Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/4DsnM1fi152GN4Q2hvyDqlgh3jg.roa
File:                     4DsnM1fi152GN4Q2hvyDqlgh3jg.roa (raw, json)
Hash identifier:          LNml2G02PmudYYP8SZxyxohuvILpMEePc9MKogwg33o=
Subject key identifier:   E0:3B:27:33:57:E2:D7:9D:86:37:84:36:86:FC:83:AA:58:21:DE:38
Certificate issuer:       /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial:       018571A7B3A45E25B97CFA16F4E205CFBB58
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/4DsnM1fi152GN4Q2hvyDqlgh3jg.roa
Signing time:             Mon 02 Jan 2023 08:44:53 +0000
ROA not before:           Mon 02 Jan 2023 08:44:53 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     205301
IP address blocks:        194.242.22.0/23 maxlen: 23
                          194.242.28.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:a7:b3:a4:5e:25:b9:7c:fa:16:f4:e2:05:cf:bb:58
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
        Validity
            Not Before: Jan  2 08:44:53 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e03b273357e2d79d8637843686fc83aa5821de38
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:07:cf:70:a5:1c:8f:16:d9:81:11:28:59:6f:
                    5a:06:6a:3e:59:5e:fe:40:75:44:bf:4e:ef:7b:c1:
                    25:79:7a:3a:3d:3b:b5:66:63:23:ee:02:27:d5:de:
                    e4:0d:e0:48:29:9a:f7:69:b7:5b:1a:2e:fe:12:59:
                    76:1f:26:14:9c:3c:32:40:6b:54:2a:bf:b7:05:b7:
                    7b:da:45:34:9e:14:e0:bf:3c:ec:b4:37:6a:c4:0d:
                    c3:5b:73:2d:66:4b:36:c6:b7:f3:df:e2:cc:10:7a:
                    d7:af:7a:3a:3e:bd:23:aa:87:67:1c:50:af:1b:66:
                    ef:71:e3:ce:3f:12:72:fb:c7:e7:20:84:5a:57:11:
                    4b:3b:a5:2f:b8:97:0b:81:92:c5:5f:0d:0a:e0:1a:
                    a9:b3:1c:69:26:67:e1:fc:4b:45:a0:7d:c9:35:80:
                    ae:aa:2f:82:29:dc:60:ba:a5:e5:1a:b8:54:7c:41:
                    0a:03:6d:d2:3c:85:57:a0:3b:a7:bb:18:ca:4e:13:
                    98:69:95:b5:a6:33:a9:87:6b:34:a6:3e:15:0c:1f:
                    e9:38:2b:58:da:b2:34:9e:2f:e6:5a:1d:b1:59:ba:
                    14:40:98:4f:96:a4:69:e6:53:b1:8d:e2:8a:c5:89:
                    28:f2:22:89:2d:f1:99:4d:db:5d:4d:9f:c9:25:5f:
                    58:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:3B:27:33:57:E2:D7:9D:86:37:84:36:86:FC:83:AA:58:21:DE:38
            X509v3 Authority Key Identifier:
                keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/4DsnM1fi152GN4Q2hvyDqlgh3jg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.242.22.0/23
                  194.242.28.0/23

    Signature Algorithm: sha256WithRSAEncryption
         37:cf:f8:af:8f:1c:45:f0:89:d5:8b:dc:de:c3:5b:17:2d:70:
         2c:bb:9c:49:79:80:ca:8e:7b:52:5c:99:e7:fb:2d:7f:37:0d:
         fc:a9:81:d4:40:9a:9c:a8:3d:de:b3:0d:99:8b:80:b3:db:42:
         dd:5e:b5:99:a3:7b:63:07:92:2f:64:3b:8f:af:a1:fa:29:6e:
         f9:dd:8c:68:c7:a9:b1:70:37:42:80:9e:1c:12:98:66:1e:5d:
         b0:a5:be:44:5d:aa:56:ae:43:81:a6:57:6b:89:32:be:36:da:
         ab:76:51:a9:e5:5a:e2:06:5b:87:a0:27:c6:bb:19:a3:e3:c9:
         28:36:c5:de:f0:2b:98:c9:5b:62:20:04:20:37:c0:30:e6:b1:
         a8:23:bc:d5:14:14:91:7c:f9:93:9b:74:2f:30:76:24:f9:e2:
         c9:d8:04:c5:68:c1:fc:4a:1d:c7:55:ef:13:17:59:40:e1:b2:
         a1:ca:be:60:e6:d7:18:bd:3c:19:68:5e:8c:57:f0:af:94:1d:
         49:fb:77:6b:54:06:9a:36:d7:d3:84:cf:e1:8b:b8:37:7f:89:
         80:40:bc:33:f8:3a:1e:e1:bc:a2:f1:c5:cf:65:f1:8d:04:a3:
         06:0f:80:07:92:89:de:1a:f9:75:24:27:bb:bf:f7:42:ef:dd:
         28:17:85:51
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxp7OkXiW5fPoW9OIFz7tYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMwMTAyMDg0NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDNiMjczMzU3ZTJkNzlkODYzNzg0MzY4NmZjODNhYTU4MjFkZTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgAfPcKUcjxbZgREoWW9aBmo+WV7+
QHVEv07ve8EleXo6PTu1ZmMj7gIn1d7kDeBIKZr3abdbGi7+Ell2HyYUnDwyQGtU
Kr+3Bbd72kU0nhTgvzzstDdqxA3DW3MtZks2xrfz3+LMEHrXr3o6Pr0jqodnHFCv
G2bvcePOPxJy+8fnIIRaVxFLO6UvuJcLgZLFXw0K4BqpsxxpJmfh/EtFoH3JNYCu
qi+CKdxguqXlGrhUfEEKA23SPIVXoDunuxjKThOYaZW1pjOph2s0pj4VDB/pOCtY
2rI0ni/mWh2xWboUQJhPlqRp5lOxjeKKxYko8iKJLfGZTdtdTZ/JJV9YKwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOA7JzNX4tedhjeENob8g6pYId44MB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvNERzbk0xZmkxNTJHTjRRMmh2eURxbGdoM2pnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwvIWAwQB
wvIcMA0GCSqGSIb3DQEBCwUAA4IBAQA3z/ivjxxF8InVi9zew1sXLXAsu5xJeYDK
jntSXJnn+y1/Nw38qYHUQJqcqD3esw2Zi4Cz20LdXrWZo3tjB5IvZDuPr6H6KW75
3Yxox6mxcDdCgJ4cEphmHl2wpb5EXapWrkOBpldriTK+NtqrdlGp5VriBluHoCfG
uxmj48koNsXe8CuYyVtiIAQgN8Aw5rGoI7zVFBSRfPmTm3QvMHYk+eLJ2ATFaMH8
Sh3HVe8TF1lA4bKhyr5g5tcYvTwZaF6MV/CvlB1J+3drVAaaNtfThM/hi7g3f4mA
QLwz+Doe4byi8cXPZfGNBKMGD4AHkoneGvl1JCe7v/dC790oF4VR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:41 2024 by rpki-client on console-fra.rpki-client.org