Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/bb21fc-b252-4ab2-9878-ba5572e774ed/1/MS96vwoSchLyJXvA5k9283K__eM.roa
File:                     MS96vwoSchLyJXvA5k9283K__eM.roa (raw, json)
Hash identifier:          bnFvVa844gwZMW5GVtulJA7XN5i/NWXeEvNDEqCK338=
Subject key identifier:   31:2F:7A:BF:0A:12:72:12:F2:25:7B:C0:E6:4F:76:F3:72:BF:FD:E3
Certificate issuer:       /CN=d674c4e1b00ce5bfb0d96d4c21efd058d3b5ca79
Certificate serial:       018612BEF39A2E82AC93A388BBD04C3669D1
Authority key identifier: D6:74:C4:E1:B0:0C:E5:BF:B0:D9:6D:4C:21:EF:D0:58:D3:B5:CA:79
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1nTE4bAM5b-w2W1MIe_QWNO1ynk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/bb21fc-b252-4ab2-9878-ba5572e774ed/1/MS96vwoSchLyJXvA5k9283K__eM.roa
Signing time:             Thu 02 Feb 2023 15:29:09 +0000
ROA not before:           Thu 02 Feb 2023 15:29:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60855
IP address blocks:        193.17.19.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:33:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:12:be:f3:9a:2e:82:ac:93:a3:88:bb:d0:4c:36:69:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d674c4e1b00ce5bfb0d96d4c21efd058d3b5ca79
        Validity
            Not Before: Feb  2 15:29:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=312f7abf0a127212f2257bc0e64f76f372bffde3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:6a:00:ac:1b:b4:c0:22:cb:2d:3f:31:e2:f4:
                    19:b7:06:b0:35:e4:69:59:22:d7:f3:45:d6:b0:8e:
                    d3:43:ea:f5:34:55:a4:1d:54:f9:67:70:96:96:15:
                    6a:73:63:c7:c4:26:41:0b:12:05:a4:4e:ac:17:2b:
                    d4:07:82:2d:bf:df:4d:40:d5:73:b0:cf:77:46:b9:
                    c6:df:9a:64:d7:64:bf:8e:7c:6a:64:14:a5:ea:ca:
                    b5:f4:23:f6:3c:f9:96:f9:f5:43:8c:73:05:a8:3b:
                    c9:f4:a6:a4:0f:46:b9:d9:b8:79:f3:6e:77:65:4b:
                    84:d7:93:89:54:cc:b5:c3:dc:ae:73:07:dc:69:4e:
                    73:e5:2b:8b:9a:a1:49:9f:5a:16:a9:4d:1c:5f:5e:
                    40:36:39:6a:32:fe:49:1d:6d:bf:cf:1a:68:9f:97:
                    a6:4d:4f:9e:33:0b:d7:19:ba:4d:88:e6:55:37:78:
                    7f:c4:5e:8e:ba:b6:da:38:94:58:eb:61:29:62:ff:
                    53:3f:7b:f7:ab:27:a0:e4:7c:07:6d:70:a3:c5:02:
                    99:ff:da:87:1e:40:d8:2c:d3:40:60:00:34:2a:4a:
                    d8:60:6f:21:a9:6a:c9:df:8c:fc:f1:e1:ee:e5:b0:
                    0d:d7:dd:06:8e:c2:c8:85:94:f1:fb:68:84:84:a9:
                    cd:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:2F:7A:BF:0A:12:72:12:F2:25:7B:C0:E6:4F:76:F3:72:BF:FD:E3
            X509v3 Authority Key Identifier:
                keyid:D6:74:C4:E1:B0:0C:E5:BF:B0:D9:6D:4C:21:EF:D0:58:D3:B5:CA:79

