM4YWQ4MTQ0YjZi
ZTg2OGUwHhcNMjMxMDA1MDcyMjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjAxY2UyYmZhMDdkYWUwY2IxOWNhMjI3OTFmNmFmOGE0ZTMyMmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4dtyLN/Mc7jw9THeWN0I16duaXyd
kbdR7rMd8AKSCA72S4pKkde6FLsuckxNiMP+L8xJ4JI76uHaN0hITtQ6xvc8UHpc
ZkxCUnFcnYqiEDsj9pBN0dwm7yHW6s2rtRAhIzwtju29snMhzW2xJdv2BDmpzpZh
ePs050WJ4DqeYTycq8kyChGEhiRrBddPckcBpGUxdK5oo6Az5MIpBWdJU8U4NIHe
Y/eEFbnaWiCMLcwHkeHVVyZ9bI6/tsE5xyjpzXTLCuCjDg9z+7nxH/MGQNYi2NVW
aEC/ffYKXk94XZwa+T9/neV0kNQJCx9EGvtPTLW+T4LwbEZdUcQLknNHLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFYBziv6B9rgyxnKInkfavik4yLtMB8GA1UdIwQY
MBaAFJhjNUoRGvbV4a0Q2jitgUS2voaOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUdNMVNoRWE5dFhoclJEYU9LMkJSTGEtaG80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9iZWE4NDctYTc4My00ODlkLWFlNGIt
NTNmNTc1MDRlZjM1LzEvVmdIT0tfb0gydURMR2NvaWVSOXEtS1RqSXUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9iZWE4NDctYTc4My00ODlkLWFlNGItNTNmNTc1MDRlZjM1
LzEvbUdNMVNoRWE5dFhoclJEYU9LMkJSTGEtaG80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwYdlMA0G
CSqGSIb3DQEBCwUAA4IBAQBArpYLOjhMMXzGEj5V9esrg6kByLtm01SFjBXF/zPO
dd9TXwc8rpZsosUGffqsqfWI2yn7F2ZIxNMhi+orWxDSUUoZhf/wLRUTzR2qC7OG
BaMMPqUibEwLVdzAWSw/ErxXWSv7753a5l+m1WGaBX5WWqqYfvoJvFQknGHe+57F
PKVVE/BQQHqiKOQYtqgjmSNYg/5MtRfFca4oHqBNwNs2hp8OIzOpXhuX9AiHQA7I
FSDZ20USRTQj5Xp+kbMGnoetUm3GOvFqJpyaXdGAUWXrYrhjXQX/sCe+ohJF2yoh
zTaXVs8o+Bdegw63iZkl+iz2iS7j8/MhvDryLDan6TPy
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:13 2024 by rpki-client on console-fra.rpki-client.org