Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/287cd2-f1d8-44a9-bed2-ee95b6cc3474/1/aod77ef6lGqv4FzEqkgiWwpyk6I.roa
File:                     aod77ef6lGqv4FzEqkgiWwpyk6I.roa (raw, json)
Hash identifier:          j5U4ogZA3PURqEXmZM2sFi9uztWGXlACvKd1JN8Fso4=
Subject key identifier:   6A:87:7B:ED:E7:FA:94:6A:AF:E0:5C:C4:AA:48:22:5B:0A:72:93:A2
Certificate issuer:       /CN=94e59d245d150dc38c4896263dcbdcbbd67470a7
Certificate serial:       01865F9F5C5F16A0EC354A330C9937278AD4
Authority key identifier: 94:E5:9D:24:5D:15:0D:C3:8C:48:96:26:3D:CB:DC:BB:D6:74:70:A7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lOWdJF0VDcOMSJYmPcvcu9Z0cKc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/50/287cd2-f1d8-44a9-bed2-ee95b6cc3474/1/aod77ef6lGqv4FzEqkgiWwpyk6I.roa
Signing time:             Fri 17 Feb 2023 13:45:24 +0000
ROA not before:           Fri 17 Feb 2023 13:45:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     3320
IP address blocks:        194.36.32.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Mon 17 Apr 2023 07:47:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:5f:9f:5c:5f:16:a0:ec:35:4a:33:0c:99:37:27:8a:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=94e59d245d150dc38c4896263dcbdcbbd67470a7
        Validity
            Not Before: Feb 17 13:45:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6a877bede7fa946aafe05cc4aa48225b0a7293a2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:ec:21:06:5a:d6:5c:d8:5d:9d:ed:47:55:5b:
                    af:ff:f5:3e:28:19:cd:62:0e:39:a2:0a:ce:7d:f3:
                    30:cd:f6:2d:2e:34:05:e8:fc:0b:41:54:6a:90:66:
                    a1:87:dd:b1:87:31:35:de:a9:e5:10:1e:5c:a7:c4:
                    ff:62:ea:81:63:fa:6a:3f:8a:72:7c:0a:a9:cd:fb:
                    46:14:3c:0b:8e:29:29:f4:54:d6:9d:a0:c0:0f:75:
                    a0:87:d4:28:30:be:e8:26:58:71:61:15:19:d0:cd:
                    9e:e5:2f:8f:6c:06:e6:52:84:1b:de:87:59:80:5d:
                    82:5f:74:0e:ce:9d:94:b0:1b:f4:89:2c:62:6a:8f:
                    d4:d0:33:77:ab:f9:db:3e:2c:54:e1:7c:f4:09:5e:
                    2d:09:31:6f:34:c4:4e:b6:d4:a6:b6:08:b8:8e:2b:
                    d3:74:b7:37:12:de:88:93:e6:f7:78:3e:d4:a4:26:
                    24:c9:19:b7:48:2b:4c:67:60:09:de:c8:2a:91:5a:
                    fc:a1:73:60:87:2f:5c:13:50:e3:5e:fa:91:3d:5c:
                    6b:26:8f:4a:b7:a1:bd:60:b1:aa:d8:16:1e:38:f3:
                    ce:bb:a6:9d:01:9d:bf:f9:b0:d7:8b:05:1e:88:ab:
                    aa:35:03:0b:9d:c7:28:70:01:cb:ad:b3:2f:1d:42:
                    42:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:87:7B:ED:E7:FA:94:6A:AF:E0:5C:C4:AA:48:22:5B:0A:72:93:A2
            X509v3 Authority Key Identifier:
                keyid:94:E5:9D:24:5D:15:0D:C3:8C:48:96:26:3D:CB:DC:BB:D6:74:70:A7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lOWdJF0VDcOMSJYmPcvcu9Z0cKc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/287cd2-f1d8-44a9-bed2-ee95b6cc3474/1/aod77ef6lGqv4FzEqkgiWwpyk6I.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/50/287cd2-f1d8-44a9-bed2-ee95b6cc3474/1/lOWdJF0VDcOMSJYmPcvcu9Z0cKc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.36.32.0/23

    Signature Algorithm: sha256WithRSAEncryption
         a9:5c:46:37:5f:42:2a:f3:71:40:84:c9:17:08:80:fb:85:57:
         60:e4:d6:34:cd:11:97:19:72:ef:8a:57:86:12:24:28:f4:2e:
         7d:fe:f6:27:ec:c5:f7:0d:5d:12:20:b1:d1:be:aa:b9:5c:00:
         3b:fc:be:d3:89:4d:33:5c:89:8b:aa:33:ab:69:f9:7c:ce:60:
         42:5d:54:62:23:ad:88:59:7d:0e:80:fd:75:62:8b:96:aa:86:
         66:a3:fd:03:12:31:5a:b7:16:9e:5f:78:38:d8:ba:47:75:2f:
         73:1e:06:29:5c:04:80:9a:18:89:9d:bd:30:bb:66:82:82:ff:
         85:f3:be:20:dc:d6:ad:6b:db:d1:ea:a9:ab:cd:8b:7e:eb:6a:
         9d:cc:e0:7c:88:02:8c:d0:63:a8:c3:59:64:71:2a:9f:eb:d7:
         28:2c:6d:88:d3:5f:9f:2d:51:c9:64:10:75:d3:70:40:9a:8f:
         85:8d:2c:d3:e5:32:36:6a:cb:8f:2f:98:77:f9:c1:dd:c7:96:
         16:41:56:86:40:01:7b:31:e7:21:ec:5c:28:37:1c:8b:b2:9e:
         51:42:82:1f:ee:56:9c:3b:30:ec:20:43:64:29:e1:3e:2e:32:
         0c:d2:c1:7e:32:6f:37:67:9e:2d:e6:12:c8:10:32:9c:94:2c:
         f3:f6:f8:58
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYZfn1xfFqDsNUozDJk3J4rUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ZTU5ZDI0NWQxNTBkYzM4YzQ4OTYyNjNkY2JkY2JiZDY3
NDcwYTcwHhcNMjMwMjE3MTM0NTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTg3N2JlZGU3ZmE5NDZhYWZlMDVjYzRhYTQ4MjI1YjBhNzI5M2EyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiewhBlrWXNhdne1HVVuv//U+KBnN
Yg45ogrOffMwzfYtLjQF6PwLQVRqkGahh92xhzE13qnlEB5cp8T/YuqBY/pqP4py
fAqpzftGFDwLjikp9FTWnaDAD3Wgh9QoML7oJlhxYRUZ0M2e5S+PbAbmUoQb3odZ
gF2CX3QOzp2UsBv0iSxiao/U0DN3q/nbPixU4Xz0CV4tCTFvNMROttSmtgi4jivT
dLc3Et6Ik+b3eD7UpCYkyRm3SCtMZ2AJ3sgqkVr8oXNghy9cE1DjXvqRPVxrJo9K
t6G9YLGq2BYeOPPOu6adAZ2/+bDXiwUeiKuqNQMLnccocAHLrbMvHUJCqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGqHe+3n+pRqr+BcxKpIIlsKcpOiMB8GA1UdIwQY
MBaAFJTlnSRdFQ3DjEiWJj3L3LvWdHCnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbE9XZEpGMFZEY09NU0pZbVBjdmN1OVowY0tjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8yODdjZDItZjFkOC00NGE5LWJlZDIt
ZWU5NWI2Y2MzNDc0LzEvYW9kNzdlZjZsR3F2NEZ6RXFrZ2lXd3B5azZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8yODdjZDItZjFkOC00NGE5LWJlZDItZWU5NWI2Y2MzNDc0
LzEvbE9XZEpGMFZEY09NU0pZbVBjdmN1OVowY0tjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwiQgMA0G
CSqGSIb3DQEBCwUAA4IBAQCpXEY3X0Iq83FAhMkXCID7hVdg5NY0zRGXGXLvileG
EiQo9C59/vYn7MX3DV0SILHRvqq5XAA7/L7TiU0zXImLqjOrafl8zmBCXVRiI62I
WX0OgP11YouWqoZmo/0DEjFatxaeX3g42LpHdS9zHgYpXASAmhiJnb0wu2aCgv+F
874g3Nata9vR6qmrzYt+62qdzOB8iAKM0GOow1lkcSqf69coLG2I01+fLVHJZBB1
03BAmo+FjSzT5TI2asuPL5h3+cHdx5YWQVaGQAF7Mech7FwoNxyLsp5RQoIf7lac
OzDsIENkKeE+LjIM0sF+Mm83Z54t5hLIEDKclCzz9vhY
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:39 2024 by rpki-client on console-ams.rpki-client.org