Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/a765da-4aa1-47a2-8b5d-ebe43905eb81/1/_yLx9LN7wKtm9hjRvRz14QykUvo.roa
File:                     _yLx9LN7wKtm9hjRvRz14QykUvo.roa (raw, json)
Hash identifier:          YWQEOkVBGGm/JivcLf2SFWQuM32Hk4N6eTp/eE+N8Sg=
Subject key identifier:   FF:22:F1:F4:B3:7B:C0:AB:66:F6:18:D1:BD:1C:F5:E1:0C:A4:52:FA
Certificate issuer:       /CN=c15ee2d909c9b75c6d2084e3379bf03274b776f4
Certificate serial:       01856F5DA1821FAED8717414707DAD74E2AB
Authority key identifier: C1:5E:E2:D9:09:C9:B7:5C:6D:20:84:E3:37:9B:F0:32:74:B7:76:F4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wV7i2QnJt1xtIITjN5vwMnS3dvQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/a765da-4aa1-47a2-8b5d-ebe43905eb81/1/_yLx9LN7wKtm9hjRvRz14QykUvo.roa
Signing time:             Sun 01 Jan 2023 22:04:45 +0000
ROA not before:           Sun 01 Jan 2023 22:04:45 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     3303
IP address blocks:        193.135.216.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:29:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:5d:a1:82:1f:ae:d8:71:74:14:70:7d:ad:74:e2:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c15ee2d909c9b75c6d2084e3379bf03274b776f4
        Validity
            Not Before: Jan  1 22:04:45 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ff22f1f4b37bc0ab66f618d1bd1cf5e10ca452fa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:bd:90:27:8f:69:ee:88:3e:39:2d:a0:13:04:
                    7c:c3:7f:72:ae:b7:25:9b:09:6c:ee:20:45:1a:50:
                    14:bc:71:15:e2:87:75:cf:32:fa:24:a5:56:1a:60:
                    1e:7e:dc:42:47:47:e5:05:53:f6:d5:21:e7:42:7e:
                    71:32:40:bd:34:ae:f3:53:e7:b7:48:fc:f4:92:8a:
                    eb:43:74:b5:6d:08:e1:63:32:df:13:2a:b3:62:60:
                    c7:18:c8:fe:14:11:9e:39:b9:7d:dd:e8:73:7a:e1:
                    48:4e:52:1b:91:78:99:f6:9f:34:f8:f1:c3:70:7f:
                    53:a6:a7:6c:96:07:95:6f:de:09:e9:d7:b7:a4:ab:
                    7d:1c:9b:18:d5:0c:f9:76:fe:7c:e6:2c:8c:38:32:
                    43:e6:da:2c:4f:97:6a:f7:84:39:27:09:a0:84:5e:
                    f6:53:e8:e2:4a:3e:73:ff:64:58:ff:f3:f0:d4:80:
                    06:74:c9:f3:06:2a:77:4e:00:7c:76:e6:1c:7d:49:
                    9d:29:c5:5d:a3:c1:d2:47:d3:2e:e2:7c:15:ce:01:
                    a4:f5:76:ce:03:01:6f:35:da:7a:58:d4:55:e0:1b:
                    a5:29:14:f9:2f:e5:78:2e:39:b6:30:51:fb:c5:88:
                    62:85:8e:c6:29:91:d1:94:4d:e2:4d:b5:56:7b:28:
                    dd:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:22:F1:F4:B3:7B:C0:AB:66:F6:18:D1:BD:1C:F5:E1:0C:A4:52:FA
            X509v3 Authority Key Identifier:
                keyid:C1:5E:E2:D9:09:C9:B7:5C:6D:20:84:E3:37:9B:F0:32:74:B7:76:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wV7i2QnJt1xtIITjN5vwMnS3dvQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/a765da-4aa1-47a2-8b5d-ebe43905eb81/1/_yLx9LN7wKtm9hjRvRz14QykUvo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/a765da-4aa1-47a2-8b5d-ebe43905eb81/1/wV7i2QnJt1xtIITjN5vwMnS3dvQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.135.216.0/23

    Signature Algorithm: sha256WithRSAEncryption
         99:77:24:82:bb:7f:ac:2c:64:7c:48:99:0a:1e:5d:ba:73:7a:
         ba:47:5c:a1:2f:14:37:4a:8c:72:ee:4b:22:fd:bf:d0:ea:76:
         f8:d1:e7:f9:26:b7:f2:bc:6c:cc:f3:16:3b:c8:85:03:19:37:
         aa:c5:6a:63:7c:bc:e8:21:64:6c:ac:19:89:5f:e5:02:c6:37:
         ec:77:1a:89:db:49:6b:54:56:23:b1:2d:69:f1:3b:49:fe:3f:
         da:75:be:4a:d3:d4:ce:78:53:e7:6b:dc:ce:e7:35:06:a7:3e:
         57:49:22:6c:40:95:c6:51:75:7d:ba:57:e3:a4:55:4b:ed:b0:
         95:0c:c8:91:77:12:c5:60:88:6a:cb:39:1e:f8:b1:ef:67:37:
         ed:81:d3:5d:2d:a3:d8:79:55:5f:12:b0:bc:25:4a:f3:79:43:
         f3:8d:1b:74:29:3b:e5:ed:4f:01:c3:8e:97:6c:34:05:7a:f5:
         7f:f2:d3:84:19:44:c1:79:26:b1:07:88:6b:25:06:02:3d:61:
         c7:09:52:94:cc:5b:c1:0e:4b:49:bd:e9:78:07:c8:e3:15:47:
         00:8a:ca:94:0a:87:c5:06:0d:51:15:a8:8a:ce:d6:d8:c6:5a:
         9c:79:5d:11:16:93:14:35:a5:32:5c:2d:a2:73:81:80:6b:30:
         7b:1a:26:7f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvXaGCH67YcXQUcH2tdOKrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxNWVlMmQ5MDljOWI3NWM2ZDIwODRlMzM3OWJmMDMyNzRi
Nzc2ZjQwHhcNMjMwMTAxMjIwNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjIyZjFmNGIzN2JjMGFiNjZmNjE4ZDFiZDFjZjVlMTBjYTQ1MmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl72QJ49p7og+OS2gEwR8w39yrrcl
mwls7iBFGlAUvHEV4od1zzL6JKVWGmAeftxCR0flBVP21SHnQn5xMkC9NK7zU+e3
SPz0korrQ3S1bQjhYzLfEyqzYmDHGMj+FBGeObl93ehzeuFITlIbkXiZ9p80+PHD
cH9TpqdslgeVb94J6de3pKt9HJsY1Qz5dv585iyMODJD5tosT5dq94Q5JwmghF72
U+jiSj5z/2RY//Pw1IAGdMnzBip3TgB8duYcfUmdKcVdo8HSR9Mu4nwVzgGk9XbO
AwFvNdp6WNRV4BulKRT5L+V4Ljm2MFH7xYhihY7GKZHRlE3iTbVWeyjdUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP8i8fSze8CrZvYY0b0c9eEMpFL6MB8GA1UdIwQY
MBaAFMFe4tkJybdcbSCE4zeb8DJ0t3b0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1Y3aTJRbkp0MXh0SUlUak41dndNblMzZHZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9hNzY1ZGEtNGFhMS00N2EyLThiNWQt
ZWJlNDM5MDVlYjgxLzEvX3lMeDlMTjd3S3RtOWhqUnZSejE0UXlrVXZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC9hNzY1ZGEtNGFhMS00N2EyLThiNWQtZWJlNDM5MDVlYjgx
LzEvd1Y3aTJRbkp0MXh0SUlUak41dndNblMzZHZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwYfYMA0G
CSqGSIb3DQEBCwUAA4IBAQCZdySCu3+sLGR8SJkKHl26c3q6R1yhLxQ3Soxy7ksi
/b/Q6nb40ef5JrfyvGzM8xY7yIUDGTeqxWpjfLzoIWRsrBmJX+UCxjfsdxqJ20lr
VFYjsS1p8TtJ/j/adb5K09TOeFPna9zO5zUGpz5XSSJsQJXGUXV9ulfjpFVL7bCV
DMiRdxLFYIhqyzke+LHvZzftgdNdLaPYeVVfErC8JUrzeUPzjRt0KTvl7U8Bw46X
bDQFevV/8tOEGUTBeSaxB4hrJQYCPWHHCVKUzFvBDktJvel4B8jjFUcAisqUCofF
Bg1RFaiKztbYxlqceV0RFpMUNaUyXC2ic4GAazB7GiZ/
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:48 2024 by rpki-client on console-ams.rpki-client.org