Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d8679e-46bb-44f5-ba52-b52b3a236fa7/1/Ne1brEGO5Y3fWsD48Ud6b3cBIkw.roa
File:                     Ne1brEGO5Y3fWsD48Ud6b3cBIkw.roa (raw, json)
Hash identifier:          dCwRs2DNxiWsYFV2M+yYDOT5tMz1J5zk5q2fetX7Sqc=
Subject key identifier:   35:ED:5B:AC:41:8E:E5:8D:DF:5A:C0:F8:F1:47:7A:6F:77:01:22:4C
Certificate issuer:       /CN=acc48f7a59120588d4170ea2815e6ae51be6bcff
Certificate serial:       018B95D12EE9C9395E6D4148A34543224298
Authority key identifier: AC:C4:8F:7A:59:12:05:88:D4:17:0E:A2:81:5E:6A:E5:1B:E6:BC:FF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rMSPelkSBYjUFw6igV5q5RvmvP8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/d8679e-46bb-44f5-ba52-b52b3a236fa7/1/Ne1brEGO5Y3fWsD48Ud6b3cBIkw.roa
Signing time:             Fri 03 Nov 2023 15:33:16 +0000
ROA not before:           Fri 03 Nov 2023 15:33:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     15404
IP address blocks:        193.56.33.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:29:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:95:d1:2e:e9:c9:39:5e:6d:41:48:a3:45:43:22:42:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=acc48f7a59120588d4170ea2815e6ae51be6bcff
        Validity
            Not Before: Nov  3 15:33:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=35ed5bac418ee58ddf5ac0f8f1477a6f7701224c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:cd:56:04:6f:92:09:e6:37:ee:5c:23:14:bb:
                    c0:6b:dd:77:2f:56:68:24:4e:fb:b3:9b:e3:3f:bf:
                    ff:1f:98:32:52:84:2f:7d:90:56:f2:b3:a3:4a:aa:
                    02:88:13:4b:da:94:cf:67:74:1b:f1:a4:0a:77:d5:
                    c7:b5:87:ee:db:09:49:3c:61:0b:b8:96:3e:13:53:
                    1b:5c:71:53:92:aa:0c:bf:b2:81:16:5e:47:55:ec:
                    99:14:2c:36:75:17:33:54:a9:4a:0c:cf:92:94:0a:
                    4c:32:af:cb:b2:52:99:64:d1:84:14:6a:81:1b:6c:
                    61:fb:e8:49:a8:b5:b3:a0:14:c8:1e:7e:d5:2c:b7:
                    ec:85:71:0f:98:db:c3:a1:65:b5:52:78:99:52:6d:
                    a6:f1:18:8a:bd:0e:44:32:2a:e1:dd:39:dc:0f:e3:
                    3b:3b:b3:38:4d:2b:95:07:e4:0d:16:37:af:aa:00:
                    1f:5d:5c:b2:b3:ef:5d:7e:c1:af:97:3e:d2:58:ef:
                    3a:f2:0c:cd:0d:5e:8e:d6:91:47:23:46:73:44:02:
                    d7:05:79:82:e3:3f:b8:c1:c5:c1:06:65:e0:9c:08:
                    ec:6c:e1:8a:8e:96:c8:c5:16:00:ef:d1:76:c8:6c:
                    ff:bc:a7:53:7d:89:89:0d:6a:25:7c:07:02:f0:b6:
                    1d:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:ED:5B:AC:41:8E:E5:8D:DF:5A:C0:F8:F1:47:7A:6F:77:01:22:4C
            X509v3 Authority Key Identifier:
