Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/b96584-1f71-48bb-a021-a347b56f3b9a/1/qVESj0Ly1NVuXc2Ctl0-ryGctlQ.roa
File:                     qVESj0Ly1NVuXc2Ctl0-ryGctlQ.roa (raw, json)
Hash identifier:          Z0KGmhNSDvLAEo+gGYehy4AVzdZS+PiuafCjRiBQrfg=
Subject key identifier:   A9:51:12:8F:42:F2:D4:D5:6E:5D:CD:82:B6:5D:3E:AF:21:9C:B6:54
Certificate issuer:       /CN=c4eb34dda2f8094968494892063351ee0f10e91a
Certificate serial:       018FBA7A84ADB7BEAACC647A9EAD552E57BF
Authority key identifier: C4:EB:34:DD:A2:F8:09:49:68:49:48:92:06:33:51:EE:0F:10:E9:1A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xOs03aL4CUloSUiSBjNR7g8Q6Ro.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/b96584-1f71-48bb-a021-a347b56f3b9a/1/qVESj0Ly1NVuXc2Ctl0-ryGctlQ.roa
Signing time:             Mon 27 May 2024 14:35:42 +0000
ROA not before:           Mon 27 May 2024 14:35:42 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     212150
IP address blocks:        193.151.163.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 28 May 2024 11:47:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:ba:7a:84:ad:b7:be:aa:cc:64:7a:9e:ad:55:2e:57:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c4eb34dda2f8094968494892063351ee0f10e91a
        Validity
            Not Before: May 27 14:35:42 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=a951128f42f2d4d56e5dcd82b65d3eaf219cb654
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:12:0f:24:0a:42:be:51:89:00:c0:76:2b:79:
                    cf:31:3e:ea:15:dc:6b:cf:f9:d7:3e:c5:1d:c1:58:
                    84:b2:50:33:c8:10:0e:61:4c:e5:39:e8:8a:11:dd:
                    f3:34:07:fb:0e:9e:27:4a:fc:2f:b3:76:f9:af:e7:
                    81:4d:ff:66:43:5e:46:79:ca:f5:00:67:9c:a8:e5:
                    c3:6a:d7:4d:fe:cb:c7:cc:7a:7e:e7:24:84:2f:c1:
                    ba:96:f7:1a:10:c3:30:cf:41:00:11:b7:7a:24:4d:
                    63:31:44:8c:83:93:bb:a3:93:18:a1:29:16:a0:a9:
                    ab:bf:4d:3d:f4:83:5e:74:57:1f:94:cb:b4:bf:0a:
                    11:cc:45:36:9b:47:6b:ef:31:76:77:b9:37:61:66:
                    46:d1:38:f2:b1:e0:b2:e2:28:a3:2d:e4:0d:c1:94:
                    4c:c2:d2:ea:da:16:30:aa:1b:9c:89:bc:69:e1:c7:
                    56:24:c4:aa:35:84:7c:34:56:c4:1f:cb:46:05:9b:
                    57:e2:5d:6f:29:9d:5e:82:a8:a3:e0:fb:6c:b8:ab:
                    cf:0c:6b:4a:b2:03:bf:71:35:30:bd:a0:dd:0c:43:
                    28:d5:9c:94:75:d1:f1:4b:ec:c6:f4:e4:79:46:4c:
                    5d:77:ef:75:4a:e4:39:60:93:07:6b:34:90:9c:dc:
                    d9:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:51:12:8F:42:F2:D4:D5:6E:5D:CD:82:B6:5D:3E:AF:21:9C:B6:54
            X509v3 Authority Key Identifier:
