Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/1e334d-98b5-47b9-b4fd-29f71ee1791d/1/lDKv545Dl8WNZzaIhG3i4zSML8E.roa
File:                     lDKv545Dl8WNZzaIhG3i4zSML8E.roa (raw, json)
Hash identifier:          0dOH8HSV7KfTkfDSFvOGvo8lBF7p+3iu3MbqWZgo/yU=
Subject key identifier:   94:32:AF:E7:8E:43:97:C5:8D:67:36:88:84:6D:E2:E3:34:8C:2F:C1
Certificate issuer:       /CN=76f2f341cf98b9e8b46edd389a48064c7bae6f9a
Certificate serial:       0187068D43D110CD179C891F55C29F27004E
Authority key identifier: 76:F2:F3:41:CF:98:B9:E8:B4:6E:DD:38:9A:48:06:4C:7B:AE:6F:9A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dvLzQc-Yuei0bt04mkgGTHuub5o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/1e334d-98b5-47b9-b4fd-29f71ee1791d/1/lDKv545Dl8WNZzaIhG3i4zSML8E.roa
Signing time:             Tue 21 Mar 2023 23:42:13 +0000
ROA not before:           Tue 21 Mar 2023 23:42:13 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     199242
IP address blocks:        193.9.48.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:31:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:06:8d:43:d1:10:cd:17:9c:89:1f:55:c2:9f:27:00:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=76f2f341cf98b9e8b46edd389a48064c7bae6f9a
        Validity
            Not Before: Mar 21 23:42:13 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9432afe78e4397c58d673688846de2e3348c2fc1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:aa:18:7a:3a:c5:4c:ad:53:d8:9b:58:9c:4e:
                    be:a5:f6:1f:2a:5e:6f:28:d3:ca:1d:3b:05:39:24:
                    a2:1e:55:7c:3a:b7:78:ae:5e:37:69:4c:74:64:d9:
                    78:6d:76:ae:4a:1c:bb:59:b1:e8:04:1f:a2:8e:18:
                    ae:2f:10:88:ba:9b:15:d5:8a:a4:41:5b:c4:64:09:
                    aa:fd:13:57:60:7b:88:39:52:7b:3c:f0:da:c9:aa:
                    67:df:f1:ab:72:5c:5e:d2:7d:00:bf:dc:51:ef:f8:
                    8e:64:fb:cd:74:43:60:15:e0:33:74:08:38:c0:34:
                    80:d4:af:44:7d:e8:ef:0c:a9:24:2e:6d:3c:02:99:
                    fc:cb:a1:77:6c:61:03:fb:2c:29:51:39:58:ff:12:
                    c6:48:a5:03:04:17:9e:2c:db:37:ca:c0:e5:ee:f5:
                    84:8d:ef:b5:81:cb:ae:df:e9:dc:88:bb:a7:b5:0f:
                    77:fc:87:66:e9:78:bf:cc:60:7a:d3:65:7c:c4:19:
                    9a:42:bb:65:2e:5b:5a:4d:3d:ac:dc:8d:8d:87:4e:
                    a6:e7:4e:aa:f8:96:c7:d0:73:3e:a1:5e:eb:1c:37:
                    78:6d:37:5d:84:33:70:c1:75:f7:17:40:af:89:a9:
                    78:5c:be:1b:92:b1:93:bc:eb:f4:ce:19:21:dc:0c:
                    8a:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:32:AF:E7:8E:43:97:C5:8D:67:36:88:84:6D:E2:E3:34:8C:2F:C1
            X509v3 Authority Key Identifier:
                keyid:76:F2:F3:41:CF:98:B9:E8:B4:6E:DD:38:9A:48:06:4C:7B:AE:6F:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dvLzQc-Yuei0bt04mkgGTHuub5o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/1e334d-98b5-47b9-b4fd-29f71ee1791d/1/lDKv545Dl8WNZzaIhG3i4zSML8E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/1e334d-98b5-47b9-b4fd-29f71ee1791d/1/dvLzQc-Yuei0bt04mkgGTHuub5o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.9.48.0/24

    Signature Algorithm: sha256WithRSAEncryption
         66:2a:5e:c4:6d:11:5b:6c:af:ee:e7:92:a7:e9:a5:4c:81:be:
         c8:20:5d:f2:3a:74:32:19:2f:8c:54:02:c7:13:8b:21:71:81:
         39:24:41:2c:27:f9:a6:dd:24:92:98:ae:23:48:13:36:9b:54:
         3a:b4:15:b5:3e:7e:4b:04:1c:ef:28:49:86:9c:b6:1d:ab:d0:
         29:2c:b1:e1:b8:19:85:db:f9:d7:ad:04:45:fa:f9:68:6e:f3:
         c6:53:16:f6:31:e5:28:c9:58:cc:2c:71:20:b6:b2:ac:84:3f:
         62:2b:ae:83:e7:1f:73:f8:a5:62:d4:84:a1:c8:29:f4:a0:7e:
         55:96:0f:b6:86:51:dd:04:ef:21:22:6a:95:1d:c1:98:e7:48:
         29:ea:9d:ea:93:bb:35:86:c5:7d:cf:06:7c:97:3f:94:04:25:
         77:6f:54:e4:5c:37:16:21:27:8f:36:05:21:e7:bf:39:ae:7d:
         61:d8:b9:42:c5:90:90:71:2d:15:92:f7:27:8b:66:6a:20:9e:
         2b:b7:21:01:e8:f9:2a:62:75:2c:a6:f7:d0:ab:77:84:75:d8:
         95:3a:ff:ee:e8:e9:b3:a6:0f:2c:b9:fb:72:1d:9a:e9:72:a4:
         08:f7:d4:a5:38:b9:31:0b:1b:87:29:7d:30:ff:8f:4f:59:a6:
         eb:2f:16:09
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYcGjUPREM0XnIkfVcKfJwBOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2ZjJmMzQxY2Y5OGI5ZThiNDZlZGQzODlhNDgwNjRjN2Jh
ZTZmOWEwHhcNMjMwMzIxMjM0MjEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDMyYWZlNzhlNDM5N2M1OGQ2NzM2ODg4NDZkZTJlMzM0OGMyZmMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlaoYejrFTK1T2JtYnE6+pfYfKl5v
KNPKHTsFOSSiHlV8Ord4rl43aUx0ZNl4bXauShy7WbHoBB+ijhiuLxCIupsV1Yqk
QVvEZAmq/RNXYHuIOVJ7PPDayapn3/Grclxe0n0Av9xR7/iOZPvNdENgFeAzdAg4
wDSA1K9EfejvDKkkLm08Apn8y6F3bGED+ywpUTlY/xLGSKUDBBeeLNs3ysDl7vWE
je+1gcuu3+nciLuntQ93/Idm6Xi/zGB602V8xBmaQrtlLltaTT2s3I2Nh06m506q
+JbH0HM+oV7rHDd4bTddhDNwwXX3F0Cvial4XL4bkrGTvOv0zhkh3AyKWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJQyr+eOQ5fFjWc2iIRt4uM0jC/BMB8GA1UdIwQY
MBaAFHby80HPmLnotG7dOJpIBkx7rm+aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHZMelFjLVl1ZWkwYnQwNG1rZ0dUSHV1YjVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My8xZTMzNGQtOThiNS00N2I5LWI0ZmQt
MjlmNzFlZTE3OTFkLzEvbERLdjU0NURsOFdOWnphSWhHM2k0elNNTDhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My8xZTMzNGQtOThiNS00N2I5LWI0ZmQtMjlmNzFlZTE3OTFk
LzEvZHZMelFjLVl1ZWkwYnQwNG1rZ0dUSHV1YjVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwQkwMA0G
CSqGSIb3DQEBCwUAA4IBAQBmKl7EbRFbbK/u55Kn6aVMgb7IIF3yOnQyGS+MVALH
E4shcYE5JEEsJ/mm3SSSmK4jSBM2m1Q6tBW1Pn5LBBzvKEmGnLYdq9ApLLHhuBmF
2/nXrQRF+vlobvPGUxb2MeUoyVjMLHEgtrKshD9iK66D5x9z+KVi1IShyCn0oH5V
lg+2hlHdBO8hImqVHcGY50gp6p3qk7s1hsV9zwZ8lz+UBCV3b1TkXDcWISePNgUh
5785rn1h2LlCxZCQcS0Vkvcni2ZqIJ4rtyEB6PkqYnUspvfQq3eEddiVOv/u6Omz
pg8suftyHZrpcqQI99SlOLkxCxuHKX0w/49PWabrLxYJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:10 2024 by rpki-client on console-fra.rpki-client.org