Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/1-i3rLznkBLONh5CX6YHIEt3yF5I.roa
File:                     1-i3rLznkBLONh5CX6YHIEt3yF5I.roa (raw, json)
Hash identifier:          aFx1t1Cis7Lu9gUnRqpU3dYhEvoZrG4AOzsnWNjA6YM=
Subject key identifier:   FA:2D:EB:2F:39:E4:04:B3:8D:87:90:97:E9:81:C8:12:DD:F2:17:92
Certificate issuer:       /CN=b5b0a86659ec314f13a04e3a03dbdb1244a0e0a9
Certificate serial:       018572CC94EF12F1ADED3B84DD04641C0C11
Authority key identifier: B5:B0:A8:66:59:EC:31:4F:13:A0:4E:3A:03:DB:DB:12:44:A0:E0:A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tbCoZlnsMU8ToE46A9vbEkSg4Kk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/1-i3rLznkBLONh5CX6YHIEt3yF5I.roa
Signing time:             Mon 02 Jan 2023 14:04:48 +0000
ROA not before:           Mon 02 Jan 2023 14:04:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     16509
IP address blocks:        193.28.159.0/24 maxlen: 24
                          91.223.161.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:31:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:cc:94:ef:12:f1:ad:ed:3b:84:dd:04:64:1c:0c:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b5b0a86659ec314f13a04e3a03dbdb1244a0e0a9
        Validity
            Not Before: Jan  2 14:04:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=fa2deb2f39e404b38d879097e981c812ddf21792
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:e6:4b:13:7e:d5:7c:c6:b0:21:c5:0b:08:44:
                    5e:31:76:a1:ed:3c:ff:ec:45:ca:bf:eb:1d:cf:da:
                    da:31:b5:2c:aa:09:0e:cb:5c:c0:de:58:83:14:6b:
                    be:4f:90:67:3d:b8:9e:02:23:d6:1f:a0:c3:a7:25:
                    ea:e0:0f:58:b8:47:74:91:04:d8:c1:30:c8:36:ad:
                    a9:34:30:11:6b:20:dc:03:79:e1:51:31:85:21:f2:
                    ab:4b:db:a0:73:82:37:95:1d:e3:35:c9:32:bd:c2:
                    64:58:5a:83:92:7e:d8:32:e8:e0:b1:ab:60:2a:e1:
                    89:e4:03:bc:4d:aa:58:12:d5:ed:72:00:83:55:e9:
                    26:ee:da:a6:98:6e:bf:26:7a:5e:ef:37:77:75:f8:
                    19:3e:69:ff:c8:49:1e:9b:49:84:8f:de:7f:3b:11:
                    0b:16:06:7c:7d:f8:1c:81:7f:bd:23:56:fb:37:b1:
                    5e:08:03:00:05:ee:16:99:ee:f0:ec:f7:0e:31:a8:
                    3f:8a:39:f1:f7:d9:f0:ec:16:8b:d9:56:0b:d5:3c:
                    82:4e:13:f1:be:7e:6d:01:25:93:4b:cb:29:02:c8:
                    4f:af:84:c5:a8:91:f8:74:1b:d3:e2:96:a3:ae:b7:
                    55:8a:ba:e9:f3:de:d5:02:1f:41:01:7a:30:a5:d8:
                    03:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:2D:EB:2F:39:E4:04:B3:8D:87:90:97:E9:81:C8:12:DD:F2:17:92
            X509v3 Authority Key Identifier:
                keyid:B5:B0:A8:66:59:EC:31:4F:13:A0:4E:3A:03:DB:DB:12:44:A0:E0:A9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tbCoZlnsMU8ToE46A9vbEkSg4Kk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/1-i3rLznkBLONh5CX6YHIEt3yF5I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/tbCoZlnsMU8ToE46A9vbEkSg4Kk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.223.161.0/24
