Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/11dc71-8170-45b5-8c5b-4d73730f7d32/1/vOOBvFBNX06IQ3wOwkA90Kx3fCA.roa
File:                     vOOBvFBNX06IQ3wOwkA90Kx3fCA.roa (raw, json)
Hash identifier:          LNa4sxKISf9qWeq/nHAdwJoWadDf7EVeVk8lvHh23eM=
Subject key identifier:   BC:E3:81:BC:50:4D:5F:4E:88:43:7C:0E:C2:40:3D:D0:AC:77:7C:20
Certificate issuer:       /CN=21698c1cdc66dc285d0f807629c46261a88b2de7
Certificate serial:       0185707978D0BD73EC31DB4345493078CB3A
Authority key identifier: 21:69:8C:1C:DC:66:DC:28:5D:0F:80:76:29:C4:62:61:A8:8B:2D:E7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IWmMHNxm3ChdD4B2KcRiYaiLLec.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/47/11dc71-8170-45b5-8c5b-4d73730f7d32/1/vOOBvFBNX06IQ3wOwkA90Kx3fCA.roa
Signing time:             Mon 02 Jan 2023 03:14:47 +0000
ROA not before:           Mon 02 Jan 2023 03:14:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2119
IP address blocks:        193.164.89.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:31:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:79:78:d0:bd:73:ec:31:db:43:45:49:30:78:cb:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=21698c1cdc66dc285d0f807629c46261a88b2de7
        Validity
            Not Before: Jan  2 03:14:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=bce381bc504d5f4e88437c0ec2403dd0ac777c20
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:34:5c:ca:e4:7c:8b:54:4c:92:81:9a:27:ca:
                    18:58:6b:a6:ff:fe:0a:47:59:b4:7c:8a:32:56:06:
                    c5:b5:7e:0b:4e:50:4f:43:cd:7e:8e:9b:bc:d0:9e:
                    e2:36:10:de:00:2c:52:e4:a5:59:1a:e5:34:b1:4c:
                    50:87:68:1b:09:ab:75:96:9d:8b:d8:f7:69:54:1f:
                    c0:4e:5b:32:d4:68:01:f8:20:52:73:ee:77:0f:9e:
                    2a:46:b3:3b:d7:0e:e2:87:e8:de:a8:8c:40:80:49:
                    69:2c:5b:4f:8e:d8:d7:4b:a3:ca:d1:30:1a:55:e5:
                    7a:7e:d1:8f:23:61:b9:40:c5:d4:4d:18:29:d7:ae:
                    ca:2b:2a:80:32:32:c6:83:e7:f1:f6:fe:1f:38:bb:
                    f2:9b:a3:6f:89:54:71:ad:63:57:41:77:08:52:66:
                    f3:46:2c:c7:76:bb:3f:47:0c:9f:f5:13:e3:74:1d:
                    f5:9a:a2:5c:03:a3:8b:a8:5f:0c:17:45:64:a1:e3:
                    ed:09:a3:96:92:ab:b1:a8:0d:d8:83:3b:30:4b:8d:
                    5d:e5:0e:73:19:88:80:76:ce:d4:87:35:02:c0:7a:
                    d8:92:8d:7e:d5:98:c8:71:fe:42:52:18:b2:84:0e:
                    33:fb:9b:83:d7:4e:f2:5c:a1:b6:bc:29:8a:c2:1f:
                    fe:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:E3:81:BC:50:4D:5F:4E:88:43:7C:0E:C2:40:3D:D0:AC:77:7C:20
            X509v3 Authority Key Identifier:
                keyid:21:69:8C:1C:DC:66:DC:28:5D:0F:80:76:29:C4:62:61:A8:8B:2D:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IWmMHNxm3ChdD4B2KcRiYaiLLec.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/11dc71-8170-45b5-8c5b-4d73730f7d32/1/vOOBvFBNX06IQ3wOwkA90Kx3fCA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/47/11dc71-8170-45b5-8c5b-4d73730f7d32/1/IWmMHNxm3ChdD4B2KcRiYaiLLec.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.164.89.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1c:ac:64:da:7b:f7:75:75:7f:1e:c5:3e:a2:36:9e:6e:15:a0:
         e1:92:c8:32:2d:11:0a:cb:48:e5:f6:08:c7:b9:f0:af:fb:bb:
         98:c2:56:b2:d5:c9:fb:a6:4e:93:4a:03:8f:c0:b6:07:d7:72:
         fc:ee:ed:96:ea:95:10:0f:5f:83:1f:ef:55:a4:ea:75:43:44:
         c0:ea:8f:3d:4e:d0:db:07:a0:c4:7f:24:6d:ca:5b:6a:fa:5f:
         fd:01:9d:69:0a:bd:8a:41:41:4e:ee:15:29:c4:74:75:e2:e1:
         43:bc:1d:39:94:cd:5e:cf:e3:17:4c:7f:51:30:50:17:c0:d2:
         21:67:ca:0b:78:c6:4e:3a:ac:b0:92:b1:6c:be:6f:37:39:f8:
         08:a2:13:64:2b:61:3f:da:38:bf:b8:23:97:76:50:c4:73:98:
         84:f2:ad:16:b8:f2:75:35:6f:00:64:47:20:b7:95:77:85:ad:
         df:e6:62:8f:68:a5:df:7d:e7:0d:ad:57:89:9d:34:e4:7c:87:
         62:d2:37:ab:25:90:e2:7f:65:fb:af:41:f9:43:62:fb:f6:f6:
         5b:9b:67:40:61:99:86:6f:ac:2d:ca:24:20:5c:05:59:f9:c6:
         50:69:9a:d8:a1:61:c5:06:14:25:1e:c4:bf:36:14:79:e3:44:
         99:44:15:55
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVweXjQvXPsMdtDRUkweMs6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNjk4YzFjZGM2NmRjMjg1ZDBmODA3NjI5YzQ2MjYxYTg4
YjJkZTcwHhcNMjMwMTAyMDMxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2UzODFiYzUwNGQ1ZjRlODg0MzdjMGVjMjQwM2RkMGFjNzc3YzIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtjRcyuR8i1RMkoGaJ8oYWGum//4K
R1m0fIoyVgbFtX4LTlBPQ81+jpu80J7iNhDeACxS5KVZGuU0sUxQh2gbCat1lp2L
2PdpVB/ATlsy1GgB+CBSc+53D54qRrM71w7ih+jeqIxAgElpLFtPjtjXS6PK0TAa
VeV6ftGPI2G5QMXUTRgp167KKyqAMjLGg+fx9v4fOLvym6NviVRxrWNXQXcIUmbz
RizHdrs/Rwyf9RPjdB31mqJcA6OLqF8MF0VkoePtCaOWkquxqA3YgzswS41d5Q5z
GYiAds7UhzUCwHrYko1+1ZjIcf5CUhiyhA4z+5uD107yXKG2vCmKwh/+mQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLzjgbxQTV9OiEN8DsJAPdCsd3wgMB8GA1UdIwQY
MBaAFCFpjBzcZtwoXQ+AdinEYmGoiy3nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVdtTUhOeG0zQ2hkRDRCMktjUmlZYWlMTGVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny8xMWRjNzEtODE3MC00NWI1LThjNWIt
NGQ3MzczMGY3ZDMyLzEvdk9PQnZGQk5YMDZJUTN3T3drQTkwS3gzZkNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny8xMWRjNzEtODE3MC00NWI1LThjNWItNGQ3MzczMGY3ZDMy
LzEvSVdtTUhOeG0zQ2hkRDRCMktjUmlZYWlMTGVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwaRZMA0G
CSqGSIb3DQEBCwUAA4IBAQAcrGTae/d1dX8exT6iNp5uFaDhksgyLREKy0jl9gjH
ufCv+7uYwlay1cn7pk6TSgOPwLYH13L87u2W6pUQD1+DH+9VpOp1Q0TA6o89TtDb
B6DEfyRtyltq+l/9AZ1pCr2KQUFO7hUpxHR14uFDvB05lM1ez+MXTH9RMFAXwNIh
Z8oLeMZOOqywkrFsvm83OfgIohNkK2E/2ji/uCOXdlDEc5iE8q0WuPJ1NW8AZEcg
t5V3ha3f5mKPaKXffecNrVeJnTTkfIdi0jerJZDif2X7r0H5Q2L79vZbm2dAYZmG
b6wtyiQgXAVZ+cZQaZrYoWHFBhQlHsS/NhR540SZRBVV
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:16 2024 by rpki-client on console-ams.rpki-client.org