Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/5471f8-c938-40cc-b139-f9f92150cd39/1/w43zOlCHfPfyJM-ArNyIWoaeO8E.roa
File:                     w43zOlCHfPfyJM-ArNyIWoaeO8E.roa (raw, json)
Hash identifier:          Bfxg+mILCdvvqH9/nmSQ1rxitrUVe2XF9xpnhtK2VE4=
Subject key identifier:   C3:8D:F3:3A:50:87:7C:F7:F2:24:CF:80:AC:DC:88:5A:86:9E:3B:C1
Certificate issuer:       /CN=3d897bd8c6df1cb71410fe194bed739a2f8a6773
Certificate serial:       01879D2A01162F366E61A0D2888B8C970CDF
Authority key identifier: 3D:89:7B:D8:C6:DF:1C:B7:14:10:FE:19:4B:ED:73:9A:2F:8A:67:73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PYl72MbfHLcUEP4ZS-1zmi-KZ3M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4b/5471f8-c938-40cc-b139-f9f92150cd39/1/w43zOlCHfPfyJM-ArNyIWoaeO8E.roa
Signing time:             Thu 20 Apr 2023 05:36:28 +0000
ROA not before:           Thu 20 Apr 2023 05:36:28 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     15497
IP address blocks:        193.41.239.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:9d:2a:01:16:2f:36:6e:61:a0:d2:88:8b:8c:97:0c:df
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3d897bd8c6df1cb71410fe194bed739a2f8a6773
        Validity
            Not Before: Apr 20 05:36:28 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c38df33a50877cf7f224cf80acdc885a869e3bc1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:3e:f2:c7:73:4e:08:10:05:a9:63:83:d6:93:
                    36:ff:8d:8d:b0:3d:86:e2:da:0b:37:18:d0:d8:15:
                    f0:7c:db:20:28:76:fe:67:36:74:4d:7d:19:a9:29:
                    87:e5:ca:c6:4e:37:9b:f6:8a:a2:fa:6f:8b:74:b9:
                    d9:aa:de:7c:e1:0d:97:3b:8f:a6:ac:da:13:31:b5:
                    78:9a:ea:0b:96:3b:78:e2:6c:b4:4f:dd:24:e6:6f:
                    84:70:6c:93:cb:6e:47:7d:54:46:9a:8c:a5:8c:72:
                    87:f0:be:7b:61:47:df:34:3e:cf:91:a2:17:79:4f:
                    d0:e2:42:80:4f:2b:89:5a:aa:e7:0b:ed:e8:96:4f:
                    ce:12:54:e2:47:19:bb:b1:44:df:18:0b:c9:80:53:
                    e7:36:20:81:e8:fd:91:f4:ff:4a:8e:48:73:f4:03:
                    f6:6f:33:48:a0:cd:33:f6:d7:5d:8b:8f:ae:2a:40:
                    1c:fb:c1:32:72:cb:db:57:bf:89:eb:95:da:ed:2c:
                    eb:5e:c4:12:35:73:c7:3f:3e:9f:39:17:94:2b:51:
                    66:99:ba:f8:ed:91:86:d1:9d:6d:4e:a0:90:fb:b0:
                    91:3d:51:1c:1b:12:44:3e:60:d0:70:41:26:6b:7b:
                    7a:59:5b:b2:e3:b6:57:ce:28:1f:e7:14:b4:23:a3:
                    30:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:8D:F3:3A:50:87:7C:F7:F2:24:CF:80:AC:DC:88:5A:86:9E:3B:C1
            X509v3 Authority Key Identifier:
                keyid:3D:89:7B:D8:C6:DF:1C:B7:14:10:FE:19:4B:ED:73:9A:2F:8A:67:73

