Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/QOFDZYiyiZSjMyZTjkpJpP7lAco.roa
File:                     QOFDZYiyiZSjMyZTjkpJpP7lAco.roa (raw, json)
Hash identifier:          ulTxqYVxsVgxXetIgka1KpwqCJHGILHAbZozLlEO01o=
Subject key identifier:   40:E1:43:65:88:B2:89:94:A3:33:26:53:8E:4A:49:A4:FE:E5:01:CA
Certificate issuer:       /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial:       018A1BCE14C4B2B2A54CA698929EE2D63511
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/QOFDZYiyiZSjMyZTjkpJpP7lAco.roa
Signing time:             Tue 22 Aug 2023 05:53:25 +0000
ROA not before:           Tue 22 Aug 2023 05:53:25 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     62240
IP address blocks:        194.15.98.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 22 Sep 2023 22:49:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:1b:ce:14:c4:b2:b2:a5:4c:a6:98:92:9e:e2:d6:35:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
        Validity
            Not Before: Aug 22 05:53:25 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=40e1436588b28994a33326538e4a49a4fee501ca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:4b:9e:1a:92:73:eb:c5:49:96:18:be:5d:04:
                    69:35:e6:3d:09:3c:ab:46:9a:d1:fe:df:f8:41:5b:
                    76:e9:83:b9:a7:7d:b9:fa:89:95:e5:02:23:e6:74:
                    a9:30:90:8b:7c:0f:71:d2:c5:fe:14:ae:a3:ad:85:
                    8a:7b:08:bf:fe:f7:ab:47:f1:3a:84:36:60:71:bb:
                    dd:0f:2d:10:3a:ea:c2:3c:ed:83:65:bb:77:4e:17:
                    02:e6:bb:04:db:af:c2:0e:98:1b:c6:74:07:5e:81:
                    c4:b5:95:b0:5b:34:f8:72:4d:bc:9c:88:88:fa:69:
                    39:cf:49:d4:f4:47:e8:e5:0d:46:f7:c4:4c:d3:42:
                    5f:c1:5b:c9:ca:0a:58:3c:33:87:66:f7:b7:bd:07:
                    7b:dd:d9:41:0c:89:22:f7:a7:90:98:23:0a:45:2d:
                    ca:09:ff:61:3f:45:93:06:b2:c3:45:10:09:c4:60:
                    90:89:64:33:3b:bb:e1:51:df:7d:62:ef:1b:32:23:
                    79:ca:3a:23:ed:a7:2c:8a:d8:0e:58:de:fb:0c:df:
                    34:a5:bb:fa:fa:27:41:05:cc:bc:1f:0f:2b:b1:79:
                    ed:ae:aa:f2:fa:55:a1:0e:c1:d9:04:9c:30:e5:0f:
                    1e:99:04:66:f8:ef:47:67:76:c5:4a:4d:b2:9a:e6:
                    21:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:E1:43:65:88:B2:89:94:A3:33:26:53:8E:4A:49:A4:FE:E5:01:CA
            X509v3 Authority Key Identifier:
                keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/QOFDZYiyiZSjMyZTjkpJpP7lAco.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.15.98.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9b:d0:68:f9:24:72:1a:44:15:22:5a:c8:b0:f7:fd:0b:9d:b4:
         49:9e:c8:05:0f:5e:24:ca:40:16:d0:1d:53:02:5f:94:0d:1f:
         be:ec:c6:2a:fc:fa:e2:79:8b:c0:35:10:df:34:e6:cf:5f:2b:
         13:d3:41:9b:61:26:a7:a8:7b:43:66:5c:3b:59:4d:0d:4b:e4:
         bf:1b:a6:53:75:5c:b4:ff:16:9d:42:f0:fd:9f:8f:be:d1:ed:
         4f:12:ae:c0:94:26:54:93:d4:63:aa:b4:b7:8f:68:5b:23:2e:
         a0:4f:f2:43:9f:bd:30:b4:84:c6:13:b1:51:c0:d2:51:2a:4a:
         de:3a:0d:c2:7e:39:0f:26:8b:43:2c:7e:c7:9a:82:ea:23:48:
         c8:e5:f7:35:46:74:8e:e1:05:a3:0b:f5:71:64:8d:be:0e:cf:
         f5:f7:8f:6b:88:d1:42:25:5a:c9:46:22:05:9a:b8:42:5c:4e:
         9a:b0:b1:99:56:fa:fe:89:4f:6e:53:8f:41:7e:31:97:3b:67:
         e9:7a:40:c9:52:ce:f4:4f:df:fe:32:53:66:61:c7:54:1b:d4:
         88:e0:bf:88:dc:e4:e6:3a:8a:38:b1:49:26:79:78:5f:12:89:
         0c:1c:4f:83:29:c4:77:85:06:63:90:5d:8b:5e:a2:76:08:fc:
         e9:1d:45:bc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYobzhTEsrKlTKaYkp7i1jURMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjMwODIyMDU1MzI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGUxNDM2NTg4YjI4OTk0YTMzMzI2NTM4ZTRhNDlhNGZlZTUwMWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjkueGpJz68VJlhi+XQRpNeY9CTyr
RprR/t/4QVt26YO5p325+omV5QIj5nSpMJCLfA9x0sX+FK6jrYWKewi//verR/E6
hDZgcbvdDy0QOurCPO2DZbt3ThcC5rsE26/CDpgbxnQHXoHEtZWwWzT4ck28nIiI
+mk5z0nU9Efo5Q1G98RM00JfwVvJygpYPDOHZve3vQd73dlBDIki96eQmCMKRS3K
Cf9hP0WTBrLDRRAJxGCQiWQzO7vhUd99Yu8bMiN5yjoj7acsitgOWN77DN80pbv6
+idBBcy8Hw8rsXntrqry+lWhDsHZBJww5Q8emQRm+O9HZ3bFSk2ymuYhlQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEDhQ2WIsomUozMmU45KSaT+5QHKMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvUU9GRFpZaXlpWlNqTXlaVGprcEpwUDdsQWNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwg9iMA0G
CSqGSIb3DQEBCwUAA4IBAQCb0Gj5JHIaRBUiWsiw9/0LnbRJnsgFD14kykAW0B1T
Al+UDR++7MYq/PrieYvANRDfNObPXysT00GbYSanqHtDZlw7WU0NS+S/G6ZTdVy0
/xadQvD9n4++0e1PEq7AlCZUk9RjqrS3j2hbIy6gT/JDn70wtITGE7FRwNJRKkre
Og3CfjkPJotDLH7HmoLqI0jI5fc1RnSO4QWjC/VxZI2+Ds/1949riNFCJVrJRiIF
mrhCXE6asLGZVvr+iU9uU49BfjGXO2fpekDJUs70T9/+MlNmYcdUG9SI4L+I3OTm
Ooo4sUkmeXhfEokMHE+DKcR3hQZjkF2LXqJ2CPzpHUW8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:41 2024 by rpki-client on console-fra.rpki-client.org