                keyid:AC:C4:8F:7A:59:12:05:88:D4:17:0E:A2:81:5E:6A:E5:1B:E6:BC:FF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rMSPelkSBYjUFw6igV5q5RvmvP8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d8679e-46bb-44f5-ba52-b52b3a236fa7/1/Ne1brEGO5Y3fWsD48Ud6b3cBIkw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d8679e-46bb-44f5-ba52-b52b3a236fa7/1/rMSPelkSBYjUFw6igV5q5RvmvP8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.56.33.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7f:74:93:a5:6b:20:57:d5:5b:d2:15:03:f2:56:e4:58:52:f3:
         bb:95:cb:70:ca:c8:a5:47:5a:bd:d1:86:27:63:0e:7b:25:9a:
         02:ba:50:7d:9c:b9:dd:70:93:67:8a:f6:3a:b6:69:cd:8a:83:
         05:b6:f2:11:0f:4e:bb:18:25:3b:cf:89:cc:9a:95:b5:39:fb:
         01:dd:30:df:97:7d:6d:5d:1b:12:57:97:c3:9d:11:00:cc:5d:
         f4:85:c0:4d:53:08:2e:a3:0b:03:7e:42:96:f3:70:6c:f1:ab:
         71:45:e8:0f:4c:3c:02:64:6c:b3:76:be:ef:3e:58:65:ab:1c:
         03:5f:90:94:95:42:ed:14:5b:2a:6b:3d:dd:b8:6d:04:e5:4a:
         e0:67:a1:c7:2e:3c:df:5e:e1:87:7c:7c:39:34:e4:7a:cc:5e:
         07:67:64:6b:62:cb:2d:5e:41:ec:f8:30:07:f9:84:8e:ff:0b:
         e0:f6:b3:cf:b6:5f:20:68:84:3b:d8:0e:13:ab:2b:1a:91:d5:
         32:ae:30:4e:b0:06:d0:71:3a:97:1e:67:8e:89:8c:e7:57:c4:
         e5:39:f9:7b:8e:26:c5:f2:3d:15:3c:80:90:a7:1c:51:f4:67:
         7c:39:85:77:d5:cf:5a:36:e4:36:e1:6b:46:ea:2b:8b:fe:60:
         39:37:d7:e8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYuV0S7pyTlebUFIo0VDIkKYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjYzQ4ZjdhNTkxMjA1ODhkNDE3MGVhMjgxNWU2YWU1MWJl
NmJjZmYwHhcNMjMxMTAzMTUzMzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWVkNWJhYzQxOGVlNThkZGY1YWMwZjhmMTQ3N2E2Zjc3MDEyMjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtc1WBG+SCeY37lwjFLvAa913L1Zo
JE77s5vjP7//H5gyUoQvfZBW8rOjSqoCiBNL2pTPZ3Qb8aQKd9XHtYfu2wlJPGEL
uJY+E1MbXHFTkqoMv7KBFl5HVeyZFCw2dRczVKlKDM+SlApMMq/LslKZZNGEFGqB
G2xh++hJqLWzoBTIHn7VLLfshXEPmNvDoWW1UniZUm2m8RiKvQ5EMirh3TncD+M7
O7M4TSuVB+QNFjevqgAfXVyys+9dfsGvlz7SWO868gzNDV6O1pFHI0ZzRALXBXmC
4z+4wcXBBmXgnAjsbOGKjpbIxRYA79F2yGz/vKdTfYmJDWolfAcC8LYdEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDXtW6xBjuWN31rA+PFHem93ASJMMB8GA1UdIwQY
MBaAFKzEj3pZEgWI1BcOooFeauUb5rz/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvck1TUGVsa1NCWWpVRnc2aWdWNXE1UnZtdlA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kODY3OWUtNDZiYi00NGY1LWJhNTIt
YjUyYjNhMjM2ZmE3LzEvTmUxYnJFR081WTNmV3NENDhVZDZiM2NCSWt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kODY3OWUtNDZiYi00NGY1LWJhNTItYjUyYjNhMjM2ZmE3
LzEvck1TUGVsa1NCWWpVRnc2aWdWNXE1UnZtdlA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwTghMA0G
CSqGSIb3DQEBCwUAA4IBAQB/dJOlayBX1VvSFQPyVuRYUvO7lctwysilR1q90YYn
Yw57JZoCulB9nLndcJNnivY6tmnNioMFtvIRD067GCU7z4nMmpW1OfsB3TDfl31t
XRsSV5fDnREAzF30hcBNUwguowsDfkKW83Bs8atxRegPTDwCZGyzdr7vPlhlqxwD
X5CUlULtFFsqaz3duG0E5UrgZ6HHLjzfXuGHfHw5NOR6zF4HZ2RrYsstXkHs+DAH
+YSO/wvg9rPPtl8gaIQ72A4TqysakdUyrjBOsAbQcTqXHmeOiYznV8TlOfl7jibF
8j0VPICQpxxR9Gd8OYV31c9aNuQ24WtG6iuL/mA5N9fo
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:24 2024 by rpki-client on console-ams.rpki-client.org