Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/OvwAEeafkwhtRlqSPBv-GtW507Y.roa
File:                     OvwAEeafkwhtRlqSPBv-GtW507Y.roa (raw, json)
Hash identifier:          zhQPiQQBiFh0sf0oydSXUShLDELhVPLUuZDZIdwGUJg=
Subject key identifier:   3A:FC:00:11:E6:9F:93:08:6D:46:5A:92:3C:1B:FE:1A:D5:B9:D3:B6
Certificate issuer:       /CN=347b487848fff63533d87c324ecc51c2c3ea2adb
Certificate serial:       01856C53CE965EE6A20FA02073C1454C34A1
Authority key identifier: 34:7B:48:78:48:FF:F6:35:33:D8:7C:32:4E:CC:51:C2:C3:EA:2A:DB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NHtIeEj_9jUz2HwyTsxRwsPqKts.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/OvwAEeafkwhtRlqSPBv-GtW507Y.roa
Signing time:             Sun 01 Jan 2023 07:55:09 +0000
ROA not before:           Sun 01 Jan 2023 07:55:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     8796
IP address blocks:        193.227.121.0/24 maxlen: 24
                          45.153.8.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:31:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:53:ce:96:5e:e6:a2:0f:a0:20:73:c1:45:4c:34:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=347b487848fff63533d87c324ecc51c2c3ea2adb
        Validity
            Not Before: Jan  1 07:55:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3afc0011e69f93086d465a923c1bfe1ad5b9d3b6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:2f:ad:36:fd:69:f8:37:19:c0:37:f4:14:1e:
                    43:15:aa:e7:d6:40:2e:df:aa:1b:47:ae:d2:1a:eb:
                    71:9b:9e:02:d0:5b:15:21:b5:8e:97:34:3e:1f:c8:
                    b8:4f:5a:cb:e4:b3:ad:77:d9:eb:33:b5:b1:19:7a:
                    d9:cb:6e:76:0f:e1:18:26:57:5e:43:2c:c4:98:2e:
                    30:7e:2c:8f:24:dd:06:d7:ae:5c:68:28:99:bb:35:
                    03:e7:62:8a:86:e3:25:b7:39:18:d6:b0:42:2e:44:
                    1d:19:0e:ea:ff:b3:a7:d2:cf:26:30:49:3a:20:e3:
                    c6:f9:15:28:42:8f:a2:e3:fa:5b:62:fa:7c:eb:2c:
                    ca:d0:e2:2e:c2:5a:6b:08:38:08:c9:a2:89:1d:f8:
                    c4:5d:0b:6c:f9:d0:ba:85:a4:3e:ec:70:69:20:ae:
                    2b:34:71:e2:9c:7f:58:50:0f:2c:4e:26:f4:f8:e1:
                    ed:e4:bc:66:e3:8f:fb:0d:30:54:8b:73:85:30:48:
                    72:31:f1:12:ed:f7:3c:85:11:1c:bc:a5:92:84:df:
                    c3:10:a4:4a:bd:c9:93:20:3a:f7:76:27:a3:81:fc:
                    10:4b:bd:a7:1b:47:90:11:d4:a8:ca:11:80:9f:db:
                    74:52:5e:55:d3:93:c7:b0:76:26:8b:98:91:6d:86:
                    87:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:FC:00:11:E6:9F:93:08:6D:46:5A:92:3C:1B:FE:1A:D5:B9:D3:B6
            X509v3 Authority Key Identifier:
                keyid:34:7B:48:78:48:FF:F6:35:33:D8:7C:32:4E:CC:51:C2:C3:EA:2A:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NHtIeEj_9jUz2HwyTsxRwsPqKts.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/OvwAEeafkwhtRlqSPBv-GtW507Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/NHtIeEj_9jUz2HwyTsxRwsPqKts.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.153.8.0/23
