Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/StWmgJQu5nMPyb9c0RA08xLVRG0.roa
File:                     StWmgJQu5nMPyb9c0RA08xLVRG0.roa (raw, json)
Hash identifier:          /mrsAN86Yi1/NWrxZPKXw9Paw5e+TDc91JRAXT663PY=
Subject key identifier:   4A:D5:A6:80:94:2E:E6:73:0F:C9:BF:5C:D1:10:34:F3:12:D5:44:6D
Certificate issuer:       /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial:       018D6C0FE2EB3AC43BF683E960B7D345DFDE
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/StWmgJQu5nMPyb9c0RA08xLVRG0.roa
Signing time:             Fri 02 Feb 2024 23:03:16 +0000
ROA not before:           Fri 02 Feb 2024 23:03:16 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     396982
IP address blocks:        194.50.111.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 01 Mar 2024 12:41:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:6c:0f:e2:eb:3a:c4:3b:f6:83:e9:60:b7:d3:45:df:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
        Validity
            Not Before: Feb  2 23:03:16 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=4ad5a680942ee6730fc9bf5cd11034f312d5446d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:89:c9:12:2e:9c:74:6b:60:05:b5:04:03:6c:
                    19:38:fa:85:94:4f:6c:53:48:38:f4:53:02:fc:29:
                    12:7c:b5:17:55:2f:8c:42:40:99:b9:a5:04:f9:5f:
                    5d:a5:3b:5c:5d:16:83:33:c3:fb:97:96:3d:90:bb:
                    8d:d5:15:ab:71:5e:91:1c:a9:82:05:76:65:93:3e:
                    c5:46:e5:fa:7b:c3:62:41:46:c9:31:8b:c0:1b:96:
                    f2:8f:38:2b:5b:00:f2:64:85:df:e2:8f:49:1d:93:
                    08:53:71:58:4a:74:db:80:56:ae:67:cf:f5:69:6d:
                    27:58:27:59:b3:0d:aa:e8:92:1f:41:56:8c:b9:71:
                    ba:2a:00:cb:29:c2:97:69:2c:5c:9e:fe:97:a9:cb:
                    54:1e:65:e0:04:98:f5:e3:e5:77:fd:32:cc:b4:75:
                    6f:d8:dc:2a:0c:e8:99:8c:e4:fe:f8:db:8a:44:76:
                    9f:f1:bc:ca:12:d7:57:27:89:2b:ee:97:e3:d5:0c:
                    7b:43:93:4d:d1:c3:61:dd:af:4c:23:c9:ad:ee:f5:
                    1b:55:c7:32:90:1a:18:49:ae:ea:d7:44:56:75:e0:
                    dc:a2:6f:3c:a2:25:9e:5d:cb:61:8b:7a:5a:72:f4:
                    01:88:da:f6:b1:b6:4a:67:90:8b:18:97:a6:e3:db:
                    7d:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:D5:A6:80:94:2E:E6:73:0F:C9:BF:5C:D1:10:34:F3:12:D5:44:6D
            X509v3 Authority Key Identifier:
                keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/StWmgJQu5nMPyb9c0RA08xLVRG0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.50.111.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8d:f1:1e:41:12:99:e3:7e:fd:d4:36:3a:8c:74:53:e0:e2:52:
         4b:c4:49:d5:75:bb:f5:41:67:7c:64:81:74:26:0f:33:be:de:
         43:27:82:46:db:d5:ca:61:b4:77:05:f2:58:44:9b:dd:be:81:
         6f:7a:a6:41:4c:62:43:3b:2b:19:d5:e1:e6:53:21:b6:42:00:
         ee:01:6b:47:dc:d4:76:62:62:c1:13:98:03:d5:f0:b7:c2:0e:
         bd:52:4c:8a:6a:8d:05:33:8a:52:6f:cb:5e:ba:24:a8:ad:4f:
         bc:cd:57:60:27:27:6c:da:31:29:16:35:b8:a3:db:f2:6c:fd:
         e3:c0:43:c7:22:88:13:b9:fa:6f:fc:e5:0e:a7:c2:5f:52:eb:
         c5:00:ab:59:12:c5:dd:22:4e:85:d8:72:8a:69:b9:10:a7:c5:
         13:b8:99:35:ad:95:05:22:95:54:f8:68:30:db:e5:ca:cd:63:
         a6:80:67:06:c1:b2:28:8b:2f:72:c0:6d:4e:2a:4d:b3:fb:55:
         33:4d:37:69:55:9f:4f:1d:3c:84:d6:29:5b:27:07:19:2d:c1:
         49:81:10:72:62:92:b0:a4:b2:7a:de:fa:bd:ff:17:95:99:73:
         2d:17:94:a7:3e:07:ae:08:82:81:e1:29:ea:20:9f:6b:04:c9:
         ea:54:17:25
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY1sD+LrOsQ79oPpYLfTRd/eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMjAyMjMwMzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWQ1YTY4MDk0MmVlNjczMGZjOWJmNWNkMTEwMzRmMzEyZDU0NDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqonJEi6cdGtgBbUEA2wZOPqFlE9s
U0g49FMC/CkSfLUXVS+MQkCZuaUE+V9dpTtcXRaDM8P7l5Y9kLuN1RWrcV6RHKmC
BXZlkz7FRuX6e8NiQUbJMYvAG5byjzgrWwDyZIXf4o9JHZMIU3FYSnTbgFauZ8/1
aW0nWCdZsw2q6JIfQVaMuXG6KgDLKcKXaSxcnv6XqctUHmXgBJj14+V3/TLMtHVv
2NwqDOiZjOT++NuKRHaf8bzKEtdXJ4kr7pfj1Qx7Q5NN0cNh3a9MI8mt7vUbVccy
kBoYSa7q10RWdeDcom88oiWeXcthi3pacvQBiNr2sbZKZ5CLGJem49t99QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFErVpoCULuZzD8m/XNEQNPMS1URtMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvU3RXbWdKUXU1bk1QeWI5YzBSQTA4eExWUkcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwjJvMA0G
CSqGSIb3DQEBCwUAA4IBAQCN8R5BEpnjfv3UNjqMdFPg4lJLxEnVdbv1QWd8ZIF0
Jg8zvt5DJ4JG29XKYbR3BfJYRJvdvoFveqZBTGJDOysZ1eHmUyG2QgDuAWtH3NR2
YmLBE5gD1fC3wg69UkyKao0FM4pSb8teuiSorU+8zVdgJyds2jEpFjW4o9vybP3j
wEPHIogTufpv/OUOp8JfUuvFAKtZEsXdIk6F2HKKabkQp8UTuJk1rZUFIpVU+Ggw
2+XKzWOmgGcGwbIoiy9ywG1OKk2z+1UzTTdpVZ9PHTyE1ilbJwcZLcFJgRByYpKw
pLJ63vq9/xeVmXMtF5SnPgeuCIKB4SnqIJ9rBMnqVBcl
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:03 2024 by rpki-client on console-ams.rpki-client.org