Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/3f8107-fc15-4c71-81d4-5238b03545ca/1/1jcoHNNzVlSVQ5DG4c6FDFe1hng.roa
File:                     1jcoHNNzVlSVQ5DG4c6FDFe1hng.roa (raw, json)
Hash identifier:          pbrOziYMnCn0mL7DTcyVB+XERmaJEMHP4wbs1Nzy7zA=
Subject key identifier:   D6:37:28:1C:D3:73:56:54:95:43:90:C6:E1:CE:85:0C:57:B5:86:78
Certificate issuer:       /CN=69854a57ab0d8a3c922c8f6a79aa8fe8a6a2c09e
Certificate serial:       018570027E5345B675380A41C93314FE48AD
Authority key identifier: 69:85:4A:57:AB:0D:8A:3C:92:2C:8F:6A:79:AA:8F:E8:A6:A2:C0:9E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aYVKV6sNijySLI9qeaqP6KaiwJ4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/3f8107-fc15-4c71-81d4-5238b03545ca/1/1jcoHNNzVlSVQ5DG4c6FDFe1hng.roa
Signing time:             Mon 02 Jan 2023 01:04:49 +0000
ROA not before:           Mon 02 Jan 2023 01:04:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     203836
IP address blocks:        194.34.201.0/24 maxlen: 24
                          194.34.202.0/24 maxlen: 24
                          194.34.200.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:29:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:02:7e:53:45:b6:75:38:0a:41:c9:33:14:fe:48:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=69854a57ab0d8a3c922c8f6a79aa8fe8a6a2c09e
        Validity
            Not Before: Jan  2 01:04:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d637281cd3735654954390c6e1ce850c57b58678
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:70:0c:81:f8:ac:ac:23:b0:c9:f9:17:e4:e3:
                    95:ae:de:75:da:88:44:8f:f9:55:b5:3c:fe:ef:8d:
                    9d:46:0f:6f:34:3c:14:52:30:7a:05:cb:6b:b8:a2:
                    ad:b3:9c:a6:1f:36:4b:6d:76:ce:86:b2:8b:fb:c5:
                    43:d4:b1:d5:6d:18:f5:7c:dc:e2:9f:8b:0d:6a:9f:
                    25:5b:56:e1:8b:00:df:b8:4e:b8:69:9c:38:36:cc:
                    67:27:09:99:66:bd:67:b9:a4:2e:b6:30:17:99:5e:
                    43:96:cf:37:2b:97:09:e8:6f:82:43:9b:92:89:03:
                    42:13:47:83:19:bd:cb:89:ad:bc:4d:38:c0:ca:b7:
                    69:5b:2c:a7:27:ba:7e:62:77:29:9d:1f:c2:75:9a:
                    cd:ca:9e:dc:2b:ab:5e:59:a0:2d:7b:ee:8f:d3:0b:
                    99:83:84:e0:8b:8e:d1:7a:cf:d2:18:4b:d4:99:d5:
                    70:8c:ca:af:ae:29:ec:ed:54:d2:1c:40:28:4c:4e:
                    3c:58:b7:74:98:8e:6f:d9:fe:52:f7:c2:e6:85:26:
                    c4:75:8d:71:5a:94:15:eb:a6:08:1a:fd:22:e6:c3:
                    6a:89:a0:d6:a1:93:84:aa:43:99:3a:03:c1:d0:33:
                    e6:2d:0c:8b:31:77:c7:98:44:73:21:0c:95:cb:26:
                    9f:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:37:28:1C:D3:73:56:54:95:43:90:C6:E1:CE:85:0C:57:B5:86:78
            X509v3 Authority Key Identifier:
