Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/0167eb-0d16-4cc1-8047-142fcacd7a49/1/O7HUxg-HWkuG_hv5RVZcATSRtwQ.roa
File:                     O7HUxg-HWkuG_hv5RVZcATSRtwQ.roa (raw, json)
Hash identifier:          79jp9TBGQKkfRIpQOyfrrfCv7ycVPsmkjGFVvaWZ/Fs=
Subject key identifier:   3B:B1:D4:C6:0F:87:5A:4B:86:FE:1B:F9:45:56:5C:01:34:91:B7:04
Certificate issuer:       /CN=e3154adb5a2ed999cf1db9c1271b2209dad3449e
Certificate serial:       01856FDDDCFCA4F2CDD530F71A0A90754B89
Authority key identifier: E3:15:4A:DB:5A:2E:D9:99:CF:1D:B9:C1:27:1B:22:09:DA:D3:44:9E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4xVK21ou2ZnPHbnBJxsiCdrTRJ4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/0167eb-0d16-4cc1-8047-142fcacd7a49/1/O7HUxg-HWkuG_hv5RVZcATSRtwQ.roa
Signing time:             Mon 02 Jan 2023 00:24:49 +0000
ROA not before:           Mon 02 Jan 2023 00:24:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     34729
IP address blocks:        193.138.8.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:29:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:dd:dc:fc:a4:f2:cd:d5:30:f7:1a:0a:90:75:4b:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e3154adb5a2ed999cf1db9c1271b2209dad3449e
        Validity
            Not Before: Jan  2 00:24:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3bb1d4c60f875a4b86fe1bf945565c013491b704
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:6c:a3:0d:1c:92:58:07:8c:91:63:22:f0:d4:
                    0c:19:9a:52:2d:5a:a7:fd:0b:6a:59:96:c9:fd:d0:
                    02:f9:e1:b3:99:a6:fc:8a:47:40:6d:59:15:39:35:
                    96:68:fc:6a:f0:e0:a8:bd:b4:07:5a:ec:3b:47:f5:
                    59:b7:e4:65:70:de:e0:ba:51:f1:10:ba:c3:91:60:
                    04:68:60:3b:ec:ba:ae:13:af:56:88:c7:c0:cb:b8:
                    a3:f3:88:c0:51:71:f3:40:b8:fa:90:53:c8:b6:59:
                    82:27:8d:79:fb:3c:e5:94:b3:85:94:a3:b9:40:47:
                    56:99:fc:0e:87:65:29:0e:ad:cd:bb:e3:2f:d3:2d:
                    9b:a7:47:8f:56:b6:b2:af:2f:d1:2c:df:eb:f9:1b:
                    86:1f:d0:ab:4c:25:52:c3:5a:19:f8:aa:b4:0d:ef:
                    28:3c:1b:15:26:85:c3:f5:9e:5d:0a:b9:db:31:11:
                    ec:f8:2c:b9:ba:56:b9:7e:f5:87:8c:25:0e:d5:41:
                    45:2d:68:41:d8:59:1a:b7:46:8e:33:64:75:56:35:
                    40:dd:39:c7:2c:1d:94:c5:d6:e4:8d:8b:03:bc:6a:
                    73:48:e0:b7:8c:9d:89:66:ab:f3:ab:b1:e6:02:2c:
                    84:49:b4:6a:59:a7:e0:68:40:80:d9:1c:e6:cf:c8:
                    0f:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:B1:D4:C6:0F:87:5A:4B:86:FE:1B:F9:45:56:5C:01:34:91:B7:04
            X509v3 Authority Key Identifier:
                keyid:E3:15:4A:DB:5A:2E:D9:99:CF:1D:B9:C1:27:1B:22:09:DA:D3:44:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4xVK21ou2ZnPHbnBJxsiCdrTRJ4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/0167eb-0d16-4cc1-8047-142fcacd7a49/1/O7HUxg-HWkuG_hv5RVZcATSRtwQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/0167eb-0d16-4cc1-8047-142fcacd7a49/1/4xVK21ou2ZnPHbnBJxsiCdrTRJ4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.138.8.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ad:49:14:c5:14:1c:9e:21:b1:51:09:b9:31:0c:51:c9:99:25:
         a4:1f:15:a8:56:38:28:77:61:75:4a:d2:bf:f9:09:53:9e:62:
         52:a0:c3:4a:71:fb:83:6f:8a:c5:6f:c4:db:64:4d:7a:f3:84:
         14:41:19:10:b4:86:fc:b1:98:94:5a:3f:4b:60:72:ec:bc:fa:
         2e:f8:d9:6a:a2:41:b1:60:5e:3b:28:f1:cb:f7:54:69:8a:73:
         15:bf:d0:f1:8d:69:9c:aa:a5:fd:75:51:7a:48:0d:bb:c4:e8:
         ab:36:6a:20:e0:a4:2a:64:a0:59:4b:31:71:31:b3:30:71:e1:
         f0:e0:ca:0c:07:06:00:0b:95:7c:81:4f:e8:82:22:20:26:2e:
         70:72:3f:41:1d:92:73:b3:c8:2d:94:25:44:19:e7:84:e4:8d:
         7d:9b:74:b2:03:0e:1f:6f:13:4f:5f:09:03:f2:57:2e:58:be:
         8f:85:ee:4b:56:97:19:44:db:38:b6:ae:44:82:10:b3:7b:c6:
         ca:64:70:4d:d5:0e:25:db:03:7e:8d:ca:69:6d:1f:14:6c:84:
         e4:4f:d9:a9:ee:3f:af:05:f5:eb:6c:e3:68:0f:e6:e9:4a:32:
         f7:c9:af:c0:a2:67:1e:b5:0d:19:17:72:24:9b:56:35:5e:8d:
         6f:c5:13:c1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv3dz8pPLN1TD3GgqQdUuJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzMTU0YWRiNWEyZWQ5OTljZjFkYjljMTI3MWIyMjA5ZGFk
MzQ0OWUwHhcNMjMwMTAyMDAyNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmIxZDRjNjBmODc1YTRiODZmZTFiZjk0NTU2NWMwMTM0OTFiNzA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoGyjDRySWAeMkWMi8NQMGZpSLVqn
/QtqWZbJ/dAC+eGzmab8ikdAbVkVOTWWaPxq8OCovbQHWuw7R/VZt+RlcN7gulHx
ELrDkWAEaGA77LquE69WiMfAy7ij84jAUXHzQLj6kFPItlmCJ415+zzllLOFlKO5
QEdWmfwOh2UpDq3Nu+Mv0y2bp0ePVrayry/RLN/r+RuGH9CrTCVSw1oZ+Kq0De8o
PBsVJoXD9Z5dCrnbMRHs+Cy5ula5fvWHjCUO1UFFLWhB2Fkat0aOM2R1VjVA3TnH
LB2UxdbkjYsDvGpzSOC3jJ2JZqvzq7HmAiyESbRqWafgaECA2Rzmz8gPdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDux1MYPh1pLhv4b+UVWXAE0kbcEMB8GA1UdIwQY
MBaAFOMVSttaLtmZzx25wScbIgna00SeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHhWSzIxb3UyWm5QSGJuQkp4c2lDZHJUUko0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8wMTY3ZWItMGQxNi00Y2MxLTgwNDct
MTQyZmNhY2Q3YTQ5LzEvTzdIVXhnLUhXa3VHX2h2NVJWWmNBVFNSdHdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy8wMTY3ZWItMGQxNi00Y2MxLTgwNDctMTQyZmNhY2Q3YTQ5
LzEvNHhWSzIxb3UyWm5QSGJuQkp4c2lDZHJUUko0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwYoIMA0G
CSqGSIb3DQEBCwUAA4IBAQCtSRTFFByeIbFRCbkxDFHJmSWkHxWoVjgod2F1StK/
+QlTnmJSoMNKcfuDb4rFb8TbZE1684QUQRkQtIb8sZiUWj9LYHLsvPou+NlqokGx
YF47KPHL91RpinMVv9DxjWmcqqX9dVF6SA27xOirNmog4KQqZKBZSzFxMbMwceHw
4MoMBwYAC5V8gU/ogiIgJi5wcj9BHZJzs8gtlCVEGeeE5I19m3SyAw4fbxNPXwkD
8lcuWL6Phe5LVpcZRNs4tq5EghCze8bKZHBN1Q4l2wN+jcppbR8UbITkT9mp7j+v
BfXrbONoD+bpSjL3ya/AomcetQ0ZF3Ikm1Y1Xo1vxRPB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:22 2024 by rpki-client on console-fra.rpki-client.org