Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/h2k4FllZKOhZEbBGrYZTHi7LQDM.roa
File:                     h2k4FllZKOhZEbBGrYZTHi7LQDM.roa (raw, json)
Hash identifier:          nH9Oa6TG5ZltvzmpUohd4Urk4uxf+BH+W0+CMpLsJdc=
Subject key identifier:   87:69:38:16:59:59:28:E8:59:11:B0:46:AD:86:53:1E:2E:CB:40:33
Certificate issuer:       /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial:       018DD4BFAF023274E6D995AAD3500D8420B1
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/h2k4FllZKOhZEbBGrYZTHi7LQDM.roa
Signing time:             Fri 23 Feb 2024 06:55:48 +0000
ROA not before:           Fri 23 Feb 2024 06:55:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     61317
IP address blocks:        194.15.97.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 28 Feb 2024 14:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:d4:bf:af:02:32:74:e6:d9:95:aa:d3:50:0d:84:20:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
        Validity
            Not Before: Feb 23 06:55:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=87693816595928e85911b046ad86531e2ecb4033
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:1e:bd:08:ac:4e:55:f9:a5:a2:33:fb:04:e5:
                    6b:4b:51:b8:fe:fc:8b:78:37:be:7c:19:4a:57:08:
                    03:d3:5c:1d:b6:8d:c3:b7:b2:fd:a4:de:f5:db:54:
                    f7:9f:78:b5:0f:44:2c:de:38:b3:89:08:32:6d:50:
                    47:65:f2:22:93:14:9e:42:5c:99:ae:b5:47:1e:16:
                    9c:13:f7:4e:dd:48:92:26:33:c8:b6:06:e9:a1:b3:
                    99:50:87:16:e5:8d:ca:49:1b:56:15:a3:14:b4:d0:
                    95:d3:e6:c0:cd:b5:e6:4f:05:7b:b5:79:28:b9:a0:
                    64:48:f9:e2:b4:fc:ff:3b:84:34:04:1a:b6:5b:53:
                    16:ff:9c:6e:ce:3c:ab:4c:b5:6e:92:7c:79:be:c4:
                    7b:46:78:2f:06:d0:f3:35:93:c5:5d:b4:e8:53:9f:
                    f6:ac:17:0a:f2:c7:cb:18:45:27:31:65:9f:19:35:
                    28:8c:83:a2:f5:14:1e:7f:f2:60:a5:0f:e0:fa:67:
                    c1:d5:dd:2e:26:ac:a7:c8:39:57:3b:f2:18:c8:a5:
                    74:33:25:13:f6:6c:09:56:f0:84:91:db:57:14:c3:
                    0d:03:31:b3:aa:6c:f4:7e:c0:e7:4c:1f:61:b0:58:
                    f9:98:a8:b3:02:e2:e9:ee:39:e8:07:77:60:18:0f:
                    35:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:69:38:16:59:59:28:E8:59:11:B0:46:AD:86:53:1E:2E:CB:40:33
            X509v3 Authority Key Identifier:
                keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/h2k4FllZKOhZEbBGrYZTHi7LQDM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.15.97.0/24

    Signature Algorithm: sha256WithRSAEncryption
         37:53:f5:24:78:d8:62:67:a4:f1:e8:78:77:21:0d:ae:d3:6c:
         78:19:39:a9:2b:a2:6b:8f:1b:95:fa:2f:6c:5d:a8:d0:b4:fd:
         f7:a2:89:10:32:5a:36:be:6d:59:a9:6a:fe:f4:be:b1:d8:30:
         82:08:83:12:1c:41:f8:38:4c:e0:0a:06:62:9f:21:9c:26:03:
         a8:3f:17:01:c3:fc:56:bd:76:d8:51:c1:3a:61:73:e9:c3:70:
         6f:b4:8b:04:2a:78:29:4d:aa:0f:da:a9:e8:95:86:64:77:39:
         61:60:96:b8:b0:70:39:66:fd:d9:f0:45:6d:d5:5e:14:a0:c8:
         2e:6f:1d:5c:85:23:02:34:5f:38:e6:c1:2d:73:f8:a8:59:f0:
         cd:ac:a6:c0:d0:09:02:d8:71:37:57:da:f5:32:fd:02:1d:48:
         71:0e:23:88:68:ea:5d:79:28:17:60:77:44:bb:6c:5c:48:1a:
         49:43:94:18:7c:19:b9:6f:0a:e0:48:03:2c:99:21:bf:2e:b9:
         b8:52:4b:27:84:dc:78:ba:90:93:86:54:15:57:67:95:76:b1:
         d8:42:1d:e2:cd:44:0f:f5:24:f6:24:80:62:36:55:cc:61:dc:
         3b:8d:ba:e2:8e:17:ca:98:83:bc:e7:00:cf:b5:13:0f:34:52:
         74:6b:f7:57
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY3Uv68CMnTm2ZWq01ANhCCxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjQwMjIzMDY1NTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzY5MzgxNjU5NTkyOGU4NTkxMWIwNDZhZDg2NTMxZTJlY2I0MDMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuB69CKxOVfmlojP7BOVrS1G4/vyL
eDe+fBlKVwgD01wdto3Dt7L9pN7121T3n3i1D0Qs3jiziQgybVBHZfIikxSeQlyZ
rrVHHhacE/dO3UiSJjPItgbpobOZUIcW5Y3KSRtWFaMUtNCV0+bAzbXmTwV7tXko
uaBkSPnitPz/O4Q0BBq2W1MW/5xuzjyrTLVuknx5vsR7RngvBtDzNZPFXbToU5/2
rBcK8sfLGEUnMWWfGTUojIOi9RQef/JgpQ/g+mfB1d0uJqynyDlXO/IYyKV0MyUT
9mwJVvCEkdtXFMMNAzGzqmz0fsDnTB9hsFj5mKizAuLp7jnoB3dgGA81iQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIdpOBZZWSjoWRGwRq2GUx4uy0AzMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvaDJrNEZsbFpLT2haRWJCR3JZWlRIaTdMUURNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwg9hMA0G
CSqGSIb3DQEBCwUAA4IBAQA3U/UkeNhiZ6Tx6Hh3IQ2u02x4GTmpK6JrjxuV+i9s
XajQtP33ookQMlo2vm1ZqWr+9L6x2DCCCIMSHEH4OEzgCgZinyGcJgOoPxcBw/xW
vXbYUcE6YXPpw3BvtIsEKngpTaoP2qnolYZkdzlhYJa4sHA5Zv3Z8EVt1V4UoMgu
bx1chSMCNF845sEtc/ioWfDNrKbA0AkC2HE3V9r1Mv0CHUhxDiOIaOpdeSgXYHdE
u2xcSBpJQ5QYfBm5bwrgSAMsmSG/Lrm4UksnhNx4upCThlQVV2eVdrHYQh3izUQP
9ST2JIBiNlXMYdw7jbrijhfKmIO85wDPtRMPNFJ0a/dX
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:54 2024 by rpki-client on console-ams.rpki-client.org