                  193.28.159.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4f:2e:51:97:01:20:b7:13:d0:4a:9a:8d:c2:91:0e:92:f1:2b:
         50:6c:87:bf:ca:22:f1:85:2f:0d:eb:5b:ca:69:53:17:28:f3:
         fa:f2:31:e3:f9:2e:51:e6:d2:cb:59:7c:27:78:d5:cb:99:c8:
         d9:9e:b7:73:af:be:ba:c4:bd:6e:20:b7:e1:bb:2d:a1:d6:97:
         2a:86:c1:b3:e9:98:de:32:7a:66:05:3a:f4:d4:d7:89:74:fb:
         66:b1:13:78:a9:47:eb:28:87:b7:58:0e:5d:b6:e6:51:44:c8:
         28:a9:8d:36:f4:3b:77:e0:db:fd:c5:f4:cf:a6:fd:c8:6d:5e:
         e3:27:93:07:bf:e2:d0:40:8f:4c:0e:a0:b7:18:48:f8:a1:35:
         ab:da:5c:c9:f0:2d:f7:f5:08:89:aa:53:e8:6b:b8:ac:ac:71:
         84:ed:09:6c:03:71:49:c5:5b:0b:06:f5:45:c5:61:10:d4:b1:
         6f:3e:87:c4:b7:e6:8e:b9:06:5a:97:d8:a6:1e:c0:e3:b9:29:
         8f:27:e7:54:76:9a:d1:ea:c0:16:e3:c0:ac:94:93:f6:b5:dd:
         14:5e:aa:94:13:dc:ec:94:0c:19:5f:ef:5f:05:93:6c:cc:4c:
         35:57:99:67:0a:a3:8f:e0:9b:01:fb:45:2f:55:26:e4:1d:df:
         2d:db:c6:49
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYVyzJTvEvGt7TuE3QRkHAwRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1YjBhODY2NTllYzMxNGYxM2EwNGUzYTAzZGJkYjEyNDRh
MGUwYTkwHhcNMjMwMTAyMTQwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTJkZWIyZjM5ZTQwNGIzOGQ4NzkwOTdlOTgxYzgxMmRkZjIxNzkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+ZLE37VfMawIcULCEReMXah7Tz/
7EXKv+sdz9raMbUsqgkOy1zA3liDFGu+T5BnPbieAiPWH6DDpyXq4A9YuEd0kQTY
wTDINq2pNDARayDcA3nhUTGFIfKrS9ugc4I3lR3jNckyvcJkWFqDkn7YMujgsatg
KuGJ5AO8TapYEtXtcgCDVekm7tqmmG6/Jnpe7zd3dfgZPmn/yEkem0mEj95/OxEL
FgZ8ffgcgX+9I1b7N7FeCAMABe4Wme7w7PcOMag/ijnx99nw7BaL2VYL1TyCThPx
vn5tASWTS8spAshPr4TFqJH4dBvT4pajrrdVirrp897VAh9BAXowpdgD1QIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPot6y855ASzjYeQl+mByBLd8heSMB8GA1UdIwQY
MBaAFLWwqGZZ7DFPE6BOOgPb2xJEoOCpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGJDb1psbnNNVThUb0U0NkE5dmJFa1NnNEtrLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS8wNDQ0MDItYzRkNC00MjU5LTkzZTIt
N2ZiZjVlZTI5MGFjLzEvMS1pM3JMem5rQkxPTmg1Q1g2WUhJRXQzeUY1SS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGUvMDQ0NDAyLWM0ZDQtNDI1OS05M2UyLTdmYmY1ZWUyOTBh
Yy8xL3RiQ29abG5zTVU4VG9FNDZBOXZiRWtTZzRLay5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAFvfoQME
AMEcnzANBgkqhkiG9w0BAQsFAAOCAQEATy5RlwEgtxPQSpqNwpEOkvErUGyHv8oi
8YUvDetbymlTFyjz+vIx4/kuUebSy1l8J3jVy5nI2Z63c6++usS9biC34bstodaX
KobBs+mY3jJ6ZgU69NTXiXT7ZrETeKlH6yiHt1gOXbbmUUTIKKmNNvQ7d+Db/cX0
z6b9yG1e4yeTB7/i0ECPTA6gtxhI+KE1q9pcyfAt9/UIiapT6Gu4rKxxhO0JbANx
ScVbCwb1RcVhENSxbz6HxLfmjrkGWpfYph7A47kpjyfnVHaa0erAFuPArJST9rXd
FF6qlBPc7JQMGV/vXwWTbMxMNVeZZwqjj+CbAftFL1Um5B3fLdvGSQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:09 2024 by rpki-client on console-ams.rpki-client.org