Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/fKoyj4D_n25qHHM3I2K4Zcvuzjs.roa
File:                     fKoyj4D_n25qHHM3I2K4Zcvuzjs.roa (raw, json)
Hash identifier:          phK0N2oWdY0lMQ9cNdRISF37/cSVSVFo+n7/2LodExU=
Subject key identifier:   7C:AA:32:8F:80:FF:9F:6E:6A:1C:73:37:23:62:B8:65:CB:EE:CE:3B
Certificate issuer:       /CN=4cf8ffc088591e4f243baafa21b4298bfb366026
Certificate serial:       0185734CACE5BBC4184E3197C9C1502E1AFA
Authority key identifier: 4C:F8:FF:C0:88:59:1E:4F:24:3B:AA:FA:21:B4:29:8B:FB:36:60:26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/fKoyj4D_n25qHHM3I2K4Zcvuzjs.roa
Signing time:             Mon 02 Jan 2023 16:24:42 +0000
ROA not before:           Mon 02 Jan 2023 16:24:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     11895
IP address blocks:        193.118.166.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:29:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:4c:ac:e5:bb:c4:18:4e:31:97:c9:c1:50:2e:1a:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4cf8ffc088591e4f243baafa21b4298bfb366026
        Validity
            Not Before: Jan  2 16:24:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7caa328f80ff9f6e6a1c73372362b865cbeece3b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:d9:08:62:dd:71:61:23:3e:66:44:a5:68:1e:
                    d7:ed:ff:44:83:3c:ab:1f:31:3a:60:f5:9d:13:12:
                    fd:bd:ce:f2:16:d4:4c:0c:b7:3f:43:7a:ad:ab:09:
                    80:29:81:77:79:6a:81:ba:ef:54:25:03:84:7b:bb:
                    45:f4:63:26:35:d4:85:f1:20:16:b6:56:95:03:21:
                    99:04:9b:e9:84:16:ea:f4:19:28:be:e6:f0:a6:b8:
                    19:a3:69:04:bc:1b:5d:90:dd:fa:6b:83:1c:4b:e9:
                    e3:be:19:89:9b:5c:82:b3:c3:04:1f:44:8b:3a:41:
                    4f:a5:76:12:11:48:bf:3f:46:bb:32:41:33:8a:64:
                    09:f6:c8:c0:43:8c:e4:00:84:f4:05:75:b9:33:f4:
                    52:62:d1:cc:bc:83:1a:fe:31:24:6b:00:cf:5d:28:
                    37:ea:31:5d:f3:96:59:55:90:d2:57:39:b7:d3:0a:
                    67:e2:f6:49:dc:ea:4a:e6:92:fb:25:a0:68:59:56:
                    00:52:4b:ac:94:09:9e:f0:87:bf:4f:c3:e6:75:ce:
                    5e:28:b9:09:d8:2e:bd:58:93:04:04:bc:5b:da:3f:
                    4c:41:95:68:f2:d9:e3:65:19:9b:14:d5:b0:05:e7:
                    c0:53:9a:fc:69:e9:e5:81:91:e8:5a:44:7e:41:67:
                    67:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:AA:32:8F:80:FF:9F:6E:6A:1C:73:37:23:62:B8:65:CB:EE:CE:3B
            X509v3 Authority Key Identifier:
                keyid:4C:F8:FF:C0:88:59:1E:4F:24:3B:AA:FA:21:B4:29:8B:FB:36:60:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/fKoyj4D_n25qHHM3I2K4Zcvuzjs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/TPj_wIhZHk8kO6r6IbQpi_s2YCY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.118.166.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1d:ef:87:0d:0d:d7:56:5c:fe:a4:d3:ea:e3:13:b5:85:00:ba:
         b4:f9:c7:95:36:ae:f4:0a:4a:76:93:52:10:fb:e0:2b:e0:0b:
         83:f0:a0:03:59:af:42:52:71:6f:29:3b:f9:e5:04:e6:88:22:
         93:7d:a6:1f:20:b1:11:79:a4:4e:e6:4d:ee:f6:d1:cf:f5:cb:
         1f:6d:a3:41:db:0a:f3:89:af:77:2f:16:77:ad:b7:48:d5:35:
         bf:3b:73:67:68:82:a0:bb:4d:99:de:d7:10:c9:8e:3c:5a:4c:
         cd:3a:d8:96:fc:e2:a3:16:20:21:ac:61:cf:f0:b0:ff:2f:a4:
         28:9c:e4:a7:91:0a:08:09:87:98:59:35:68:ad:d5:05:32:a7:
         53:88:0b:00:c3:b9:24:5a:fd:db:02:e9:86:7b:2d:ef:8c:50:
         a9:66:7d:f3:61:d5:a2:f5:6f:a0:d4:4f:c8:01:24:d6:ac:47:
         9b:2a:3e:0a:db:ab:d5:fb:01:51:55:6a:36:74:93:1e:f9:35:
         28:45:7e:fc:08:da:dc:56:3c:e3:1a:4c:48:84:c5:ba:c5:44:
         95:ca:bf:b3:fd:05:c9:6b:a1:c5:93:e0:da:e5:20:c1:ab:93:
         ac:fe:b5:f6:82:ce:7a:18:b6:d4:64:d9:dd:e7:6d:35:32:e3:
         2c:58:fb:7d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzTKzlu8QYTjGXycFQLhr6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjZjhmZmMwODg1OTFlNGYyNDNiYWFmYTIxYjQyOThiZmIz
NjYwMjYwHhcNMjMwMTAyMTYyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2FhMzI4ZjgwZmY5ZjZlNmExYzczMzcyMzYyYjg2NWNiZWVjZTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm9kIYt1xYSM+ZkSlaB7X7f9Egzyr
HzE6YPWdExL9vc7yFtRMDLc/Q3qtqwmAKYF3eWqBuu9UJQOEe7tF9GMmNdSF8SAW
tlaVAyGZBJvphBbq9BkovubwprgZo2kEvBtdkN36a4McS+njvhmJm1yCs8MEH0SL
OkFPpXYSEUi/P0a7MkEzimQJ9sjAQ4zkAIT0BXW5M/RSYtHMvIMa/jEkawDPXSg3
6jFd85ZZVZDSVzm30wpn4vZJ3OpK5pL7JaBoWVYAUkuslAme8Ie/T8Pmdc5eKLkJ
2C69WJMEBLxb2j9MQZVo8tnjZRmbFNWwBefAU5r8aenlgZHoWkR+QWdnoQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHyqMo+A/59uahxzNyNiuGXL7s47MB8GA1UdIwQY
MBaAFEz4/8CIWR5PJDuq+iG0KYv7NmAmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFBqX3dJaFpIazhrTzZyNkliUXBpX3MyWUNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9hMGEzOWMtYmUwMy00N2JiLWJkYjMt
YjNiNzhiMGI2NmVhLzEvZktveWo0RF9uMjVxSEhNM0kySzRaY3Z1empzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9hMGEzOWMtYmUwMy00N2JiLWJkYjMtYjNiNzhiMGI2NmVh
LzEvVFBqX3dJaFpIazhrTzZyNkliUXBpX3MyWUNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwXamMA0G
CSqGSIb3DQEBCwUAA4IBAQAd74cNDddWXP6k0+rjE7WFALq0+ceVNq70Ckp2k1IQ
++Ar4AuD8KADWa9CUnFvKTv55QTmiCKTfaYfILEReaRO5k3u9tHP9csfbaNB2wrz
ia93LxZ3rbdI1TW/O3NnaIKgu02Z3tcQyY48WkzNOtiW/OKjFiAhrGHP8LD/L6Qo
nOSnkQoICYeYWTVordUFMqdTiAsAw7kkWv3bAumGey3vjFCpZn3zYdWi9W+g1E/I
ASTWrEebKj4K26vV+wFRVWo2dJMe+TUoRX78CNrcVjzjGkxIhMW6xUSVyr+z/QXJ
a6HFk+Da5SDBq5Os/rX2gs56GLbUZNnd5201MuMsWPt9
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:42 2024 by rpki-client on console-fra.rpki-client.org