Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/d8548c-30b1-48a4-ae28-d6b0bc90f2f5/1/9JU2BKPQ0C3RE30KzwVEiGUHNDg.roa
File:                     9JU2BKPQ0C3RE30KzwVEiGUHNDg.roa (raw, json)
Hash identifier:          bRWLjYpc4yZU74p4iBYqtiQIOXNEDEA2oGa20o3I54Q=
Subject key identifier:   F4:95:36:04:A3:D0:D0:2D:D1:13:7D:0A:CF:05:44:88:65:07:34:38
Certificate issuer:       /CN=a4a07cdcd09503ecfe3e697cc3266985181ae82a
Certificate serial:       01856F02243E2EC72E6A2B4AE5C3AA7E36A8
Authority key identifier: A4:A0:7C:DC:D0:95:03:EC:FE:3E:69:7C:C3:26:69:85:18:1A:E8:2A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pKB83NCVA-z-Pml8wyZphRga6Co.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/50/d8548c-30b1-48a4-ae28-d6b0bc90f2f5/1/9JU2BKPQ0C3RE30KzwVEiGUHNDg.roa
Signing time:             Sun 01 Jan 2023 20:24:49 +0000
ROA not before:           Sun 01 Jan 2023 20:24:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     62270
IP address blocks:        193.162.140.0/24 maxlen: 24
                          2a10:8080::/29 maxlen: 29

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:31:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:02:24:3e:2e:c7:2e:6a:2b:4a:e5:c3:aa:7e:36:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a4a07cdcd09503ecfe3e697cc3266985181ae82a
        Validity
            Not Before: Jan  1 20:24:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f4953604a3d0d02dd1137d0acf05448865073438
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:69:9c:21:f1:9c:69:a7:da:a9:63:47:f0:ba:
                    33:26:8d:38:46:24:bd:2b:a5:5d:25:c1:f1:fa:b7:
                    c2:51:b8:55:3d:db:23:3d:4d:2c:32:54:e8:42:3f:
                    57:c3:eb:83:4b:a0:1f:81:1c:83:7b:26:a5:65:68:
                    6a:0b:5a:8b:4d:60:3e:f0:c9:04:01:bd:61:2d:b2:
                    c1:0b:52:7c:18:8b:5d:5e:7f:2a:37:20:8c:19:9b:
                    d7:ed:5b:43:a0:7d:e4:4a:34:fc:fc:56:a8:04:99:
                    3e:f7:c6:70:92:80:0c:8f:dd:8d:42:fa:1d:bd:2b:
                    3e:20:fd:b5:b7:60:bd:f1:0a:d2:7b:5e:8e:50:1b:
                    dd:4c:b7:83:16:5c:24:67:ba:ae:90:91:78:f2:d1:
                    d9:c5:c9:17:15:bc:5c:ff:2b:44:f9:44:92:5c:c8:
                    d0:23:37:63:7b:32:8c:89:42:e5:1c:f8:b5:10:a2:
                    09:57:f1:2e:e1:60:92:a0:88:a4:c0:1e:34:e7:6a:
                    6c:86:eb:ad:27:ec:d5:4f:52:4f:dd:b6:f4:97:68:
                    ca:83:b8:10:49:17:2a:d5:d1:2d:80:f6:b3:83:06:
                    5d:7f:aa:58:23:d0:4c:96:0d:6d:bf:d3:7b:b3:16:
                    1e:ec:d5:94:8b:b5:79:3c:e7:c1:8d:8b:98:d5:3d:
                    42:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:95:36:04:A3:D0:D0:2D:D1:13:7D:0A:CF:05:44:88:65:07:34:38
            X509v3 Authority Key Identifier:
