Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/4P7jt43L4J8zd1a1sIOgdMJxe5w.roa
File:                     4P7jt43L4J8zd1a1sIOgdMJxe5w.roa (raw, json)
Hash identifier:          zn98l+UaNcGOZPlyY7ODTJq3fjJJanT+/ush5nZvrbk=
Subject key identifier:   E0:FE:E3:B7:8D:CB:E0:9F:33:77:56:B5:B0:83:A0:74:C2:71:7B:9C
Certificate issuer:       /CN=088465b37b2d4e9f413a31dc7b7e6cba2a33db96
Certificate serial:       018B4E73D53B0627D76BF356D8D58EBA4DEE
Authority key identifier: 08:84:65:B3:7B:2D:4E:9F:41:3A:31:DC:7B:7E:6C:BA:2A:33:DB:96
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CIRls3stTp9BOjHce35suioz25Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/4P7jt43L4J8zd1a1sIOgdMJxe5w.roa
Signing time:             Fri 20 Oct 2023 18:58:15 +0000
ROA not before:           Fri 20 Oct 2023 18:58:15 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        188.66.26.0/24 maxlen: 24
                          193.108.59.0/24 maxlen: 24
                          193.3.20.0/24 maxlen: 24
                          193.108.105.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:4e:73:d5:3b:06:27:d7:6b:f3:56:d8:d5:8e:ba:4d:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=088465b37b2d4e9f413a31dc7b7e6cba2a33db96
        Validity
            Not Before: Oct 20 18:58:15 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e0fee3b78dcbe09f337756b5b083a074c2717b9c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:2d:c4:f0:95:46:1b:43:a1:a5:e1:f9:ed:aa:
                    5a:27:51:99:d4:1d:3e:65:4d:19:df:eb:75:99:b0:
                    53:9b:56:d7:d3:cf:e8:7e:61:77:ae:ab:7f:c0:ca:
                    f5:2a:91:ac:e7:35:3e:41:0e:32:30:4e:00:d6:23:
                    cb:db:75:72:5c:f5:65:2b:35:37:c8:7e:3d:6a:da:
                    b2:08:8e:aa:d4:26:96:c8:9d:2a:27:a3:8c:58:cd:
                    17:c1:3b:02:dc:64:ca:6d:b4:8f:66:1f:c1:86:f4:
                    33:f6:4b:f5:0a:87:47:93:e4:8e:63:7a:a7:5c:30:
                    4a:46:64:ce:57:7d:49:06:0d:73:e9:c3:a4:fb:3f:
                    1f:bc:ff:18:1b:a5:ef:83:d6:37:f1:1f:20:5f:23:
                    cc:0f:bd:16:a3:7f:9a:03:af:f6:49:26:8e:b2:b0:
                    07:87:ef:96:ab:1c:9f:57:72:70:f5:87:e9:54:08:
                    a0:1b:a3:4d:c8:48:2f:31:b0:3b:ea:32:e7:d5:dc:
                    5b:25:90:20:ae:e9:c2:ec:1f:86:37:f4:25:27:63:
                    91:66:cb:d0:e5:47:87:2d:96:e1:f0:41:ce:97:f7:
                    c1:ae:83:55:fb:cf:a9:52:a9:6d:f0:fb:01:11:9a:
                    16:05:4d:2a:88:87:fc:51:a3:af:2a:aa:d1:f6:f0:
                    4f:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:FE:E3:B7:8D:CB:E0:9F:33:77:56:B5:B0:83:A0:74:C2:71:7B:9C
            X509v3 Authority Key Identifier:
                keyid:08:84:65:B3:7B:2D:4E:9F:41:3A:31:DC:7B:7E:6C:BA:2A:33:DB:96

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRls3stTp9BOjHce35suioz25Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/4P7jt43L4J8zd1a1sIOgdMJxe5w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/3e2b18-55c9-4180-8c6e-2c7086fded93/1/CIRls3stTp9BOjHce35suioz25Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.66.26.0/24