                  193.227.121.0/24

    Signature Algorithm: sha256WithRSAEncryption
         d2:cc:38:af:3d:89:99:28:87:bc:a5:e5:76:e3:39:5d:36:67:
         b0:26:17:c5:c2:a1:3b:11:43:6d:7b:e1:0b:b9:be:0b:4d:ab:
         1d:61:dd:ed:5e:54:40:95:ce:c8:2c:d1:f3:55:20:15:42:c1:
         d7:6f:cd:b0:bd:1c:c8:7c:3f:59:c3:f8:b3:ae:02:7b:75:37:
         01:1d:32:21:43:2d:a8:1a:47:76:de:2d:ee:77:04:67:51:6c:
         5d:ec:db:2d:0b:48:11:87:c5:19:3b:9c:70:99:13:31:72:f0:
         5b:f5:be:97:ff:a6:61:ab:6b:c9:b2:3d:21:64:15:fa:0d:a3:
         ba:b7:2a:be:c1:98:0f:ce:6b:c0:97:44:f8:69:9d:b7:63:3e:
         22:d8:75:4a:54:d3:5c:1b:be:ab:35:f6:96:ee:a5:5b:6d:83:
         4c:52:79:21:ce:c3:98:a4:74:5c:d3:57:67:48:a0:20:81:1f:
         4a:33:ae:b3:dd:53:4b:0d:70:a2:64:e5:11:01:94:77:18:3b:
         e2:a3:0b:24:a2:71:dc:82:f9:3d:23:86:5d:c2:1a:99:5e:eb:
         93:84:59:6d:86:6d:c9:59:b7:36:4d:bd:af:a1:eb:c3:97:d6:
         1e:bb:48:e4:a7:a1:49:ff:41:c6:ed:64:e3:4d:5a:b4:aa:dd:
         47:12:e0:01
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVsU86WXuaiD6Agc8FFTDShMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0N2I0ODc4NDhmZmY2MzUzM2Q4N2MzMjRlY2M1MWMyYzNl
YTJhZGIwHhcNMjMwMTAxMDc1NTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWZjMDAxMWU2OWY5MzA4NmQ0NjVhOTIzYzFiZmUxYWQ1YjlkM2I2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgS+tNv1p+DcZwDf0FB5DFarn1kAu
36obR67SGutxm54C0FsVIbWOlzQ+H8i4T1rL5LOtd9nrM7WxGXrZy252D+EYJlde
QyzEmC4wfiyPJN0G165caCiZuzUD52KKhuMltzkY1rBCLkQdGQ7q/7On0s8mMEk6
IOPG+RUoQo+i4/pbYvp86yzK0OIuwlprCDgIyaKJHfjEXQts+dC6haQ+7HBpIK4r
NHHinH9YUA8sTib0+OHt5Lxm44/7DTBUi3OFMEhyMfES7fc8hREcvKWShN/DEKRK
vcmTIDr3diejgfwQS72nG0eQEdSoyhGAn9t0Ul5V05PHsHYmi5iRbYaHqQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDr8ABHmn5MIbUZakjwb/hrVudO2MB8GA1UdIwQY
MBaAFDR7SHhI//Y1M9h8Mk7MUcLD6irbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkh0SWVFal85alV6Mkh3eVRzeFJ3c1BxS3RzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9iYzcxMjItNGQxYi00NmE3LWFlY2It
MjMwYjNiNzJhMTc1LzEvT3Z3QUVlYWZrd2h0UmxxU1BCdi1HdFc1MDdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9iYzcxMjItNGQxYi00NmE3LWFlY2ItMjMwYjNiNzJhMTc1
LzEvTkh0SWVFal85alV6Mkh3eVRzeFJ3c1BxS3RzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLZkIAwQA
weN5MA0GCSqGSIb3DQEBCwUAA4IBAQDSzDivPYmZKIe8peV24zldNmewJhfFwqE7
EUNte+ELub4LTasdYd3tXlRAlc7ILNHzVSAVQsHXb82wvRzIfD9Zw/izrgJ7dTcB
HTIhQy2oGkd23i3udwRnUWxd7NstC0gRh8UZO5xwmRMxcvBb9b6X/6Zhq2vJsj0h
ZBX6DaO6tyq+wZgPzmvAl0T4aZ23Yz4i2HVKVNNcG76rNfaW7qVbbYNMUnkhzsOY
pHRc01dnSKAggR9KM66z3VNLDXCiZOURAZR3GDviowskonHcgvk9I4ZdwhqZXuuT
hFlthm3JWbc2Tb2voevDl9Yeu0jkp6FJ/0HG7WTjTVq0qt1HEuAB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:00 2024 by rpki-client on console-fra.rpki-client.org