                keyid:A4:A0:7C:DC:D0:95:03:EC:FE:3E:69:7C:C3:26:69:85:18:1A:E8:2A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pKB83NCVA-z-Pml8wyZphRga6Co.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/d8548c-30b1-48a4-ae28-d6b0bc90f2f5/1/9JU2BKPQ0C3RE30KzwVEiGUHNDg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/50/d8548c-30b1-48a4-ae28-d6b0bc90f2f5/1/pKB83NCVA-z-Pml8wyZphRga6Co.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.162.140.0/24
                IPv6:
                  2a10:8080::/29

    Signature Algorithm: sha256WithRSAEncryption
         dd:c9:7c:e3:1a:06:34:66:6a:58:68:db:65:6b:8c:a3:7a:15:
         41:b7:f0:3c:80:1b:c5:da:9b:08:b8:a8:2a:6b:aa:4c:c0:6c:
         45:bf:94:77:a2:92:0c:b8:c6:fa:33:ac:da:22:f9:97:42:79:
         b9:b5:32:2d:ef:ba:47:74:b7:02:c4:8a:bd:1d:16:7a:99:1b:
         40:ed:bf:53:de:cf:04:b6:2b:26:45:a6:cb:2f:1b:e7:a9:ac:
         84:80:27:bc:ac:62:28:41:82:d5:03:13:cc:38:50:3b:bb:0f:
         51:01:7d:4a:3e:f8:52:00:68:86:94:6f:87:85:f7:5c:eb:18:
         f2:64:10:3b:09:9f:b1:23:35:18:67:23:c7:b8:8b:85:5d:b1:
         03:0b:78:8a:5c:4f:42:15:ff:85:98:ff:ec:b0:ce:cf:9f:54:
         5a:ee:c9:45:8a:98:48:d1:fb:29:e5:9a:43:26:e4:cc:1f:6a:
         c4:e7:1b:f9:ad:f9:12:cf:b7:9f:1b:49:a6:b1:7b:d1:cc:ed:
         b0:fa:50:08:d3:c0:26:f3:f9:94:0d:a8:90:86:86:bf:4e:de:
         78:0c:f0:dc:c1:7b:02:4b:8f:f3:74:65:4f:c9:9e:a7:9c:ff:
         3c:53:f6:22:dd:a2:a2:1d:12:56:1a:c8:5d:75:59:b3:4e:84:
         9a:d7:8e:2f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvAiQ+LscuaitK5cOqfjaoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0YTA3Y2RjZDA5NTAzZWNmZTNlNjk3Y2MzMjY2OTg1MTgx
YWU4MmEwHhcNMjMwMTAxMjAyNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDk1MzYwNGEzZDBkMDJkZDExMzdkMGFjZjA1NDQ4ODY1MDczNDM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwGmcIfGcaafaqWNH8LozJo04RiS9
K6VdJcHx+rfCUbhVPdsjPU0sMlToQj9Xw+uDS6AfgRyDeyalZWhqC1qLTWA+8MkE
Ab1hLbLBC1J8GItdXn8qNyCMGZvX7VtDoH3kSjT8/FaoBJk+98ZwkoAMj92NQvod
vSs+IP21t2C98QrSe16OUBvdTLeDFlwkZ7qukJF48tHZxckXFbxc/ytE+USSXMjQ
IzdjezKMiULlHPi1EKIJV/Eu4WCSoIikwB4052pshuutJ+zVT1JP3bb0l2jKg7gQ
SRcq1dEtgPazgwZdf6pYI9BMlg1tv9N7sxYe7NWUi7V5POfBjYuY1T1CGQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPSVNgSj0NAt0RN9Cs8FRIhlBzQ4MB8GA1UdIwQY
MBaAFKSgfNzQlQPs/j5pfMMmaYUYGugqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEtCODNOQ1ZBLXotUG1sOHd5WnBoUmdhNkNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9kODU0OGMtMzBiMS00OGE0LWFlMjgt
ZDZiMGJjOTBmMmY1LzEvOUpVMkJLUFEwQzNSRTMwS3p3VkVpR1VITkRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9kODU0OGMtMzBiMS00OGE0LWFlMjgtZDZiMGJjOTBmMmY1
LzEvcEtCODNOQ1ZBLXotUG1sOHd5WnBoUmdhNkNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwaKMMA0E
AgACMAcDBQMqEICAMA0GCSqGSIb3DQEBCwUAA4IBAQDdyXzjGgY0ZmpYaNtla4yj
ehVBt/A8gBvF2psIuKgqa6pMwGxFv5R3opIMuMb6M6zaIvmXQnm5tTIt77pHdLcC
xIq9HRZ6mRtA7b9T3s8EtismRabLLxvnqayEgCe8rGIoQYLVAxPMOFA7uw9RAX1K
PvhSAGiGlG+Hhfdc6xjyZBA7CZ+xIzUYZyPHuIuFXbEDC3iKXE9CFf+FmP/ssM7P
n1Ra7slFiphI0fsp5ZpDJuTMH2rE5xv5rfkSz7efG0mmsXvRzO2w+lAI08Am8/mU
DaiQhoa/Tt54DPDcwXsCS4/zdGVPyZ6nnP88U/Yi3aKiHRJWGshddVmzToSa144v
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:17 2024 by rpki-client on console-fra.rpki-client.org