Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/b52291-dc7f-46e1-b361-a6cec25b8006/1/amwPTvOE6XII3Ck5bAh6alDkMk4.roa
File:                     amwPTvOE6XII3Ck5bAh6alDkMk4.roa (raw, json)
Hash identifier:          gQk+VfWzTvX2zA2ZowtzgI6ji0GvDBQkQJOK4QLZwhQ=
Subject key identifier:   6A:6C:0F:4E:F3:84:E9:72:08:DC:29:39:6C:08:7A:6A:50:E4:32:4E
Certificate issuer:       /CN=d5d902a07fc7d48e0db29bffbe3ab10543fc1465
Certificate serial:       018572FA56FBA4C81538AD38FB3E2D52E51E
Authority key identifier: D5:D9:02:A0:7F:C7:D4:8E:0D:B2:9B:FF:BE:3A:B1:05:43:FC:14:65
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1dkCoH_H1I4Nspv_vjqxBUP8FGU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/b52291-dc7f-46e1-b361-a6cec25b8006/1/amwPTvOE6XII3Ck5bAh6alDkMk4.roa
Signing time:             Mon 02 Jan 2023 14:54:46 +0000
ROA not before:           Mon 02 Jan 2023 14:54:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     34379
IP address blocks:        193.111.239.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 00:29:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:fa:56:fb:a4:c8:15:38:ad:38:fb:3e:2d:52:e5:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d5d902a07fc7d48e0db29bffbe3ab10543fc1465
        Validity
            Not Before: Jan  2 14:54:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6a6c0f4ef384e97208dc29396c087a6a50e4324e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:38:3a:3c:0c:cf:01:db:f3:0c:7e:0c:c4:6d:
                    5c:24:32:90:43:57:aa:7d:8a:2a:cf:51:04:f8:74:
                    f8:a7:20:ef:07:58:11:f8:9b:7d:2a:7f:dd:d4:4c:
                    b1:36:f4:a3:73:93:10:d7:55:4d:68:97:be:f1:bd:
                    5e:3c:f8:90:19:79:5c:f3:ad:56:b3:ae:34:02:df:
                    42:0d:10:12:10:86:72:6a:fd:bf:04:67:be:ee:5e:
                    b7:9d:ab:b7:92:18:7b:13:ba:96:0b:c0:df:67:af:
                    b3:57:ea:db:4e:83:1c:34:4c:8a:0e:82:0f:31:85:
                    d3:77:8a:a2:86:71:7b:9f:64:68:a7:5a:06:5c:42:
                    97:77:82:a4:80:75:9c:c8:39:d0:89:93:dc:55:de:
                    39:2e:3e:09:5f:19:07:36:7c:82:15:39:b2:5c:f5:
                    86:29:ad:4d:d0:63:43:84:49:8a:f7:c7:cf:5e:19:
                    0f:f6:36:2d:32:d4:88:3f:8e:f8:a0:e6:49:3e:7f:
                    de:ec:92:cb:a7:80:d0:b7:d2:40:b9:bc:bb:25:28:
                    9a:49:1a:3b:ab:26:85:12:76:a1:71:22:66:b2:75:
                    74:7f:90:45:1a:5b:c4:08:d9:cf:df:ba:74:83:c6:
                    7e:39:0d:ce:a4:a4:23:25:76:08:2b:39:c5:92:2d:
                    56:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:6C:0F:4E:F3:84:E9:72:08:DC:29:39:6C:08:7A:6A:50:E4:32:4E
            X509v3 Authority Key Identifier:
                keyid:D5:D9:02:A0:7F:C7:D4:8E:0D:B2:9B:FF:BE:3A:B1:05:43:FC:14:65