                keyid:C4:EB:34:DD:A2:F8:09:49:68:49:48:92:06:33:51:EE:0F:10:E9:1A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xOs03aL4CUloSUiSBjNR7g8Q6Ro.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/b96584-1f71-48bb-a021-a347b56f3b9a/1/qVESj0Ly1NVuXc2Ctl0-ryGctlQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/b96584-1f71-48bb-a021-a347b56f3b9a/1/xOs03aL4CUloSUiSBjNR7g8Q6Ro.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.151.163.0/24

    Signature Algorithm: sha256WithRSAEncryption
         29:8a:a9:75:82:d3:97:12:a4:9e:9b:07:50:eb:1b:ec:f2:92:
         3c:01:0e:c8:1d:ee:ba:8f:aa:01:66:a5:ee:21:63:29:eb:5e:
         53:01:f5:fb:79:e9:07:c5:e0:2f:b5:77:06:27:96:2c:d7:8a:
         c7:36:bf:1d:62:84:66:7f:6f:18:09:80:3a:e8:bb:e5:03:1a:
         ea:27:e8:90:57:4b:f7:17:e9:3d:69:d3:6d:75:f9:3e:f6:c5:
         7f:a1:b8:9c:b5:0b:3c:46:45:ec:f4:bf:fc:92:ca:cd:ba:f4:
         88:33:ee:a2:4e:94:9e:1d:47:04:be:1d:0a:e6:aa:0c:49:8e:
         fa:12:59:44:35:59:0a:2f:1c:f8:e6:5e:1b:96:5c:75:e0:ca:
         d8:f0:ee:0e:28:82:35:37:e1:63:0c:75:12:83:2b:13:e3:3b:
         ec:49:79:85:e2:db:f3:4c:be:0b:d5:31:77:08:89:6c:62:e0:
         b6:0e:08:1c:10:81:db:a9:c9:c3:60:64:c6:37:fb:cc:57:1c:
         f7:36:73:e3:bb:c8:ff:34:fb:05:9e:89:e8:5f:ce:bd:8d:43:
         aa:44:82:ef:bf:0d:36:4f:9e:98:98:93:e1:f1:14:b6:1d:c4:
         16:0d:66:78:c0:49:c7:38:42:c1:f6:e7:84:ae:48:c5:cb:db:
         63:31:0c:df
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY+6eoStt76qzGR6nq1VLle/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0ZWIzNGRkYTJmODA5NDk2ODQ5NDg5MjA2MzM1MWVlMGYx
MGU5MWEwHhcNMjQwNTI3MTQzNTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTUxMTI4ZjQyZjJkNGQ1NmU1ZGNkODJiNjVkM2VhZjIxOWNiNjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArRIPJApCvlGJAMB2K3nPMT7qFdxr
z/nXPsUdwViEslAzyBAOYUzlOeiKEd3zNAf7Dp4nSvwvs3b5r+eBTf9mQ15Gecr1
AGecqOXDatdN/svHzHp+5ySEL8G6lvcaEMMwz0EAEbd6JE1jMUSMg5O7o5MYoSkW
oKmrv0099INedFcflMu0vwoRzEU2m0dr7zF2d7k3YWZG0TjyseCy4iijLeQNwZRM
wtLq2hYwqhucibxp4cdWJMSqNYR8NFbEH8tGBZtX4l1vKZ1egqij4PtsuKvPDGtK
sgO/cTUwvaDdDEMo1ZyUddHxS+zG9OR5Rkxdd+91SuQ5YJMHazSQnNzZhQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKlREo9C8tTVbl3NgrZdPq8hnLZUMB8GA1UdIwQY
MBaAFMTrNN2i+AlJaElIkgYzUe4PEOkaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveE9zMDNhTDRDVWxvU1VpU0JqTlI3ZzhRNlJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9iOTY1ODQtMWY3MS00OGJiLWEwMjEt
YTM0N2I1NmYzYjlhLzEvcVZFU2owTHkxTlZ1WGMyQ3RsMC1yeUdjdGxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9iOTY1ODQtMWY3MS00OGJiLWEwMjEtYTM0N2I1NmYzYjlh
LzEveE9zMDNhTDRDVWxvU1VpU0JqTlI3ZzhRNlJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwZejMA0G
CSqGSIb3DQEBCwUAA4IBAQApiql1gtOXEqSemwdQ6xvs8pI8AQ7IHe66j6oBZqXu
IWMp615TAfX7eekHxeAvtXcGJ5Ys14rHNr8dYoRmf28YCYA66LvlAxrqJ+iQV0v3
F+k9adNtdfk+9sV/obictQs8RkXs9L/8ksrNuvSIM+6iTpSeHUcEvh0K5qoMSY76
EllENVkKLxz45l4bllx14MrY8O4OKII1N+FjDHUSgysT4zvsSXmF4tvzTL4L1TF3
CIlsYuC2DggcEIHbqcnDYGTGN/vMVxz3NnPju8j/NPsFnonoX869jUOqRILvvw02
T56YmJPh8RS2HcQWDWZ4wEnHOELB9ueErkjFy9tjMQzf
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:01 2024 by rpki-client on console-fra.rpki-client.org