Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/ZB9p5UFI4Pt4YPPKRMto4htR0iU.roa
File:                     ZB9p5UFI4Pt4YPPKRMto4htR0iU.roa (raw, json)
Hash identifier:          lVJKJuL08YrOumlpf1SDpasAOdqhikheiqnAtMf1bsc=
Subject key identifier:   64:1F:69:E5:41:48:E0:FB:78:60:F3:CA:44:CB:68:E2:1B:51:D2:25
Certificate issuer:       /CN=4cf8ffc088591e4f243baafa21b4298bfb366026
Certificate serial:       0185734CB3C60215D4A918F9BB4E0E2EE7F6
Authority key identifier: 4C:F8:FF:C0:88:59:1E:4F:24:3B:AA:FA:21:B4:29:8B:FB:36:60:26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/ZB9p5UFI4Pt4YPPKRMto4htR0iU.roa
Signing time:             Mon 02 Jan 2023 16:24:44 +0000
ROA not before:           Mon 02 Jan 2023 16:24:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     46852
IP address blocks:        193.118.167.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:29:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:4c:b3:c6:02:15:d4:a9:18:f9:bb:4e:0e:2e:e7:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4cf8ffc088591e4f243baafa21b4298bfb366026
        Validity
            Not Before: Jan  2 16:24:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=641f69e54148e0fb7860f3ca44cb68e21b51d225
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:7c:78:62:87:6d:f8:6e:4f:2d:0a:e0:9b:01:
                    ce:c7:18:41:f0:bf:b2:3a:c3:cb:84:1e:93:2c:fe:
                    f3:2d:1a:2c:a4:a6:a7:01:f6:b8:5a:ee:5d:3f:db:
                    81:b7:f8:ac:7d:7d:3c:9a:c6:09:93:b9:39:c8:47:
                    e8:32:16:93:f5:f4:3b:23:e5:e2:eb:f9:d5:a6:e7:
                    03:d9:e5:db:a4:33:a3:0a:1d:4c:9a:41:82:28:4a:
                    12:14:16:2f:9e:3c:06:0d:aa:46:a6:80:5c:6d:f4:
                    f9:9f:ae:cc:7b:ec:19:3f:d5:5d:64:1a:2f:52:32:
                    be:ba:b1:1d:b1:12:f0:52:21:7a:36:dc:10:f9:22:
                    dc:00:09:15:f6:8b:c2:6d:15:10:25:fe:7a:f1:37:
                    38:e6:e2:af:7d:be:c2:ab:af:08:f3:37:81:55:8c:
                    e2:e4:4b:34:a2:00:c0:c2:9e:b9:f1:48:a6:83:7b:
                    41:96:f0:e2:01:a4:9c:54:43:26:8c:1b:c2:07:41:
                    b6:66:8c:bf:e8:27:d5:f5:58:be:23:c4:9b:6d:49:
                    bd:36:2c:d4:3c:3d:d8:de:84:52:ab:d4:27:1c:ad:
                    73:e7:69:14:25:4e:5d:b0:a2:fb:db:73:c8:db:36:
                    4b:58:e6:0e:eb:57:ab:e3:74:66:3d:48:b9:9a:22:
                    df:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:1F:69:E5:41:48:E0:FB:78:60:F3:CA:44:CB:68:E2:1B:51:D2:25
            X509v3 Authority Key Identifier:
                keyid:4C:F8:FF:C0:88:59:1E:4F:24:3B:AA:FA:21:B4:29:8B:FB:36:60:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/ZB9p5UFI4Pt4YPPKRMto4htR0iU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/TPj_wIhZHk8kO6r6IbQpi_s2YCY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.118.167.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0b:e6:6a:1d:46:7e:77:a8:88:70:08:c1:e9:c2:04:2e:13:80:
