Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/W9RX_ez5kg9Bxwm60xeJ70cNbew.roa
File:                     W9RX_ez5kg9Bxwm60xeJ70cNbew.roa (raw, json)
Hash identifier:          Mcx+VfoD7itrYDgyvMBj+esNyqMeindmIPgv709+3as=
Subject key identifier:   5B:D4:57:FD:EC:F9:92:0F:41:C7:09:BA:D3:17:89:EF:47:0D:6D:EC
Certificate issuer:       /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial:       018CC2DB34CA3EFF2F722208DBDD8105B5DC
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/W9RX_ez5kg9Bxwm60xeJ70cNbew.roa
Signing time:             Mon 01 Jan 2024 02:29:54 +0000
ROA not before:           Mon 01 Jan 2024 02:29:54 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     49981
IP address blocks:        194.15.98.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 04 Jan 2024 06:06:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c2:db:34:ca:3e:ff:2f:72:22:08:db:dd:81:05:b5:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
        Validity
            Not Before: Jan  1 02:29:54 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=5bd457fdecf9920f41c709bad31789ef470d6dec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:82:4f:24:37:af:36:62:09:f6:84:58:40:4a:
                    2a:86:5c:10:a4:49:48:4b:c1:fd:97:5e:2f:8e:21:
                    bb:e4:a3:b9:b4:8a:02:e0:79:7c:02:35:b7:2b:90:
                    98:9a:d1:87:6e:c1:25:0f:df:37:d8:c8:ba:f5:d1:
                    c7:b8:15:e9:cc:52:56:f2:d1:79:31:eb:85:f2:45:
                    89:34:91:ab:3f:f0:16:ab:2d:9d:7a:4c:e1:5e:74:
                    e8:a2:7d:b0:7b:eb:4e:55:24:8a:6c:5f:34:c7:c6:
                    51:18:ac:fd:85:3a:a8:2f:63:4f:6f:04:e1:90:2b:
                    75:21:ad:22:63:fd:f8:01:8f:bc:1d:13:4b:e8:c7:
                    6f:b3:b0:ce:97:71:0b:0a:f8:0b:0e:d4:92:09:1f:
                    af:58:b4:77:ad:3b:17:c4:61:56:59:b1:18:2c:68:
                    a4:4a:db:ff:4f:e2:3d:54:50:a0:93:48:f6:a5:7c:
                    19:2f:24:0c:63:de:1b:b8:78:e8:35:b4:69:8b:3a:
                    7b:fb:b0:03:49:5e:3a:46:e4:ec:6b:ff:69:79:70:
                    00:88:75:48:dc:3b:9d:5d:cf:35:9f:af:81:89:83:
                    25:e8:16:f4:5e:16:c2:fb:c1:79:d8:af:b9:d9:6c:
                    7a:02:ff:6d:37:4c:e6:1c:b3:30:17:ac:ea:1f:8a:
                    79:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:D4:57:FD:EC:F9:92:0F:41:C7:09:BA:D3:17:89:EF:47:0D:6D:EC
            X509v3 Authority Key Identifier:
                keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/W9RX_ez5kg9Bxwm60xeJ70cNbew.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.15.98.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2d:44:93:47:4c:b6:06:4d:7c:93:74:78:c7:26:90:a8:d3:4d:
         22:78:95:e9:3a:97:a5:6f:b2:19:41:ea:b5:52:63:f1:7b:cb:
         f1:71:f6:b0:38:1d:1a:89:74:80:8d:6c:30:ec:27:07:15:ba:
         45:2b:d5:e6:d9:cc:76:87:80:c6:7f:97:6f:13:58:bc:d5:fa:
         39:2e:54:2f:1b:b7:09:02:64:64:90:30:58:77:25:3a:7c:f6:
         3f:f6:03:8c:0f:8f:94:de:ca:65:ed:b8:b3:fb:b3:e1:1a:de:
         19:a8:ac:9c:0e:cb:64:48:fa:a9:71:15:5c:af:6d:67:de:7c:
         29:96:91:55:50:2f:3b:a6:1c:4b:81:e1:82:06:13:25:49:a9:
         24:a7:ee:47:34:7e:ef:d0:db:d2:db:bd:f6:4e:53:5b:c8:ec:
         1e:fb:6b:5d:08:bc:cf:d6:fd:a5:1d:24:33:77:35:26:b6:0c:
         19:d7:71:18:71:8d:27:10:a5:36:3e:bd:8a:d9:f1:c1:98:95:
         bd:82:eb:b9:7a:eb:02:57:84:c9:67:4e:65:92:b8:1c:a1:11:
         cd:c0:8d:25:1d:a0:c3:e5:42:49:85:01:45:17:65:6f:87:78:
         5b:6c:c5:58:2a:38:15:ab:58:0a:17:88:91:ba:f5:2c:95:67:
         76:3b:ce:02
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC2zTKPv8vciII292BBbXcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjQwMTAxMDIyOTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmQ0NTdmZGVjZjk5MjBmNDFjNzA5YmFkMzE3ODllZjQ3MGQ2ZGVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgIJPJDevNmIJ9oRYQEoqhlwQpElI
S8H9l14vjiG75KO5tIoC4Hl8AjW3K5CYmtGHbsElD9832Mi69dHHuBXpzFJW8tF5
MeuF8kWJNJGrP/AWqy2dekzhXnToon2we+tOVSSKbF80x8ZRGKz9hTqoL2NPbwTh
kCt1Ia0iY/34AY+8HRNL6Mdvs7DOl3ELCvgLDtSSCR+vWLR3rTsXxGFWWbEYLGik
Stv/T+I9VFCgk0j2pXwZLyQMY94buHjoNbRpizp7+7ADSV46RuTsa/9peXAAiHVI
3DudXc81n6+BiYMl6Bb0XhbC+8F52K+52Wx6Av9tN0zmHLMwF6zqH4p5rQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFvUV/3s+ZIPQccJutMXie9HDW3sMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvVzlSWF9lejVrZzlCeHdtNjB4ZUo3MGNOYmV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwg9iMA0G
CSqGSIb3DQEBCwUAA4IBAQAtRJNHTLYGTXyTdHjHJpCo000ieJXpOpelb7IZQeq1
UmPxe8vxcfawOB0aiXSAjWww7CcHFbpFK9Xm2cx2h4DGf5dvE1i81fo5LlQvG7cJ
AmRkkDBYdyU6fPY/9gOMD4+U3spl7biz+7PhGt4ZqKycDstkSPqpcRVcr21n3nwp
lpFVUC87phxLgeGCBhMlSakkp+5HNH7v0NvS2732TlNbyOwe+2tdCLzP1v2lHSQz
dzUmtgwZ13EYcY0nEKU2Pr2K2fHBmJW9guu5eusCV4TJZ05lkrgcoRHNwI0lHaDD
5UJJhQFFF2Vvh3hbbMVYKjgVq1gKF4iRuvUslWd2O84C
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:41 2024 by rpki-client on console-fra.rpki-client.org