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1dkCoH_H1I4Nspv_vjqxBUP8FGU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/b52291-dc7f-46e1-b361-a6cec25b8006/1/amwPTvOE6XII3Ck5bAh6alDkMk4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/b52291-dc7f-46e1-b361-a6cec25b8006/1/1dkCoH_H1I4Nspv_vjqxBUP8FGU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.111.239.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7b:48:d0:6a:b1:b1:42:e8:04:ce:85:ba:73:89:34:da:fd:ff:
         0d:03:9f:5c:f1:d7:03:e5:6e:af:5c:b5:8e:4f:bf:08:bb:43:
         88:fc:b3:39:5f:6a:18:86:53:45:0d:66:a4:ba:2f:b6:52:3e:
         c3:e5:1c:d1:a8:13:b4:48:d0:c4:eb:2b:4d:af:76:aa:53:80:
         e4:0d:2c:c4:39:0e:38:d6:d9:75:49:4d:5b:0e:30:b8:66:33:
         6c:15:51:9d:64:10:39:ee:f8:09:97:96:73:36:f5:27:5f:68:
         a9:f7:18:f1:b2:04:ea:0d:5f:24:e7:dc:48:d2:5f:1a:22:b0:
         ce:54:61:42:8f:48:3a:f8:eb:47:91:6f:b9:b5:92:f3:9c:72:
         64:a6:f6:e7:2e:40:16:5b:09:8d:91:cf:99:50:9a:66:ea:05:
         3d:6c:b0:98:9a:c8:e3:23:ae:0c:13:78:eb:06:ee:2d:eb:b3:
         18:50:f7:da:40:86:c2:12:aa:dc:d0:a6:ca:f0:c8:a4:13:e7:
         e5:93:ce:86:f8:23:d5:42:c5:73:b8:e7:b0:b2:b9:b2:ff:c3:
         a0:f0:73:a8:47:21:8d:15:83:f7:98:24:d4:1a:c6:03:d6:0c:
         ca:5f:b7:b2:3c:d3:05:0a:12:52:d9:53:90:dd:d2:92:85:61:
         e5:40:cf:2e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVy+lb7pMgVOK04+z4tUuUeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1ZDkwMmEwN2ZjN2Q0OGUwZGIyOWJmZmJlM2FiMTA1NDNm
YzE0NjUwHhcNMjMwMTAyMTQ1NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTZjMGY0ZWYzODRlOTcyMDhkYzI5Mzk2YzA4N2E2YTUwZTQzMjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlzg6PAzPAdvzDH4MxG1cJDKQQ1eq
fYoqz1EE+HT4pyDvB1gR+Jt9Kn/d1EyxNvSjc5MQ11VNaJe+8b1ePPiQGXlc861W
s640At9CDRASEIZyav2/BGe+7l63nau3khh7E7qWC8DfZ6+zV+rbToMcNEyKDoIP
MYXTd4qihnF7n2Rop1oGXEKXd4KkgHWcyDnQiZPcVd45Lj4JXxkHNnyCFTmyXPWG
Ka1N0GNDhEmK98fPXhkP9jYtMtSIP474oOZJPn/e7JLLp4DQt9JAuby7JSiaSRo7
qyaFEnahcSJmsnV0f5BFGlvECNnP37p0g8Z+OQ3OpKQjJXYIKznFki1WswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGpsD07zhOlyCNwpOWwIempQ5DJOMB8GA1UdIwQY
MBaAFNXZAqB/x9SODbKb/746sQVD/BRlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWRrQ29IX0gxSTROc3B2X3ZqcXhCVVA4RkdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy9iNTIyOTEtZGM3Zi00NmUxLWIzNjEt
YTZjZWMyNWI4MDA2LzEvYW13UFR2T0U2WElJM0NrNWJBaDZhbERrTWs0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy9iNTIyOTEtZGM3Zi00NmUxLWIzNjEtYTZjZWMyNWI4MDA2
LzEvMWRrQ29IX0gxSTROc3B2X3ZqcXhCVVA4RkdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwW/vMA0G
CSqGSIb3DQEBCwUAA4IBAQB7SNBqsbFC6ATOhbpziTTa/f8NA59c8dcD5W6vXLWO
T78Iu0OI/LM5X2oYhlNFDWakui+2Uj7D5RzRqBO0SNDE6ytNr3aqU4DkDSzEOQ44
1tl1SU1bDjC4ZjNsFVGdZBA57vgJl5ZzNvUnX2ip9xjxsgTqDV8k59xI0l8aIrDO
VGFCj0g6+OtHkW+5tZLznHJkpvbnLkAWWwmNkc+ZUJpm6gU9bLCYmsjjI64ME3jr
Bu4t67MYUPfaQIbCEqrc0KbK8MikE+flk86G+CPVQsVzuOewsrmy/8Og8HOoRyGN
FYP3mCTUGsYD1gzKX7eyPNMFChJS2VOQ3dKShWHlQM8u
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:53 2024 by rpki-client on console-ams.rpki-client.org