Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/K81Iww4IKjKF8Gzeet86u9gxo7I.roa
File:                     K81Iww4IKjKF8Gzeet86u9gxo7I.roa (raw, json)
Hash identifier:          Mk0R3PBh2ANPgkRjWykPpnTSGOsSG6yRpKIJ7I7fogQ=
Subject key identifier:   2B:CD:48:C3:0E:08:2A:32:85:F0:6C:DE:7A:DF:3A:BB:D8:31:A3:B2
Certificate issuer:       /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial:       018B6A3714502A06EE6D81F67D66FC767002
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/K81Iww4IKjKF8Gzeet86u9gxo7I.roa
Signing time:             Thu 26 Oct 2023 04:21:16 +0000
ROA not before:           Thu 26 Oct 2023 04:21:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     5065
IP address blocks:        194.15.96.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:6a:37:14:50:2a:06:ee:6d:81:f6:7d:66:fc:76:70:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
        Validity
            Not Before: Oct 26 04:21:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2bcd48c30e082a3285f06cde7adf3abbd831a3b2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:77:30:dd:91:dc:af:bc:40:3e:fa:2e:64:c9:
                    3d:29:09:aa:cc:31:5a:26:91:14:6d:e2:a8:41:c0:
                    95:4a:3f:b1:9d:45:21:c8:73:7b:c3:34:fc:b4:ea:
                    05:b2:57:4e:67:17:2f:a4:14:8f:ae:c7:d5:fd:e8:
                    9f:5c:6a:f7:fa:1b:7f:45:9f:87:e9:21:c4:bd:ff:
                    f2:fb:14:0a:1d:28:5f:d2:b3:97:31:1c:61:8c:c6:
                    d0:88:cc:de:c0:2f:4e:d6:ee:a7:71:93:8d:e0:81:
                    77:62:76:88:67:62:1c:7f:32:e1:1c:fe:54:fa:a4:
                    9c:95:eb:16:60:ef:0c:b0:1b:ec:e5:8f:20:be:81:
                    e9:7e:4b:30:f1:61:39:17:c1:cc:eb:93:42:07:a6:
                    0f:aa:c5:9d:48:56:ad:5e:27:89:b7:e5:be:55:f9:
                    40:37:e3:f8:35:34:2e:df:fb:6b:7e:f1:85:81:51:
                    de:5f:30:d5:24:f8:66:f0:66:1f:c3:a9:2a:39:2f:
                    b2:e6:82:10:7d:e6:bb:29:ad:7e:a0:3d:61:3e:a7:
                    3d:02:f0:99:af:34:54:22:6a:80:7c:93:53:08:96:
                    15:f7:85:bb:ee:7a:6a:bf:50:5a:9f:e1:be:e0:13:
                    da:34:ee:eb:c1:8e:b3:c4:04:8f:9c:24:97:68:a4:
                    92:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:CD:48:C3:0E:08:2A:32:85:F0:6C:DE:7A:DF:3A:BB:D8:31:A3:B2
            X509v3 Authority Key Identifier:
                keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/K81Iww4IKjKF8Gzeet86u9gxo7I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.15.96.0/24

    Signature Algorithm: sha256WithRSAEncryption
         87:82:11:a1:5b:20:62:af:72:49:91:54:32:cc:96:ec:92:6c:
         c6:13:9a:90:bd:76:0e:eb:66:7c:46:90:68:79:e2:cc:46:1a:
         7a:46:7f:ab:1f:60:0a:f3:7d:7b:08:19:af:50:63:aa:38:cc:
         44:d2:ac:8f:1f:c4:cc:d6:86:af:76:4f:8b:b8:12:d0:f7:a5:
         fb:48:c7:4c:9e:d2:7e:c9:8e:e4:75:8a:81:da:ee:29:ed:45:
         c2:ea:73:bc:50:12:ea:bd:34:7e:fa:ec:45:7a:96:45:50:01:
         b5:58:ba:34:cf:70:a5:16:d3:81:73:79:0a:50:d4:08:e8:6e:
         63:18:3f:d5:d1:40:2c:ed:b4:35:05:7f:31:39:eb:52:49:cf:
         bd:7e:a0:ad:a3:5a:bc:d5:f5:70:a3:28:4f:b1:f4:c2:ee:b7:
         5c:17:7c:7c:91:7e:31:70:85:c6:b9:8d:30:dc:2e:43:a9:a3:
         83:5a:1f:e0:4f:8d:de:09:46:ed:77:39:7e:ec:e7:55:c7:39:
         f0:a2:77:2f:ff:c1:77:de:e2:84:38:4b:76:7c:85:87:f6:91:
         d8:99:45:35:ad:0b:56:12:03:dc:f1:60:cc:27:b4:81:0a:36:
         44:47:7a:37:03:62:e7:89:a2:83:33:69:aa:cf:57:2d:4f:21:
         5a:ad:33:b2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYtqNxRQKgbubYH2fWb8dnACMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjMxMDI2MDQyMTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmNkNDhjMzBlMDgyYTMyODVmMDZjZGU3YWRmM2FiYmQ4MzFhM2IyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkXcw3ZHcr7xAPvouZMk9KQmqzDFa
JpEUbeKoQcCVSj+xnUUhyHN7wzT8tOoFsldOZxcvpBSPrsfV/eifXGr3+ht/RZ+H
6SHEvf/y+xQKHShf0rOXMRxhjMbQiMzewC9O1u6ncZON4IF3YnaIZ2IcfzLhHP5U
+qSclesWYO8MsBvs5Y8gvoHpfksw8WE5F8HM65NCB6YPqsWdSFatXieJt+W+VflA
N+P4NTQu3/trfvGFgVHeXzDVJPhm8GYfw6kqOS+y5oIQfea7Ka1+oD1hPqc9AvCZ
rzRUImqAfJNTCJYV94W77npqv1Ban+G+4BPaNO7rwY6zxASPnCSXaKSS+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCvNSMMOCCoyhfBs3nrfOrvYMaOyMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvSzgxSXd3NElLaktGOEd6ZWV0ODZ1OWd4bzdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwg9gMA0G
CSqGSIb3DQEBCwUAA4IBAQCHghGhWyBir3JJkVQyzJbskmzGE5qQvXYO62Z8RpBo
eeLMRhp6Rn+rH2AK8317CBmvUGOqOMxE0qyPH8TM1oavdk+LuBLQ96X7SMdMntJ+
yY7kdYqB2u4p7UXC6nO8UBLqvTR++uxFepZFUAG1WLo0z3ClFtOBc3kKUNQI6G5j
GD/V0UAs7bQ1BX8xOetSSc+9fqCto1q81fVwoyhPsfTC7rdcF3x8kX4xcIXGuY0w
3C5DqaODWh/gT43eCUbtdzl+7OdVxznwoncv/8F33uKEOEt2fIWH9pHYmUU1rQtW
EgPc8WDMJ7SBCjZER3o3A2LniaKDM2mqz1ctTyFarTOy
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:54 2024 by rpki-client on console-ams.rpki-client.org