                keyid:69:85:4A:57:AB:0D:8A:3C:92:2C:8F:6A:79:AA:8F:E8:A6:A2:C0:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aYVKV6sNijySLI9qeaqP6KaiwJ4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/3f8107-fc15-4c71-81d4-5238b03545ca/1/1jcoHNNzVlSVQ5DG4c6FDFe1hng.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/3f8107-fc15-4c71-81d4-5238b03545ca/1/aYVKV6sNijySLI9qeaqP6KaiwJ4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.34.200.0-194.34.202.255

    Signature Algorithm: sha256WithRSAEncryption
         a4:51:dc:27:7a:93:f3:9b:15:3b:63:45:4d:81:b7:10:cf:76:
         3d:96:81:69:52:b0:ce:6b:a5:1e:2b:01:9e:c0:05:2f:60:df:
         b9:be:bb:fe:84:01:aa:4b:cd:06:ab:51:cd:f8:0c:98:fd:7b:
         53:0c:20:17:bd:35:96:7a:05:2f:cd:72:a1:31:1e:87:ec:d7:
         88:26:02:77:9e:66:2b:e7:3e:45:3d:0c:a1:8f:1a:14:53:94:
         93:25:86:3c:c3:13:b6:83:6c:51:af:8e:52:32:c6:e3:7c:0d:
         2c:3f:2f:ac:10:b9:16:0d:b5:be:5c:78:19:92:af:39:3b:32:
         77:e7:9d:91:6b:22:24:ed:c9:bf:8d:07:2a:f0:34:5f:95:8d:
         8d:21:40:46:e3:ec:ac:33:97:2d:03:a2:a2:ac:32:14:eb:4c:
         46:fb:56:06:02:1e:69:d0:f0:c0:67:ee:b2:93:df:b2:d1:96:
         84:32:32:66:7a:f5:ea:14:8a:e9:65:f1:4a:35:44:6a:63:24:
         bf:7f:ea:77:d0:f6:85:56:34:af:8a:76:d6:fd:52:fd:cb:cc:
         cd:f6:3e:3b:df:f6:57:88:5d:d4:16:7a:2c:5c:11:15:dd:ef:
         14:76:8d:14:fa:3a:a9:3d:8d:d6:8c:42:02:d7:96:eb:7d:fe:
         e4:9a:c0:78
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVwAn5TRbZ1OApByTMU/kitMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5ODU0YTU3YWIwZDhhM2M5MjJjOGY2YTc5YWE4ZmU4YTZh
MmMwOWUwHhcNMjMwMTAyMDEwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjM3MjgxY2QzNzM1NjU0OTU0MzkwYzZlMWNlODUwYzU3YjU4Njc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhnAMgfisrCOwyfkX5OOVrt512ohE
j/lVtTz+742dRg9vNDwUUjB6BctruKKts5ymHzZLbXbOhrKL+8VD1LHVbRj1fNzi
n4sNap8lW1bhiwDfuE64aZw4NsxnJwmZZr1nuaQutjAXmV5Dls83K5cJ6G+CQ5uS
iQNCE0eDGb3Lia28TTjAyrdpWyynJ7p+YncpnR/CdZrNyp7cK6teWaAte+6P0wuZ
g4Tgi47Res/SGEvUmdVwjMqvrins7VTSHEAoTE48WLd0mI5v2f5S98LmhSbEdY1x
WpQV66YIGv0i5sNqiaDWoZOEqkOZOgPB0DPmLQyLMXfHmERzIQyVyyaffQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFNY3KBzTc1ZUlUOQxuHOhQxXtYZ4MB8GA1UdIwQY
MBaAFGmFSlerDYo8kiyPanmqj+imosCeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVlWS1Y2c05panlTTEk5cWVhcVA2S2Fpd0o0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS8zZjgxMDctZmMxNS00YzcxLTgxZDQt
NTIzOGIwMzU0NWNhLzEvMWpjb0hOTnpWbFNWUTVERzRjNkZERmUxaG5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS8zZjgxMDctZmMxNS00YzcxLTgxZDQtNTIzOGIwMzU0NWNh
LzEvYVlWS1Y2c05panlTTEk5cWVhcVA2S2Fpd0o0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAPCIsgD
BADCIsowDQYJKoZIhvcNAQELBQADggEBAKRR3Cd6k/ObFTtjRU2BtxDPdj2WgWlS
sM5rpR4rAZ7ABS9g37m+u/6EAapLzQarUc34DJj9e1MMIBe9NZZ6BS/NcqExHofs
14gmAneeZivnPkU9DKGPGhRTlJMlhjzDE7aDbFGvjlIyxuN8DSw/L6wQuRYNtb5c
eBmSrzk7MnfnnZFrIiTtyb+NByrwNF+VjY0hQEbj7Kwzly0DoqKsMhTrTEb7VgYC
HmnQ8MBn7rKT37LRloQyMmZ69eoUiull8Uo1RGpjJL9/6nfQ9oVWNK+Kdtb9Uv3L
zM32Pjvf9leIXdQWeixcERXd7xR2jRT6Oqk9jdaMQgLXlut9/uSawHg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:44 2024 by rpki-client on console-ams.rpki-client.org