Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/Cf0II-hpupKb0cNsxSYpAnFs_iE.roa
File:                     Cf0II-hpupKb0cNsxSYpAnFs_iE.roa (raw, json)
Hash identifier:          WP0SZrQUOhGKqhKIUAV1QpTKqYUi++QL53iBYN82wYI=
Subject key identifier:   09:FD:08:23:E8:69:BA:92:9B:D1:C3:6C:C5:26:29:02:71:6C:FE:21
Certificate issuer:       /CN=4cf8ffc088591e4f243baafa21b4298bfb366026
Certificate serial:       0187DCCF90AEE1E7A7D7E1367DB31908DF77
Authority key identifier: 4C:F8:FF:C0:88:59:1E:4F:24:3B:AA:FA:21:B4:29:8B:FB:36:60:26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/Cf0II-hpupKb0cNsxSYpAnFs_iE.roa
Signing time:             Tue 02 May 2023 14:13:23 +0000
ROA not before:           Tue 02 May 2023 14:13:23 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     141420
IP address blocks:        193.118.168.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:29:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:dc:cf:90:ae:e1:e7:a7:d7:e1:36:7d:b3:19:08:df:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4cf8ffc088591e4f243baafa21b4298bfb366026
        Validity
            Not Before: May  2 14:13:23 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=09fd0823e869ba929bd1c36cc5262902716cfe21
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:4f:77:d6:ee:cb:54:04:f2:66:9e:51:92:38:
                    8a:91:e7:f8:19:00:aa:f3:63:e4:36:08:f3:89:9d:
                    0b:c8:3c:52:76:0f:56:b0:9f:c9:f0:a6:dc:fa:70:
                    6f:6e:d6:0a:0f:27:b6:ea:ae:6e:04:47:92:7d:af:
                    72:2f:c6:a3:1b:92:c6:2f:82:c3:cf:c0:29:66:1c:
                    2b:7f:97:b1:be:83:ce:51:16:4c:a4:28:94:09:bc:
                    3c:d8:67:e4:8f:e9:4e:b2:d9:85:f9:be:44:2e:6e:
                    02:02:49:d9:e4:cd:9a:10:1c:ed:82:07:42:d3:df:
                    68:86:60:d6:12:6d:34:e7:8b:c2:7e:01:ca:96:d8:
                    ab:cb:df:f1:95:2b:60:20:b5:53:64:ec:68:c9:9f:
                    ab:29:10:19:28:99:5b:e1:a1:eb:ef:a6:54:7d:2c:
                    6c:9e:f1:4e:83:d5:e3:00:a7:db:ef:dd:7f:23:74:
                    fb:d1:46:58:2b:8c:73:7f:a6:d9:d7:48:de:27:b7:
                    ce:b3:8d:f6:4d:cf:d1:82:d9:c9:40:18:ec:12:1f:
                    15:27:d5:99:b5:66:b2:48:a4:90:ca:9c:30:f1:43:
                    11:87:ce:e8:0a:d3:45:8e:1b:1a:18:f0:aa:65:85:
                    55:29:a3:8d:15:cc:28:e9:1b:0c:f4:ce:cc:aa:3b:
                    37:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:FD:08:23:E8:69:BA:92:9B:D1:C3:6C:C5:26:29:02:71:6C:FE:21
            X509v3 Authority Key Identifier:
                keyid:4C:F8:FF:C0:88:59:1E:4F:24:3B:AA:FA:21:B4:29:8B:FB:36:60:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/Cf0II-hpupKb0cNsxSYpAnFs_iE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/TPj_wIhZHk8kO6r6IbQpi_s2YCY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.118.168.0/24