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PYl72MbfHLcUEP4ZS-1zmi-KZ3M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/5471f8-c938-40cc-b139-f9f92150cd39/1/w43zOlCHfPfyJM-ArNyIWoaeO8E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/5471f8-c938-40cc-b139-f9f92150cd39/1/PYl72MbfHLcUEP4ZS-1zmi-KZ3M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.41.239.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ac:50:63:1c:f0:9e:6f:4d:76:7c:79:09:67:04:fe:d9:3d:17:
         d2:7e:0d:7f:e3:35:4b:ae:67:67:fc:36:ba:86:b1:aa:32:01:
         1c:87:a7:e8:bf:bc:84:2a:59:37:0c:40:82:3d:05:57:d4:a5:
         3b:f6:99:58:3d:9a:05:60:b8:0b:c5:5c:1a:a9:39:bf:59:ca:
         30:f2:39:ed:95:56:59:cb:e2:59:aa:42:25:9f:17:cb:af:60:
         ad:b7:29:0c:ee:be:f7:54:08:40:2c:45:97:66:96:c6:32:b8:
         1c:5a:05:e6:0c:58:60:29:27:fc:58:2d:2b:8a:ac:a4:a2:d0:
         f1:7d:6e:0d:65:75:c7:64:78:9d:5d:31:e5:64:d0:57:8f:6f:
         d1:b1:38:9a:60:1d:0d:4e:f6:b3:bb:18:05:d1:58:1e:a5:65:
         59:9a:aa:25:eb:fb:98:da:86:d5:66:28:05:08:ba:54:b7:e8:
         66:88:82:07:f4:59:12:89:17:ae:45:f6:b1:78:b7:d4:14:73:
         51:b0:f3:62:14:f3:ad:33:b2:b6:ff:45:c5:12:64:ae:e3:ca:
         76:77:88:94:1a:7f:b8:cb:e8:26:a2:a7:c3:59:3c:1f:c7:dc:
         40:07:0f:1a:54:4e:3f:ad:9f:67:e2:4e:d3:20:2f:91:73:33:
         9c:31:bd:c4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYedKgEWLzZuYaDSiIuMlwzfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkODk3YmQ4YzZkZjFjYjcxNDEwZmUxOTRiZWQ3MzlhMmY4
YTY3NzMwHhcNMjMwNDIwMDUzNjI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzhkZjMzYTUwODc3Y2Y3ZjIyNGNmODBhY2RjODg1YTg2OWUzYmMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnj7yx3NOCBAFqWOD1pM2/42NsD2G
4toLNxjQ2BXwfNsgKHb+ZzZ0TX0ZqSmH5crGTjeb9oqi+m+LdLnZqt584Q2XO4+m
rNoTMbV4muoLljt44my0T90k5m+EcGyTy25HfVRGmoyljHKH8L57YUffND7PkaIX
eU/Q4kKATyuJWqrnC+3olk/OElTiRxm7sUTfGAvJgFPnNiCB6P2R9P9Kjkhz9AP2
bzNIoM0z9tddi4+uKkAc+8EycsvbV7+J65Xa7SzrXsQSNXPHPz6fOReUK1Fmmbr4
7ZGG0Z1tTqCQ+7CRPVEcGxJEPmDQcEEma3t6WVuy47ZXzigf5xS0I6Mw9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMON8zpQh3z38iTPgKzciFqGnjvBMB8GA1UdIwQY
MBaAFD2Je9jG3xy3FBD+GUvtc5ovimdzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFlsNzJNYmZITGNVRVA0WlMtMXptaS1LWjNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi81NDcxZjgtYzkzOC00MGNjLWIxMzkt
ZjlmOTIxNTBjZDM5LzEvdzQzek9sQ0hmUGZ5Sk0tQXJOeUlXb2FlTzhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi81NDcxZjgtYzkzOC00MGNjLWIxMzktZjlmOTIxNTBjZDM5
LzEvUFlsNzJNYmZITGNVRVA0WlMtMXptaS1LWjNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSnvMA0G
CSqGSIb3DQEBCwUAA4IBAQCsUGMc8J5vTXZ8eQlnBP7ZPRfSfg1/4zVLrmdn/Da6
hrGqMgEch6fov7yEKlk3DECCPQVX1KU79plYPZoFYLgLxVwaqTm/Wcow8jntlVZZ
y+JZqkIlnxfLr2CttykM7r73VAhALEWXZpbGMrgcWgXmDFhgKSf8WC0riqykotDx
fW4NZXXHZHidXTHlZNBXj2/RsTiaYB0NTvazuxgF0VgepWVZmqol6/uY2obVZigF
CLpUt+hmiIIH9FkSiReuRfaxeLfUFHNRsPNiFPOtM7K2/0XFEmSu48p2d4iUGn+4
y+gmoqfDWTwfx9xABw8aVE4/rZ9n4k7TIC+RczOcMb3E
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:14 2024 by rpki-client on console-ams.rpki-client.org