Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/23190c-e1a0-4ba4-b1d8-a102be382e51/1/1-No2SYnnwfI053ppeolIgIwQ4sM.roa
File:                     1-No2SYnnwfI053ppeolIgIwQ4sM.roa (raw, json)
Hash identifier:          +F07XYcGpFmtcLGiYIHExgfkryEZ/eGmlAK1RO8R74c=
Subject key identifier:   F8:DA:36:49:89:E7:C1:F2:34:E7:7A:69:7A:89:48:80:8C:10:E2:C3
Certificate issuer:       /CN=ef7fd5d33061a9de920af1c2a13513d46dd24612
Certificate serial:       018573719130F478F6C0B408D411FF84E04B
Authority key identifier: EF:7F:D5:D3:30:61:A9:DE:92:0A:F1:C2:A1:35:13:D4:6D:D2:46:12
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/73_V0zBhqd6SCvHCoTUT1G3SRhI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/23190c-e1a0-4ba4-b1d8-a102be382e51/1/1-No2SYnnwfI053ppeolIgIwQ4sM.roa
Signing time:             Mon 02 Jan 2023 17:05:00 +0000
ROA not before:           Mon 02 Jan 2023 17:05:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     4755
IP address blocks:        193.32.247.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:71:91:30:f4:78:f6:c0:b4:08:d4:11:ff:84:e0:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ef7fd5d33061a9de920af1c2a13513d46dd24612
        Validity
            Not Before: Jan  2 17:05:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f8da364989e7c1f234e77a697a8948808c10e2c3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:ec:08:d7:3d:5c:88:e0:6c:85:53:94:b7:69:
                    03:7f:fe:15:c6:33:87:a1:f6:21:73:7e:cf:98:64:
                    5b:4c:0c:04:9d:1c:ac:ba:38:a0:4f:27:27:ff:68:
                    a0:96:36:79:0e:7e:e6:da:c1:fd:fe:be:4c:61:3c:
                    a9:af:1e:0d:0e:12:43:2e:d6:89:8e:4c:cf:a2:f5:
                    e8:13:c6:d3:87:c8:d5:df:a9:2c:5c:0b:f4:b8:5b:
                    6d:8a:e9:42:61:90:44:76:5c:6a:f9:b3:0f:ef:9a:
                    5d:e1:01:50:06:1c:af:b5:68:d0:68:04:09:38:22:
                    49:e9:74:64:4b:2e:b5:be:ff:16:2a:e5:3a:7c:ef:
                    e8:15:da:4e:f1:d1:91:1d:0d:db:25:f7:89:2d:8e:
                    ad:ff:4d:4f:20:04:73:d1:b1:d4:3e:57:65:cc:5d:
                    4a:fd:80:62:cc:c4:44:e7:b2:e7:0d:7c:59:b7:89:
                    66:81:3a:90:a4:9a:95:b9:31:7e:50:85:03:02:1f:
                    b3:ae:f4:69:7d:98:3f:20:6a:a5:a1:aa:04:c8:ae:
                    75:db:d7:18:b2:7b:6a:24:72:e2:a6:00:19:81:33:
                    de:c4:40:e0:5f:95:09:cf:84:ee:b6:a9:e3:1e:a8:
                    13:39:0b:b7:e9:c5:79:48:08:0a:b4:f2:b8:20:14:
                    3b:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:DA:36:49:89:E7:C1:F2:34:E7:7A:69:7A:89:48:80:8C:10:E2:C3
            X509v3 Authority Key Identifier:
                keyid:EF:7F:D5:D3:30:61:A9:DE:92:0A:F1:C2:A1:35:13:D4:6D:D2:46:12