    Signature Algorithm: sha256WithRSAEncryption
         66:c4:e9:3a:ff:09:91:f9:cf:53:d1:fb:10:3a:1a:73:aa:74:
         5f:60:4d:23:a0:d7:ed:7c:22:75:f3:d3:7b:52:da:f4:26:b8:
         58:20:1f:6e:0e:42:df:ca:67:70:09:a6:df:d4:39:a0:89:f6:
         4e:a3:56:60:9c:16:37:0d:42:eb:42:0f:c9:fa:22:08:61:2d:
         39:03:c0:3b:9c:fc:d7:b7:53:9f:ca:9e:ca:0e:43:42:dc:d0:
         48:24:d9:13:07:3d:90:9e:26:d1:23:2b:b1:8e:4d:5a:34:b1:
         99:c8:a4:e3:31:f5:50:34:4d:b7:bb:f2:95:93:f1:b0:5c:40:
         17:97:71:71:cc:1e:55:c2:7b:6a:8e:01:09:4a:87:be:32:ad:
         1e:aa:fa:ab:d4:83:61:1f:90:53:a8:ee:6e:22:c7:bc:dd:c7:
         21:70:a6:37:fd:c7:ec:11:3b:30:bf:f1:a5:0b:91:66:30:03:
         a0:b0:74:df:75:d7:05:87:96:45:39:39:1e:cb:25:3a:6b:fc:
         3f:e8:80:1f:d0:f6:ee:36:44:9a:93:07:81:79:24:df:c7:6e:
         c6:70:91:bf:2a:5d:f0:5c:0d:40:be:20:b6:6a:6d:25:8e:6d:
         73:62:ce:72:0e:da:90:b2:1c:eb:22:5f:39:a7:0f:fa:5a:f9:
         98:bf:77:99
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYfcz5Cu4een1+E2fbMZCN93MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjZjhmZmMwODg1OTFlNGYyNDNiYWFmYTIxYjQyOThiZmIz
NjYwMjYwHhcNMjMwNTAyMTQxMzIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWZkMDgyM2U4NjliYTkyOWJkMWMzNmNjNTI2MjkwMjcxNmNmZTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArE931u7LVATyZp5RkjiKkef4GQCq
82PkNgjziZ0LyDxSdg9WsJ/J8Kbc+nBvbtYKDye26q5uBEeSfa9yL8ajG5LGL4LD
z8ApZhwrf5exvoPOURZMpCiUCbw82Gfkj+lOstmF+b5ELm4CAknZ5M2aEBztggdC
099ohmDWEm0054vCfgHKltiry9/xlStgILVTZOxoyZ+rKRAZKJlb4aHr76ZUfSxs
nvFOg9XjAKfb791/I3T70UZYK4xzf6bZ10jeJ7fOs432Tc/RgtnJQBjsEh8VJ9WZ
tWaySKSQypww8UMRh87oCtNFjhsaGPCqZYVVKaONFcwo6RsM9M7Mqjs3+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAn9CCPoabqSm9HDbMUmKQJxbP4hMB8GA1UdIwQY
MBaAFEz4/8CIWR5PJDuq+iG0KYv7NmAmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFBqX3dJaFpIazhrTzZyNkliUXBpX3MyWUNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9hMGEzOWMtYmUwMy00N2JiLWJkYjMt
YjNiNzhiMGI2NmVhLzEvQ2YwSUktaHB1cEtiMGNOc3hTWXBBbkZzX2lFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9hMGEzOWMtYmUwMy00N2JiLWJkYjMtYjNiNzhiMGI2NmVh
LzEvVFBqX3dJaFpIazhrTzZyNkliUXBpX3MyWUNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwXaoMA0G
CSqGSIb3DQEBCwUAA4IBAQBmxOk6/wmR+c9T0fsQOhpzqnRfYE0joNftfCJ189N7
Utr0JrhYIB9uDkLfymdwCabf1DmgifZOo1ZgnBY3DULrQg/J+iIIYS05A8A7nPzX
t1Ofyp7KDkNC3NBIJNkTBz2QnibRIyuxjk1aNLGZyKTjMfVQNE23u/KVk/GwXEAX
l3FxzB5VwntqjgEJSoe+Mq0eqvqr1INhH5BTqO5uIse83cchcKY3/cfsETswv/Gl
C5FmMAOgsHTfddcFh5ZFOTkeyyU6a/w/6IAf0PbuNkSakweBeSTfx27GcJG/Kl3w
XA1AviC2am0ljm1zYs5yDtqQshzrIl85pw/6WvmYv3eZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:42 2024 by rpki-client on console-fra.rpki-client.org