Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/9ec134-f04f-4423-8be5-7f5e1759f84e/1/SoJoCIpLw3xB0mS-mtFwgF0VtOw.roa
File:                     SoJoCIpLw3xB0mS-mtFwgF0VtOw.roa (raw, json)
Hash identifier:          rXINz0eZ83gqRA28XHD0L3uWkNCVFW+EsDXiEBwbygs=
Subject key identifier:   4A:82:68:08:8A:4B:C3:7C:41:D2:64:BE:9A:D1:70:80:5D:15:B4:EC
Certificate issuer:       /CN=771072920d8c9a2b40eb3a045f1f2a6e334a4496
Certificate serial:       01856D662268B11520B39C4790664090E7CF
Authority key identifier: 77:10:72:92:0D:8C:9A:2B:40:EB:3A:04:5F:1F:2A:6E:33:4A:44:96
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dxBykg2MmitA6zoEXx8qbjNKRJY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/48/9ec134-f04f-4423-8be5-7f5e1759f84e/1/SoJoCIpLw3xB0mS-mtFwgF0VtOw.roa
Signing time:             Sun 01 Jan 2023 12:54:48 +0000
ROA not before:           Sun 01 Jan 2023 12:54:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     24961
IP address blocks:        193.189.114.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:30:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:66:22:68:b1:15:20:b3:9c:47:90:66:40:90:e7:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=771072920d8c9a2b40eb3a045f1f2a6e334a4496
        Validity
            Not Before: Jan  1 12:54:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4a8268088a4bc37c41d264be9ad170805d15b4ec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:4c:f7:d6:32:92:90:53:69:ae:8a:db:78:5a:
                    f0:15:0b:e2:e6:c0:6d:0e:d9:5e:38:cb:b3:7b:84:
                    cf:61:66:9b:cc:d0:52:9d:3a:99:f4:10:bc:03:5f:
                    e6:a3:5f:9a:79:d4:8f:54:85:ec:8f:39:64:06:3f:
                    87:bc:79:bb:31:be:43:96:f5:65:73:ae:8c:a0:b4:
                    7a:af:7f:41:3a:15:12:6a:f8:a0:e0:1e:3b:fa:8a:
                    40:50:ce:36:cf:7e:04:da:b9:1b:50:35:e0:fa:3a:
                    09:41:82:55:e1:97:48:eb:c9:ef:7d:ba:e8:15:5e:
                    62:b7:69:89:63:fa:29:87:64:0d:ed:4a:89:60:5e:
                    35:e5:84:01:89:f5:48:ca:61:d9:89:45:3e:64:95:
                    46:31:0e:9f:7f:7b:6e:d2:5b:f0:46:f8:87:3c:63:
                    9c:53:8d:44:30:83:d2:39:70:0d:95:2a:7f:3b:f5:
                    b4:03:9e:31:e1:e2:b4:81:ee:41:1e:da:af:4e:02:
                    43:7e:2e:a3:45:c0:24:56:69:f1:0e:8e:29:75:8e:
                    e7:ac:14:c4:99:1c:23:f2:43:9e:af:34:2d:42:10:
                    e9:e5:5a:55:86:55:ff:5d:7f:23:45:08:b9:71:47:
                    e6:b0:d3:a0:8d:6f:ae:b5:e2:7d:91:d5:f8:8b:80:
                    b7:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:82:68:08:8A:4B:C3:7C:41:D2:64:BE:9A:D1:70:80:5D:15:B4:EC
            X509v3 Authority Key Identifier:
                keyid:77:10:72:92:0D:8C:9A:2B:40:EB:3A:04:5F:1F:2A:6E:33:4A:44:96

