Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/PnkI_ZZutmafCNSR6QAIxvkKYS4.roa
File:                     PnkI_ZZutmafCNSR6QAIxvkKYS4.roa (raw, json)
Hash identifier:          C9sHTkeImoKrHGq1AMqtVMJ0iUl8CInF4DcB0MDaUFE=
Subject key identifier:   3E:79:08:FD:96:6E:B6:66:9F:08:D4:91:E9:00:08:C6:F9:0A:61:2E
Certificate issuer:       /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial:       018E8B74333BF5086D6C50059AC9C8990048
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/PnkI_ZZutmafCNSR6QAIxvkKYS4.roa
Signing time:             Fri 29 Mar 2024 18:23:52 +0000
ROA not before:           Fri 29 Mar 2024 18:23:52 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     210542
IP address blocks:        188.209.133.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 31 Mar 2024 21:03:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:8b:74:33:3b:f5:08:6d:6c:50:05:9a:c9:c8:99:00:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
        Validity
            Not Before: Mar 29 18:23:52 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=3e7908fd966eb6669f08d491e90008c6f90a612e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:8c:d3:ef:32:02:f1:03:c6:56:34:65:f0:17:
                    aa:60:88:9d:d1:fc:d0:29:1e:ee:42:b4:7c:89:f7:
                    7e:7d:87:f3:0b:55:03:15:30:cb:49:99:4e:55:ec:
                    4b:17:be:3e:df:30:4b:96:a6:64:17:fb:99:39:10:
                    3f:3d:ef:e9:c8:23:5d:ed:d8:67:c8:f5:54:c5:10:
                    48:55:ff:07:23:f2:bc:a6:b9:4e:e8:23:a8:7f:15:
                    ef:e1:67:b8:b5:b1:a5:49:bb:75:dd:2b:71:34:b8:
                    9d:a7:1d:03:b8:20:cf:53:89:7a:2c:6e:cd:42:80:
                    4f:09:96:51:2e:37:4a:9c:dd:3e:b2:9b:5b:da:0e:
                    6c:39:be:f0:50:54:46:f7:f8:d5:43:f7:e7:bb:3c:
                    53:e1:43:b7:be:25:6f:e2:c8:8e:cc:bd:95:69:a4:
                    d0:5b:9c:37:c1:68:e7:3d:58:e6:8c:1b:63:e6:5d:
                    d7:b0:31:9f:26:c1:98:ef:b1:ec:1c:f3:90:18:3a:
                    a0:ae:22:35:aa:66:13:77:4d:bb:23:e9:ae:2e:91:
                    ee:6a:56:48:a3:7b:08:99:7f:f7:09:24:89:bc:c0:
                    a2:94:10:66:98:1d:4f:e6:0e:3b:c9:9c:73:95:34:
                    b4:8f:08:e9:5c:33:83:e4:1e:d7:62:8a:21:fb:b1:
                    9c:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:79:08:FD:96:6E:B6:66:9F:08:D4:91:E9:00:08:C6:F9:0A:61:2E
            X509v3 Authority Key Identifier:
                keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/PnkI_ZZutmafCNSR6QAIxvkKYS4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.209.133.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7d:f1:c5:d1:8f:88:d6:90:31:56:03:04:ad:a6:20:5c:53:23:
         88:b9:83:d9:59:6c:2d:6d:79:eb:bf:ff:2f:89:2e:b6:4d:2d:
         3a:2d:d4:b2:52:23:0c:dc:aa:c1:0e:46:c2:29:c2:76:53:34:
         70:89:05:d9:da:5e:f7:f1:67:8a:a3:a6:49:09:82:58:09:4a:
         24:c7:f8:8a:3d:8a:aa:dc:a2:b8:1a:75:7c:55:21:8b:1f:2a:
         5a:87:97:90:33:1f:74:d1:b2:58:c7:85:92:d9:de:fc:ec:d4:
         a9:e1:f2:aa:01:c7:5d:ab:b8:b2:85:9e:62:20:35:f8:cc:fb:
         cd:4d:3f:0b:c6:e4:ec:fb:69:15:1a:19:45:a3:60:01:9a:f5:
         17:5b:a8:77:95:8b:fa:8a:68:42:79:08:fe:b1:f9:fe:56:93:
         10:a8:39:91:f0:31:29:e1:67:6e:79:ba:2f:a1:28:69:8a:63:
         57:62:46:01:29:d8:a8:46:13:5b:12:34:8e:37:f9:1a:68:bd:
         d1:35:e4:93:fa:d2:13:41:83:65:c8:fd:90:07:74:f3:bc:76:
         d2:bb:1b:7b:bd:b1:2b:b8:78:38:72:c5:72:02:12:6b:e2:b8:
         24:f0:b7:34:f5:1a:00:7d:d5:3a:ca:27:1d:93:c1:6c:83:48:
         7c:f6:6a:a0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY6LdDM79QhtbFAFmsnImQBIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjQwMzI5MTgyMzUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTc5MDhmZDk2NmViNjY2OWYwOGQ0OTFlOTAwMDhjNmY5MGE2MTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiYzT7zIC8QPGVjRl8BeqYIid0fzQ
KR7uQrR8ifd+fYfzC1UDFTDLSZlOVexLF74+3zBLlqZkF/uZORA/Pe/pyCNd7dhn
yPVUxRBIVf8HI/K8prlO6COofxXv4We4tbGlSbt13StxNLidpx0DuCDPU4l6LG7N
QoBPCZZRLjdKnN0+sptb2g5sOb7wUFRG9/jVQ/fnuzxT4UO3viVv4siOzL2VaaTQ
W5w3wWjnPVjmjBtj5l3XsDGfJsGY77HsHPOQGDqgriI1qmYTd027I+muLpHualZI
o3sImX/3CSSJvMCilBBmmB1P5g47yZxzlTS0jwjpXDOD5B7XYooh+7Gc9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD55CP2WbrZmnwjUkekACMb5CmEuMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvUG5rSV9aWnV0bWFmQ05TUjZRQUl4dmtLWVM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvNGFMA0G
CSqGSIb3DQEBCwUAA4IBAQB98cXRj4jWkDFWAwStpiBcUyOIuYPZWWwtbXnrv/8v
iS62TS06LdSyUiMM3KrBDkbCKcJ2UzRwiQXZ2l738WeKo6ZJCYJYCUokx/iKPYqq
3KK4GnV8VSGLHypah5eQMx900bJYx4WS2d787NSp4fKqAcddq7iyhZ5iIDX4zPvN
TT8LxuTs+2kVGhlFo2ABmvUXW6h3lYv6imhCeQj+sfn+VpMQqDmR8DEp4Wduebov
oShpimNXYkYBKdioRhNbEjSON/kaaL3RNeST+tITQYNlyP2QB3TzvHbSuxt7vbEr
uHg4csVyAhJr4rgk8Lc09RoAfdU6yicdk8Fsg0h89mqg
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:41 2024 by rpki-client on console-fra.rpki-client.org