Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/283fee-2c36-4e70-bbe4-07e36efc5e42/1/hF3FYadObTPbWbvxiBlMokqhDKo.roa
File:                     hF3FYadObTPbWbvxiBlMokqhDKo.roa (raw, json)
Hash identifier:          kZUjtw8GVZVzdcNsLSx3huVIBxTuPsqJDpvwS0+izfo=
Subject key identifier:   84:5D:C5:61:A7:4E:6D:33:DB:59:BB:F1:88:19:4C:A2:4A:A1:0C:AA
Certificate issuer:       /CN=846af54e6558cfc86252946e4692ab92777c0e10
Certificate serial:       0185701EE34C6A2C0D3D375638390957B0F0
Authority key identifier: 84:6A:F5:4E:65:58:CF:C8:62:52:94:6E:46:92:AB:92:77:7C:0E:10
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hGr1TmVYz8hiUpRuRpKrknd8DhA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/283fee-2c36-4e70-bbe4-07e36efc5e42/1/hF3FYadObTPbWbvxiBlMokqhDKo.roa
Signing time:             Mon 02 Jan 2023 01:35:50 +0000
ROA not before:           Mon 02 Jan 2023 01:35:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     198380
IP address blocks:        193.24.40.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:1e:e3:4c:6a:2c:0d:3d:37:56:38:39:09:57:b0:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=846af54e6558cfc86252946e4692ab92777c0e10
        Validity
            Not Before: Jan  2 01:35:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=845dc561a74e6d33db59bbf188194ca24aa10caa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:86:81:24:59:07:0a:5d:67:ff:48:56:8b:22:
                    0b:2b:01:4f:c4:1b:c5:da:f3:60:3d:6f:23:de:40:
                    7d:ec:12:67:55:a7:18:89:6b:39:7c:35:34:ba:68:
                    14:06:ea:ca:4b:72:81:5c:07:6a:62:56:a0:07:ad:
                    4c:87:d5:cf:c6:b6:ad:ad:75:81:dd:b7:d1:1f:16:
                    8f:87:27:17:e3:f8:64:6b:e0:1f:16:67:2a:13:b0:
                    b2:a6:da:a3:40:06:a1:ec:92:82:52:af:89:35:94:
                    5f:73:e2:86:dc:3f:cc:f7:4d:06:23:a4:52:e6:04:
                    8d:dd:94:87:a0:ba:e4:a9:be:22:ed:ba:c1:85:f7:
                    b8:58:03:5a:77:5d:29:41:f4:c3:dd:ad:67:82:f5:
                    49:10:14:2e:f1:83:45:e9:71:d9:aa:d3:b5:e1:c5:
                    f5:6e:b3:f7:7c:ee:a3:96:9e:28:b7:8c:5b:51:7a:
                    47:d3:76:8c:33:0d:5f:f6:51:c5:92:4f:1b:af:da:
                    b7:04:20:6d:30:37:cb:4f:a5:b1:ac:8d:6d:e9:3f:
                    85:98:52:10:1e:d3:9c:6b:c5:fb:b2:04:60:38:9c:
                    66:fa:cb:83:db:a1:fd:7b:90:ce:ee:37:5b:20:19:
                    df:67:3d:a1:d5:42:29:b2:fb:2e:d7:9d:21:50:91:
                    02:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:5D:C5:61:A7:4E:6D:33:DB:59:BB:F1:88:19:4C:A2:4A:A1:0C:AA
            X509v3 Authority Key Identifier:
                keyid:84:6A:F5:4E:65:58:CF:C8:62:52:94:6E:46:92:AB:92:77:7C:0E:10