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1nTE4bAM5b-w2W1MIe_QWNO1ynk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/bb21fc-b252-4ab2-9878-ba5572e774ed/1/MS96vwoSchLyJXvA5k9283K__eM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/bb21fc-b252-4ab2-9878-ba5572e774ed/1/1nTE4bAM5b-w2W1MIe_QWNO1ynk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.17.19.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a1:fd:0d:88:35:24:77:63:94:61:84:bd:9a:a8:8a:d9:b1:d1:
         b2:61:5c:64:71:c4:a0:6d:33:50:fe:4e:b6:6b:fc:47:18:a4:
         b4:2e:49:20:e2:6e:1c:0e:81:10:46:81:2d:ee:0b:c5:ab:7d:
         1d:c3:c1:56:83:0b:b4:62:65:e4:11:89:d9:ef:86:f6:6e:55:
         bc:11:ba:f4:61:bd:ba:95:ac:66:94:2b:3a:5b:00:29:7e:28:
         de:60:6c:14:f4:2c:f5:a3:e2:83:86:d9:51:e3:69:a5:e0:d3:
         2b:c9:73:d1:6f:59:f5:18:8e:5f:50:2a:a2:23:67:03:b5:37:
         37:80:cf:37:69:73:0a:6d:7b:d3:a2:44:53:77:ed:d8:92:cc:
         4e:69:a8:f4:0b:16:75:a4:9f:a8:c2:78:f8:f5:85:a9:77:e8:
         b0:e2:eb:81:f8:f1:4a:62:1a:9d:5b:e7:bb:cd:cf:61:aa:ab:
         23:50:2f:d5:ec:f8:89:25:ca:45:de:4f:ba:e6:92:97:52:94:
         33:79:96:dc:2d:61:17:a7:b5:fc:24:95:1b:83:57:4e:06:19:
         68:53:d3:59:42:27:19:93:14:b6:18:93:bc:43:d7:df:b3:a7:
         9f:b7:73:4e:3c:40:2e:f0:93:f8:d0:ce:20:50:4a:71:15:69:
         f0:fe:bf:c8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYYSvvOaLoKsk6OIu9BMNmnRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2NzRjNGUxYjAwY2U1YmZiMGQ5NmQ0YzIxZWZkMDU4ZDNi
NWNhNzkwHhcNMjMwMjAyMTUyOTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTJmN2FiZjBhMTI3MjEyZjIyNTdiYzBlNjRmNzZmMzcyYmZmZGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqGoArBu0wCLLLT8x4vQZtwawNeRp
WSLX80XWsI7TQ+r1NFWkHVT5Z3CWlhVqc2PHxCZBCxIFpE6sFyvUB4Itv99NQNVz
sM93RrnG35pk12S/jnxqZBSl6sq19CP2PPmW+fVDjHMFqDvJ9KakD0a52bh58253
ZUuE15OJVMy1w9yucwfcaU5z5SuLmqFJn1oWqU0cX15ANjlqMv5JHW2/zxpon5em
TU+eMwvXGbpNiOZVN3h/xF6OurbaOJRY62EpYv9TP3v3qyeg5HwHbXCjxQKZ/9qH
HkDYLNNAYAA0KkrYYG8hqWrJ34z88eHu5bAN190GjsLIhZTx+2iEhKnNpwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDEver8KEnIS8iV7wOZPdvNyv/3jMB8GA1UdIwQY
MBaAFNZ0xOGwDOW/sNltTCHv0FjTtcp5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMW5URTRiQU01Yi13MlcxTUllX1FXTk8xeW5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9iYjIxZmMtYjI1Mi00YWIyLTk4Nzgt
YmE1NTcyZTc3NGVkLzEvTVM5NnZ3b1NjaEx5Slh2QTVrOTI4M0tfX2VNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9iYjIxZmMtYjI1Mi00YWIyLTk4NzgtYmE1NTcyZTc3NGVk
LzEvMW5URTRiQU01Yi13MlcxTUllX1FXTk8xeW5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwRETMA0G
CSqGSIb3DQEBCwUAA4IBAQCh/Q2INSR3Y5RhhL2aqIrZsdGyYVxkccSgbTNQ/k62
a/xHGKS0Lkkg4m4cDoEQRoEt7gvFq30dw8FWgwu0YmXkEYnZ74b2blW8Ebr0Yb26
laxmlCs6WwApfijeYGwU9Cz1o+KDhtlR42ml4NMryXPRb1n1GI5fUCqiI2cDtTc3
gM83aXMKbXvTokRTd+3YksxOaaj0CxZ1pJ+ownj49YWpd+iw4uuB+PFKYhqdW+e7
zc9hqqsjUC/V7PiJJcpF3k+65pKXUpQzeZbcLWEXp7X8JJUbg1dOBhloU9NZQicZ
kxS2GJO8Q9ffs6eft3NOPEAu8JP40M4gUEpxFWnw/r/I
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:05 2024 by rpki-client on console-fra.rpki-client.org