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/73_V0zBhqd6SCvHCoTUT1G3SRhI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/23190c-e1a0-4ba4-b1d8-a102be382e51/1/1-No2SYnnwfI053ppeolIgIwQ4sM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/23190c-e1a0-4ba4-b1d8-a102be382e51/1/73_V0zBhqd6SCvHCoTUT1G3SRhI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.32.247.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5a:0c:62:52:36:f7:29:02:51:50:18:8f:88:52:f0:57:c9:3c:
         fb:7a:e5:f2:da:a2:bc:a0:0b:84:86:42:fc:b6:0f:40:91:0e:
         89:04:a3:b6:bf:93:a7:28:66:11:5f:b4:64:24:9a:19:32:a8:
         1e:de:3e:f3:0d:08:34:3b:b8:58:7c:58:6e:4d:df:dc:c6:15:
         19:df:85:59:01:52:f8:93:f2:c1:f2:a8:44:b4:93:fa:ef:68:
         c7:27:2f:2c:e4:59:4e:e2:97:c6:4c:1b:7d:79:3e:11:01:7e:
         48:4f:a7:40:1a:04:b2:30:60:35:6e:7a:d7:0b:08:42:10:c4:
         9d:25:2e:cb:98:bc:28:d6:6f:e4:2e:bc:cd:4d:43:3b:40:0f:
         37:0f:67:70:9d:61:2f:f5:20:c0:e9:29:58:d3:93:ba:94:09:
         d4:63:33:ac:d9:ef:d0:74:90:18:84:5e:7f:71:c7:1f:0f:fa:
         c9:ec:a6:e5:f0:b7:58:54:38:3c:d8:09:c2:dc:e0:43:94:54:
         7d:b7:5d:2a:8b:54:a4:d7:e1:20:f8:01:88:bc:d8:66:71:16:
         01:a7:92:3b:67:62:8d:58:48:54:e0:de:44:ba:72:f5:8a:30:
         63:6e:a5:6b:c0:d5:d3:36:b2:6f:24:75:6a:e1:13:f5:d6:6a:
         e9:cb:29:dc
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVzcZEw9Hj2wLQI1BH/hOBLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmN2ZkNWQzMzA2MWE5ZGU5MjBhZjFjMmExMzUxM2Q0NmRk
MjQ2MTIwHhcNMjMwMTAyMTcwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGRhMzY0OTg5ZTdjMWYyMzRlNzdhNjk3YTg5NDg4MDhjMTBlMmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmOwI1z1ciOBshVOUt2kDf/4VxjOH
ofYhc37PmGRbTAwEnRysujigTycn/2igljZ5Dn7m2sH9/r5MYTyprx4NDhJDLtaJ
jkzPovXoE8bTh8jV36ksXAv0uFttiulCYZBEdlxq+bMP75pd4QFQBhyvtWjQaAQJ
OCJJ6XRkSy61vv8WKuU6fO/oFdpO8dGRHQ3bJfeJLY6t/01PIARz0bHUPldlzF1K
/YBizMRE57LnDXxZt4lmgTqQpJqVuTF+UIUDAh+zrvRpfZg/IGqloaoEyK5129cY
sntqJHLipgAZgTPexEDgX5UJz4TutqnjHqgTOQu36cV5SAgKtPK4IBQ7OwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPjaNkmJ58HyNOd6aXqJSICMEOLDMB8GA1UdIwQY
MBaAFO9/1dMwYanekgrxwqE1E9Rt0kYSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzNfVjB6QmhxZDZTQ3ZIQ29UVVQxRzNTUmhJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8yMzE5MGMtZTFhMC00YmE0LWIxZDgt
YTEwMmJlMzgyZTUxLzEvMS1ObzJTWW5ud2ZJMDUzcHBlb2xJZ0l3UTRzTS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGMvMjMxOTBjLWUxYTAtNGJhNC1iMWQ4LWExMDJiZTM4MmU1
MS8xLzczX1YwekJocWQ2U0N2SENvVFVUMUczU1JoSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMEg9zAN
BgkqhkiG9w0BAQsFAAOCAQEAWgxiUjb3KQJRUBiPiFLwV8k8+3rl8tqivKALhIZC
/LYPQJEOiQSjtr+TpyhmEV+0ZCSaGTKoHt4+8w0INDu4WHxYbk3f3MYVGd+FWQFS
+JPywfKoRLST+u9oxycvLORZTuKXxkwbfXk+EQF+SE+nQBoEsjBgNW561wsIQhDE
nSUuy5i8KNZv5C68zU1DO0APNw9ncJ1hL/UgwOkpWNOTupQJ1GMzrNnv0HSQGIRe
f3HHHw/6yeym5fC3WFQ4PNgJwtzgQ5RUfbddKotUpNfhIPgBiLzYZnEWAaeSO2di
jVhIVODeRLpy9YowY26la8DV0zaybyR1auET9dZq6csp3A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:21 2024 by rpki-client on console-ams.rpki-client.org