         1a:b4:ff:4f:8e:67:ab:3c:e1:17:d5:46:32:49:08:d8:b4:88:
         ef:3a:58:f1:71:ae:73:7c:1f:09:89:8c:26:14:d5:47:b3:f9:
         1b:f2:c7:19:52:77:0c:fb:3e:b9:a8:c3:79:c9:21:00:fa:e4:
         56:83:65:0e:74:55:7d:c7:5e:4b:2e:e3:ee:5f:48:e8:7e:63:
         3d:69:b7:cf:1f:60:6f:17:a4:ef:80:18:6d:87:99:ce:e8:d7:
         08:0c:7e:56:54:52:1c:e0:96:46:d5:4f:01:80:23:b8:74:20:
         ce:76:42:e6:a5:b5:2f:d7:fb:84:68:3d:2f:4c:3e:d5:49:f4:
         57:c7:9c:28:84:e2:44:02:df:20:34:1e:90:41:f9:2a:58:33:
         73:5d:9f:e0:7c:61:68:b9:14:b9:9a:14:6d:b0:ff:cd:b7:69:
         4d:40:97:63:ad:9f:07:3c:47:91:02:c7:9c:e6:4a:df:22:0a:
         2b:6f:b7:1f:42:a2:42:c4:64:82:6f:62:98:89:c0:95:b0:b3:
         25:07:c5:f4:a8:6d:e8:9c:f5:dc:f6:fc:9d:ab:70:0e:c8:f9:
         f5:dd:07:79:96:8d:c0:52:6b:5f:d8:56:4f:70:27:ec:dc:95:
         c1:db:73:2e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzTLPGAhXUqRj5u04OLuf2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjZjhmZmMwODg1OTFlNGYyNDNiYWFmYTIxYjQyOThiZmIz
NjYwMjYwHhcNMjMwMTAyMTYyNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDFmNjllNTQxNDhlMGZiNzg2MGYzY2E0NGNiNjhlMjFiNTFkMjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjHx4Yodt+G5PLQrgmwHOxxhB8L+y
OsPLhB6TLP7zLRospKanAfa4Wu5dP9uBt/isfX08msYJk7k5yEfoMhaT9fQ7I+Xi
6/nVpucD2eXbpDOjCh1MmkGCKEoSFBYvnjwGDapGpoBcbfT5n67Me+wZP9VdZBov
UjK+urEdsRLwUiF6NtwQ+SLcAAkV9ovCbRUQJf568Tc45uKvfb7Cq68I8zeBVYzi
5Es0ogDAwp658Uimg3tBlvDiAaScVEMmjBvCB0G2Zoy/6CfV9Vi+I8SbbUm9NizU
PD3Y3oRSq9QnHK1z52kUJU5dsKL723PI2zZLWOYO61er43RmPUi5miLffQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGQfaeVBSOD7eGDzykTLaOIbUdIlMB8GA1UdIwQY
MBaAFEz4/8CIWR5PJDuq+iG0KYv7NmAmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFBqX3dJaFpIazhrTzZyNkliUXBpX3MyWUNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9hMGEzOWMtYmUwMy00N2JiLWJkYjMt
YjNiNzhiMGI2NmVhLzEvWkI5cDVVRkk0UHQ0WVBQS1JNdG80aHRSMGlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9hMGEzOWMtYmUwMy00N2JiLWJkYjMtYjNiNzhiMGI2NmVh
LzEvVFBqX3dJaFpIazhrTzZyNkliUXBpX3MyWUNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwXanMA0G
CSqGSIb3DQEBCwUAA4IBAQAL5modRn53qIhwCMHpwgQuE4AatP9PjmerPOEX1UYy
SQjYtIjvOljxca5zfB8JiYwmFNVHs/kb8scZUncM+z65qMN5ySEA+uRWg2UOdFV9
x15LLuPuX0jofmM9abfPH2BvF6TvgBhth5nO6NcIDH5WVFIc4JZG1U8BgCO4dCDO
dkLmpbUv1/uEaD0vTD7VSfRXx5wohOJEAt8gNB6QQfkqWDNzXZ/gfGFouRS5mhRt
sP/Nt2lNQJdjrZ8HPEeRAsec5krfIgorb7cfQqJCxGSCb2KYicCVsLMlB8X0qG3o
nPXc9vydq3AOyPn13Qd5lo3AUmtf2FZPcCfs3JXB23Mu
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:42 2024 by rpki-client on console-fra.rpki-client.org