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hGr1TmVYz8hiUpRuRpKrknd8DhA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/283fee-2c36-4e70-bbe4-07e36efc5e42/1/hF3FYadObTPbWbvxiBlMokqhDKo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/283fee-2c36-4e70-bbe4-07e36efc5e42/1/hGr1TmVYz8hiUpRuRpKrknd8DhA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.24.40.0/23

    Signature Algorithm: sha256WithRSAEncryption
         5f:f8:8f:a0:9e:10:99:72:72:52:16:64:4a:2b:b5:cf:40:5d:
         3f:d1:bd:63:45:4b:95:ba:b3:07:30:9f:fd:4c:a2:52:79:c1:
         26:d3:e8:86:53:9f:5b:bd:28:4c:d1:a5:fd:08:b5:44:81:fe:
         92:d6:b3:a3:66:0e:0b:71:b2:f6:54:4b:74:14:c1:c0:b1:db:
         df:0c:ff:aa:9f:87:a7:16:7c:a6:ce:d4:b4:b1:fa:03:ea:a7:
         96:0a:f2:9f:ca:c7:ee:1c:0d:e6:79:79:9e:46:18:44:fd:4d:
         0e:7f:48:6f:3c:47:31:10:39:c1:bb:83:d5:5d:f1:49:2e:a7:
         15:b0:ca:36:81:9b:4c:96:b2:ce:70:eb:57:8b:87:56:7f:72:
         15:b3:9c:62:96:a7:f8:02:52:bf:72:2d:6a:4b:7b:37:8d:d3:
         f6:42:a2:64:6f:02:97:07:4d:e5:fe:43:1f:01:64:f4:cf:16:
         7f:3d:0a:50:d8:01:74:01:a7:da:c7:0d:a6:dd:63:9b:28:1d:
         b0:da:23:cf:b7:74:3f:e1:4c:af:c1:ce:25:3b:42:e0:f4:0b:
         26:66:6a:09:17:70:3e:4e:47:af:e0:ea:b2:20:2a:d9:83:64:
         a1:0e:8d:6c:4d:3c:69:46:c3:f1:ae:3f:69:d3:18:0c:a0:97:
         14:58:fd:bd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwHuNMaiwNPTdWODkJV7DwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NmFmNTRlNjU1OGNmYzg2MjUyOTQ2ZTQ2OTJhYjkyNzc3
YzBlMTAwHhcNMjMwMTAyMDEzNTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDVkYzU2MWE3NGU2ZDMzZGI1OWJiZjE4ODE5NGNhMjRhYTEwY2FhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApIaBJFkHCl1n/0hWiyILKwFPxBvF
2vNgPW8j3kB97BJnVacYiWs5fDU0umgUBurKS3KBXAdqYlagB61Mh9XPxratrXWB
3bfRHxaPhycX4/hka+AfFmcqE7CyptqjQAah7JKCUq+JNZRfc+KG3D/M900GI6RS
5gSN3ZSHoLrkqb4i7brBhfe4WANad10pQfTD3a1ngvVJEBQu8YNF6XHZqtO14cX1
brP3fO6jlp4ot4xbUXpH03aMMw1f9lHFkk8br9q3BCBtMDfLT6WxrI1t6T+FmFIQ
HtOca8X7sgRgOJxm+suD26H9e5DO7jdbIBnfZz2h1UIpsvsu150hUJEC0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIRdxWGnTm0z21m78YgZTKJKoQyqMB8GA1UdIwQY
MBaAFIRq9U5lWM/IYlKUbkaSq5J3fA4QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEdyMVRtVll6OGhpVXBSdVJwS3JrbmQ4RGhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8yODNmZWUtMmMzNi00ZTcwLWJiZTQt
MDdlMzZlZmM1ZTQyLzEvaEYzRllhZE9iVFBiV2J2eGlCbE1va3FoREtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8yODNmZWUtMmMzNi00ZTcwLWJiZTQtMDdlMzZlZmM1ZTQy
LzEvaEdyMVRtVll6OGhpVXBSdVJwS3JrbmQ4RGhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwRgoMA0G
CSqGSIb3DQEBCwUAA4IBAQBf+I+gnhCZcnJSFmRKK7XPQF0/0b1jRUuVurMHMJ/9
TKJSecEm0+iGU59bvShM0aX9CLVEgf6S1rOjZg4LcbL2VEt0FMHAsdvfDP+qn4en
FnymztS0sfoD6qeWCvKfysfuHA3meXmeRhhE/U0Of0hvPEcxEDnBu4PVXfFJLqcV
sMo2gZtMlrLOcOtXi4dWf3IVs5xilqf4AlK/ci1qS3s3jdP2QqJkbwKXB03l/kMf
AWT0zxZ/PQpQ2AF0Aafaxw2m3WObKB2w2iPPt3Q/4Uyvwc4lO0Lg9AsmZmoJF3A+
Tkev4OqyICrZg2ShDo1sTTxpRsPxrj9p0xgMoJcUWP29
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:21 2024 by rpki-client on console-ams.rpki-client.org