Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/645b74-d8fb-4488-bbfd-c028d91ebc9c/1/2cmvf7HaXuWu0kkL92STCyTD1wo.roa
File:                     2cmvf7HaXuWu0kkL92STCyTD1wo.roa (raw, json)
Hash identifier:          kVFHAp9DjOWCX1TvJm9SAVULSkrNkfxWzWpAn7aUL8Q=
Subject key identifier:   D9:C9:AF:7F:B1:DA:5E:E5:AE:D2:49:0B:F7:64:93:0B:24:C3:D7:0A
Certificate issuer:       /CN=2c887302d1e740f5f98481fb4b7a461696bfe5c1
Certificate serial:       0185734CDABB52DBE67A8FECD568924DB203
Authority key identifier: 2C:88:73:02:D1:E7:40:F5:F9:84:81:FB:4B:7A:46:16:96:BF:E5:C1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LIhzAtHnQPX5hIH7S3pGFpa_5cE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4a/645b74-d8fb-4488-bbfd-c028d91ebc9c/1/2cmvf7HaXuWu0kkL92STCyTD1wo.roa
Signing time:             Mon 02 Jan 2023 16:24:54 +0000
ROA not before:           Mon 02 Jan 2023 16:24:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     0
IP address blocks:        194.116.96.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:34:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:4c:da:bb:52:db:e6:7a:8f:ec:d5:68:92:4d:b2:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2c887302d1e740f5f98481fb4b7a461696bfe5c1
        Validity
            Not Before: Jan  2 16:24:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d9c9af7fb1da5ee5aed2490bf764930b24c3d70a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:9f:9e:dd:bd:fb:b8:3d:b0:58:bb:6b:0f:68:
                    62:81:15:b2:fe:13:3a:3e:76:b0:25:0b:c2:18:6b:
                    5b:72:10:08:09:d3:8a:2b:69:91:bc:07:31:46:15:
                    e0:ff:e0:6a:05:21:a0:4d:70:9e:ab:d4:9d:4e:ef:
                    2a:a7:5b:27:31:2f:48:90:9c:f7:9d:3e:5e:5c:6a:
                    cb:d4:01:a3:33:24:ef:a8:21:68:19:d4:92:7b:e5:
                    44:37:7e:5b:cb:cf:75:65:75:9d:9f:6e:79:c8:6d:
                    68:51:0c:ad:11:86:36:bf:28:4e:e9:f5:75:4e:4b:
                    4a:20:a2:8d:88:e1:ed:ca:17:ff:40:0e:40:d1:16:
                    ec:3c:71:2b:6f:2f:f2:fc:ee:cd:be:27:0f:2c:bf:
                    e4:79:f7:d5:b9:07:2d:b3:64:f6:76:54:c5:c6:0c:
                    db:d1:c4:b7:01:02:45:3c:f5:26:16:f1:47:b3:66:
                    1a:c3:b4:5c:21:12:bc:45:58:94:3a:7a:2a:7d:51:
                    75:78:7a:d7:6b:62:e8:e3:36:2b:31:6c:9d:70:10:
                    8f:98:f6:98:52:f7:49:47:4f:e2:44:fe:32:ba:41:
                    7c:3f:70:60:18:fb:b5:4f:58:46:25:3f:50:0f:89:
                    2a:22:b4:5b:4d:2b:7b:03:89:b6:1b:6e:47:44:b4:
                    c2:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:C9:AF:7F:B1:DA:5E:E5:AE:D2:49:0B:F7:64:93:0B:24:C3:D7:0A
            X509v3 Authority Key Identifier:
                keyid:2C:88:73:02:D1:E7:40:F5:F9:84:81:FB:4B:7A:46:16:96:BF:E5:C1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LIhzAtHnQPX5hIH7S3pGFpa_5cE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/645b74-d8fb-4488-bbfd-c028d91ebc9c/1/2cmvf7HaXuWu0kkL92STCyTD1wo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/645b74-d8fb-4488-bbfd-c028d91ebc9c/1/LIhzAtHnQPX5hIH7S3pGFpa_5cE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.116.96.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1a:c9:94:cd:70:4b:35:c5:e6:5c:b5:54:e5:5d:0e:8f:dc:a6:
         42:61:28:56:3c:02:17:13:d0:f8:c6:ea:34:fe:fe:38:97:c9:
         a3:b9:59:f6:fe:49:fd:c2:55:10:94:3c:16:00:b9:7a:3c:b8:
         31:a4:9f:ae:af:41:68:11:f3:57:77:05:7b:9e:82:64:87:a0:
         bd:ce:a8:ce:c3:a6:fa:be:3a:63:ce:29:bf:c8:33:e9:55:f3:
         a1:61:e2:05:c0:96:e1:ae:d9:8d:fc:54:fd:78:1a:a9:f0:d1:
         25:e0:cd:a4:fb:c9:f1:03:b4:2c:16:29:3e:8d:03:08:29:88:
         52:97:48:45:9a:64:ee:4a:71:b3:4e:2f:42:5c:ea:1c:c7:8e:
         0a:5d:04:4a:f5:f2:25:c0:93:25:49:ab:d8:c0:0f:49:7a:69:
         3c:3a:dd:05:6e:9a:de:8c:bf:bf:3d:9d:71:ff:d3:a8:3a:ea:
         d6:ea:dd:f9:13:82:e7:24:df:ac:38:3f:07:e7:de:80:7a:dd:
         8d:35:07:ef:bb:d4:e3:15:a0:a7:1e:bd:a0:f6:3c:8d:36:0f:
         ca:c8:ba:3f:be:34:90:5e:c5:09:01:e6:85:9c:dd:32:87:9d:
         dc:4b:8e:70:ad:85:9b:e4:8a:bc:19:50:52:f6:67:3f:a9:2e:
         39:7e:28:2b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzTNq7Utvmeo/s1WiSTbIDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjODg3MzAyZDFlNzQwZjVmOTg0ODFmYjRiN2E0NjE2OTZi
ZmU1YzEwHhcNMjMwMTAyMTYyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWM5YWY3ZmIxZGE1ZWU1YWVkMjQ5MGJmNzY0OTMwYjI0YzNkNzBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApp+e3b37uD2wWLtrD2higRWy/hM6
PnawJQvCGGtbchAICdOKK2mRvAcxRhXg/+BqBSGgTXCeq9SdTu8qp1snMS9IkJz3
nT5eXGrL1AGjMyTvqCFoGdSSe+VEN35by891ZXWdn255yG1oUQytEYY2vyhO6fV1
TktKIKKNiOHtyhf/QA5A0RbsPHErby/y/O7NvicPLL/keffVuQcts2T2dlTFxgzb
0cS3AQJFPPUmFvFHs2Yaw7RcIRK8RViUOnoqfVF1eHrXa2Lo4zYrMWydcBCPmPaY
UvdJR0/iRP4yukF8P3BgGPu1T1hGJT9QD4kqIrRbTSt7A4m2G25HRLTCXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNnJr3+x2l7lrtJJC/dkkwskw9cKMB8GA1UdIwQY
MBaAFCyIcwLR50D1+YSB+0t6RhaWv+XBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEloekF0SG5RUFg1aElIN1MzcEdGcGFfNWNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS82NDViNzQtZDhmYi00NDg4LWJiZmQt
YzAyOGQ5MWViYzljLzEvMmNtdmY3SGFYdVd1MGtrTDkyU1RDeVREMXdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS82NDViNzQtZDhmYi00NDg4LWJiZmQtYzAyOGQ5MWViYzlj
LzEvTEloekF0SG5RUFg1aElIN1MzcEdGcGFfNWNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwnRgMA0G
CSqGSIb3DQEBCwUAA4IBAQAayZTNcEs1xeZctVTlXQ6P3KZCYShWPAIXE9D4xuo0
/v44l8mjuVn2/kn9wlUQlDwWALl6PLgxpJ+ur0FoEfNXdwV7noJkh6C9zqjOw6b6
vjpjzim/yDPpVfOhYeIFwJbhrtmN/FT9eBqp8NEl4M2k+8nxA7QsFik+jQMIKYhS
l0hFmmTuSnGzTi9CXOocx44KXQRK9fIlwJMlSavYwA9Jemk8Ot0FbprejL+/PZ1x
/9OoOurW6t35E4LnJN+sOD8H596Aet2NNQfvu9TjFaCnHr2g9jyNNg/KyLo/vjSQ
XsUJAeaFnN0yh53cS45wrYWb5Iq8GVBS9mc/qS45figr
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:04 2024 by rpki-client on console-ams.rpki-client.org