Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d8679e-46bb-44f5-ba52-b52b3a236fa7/1/k4BMY_h85qq-ocIhAHVBZrfka1Y.roa
File:                     k4BMY_h85qq-ocIhAHVBZrfka1Y.roa (raw, json)
Hash identifier:          qqmhYgtAb8etkmuS23g70OMVI9xB7d/L1DhO6hxSDXU=
Subject key identifier:   93:80:4C:63:F8:7C:E6:AA:BE:A1:C2:21:00:75:41:66:B7:E4:6B:56
Certificate issuer:       /CN=acc48f7a59120588d4170ea2815e6ae51be6bcff
Certificate serial:       018B95D12F6F78E2AA0DF4BF3885B0175249
Authority key identifier: AC:C4:8F:7A:59:12:05:88:D4:17:0E:A2:81:5E:6A:E5:1B:E6:BC:FF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rMSPelkSBYjUFw6igV5q5RvmvP8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/d8679e-46bb-44f5-ba52-b52b3a236fa7/1/k4BMY_h85qq-ocIhAHVBZrfka1Y.roa
Signing time:             Fri 03 Nov 2023 15:33:16 +0000
ROA not before:           Fri 03 Nov 2023 15:33:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     15557
IP address blocks:        193.56.37.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:29:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:95:d1:2f:6f:78:e2:aa:0d:f4:bf:38:85:b0:17:52:49
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=acc48f7a59120588d4170ea2815e6ae51be6bcff
        Validity
            Not Before: Nov  3 15:33:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=93804c63f87ce6aabea1c22100754166b7e46b56
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:5f:22:a7:90:db:1c:b2:60:a4:5f:72:ae:40:
                    24:a3:39:fc:c5:52:9c:f3:1f:c5:c2:63:b9:d0:be:
                    83:06:eb:15:f4:85:76:0c:bf:ed:a0:db:c5:6a:0e:
                    c8:92:be:61:20:58:d1:90:a0:d4:9b:14:5c:1b:1c:
                    fb:f6:1f:99:4d:8f:43:e4:20:d4:c9:cb:7d:e9:ec:
                    7f:03:7f:17:23:75:1d:b0:c4:0c:5c:ee:00:5d:a4:
                    16:ec:0b:d9:df:19:b1:ca:f8:a6:6a:63:ff:83:65:
                    31:a5:c0:6d:ef:12:68:c2:59:c2:b8:48:f1:75:2f:
                    31:03:49:83:50:24:df:bd:bc:95:a4:c3:b3:8f:5c:
                    82:05:e1:a4:1d:33:aa:af:57:d3:b8:19:97:70:f0:
                    d6:77:bc:6f:26:24:23:ab:2a:37:6b:e9:94:e8:3f:
                    fb:d2:d2:7c:55:b7:fe:37:ea:22:5e:12:09:85:21:
                    9c:ee:2e:b6:22:30:b3:17:31:17:54:b9:79:13:0b:
                    41:b8:a4:74:21:4b:a4:ac:b9:b6:1b:8a:35:d5:ae:
                    3a:cb:00:15:86:8f:33:3f:dc:06:56:93:19:45:41:
                    4c:89:90:cc:5d:c4:81:ac:e4:40:79:93:72:4b:f9:
                    cc:1a:33:a3:50:a3:f5:98:0f:f6:ed:37:67:c6:1f:
                    d0:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:80:4C:63:F8:7C:E6:AA:BE:A1:C2:21:00:75:41:66:B7:E4:6B:56
            X509v3 Authority Key Identifier:
                keyid:AC:C4:8F:7A:59:12:05:88:D4:17:0E:A2:81:5E:6A:E5:1B:E6:BC:FF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rMSPelkSBYjUFw6igV5q5RvmvP8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d8679e-46bb-44f5-ba52-b52b3a236fa7/1/k4BMY_h85qq-ocIhAHVBZrfka1Y.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d8679e-46bb-44f5-ba52-b52b3a236fa7/1/rMSPelkSBYjUFw6igV5q5RvmvP8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.56.37.0/24

    Signature Algorithm: sha256WithRSAEncryption
         32:98:44:dc:23:b1:38:fb:c4:1f:c0:1d:cb:4b:41:c8:7a:ae:
         45:b1:41:b9:de:0e:34:60:ea:9b:e7:2f:6f:e7:24:ae:a4:8b:
         cd:ff:09:d9:28:f4:15:24:a6:3b:b5:45:6f:fa:16:b3:9f:8e:
         51:16:dc:9b:4f:b9:4d:30:f6:d6:af:cd:a4:f8:f2:4d:ef:69:
         c3:8e:65:c3:b8:f2:f8:d3:38:bd:10:a2:01:43:8d:19:b5:4d:
         a4:cc:36:85:0d:50:54:64:26:23:51:d9:0c:42:82:38:34:00:
         05:66:1b:57:ac:49:fc:99:ae:bc:92:04:15:ef:fb:d2:ec:1a:
         c4:cf:0f:10:b4:5c:31:cf:80:d8:44:28:f9:8b:45:db:f8:61:
         dd:69:1e:54:35:7c:c2:ca:5a:53:db:cc:31:52:39:21:31:22:
         f6:78:f5:85:3b:9f:f4:31:2a:67:1e:6e:e3:d2:c4:1d:11:f9:
         8f:37:5d:a4:d7:ef:c8:eb:4c:f5:97:3e:40:ee:60:ba:5b:19:
         58:87:01:94:22:37:ed:e0:1f:a9:cc:5a:14:36:0e:ed:9d:0f:
         e3:33:a9:25:d1:f8:b7:1a:77:3f:b3:be:76:f3:bc:ae:a2:54:
         c0:65:0d:85:d7:59:cb:24:14:82:bc:5a:7a:c1:01:4e:d2:42:
         2e:1b:56:6e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYuV0S9veOKqDfS/OIWwF1JJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjYzQ4ZjdhNTkxMjA1ODhkNDE3MGVhMjgxNWU2YWU1MWJl
NmJjZmYwHhcNMjMxMTAzMTUzMzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzgwNGM2M2Y4N2NlNmFhYmVhMWMyMjEwMDc1NDE2NmI3ZTQ2YjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhl8ip5DbHLJgpF9yrkAkozn8xVKc
8x/FwmO50L6DBusV9IV2DL/toNvFag7Ikr5hIFjRkKDUmxRcGxz79h+ZTY9D5CDU
yct96ex/A38XI3UdsMQMXO4AXaQW7AvZ3xmxyvimamP/g2UxpcBt7xJowlnCuEjx
dS8xA0mDUCTfvbyVpMOzj1yCBeGkHTOqr1fTuBmXcPDWd7xvJiQjqyo3a+mU6D/7
0tJ8Vbf+N+oiXhIJhSGc7i62IjCzFzEXVLl5EwtBuKR0IUukrLm2G4o11a46ywAV
ho8zP9wGVpMZRUFMiZDMXcSBrORAeZNyS/nMGjOjUKP1mA/27Tdnxh/Q+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJOATGP4fOaqvqHCIQB1QWa35GtWMB8GA1UdIwQY
MBaAFKzEj3pZEgWI1BcOooFeauUb5rz/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvck1TUGVsa1NCWWpVRnc2aWdWNXE1UnZtdlA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kODY3OWUtNDZiYi00NGY1LWJhNTIt
YjUyYjNhMjM2ZmE3LzEvazRCTVlfaDg1cXEtb2NJaEFIVkJacmZrYTFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kODY3OWUtNDZiYi00NGY1LWJhNTItYjUyYjNhMjM2ZmE3
LzEvck1TUGVsa1NCWWpVRnc2aWdWNXE1UnZtdlA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwTglMA0G
CSqGSIb3DQEBCwUAA4IBAQAymETcI7E4+8QfwB3LS0HIeq5FsUG53g40YOqb5y9v
5ySupIvN/wnZKPQVJKY7tUVv+hazn45RFtybT7lNMPbWr82k+PJN72nDjmXDuPL4
0zi9EKIBQ40ZtU2kzDaFDVBUZCYjUdkMQoI4NAAFZhtXrEn8ma68kgQV7/vS7BrE
zw8QtFwxz4DYRCj5i0Xb+GHdaR5UNXzCylpT28wxUjkhMSL2ePWFO5/0MSpnHm7j
0sQdEfmPN12k1+/I60z1lz5A7mC6WxlYhwGUIjft4B+pzFoUNg7tnQ/jM6kl0fi3
Gnc/s75287yuolTAZQ2F11nLJBSCvFp6wQFO0kIuG1Zu
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:02 2024 by rpki-client on console-fra.rpki-client.org