Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/1e334d-98b5-47b9-b4fd-29f71ee1791d/1/O7dsvtheiXRe7npPiWHAgCdROXQ.roa
File:                     O7dsvtheiXRe7npPiWHAgCdROXQ.roa (raw, json)
Hash identifier:          CKY+86/4McMc4qvrevlezs3+QJMuXagupYM6NzKrT/U=
Subject key identifier:   3B:B7:6C:BE:D8:5E:89:74:5E:EE:7A:4F:89:61:C0:80:27:51:39:74
Certificate issuer:       /CN=76f2f341cf98b9e8b46edd389a48064c7bae6f9a
Certificate serial:       01856D9407540ED7B44AD05890C01D5D2057
Authority key identifier: 76:F2:F3:41:CF:98:B9:E8:B4:6E:DD:38:9A:48:06:4C:7B:AE:6F:9A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dvLzQc-Yuei0bt04mkgGTHuub5o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/1e334d-98b5-47b9-b4fd-29f71ee1791d/1/O7dsvtheiXRe7npPiWHAgCdROXQ.roa
Signing time:             Sun 01 Jan 2023 13:44:55 +0000
ROA not before:           Sun 01 Jan 2023 13:44:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     59447
IP address blocks:        193.9.48.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 21 Mar 2023 23:42:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:94:07:54:0e:d7:b4:4a:d0:58:90:c0:1d:5d:20:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=76f2f341cf98b9e8b46edd389a48064c7bae6f9a
        Validity
            Not Before: Jan  1 13:44:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3bb76cbed85e89745eee7a4f8961c08027513974
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:92:80:38:c5:01:fa:6a:31:e6:18:cd:9d:97:
                    a4:21:89:55:a1:95:bd:7c:c2:0d:52:10:54:32:de:
                    28:83:ac:e0:bb:16:4f:1b:59:82:cd:21:a7:0a:1b:
                    c9:bc:43:c2:b4:00:41:00:60:4d:c3:56:f5:a3:2d:
                    08:86:68:d8:c0:2d:f2:10:1d:65:e6:42:9e:7c:88:
                    d1:70:e9:55:58:81:83:60:9c:53:9a:9a:74:29:4e:
                    d2:5f:a0:15:79:f4:62:67:f6:65:59:07:b0:58:ad:
                    0d:80:38:68:1d:85:96:a2:1e:03:5d:64:85:e6:69:
                    45:2d:b5:dd:75:60:11:16:67:76:1d:55:68:83:18:
                    eb:a4:d3:4d:f5:0b:45:63:a0:68:db:d5:82:ec:ac:
                    57:61:74:61:b7:51:2d:b9:e7:22:47:6d:51:70:70:
                    52:42:55:0c:17:e5:fe:28:99:a1:9d:88:aa:12:30:
                    21:04:98:af:c5:96:f5:11:5a:be:0d:d3:e5:c0:be:
                    7d:16:6a:3f:b2:ed:7a:b4:40:53:92:84:04:74:c0:
                    ad:14:81:6a:4c:8c:75:2f:31:9f:c6:20:52:5c:ad:
                    61:7a:6f:b9:60:24:d3:70:1c:3e:83:5f:a2:ec:2d:
                    58:82:3d:08:93:86:74:92:8d:6e:53:a3:57:03:67:
                    d9:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:B7:6C:BE:D8:5E:89:74:5E:EE:7A:4F:89:61:C0:80:27:51:39:74
            X509v3 Authority Key Identifier:
                keyid:76:F2:F3:41:CF:98:B9:E8:B4:6E:DD:38:9A:48:06:4C:7B:AE:6F:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dvLzQc-Yuei0bt04mkgGTHuub5o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/1e334d-98b5-47b9-b4fd-29f71ee1791d/1/O7dsvtheiXRe7npPiWHAgCdROXQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/1e334d-98b5-47b9-b4fd-29f71ee1791d/1/dvLzQc-Yuei0bt04mkgGTHuub5o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.9.48.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1e:a5:d7:52:72:f1:09:c5:e4:10:be:c4:d4:09:0f:cb:3c:86:
         18:08:95:81:92:97:45:0b:b5:46:98:07:1d:78:b2:51:ca:10:
         6e:a4:86:d8:8f:d8:77:2d:b1:f7:5b:5a:fd:b9:b7:e0:92:fc:
         d1:b4:ad:05:d5:b0:e1:ae:a4:06:26:af:09:bd:54:2d:c3:c4:
         90:e8:b8:06:f1:66:17:8d:dd:6a:de:6e:bf:8b:e8:2a:20:c3:
         a9:f8:8b:3f:4f:72:87:ef:a2:f8:7f:9a:51:14:93:7a:fb:12:
         53:cb:1c:bf:15:86:aa:29:d5:53:51:ab:05:6f:22:37:2e:4e:
         b8:8a:31:b5:4c:78:a1:3d:43:76:3c:8e:75:6c:7c:d5:39:34:
         7d:52:72:0e:7d:db:47:bd:21:54:f7:1e:b4:69:00:e3:c4:70:
         71:0d:f3:8c:5c:c0:c9:eb:bf:a7:8e:80:b5:1a:f2:6d:1d:3d:
         79:64:e8:70:66:24:8d:7e:39:09:52:9f:c8:3d:dd:df:8b:c4:
         6f:5f:79:69:79:f4:41:c2:9d:15:c9:c6:98:a1:c0:f2:0b:d2:
         15:5b:70:db:d8:56:58:d0:70:3d:d0:b0:a0:83:f0:3e:e6:0a:
         da:ef:20:08:82:33:96:49:32:bc:af:cb:ad:97:9c:fa:35:96:
         40:0d:ba:89
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtlAdUDte0StBYkMAdXSBXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2ZjJmMzQxY2Y5OGI5ZThiNDZlZGQzODlhNDgwNjRjN2Jh
ZTZmOWEwHhcNMjMwMTAxMTM0NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmI3NmNiZWQ4NWU4OTc0NWVlZTdhNGY4OTYxYzA4MDI3NTEzOTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh5KAOMUB+mox5hjNnZekIYlVoZW9
fMINUhBUMt4og6zguxZPG1mCzSGnChvJvEPCtABBAGBNw1b1oy0IhmjYwC3yEB1l
5kKefIjRcOlVWIGDYJxTmpp0KU7SX6AVefRiZ/ZlWQewWK0NgDhoHYWWoh4DXWSF
5mlFLbXddWARFmd2HVVogxjrpNNN9QtFY6Bo29WC7KxXYXRht1EtueciR21RcHBS
QlUMF+X+KJmhnYiqEjAhBJivxZb1EVq+DdPlwL59Fmo/su16tEBTkoQEdMCtFIFq
TIx1LzGfxiBSXK1hem+5YCTTcBw+g1+i7C1Ygj0Ik4Z0ko1uU6NXA2fZcQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDu3bL7YXol0Xu56T4lhwIAnUTl0MB8GA1UdIwQY
MBaAFHby80HPmLnotG7dOJpIBkx7rm+aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHZMelFjLVl1ZWkwYnQwNG1rZ0dUSHV1YjVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My8xZTMzNGQtOThiNS00N2I5LWI0ZmQt
MjlmNzFlZTE3OTFkLzEvTzdkc3Z0aGVpWFJlN25wUGlXSEFnQ2RST1hRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My8xZTMzNGQtOThiNS00N2I5LWI0ZmQtMjlmNzFlZTE3OTFk
LzEvZHZMelFjLVl1ZWkwYnQwNG1rZ0dUSHV1YjVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwQkwMA0G
CSqGSIb3DQEBCwUAA4IBAQAepddScvEJxeQQvsTUCQ/LPIYYCJWBkpdFC7VGmAcd
eLJRyhBupIbYj9h3LbH3W1r9ubfgkvzRtK0F1bDhrqQGJq8JvVQtw8SQ6LgG8WYX
jd1q3m6/i+gqIMOp+Is/T3KH76L4f5pRFJN6+xJTyxy/FYaqKdVTUasFbyI3Lk64
ijG1THihPUN2PI51bHzVOTR9UnIOfdtHvSFU9x60aQDjxHBxDfOMXMDJ67+njoC1
GvJtHT15ZOhwZiSNfjkJUp/IPd3fi8RvX3lpefRBwp0VycaYocDyC9IVW3Db2FZY
0HA90LCgg/A+5gra7yAIgjOWSTK8r8utl5z6NZZADbqJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:31 2024 by rpki-client on console-ams.rpki-client.org