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dxBykg2MmitA6zoEXx8qbjNKRJY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/9ec134-f04f-4423-8be5-7f5e1759f84e/1/SoJoCIpLw3xB0mS-mtFwgF0VtOw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/48/9ec134-f04f-4423-8be5-7f5e1759f84e/1/dxBykg2MmitA6zoEXx8qbjNKRJY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.189.114.0/23

    Signature Algorithm: sha256WithRSAEncryption
         0c:37:0a:e9:07:19:82:e9:df:16:82:80:f0:f9:3e:2f:7e:28:
         cf:82:3f:6e:17:0b:f9:42:12:11:a2:09:24:e1:6e:4a:6d:85:
         eb:80:aa:c2:96:2a:de:a7:69:6d:8f:65:2e:27:b2:4e:7d:35:
         3c:7d:6e:09:6c:cd:8a:f3:44:23:4e:8e:d6:c4:0b:57:53:f7:
         57:d5:48:09:4d:80:37:ba:6d:8a:70:f9:78:3a:7e:ec:49:52:
         30:4a:5e:4e:ac:55:4c:26:15:72:1b:5a:11:ba:b0:58:7e:6c:
         39:46:af:c1:9a:89:cc:0e:63:38:19:4c:fb:7a:e8:aa:bc:0b:
         cd:b0:f2:0b:79:5d:dc:e7:f1:e9:7f:ff:da:f5:94:56:34:41:
         57:bc:b0:7a:8a:37:56:52:fa:fb:db:21:30:9e:65:7e:79:96:
         86:ce:96:eb:35:fc:13:0f:62:6c:fe:74:1f:5c:64:08:5d:b5:
         de:8a:72:02:f9:c6:ab:bd:c4:02:8e:3a:21:4d:18:60:2d:2d:
         8a:fc:fc:a4:e8:6c:bc:76:73:dd:22:5f:94:5d:a0:b7:75:0a:
         49:55:90:38:13:7e:62:01:07:6f:ff:ed:df:c3:cf:44:f2:5b:
         e9:35:90:f2:9f:f4:cd:a8:43:7e:3c:42:98:2e:1b:5f:99:8a:
         1a:07:1c:41
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtZiJosRUgs5xHkGZAkOfPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3MTA3MjkyMGQ4YzlhMmI0MGViM2EwNDVmMWYyYTZlMzM0
YTQ0OTYwHhcNMjMwMTAxMTI1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTgyNjgwODhhNGJjMzdjNDFkMjY0YmU5YWQxNzA4MDVkMTViNGVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq0z31jKSkFNprorbeFrwFQvi5sBt
DtleOMuze4TPYWabzNBSnTqZ9BC8A1/mo1+aedSPVIXsjzlkBj+HvHm7Mb5DlvVl
c66MoLR6r39BOhUSavig4B47+opAUM42z34E2rkbUDXg+joJQYJV4ZdI68nvfbro
FV5it2mJY/oph2QN7UqJYF415YQBifVIymHZiUU+ZJVGMQ6ff3tu0lvwRviHPGOc
U41EMIPSOXANlSp/O/W0A54x4eK0ge5BHtqvTgJDfi6jRcAkVmnxDo4pdY7nrBTE
mRwj8kOerzQtQhDp5VpVhlX/XX8jRQi5cUfmsNOgjW+uteJ9kdX4i4C3GQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEqCaAiKS8N8QdJkvprRcIBdFbTsMB8GA1UdIwQY
MBaAFHcQcpINjJorQOs6BF8fKm4zSkSWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHhCeWtnMk1taXRBNnpvRVh4OHFiak5LUkpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC85ZWMxMzQtZjA0Zi00NDIzLThiZTUt
N2Y1ZTE3NTlmODRlLzEvU29Kb0NJcEx3M3hCMG1TLW10RndnRjBWdE93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC85ZWMxMzQtZjA0Zi00NDIzLThiZTUtN2Y1ZTE3NTlmODRl
LzEvZHhCeWtnMk1taXRBNnpvRVh4OHFiak5LUkpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwb1yMA0G
CSqGSIb3DQEBCwUAA4IBAQAMNwrpBxmC6d8WgoDw+T4vfijPgj9uFwv5QhIRogkk
4W5KbYXrgKrClirep2ltj2UuJ7JOfTU8fW4JbM2K80QjTo7WxAtXU/dX1UgJTYA3
um2KcPl4On7sSVIwSl5OrFVMJhVyG1oRurBYfmw5Rq/BmonMDmM4GUz7euiqvAvN
sPILeV3c5/Hpf//a9ZRWNEFXvLB6ijdWUvr72yEwnmV+eZaGzpbrNfwTD2Js/nQf
XGQIXbXeinIC+carvcQCjjohTRhgLS2K/Pyk6Gy8dnPdIl+UXaC3dQpJVZA4E35i
AQdv/+3fw89E8lvpNZDyn/TNqEN+PEKYLhtfmYoaBxxB
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:39 2024 by rpki-client on console-ams.rpki-client.org