                  193.3.20.0/24
                  193.108.59.0/24
                  193.108.105.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5c:7d:7d:bd:f1:bd:be:a5:e6:31:15:2f:fa:15:26:3c:2d:da:
         8f:d0:8c:0e:e6:de:f8:07:4b:fd:1b:0e:24:49:ba:c0:0f:07:
         bc:96:46:03:9f:58:b6:ac:f6:f6:9e:6c:a3:ae:02:56:ed:88:
         23:b2:b6:ee:37:1e:c6:dc:68:02:5f:ce:65:eb:45:3f:5b:c6:
         95:eb:b0:61:b7:77:7d:92:29:d2:1a:d3:1a:7c:7a:9b:25:9c:
         87:f6:2c:6d:c9:09:02:0a:4c:5b:9c:af:85:56:e7:d6:90:9b:
         28:3b:35:89:4d:5f:49:21:07:d2:9f:fe:28:72:6b:e2:07:49:
         d3:13:59:b8:ae:18:79:7b:e7:54:98:a1:bd:db:a6:88:31:47:
         c0:d9:29:99:8a:44:3c:ac:d6:d1:5b:e8:22:2c:46:00:5e:d2:
         64:58:b7:4e:21:1b:fc:c8:1a:38:25:b5:16:48:18:26:d4:d4:
         54:16:ab:4b:e3:28:12:89:c7:d9:fa:b2:a7:34:70:82:3f:fd:
         20:53:a0:c5:2f:90:59:34:f0:49:ba:d3:ea:8d:ad:89:ce:d7:
         ac:ec:4b:35:6e:ed:1c:f1:4b:96:bc:f0:c6:1f:f6:1b:dc:93:
         0c:dc:50:da:4e:d2:79:84:73:ea:a3:04:06:88:ef:42:69:8a:
         97:fd:63:ef
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYtOc9U7BifXa/NW2NWOuk3uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ODQ2NWIzN2IyZDRlOWY0MTNhMzFkYzdiN2U2Y2JhMmEz
M2RiOTYwHhcNMjMxMDIwMTg1ODE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGZlZTNiNzhkY2JlMDlmMzM3NzU2YjViMDgzYTA3NGMyNzE3YjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqC3E8JVGG0OhpeH57apaJ1GZ1B0+
ZU0Z3+t1mbBTm1bX08/ofmF3rqt/wMr1KpGs5zU+QQ4yME4A1iPL23VyXPVlKzU3
yH49atqyCI6q1CaWyJ0qJ6OMWM0XwTsC3GTKbbSPZh/BhvQz9kv1CodHk+SOY3qn
XDBKRmTOV31JBg1z6cOk+z8fvP8YG6Xvg9Y38R8gXyPMD70Wo3+aA6/2SSaOsrAH
h++WqxyfV3Jw9YfpVAigG6NNyEgvMbA76jLn1dxbJZAgrunC7B+GN/QlJ2ORZsvQ
5UeHLZbh8EHOl/fBroNV+8+pUqlt8PsBEZoWBU0qiIf8UaOvKqrR9vBPDwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOD+47eNy+CfM3dWtbCDoHTCcXucMB8GA1UdIwQY
MBaAFAiEZbN7LU6fQTox3Ht+bLoqM9uWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0lSbHMzc3RUcDlCT2pIY2UzNXN1aW96MjVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8zZTJiMTgtNTVjOS00MTgwLThjNmUt
MmM3MDg2ZmRlZDkzLzEvNFA3anQ0M0w0Sjh6ZDFhMXNJT2dkTUp4ZTV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8zZTJiMTgtNTVjOS00MTgwLThjNmUtMmM3MDg2ZmRlZDkz
LzEvQ0lSbHMzc3RUcDlCT2pIY2UzNXN1aW96MjVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAvEIaAwQA
wQMUAwQAwWw7AwQAwWxpMA0GCSqGSIb3DQEBCwUAA4IBAQBcfX298b2+peYxFS/6
FSY8LdqP0IwO5t74B0v9Gw4kSbrADwe8lkYDn1i2rPb2nmyjrgJW7YgjsrbuNx7G
3GgCX85l60U/W8aV67Bht3d9kinSGtMafHqbJZyH9ixtyQkCCkxbnK+FVufWkJso
OzWJTV9JIQfSn/4ocmviB0nTE1m4rhh5e+dUmKG926aIMUfA2SmZikQ8rNbRW+gi
LEYAXtJkWLdOIRv8yBo4JbUWSBgm1NRUFqtL4ygSicfZ+rKnNHCCP/0gU6DFL5BZ
NPBJutPqja2Jztes7Es1bu0c8UuWvPDGH/Yb3JMM3FDaTtJ5hHPqowQGiO9CaYqX
/WPv
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:14:44 2024 by rpki-client on console-fra.rpki-client.org