Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/d4e434-6356-46fd-8b35-7ffd5c550385/1/od8I52Z8qnlVRD_UAU4mgyxlvZk.roa
File:                     od8I52Z8qnlVRD_UAU4mgyxlvZk.roa (raw, json)
Hash identifier:          UX9j1KfQ6IjoINVmPxDkYGsfXAwVq0Bn7gpZGsevwG8=
Subject key identifier:   A1:DF:08:E7:66:7C:AA:79:55:44:3F:D4:01:4E:26:83:2C:65:BD:99
Certificate issuer:       /CN=25dd9b849c0dafae386f470123b09261ae355517
Certificate serial:       01894E2C93899D66EAF8BAC2305FAAA1316A
Authority key identifier: 25:DD:9B:84:9C:0D:AF:AE:38:6F:47:01:23:B0:92:61:AE:35:55:17
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Jd2bhJwNr644b0cBI7CSYa41VRc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/52/d4e434-6356-46fd-8b35-7ffd5c550385/1/od8I52Z8qnlVRD_UAU4mgyxlvZk.roa
Signing time:             Thu 13 Jul 2023 07:34:51 +0000
ROA not before:           Thu 13 Jul 2023 07:34:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     25439
IP address blocks:        193.178.164.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:33:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:4e:2c:93:89:9d:66:ea:f8:ba:c2:30:5f:aa:a1:31:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=25dd9b849c0dafae386f470123b09261ae355517
        Validity
            Not Before: Jul 13 07:34:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a1df08e7667caa7955443fd4014e26832c65bd99
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:76:ce:0b:89:bf:71:ea:5d:2c:8b:bf:92:05:
                    19:b0:44:0a:e6:77:6d:97:c9:78:f3:bb:97:d5:bf:
                    5a:81:2d:21:b9:99:55:a4:5d:37:33:28:1e:68:cd:
                    45:9d:e1:4c:07:7e:d6:84:f2:91:de:86:94:69:9e:
                    70:ee:47:7a:7f:b2:e8:08:a1:1d:66:f5:38:43:3c:
                    4f:98:86:7d:a8:4f:1c:b0:35:2b:c2:7b:c6:2d:fa:
                    95:8a:b1:1a:69:c1:67:15:f7:6e:00:2f:4d:9f:0b:
                    b4:79:57:d0:f1:d4:c0:64:08:71:2e:05:2a:d2:7b:
                    11:e6:8d:f7:03:46:c8:a9:3d:e5:7a:0f:78:68:c9:
                    2f:21:17:64:63:ec:f9:de:e2:e1:86:fd:44:49:c6:
                    aa:cc:4c:9d:0a:68:ee:37:d3:fa:20:97:63:4d:12:
                    5b:08:23:e0:7b:3b:1e:e9:a4:94:78:67:7b:2a:17:
                    8a:bf:17:c8:cd:da:0d:4c:66:c4:57:e9:cb:6a:4e:
                    32:c9:6b:ca:57:46:28:76:5f:42:6a:4d:63:61:f2:
                    67:b2:49:18:5a:d4:f4:8b:31:e9:01:8a:7f:47:2c:
                    ff:be:3b:c8:25:4d:a7:14:b9:23:8d:2c:16:02:bd:
                    3c:40:92:fb:76:95:69:66:1e:e6:b0:ed:09:aa:18:
                    44:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:DF:08:E7:66:7C:AA:79:55:44:3F:D4:01:4E:26:83:2C:65:BD:99
            X509v3 Authority Key Identifier:
                keyid:25:DD:9B:84:9C:0D:AF:AE:38:6F:47:01:23:B0:92:61:AE:35:55:17

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Jd2bhJwNr644b0cBI7CSYa41VRc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/d4e434-6356-46fd-8b35-7ffd5c550385/1/od8I52Z8qnlVRD_UAU4mgyxlvZk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/52/d4e434-6356-46fd-8b35-7ffd5c550385/1/Jd2bhJwNr644b0cBI7CSYa41VRc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.178.164.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a3:27:2e:53:a6:d3:d3:14:e2:7d:20:17:75:a6:76:de:b6:97:
         86:bb:d2:da:4c:5a:e3:51:19:68:3d:46:8c:e5:16:0c:b0:d6:
         23:1c:c4:b7:e2:1a:13:da:93:61:34:ba:a1:8f:67:ea:07:55:
         61:4a:9a:c2:b9:96:f2:14:e1:1c:59:41:37:8e:06:e6:66:5b:
         38:ac:d2:86:98:60:2a:20:28:b1:45:d3:c4:03:4b:f6:16:c1:
         51:84:d0:77:5c:4d:7f:47:97:18:10:cc:79:39:73:cb:29:82:
         01:57:8b:52:ec:18:e8:c7:fe:50:78:fe:34:2d:6b:bf:eb:28:
         b6:c3:7b:60:43:f3:ff:f9:bf:ad:cb:61:b5:fd:34:03:a6:e6:
         40:30:22:91:58:e9:78:37:f2:0a:d1:45:7a:3b:de:4d:a4:05:
         cc:8f:c9:c7:19:7b:37:fe:37:27:a0:c6:5c:97:57:29:cf:b5:
         cc:20:99:8f:a7:4a:d7:b9:09:a1:59:21:5d:90:fc:94:0f:6a:
         0e:a1:b8:0b:70:21:67:8f:ec:8a:8f:96:52:3f:ee:08:6a:03:
         2d:27:bb:dd:f7:ce:b5:3e:d8:9f:95:d3:32:dc:f2:8f:ed:17:
         77:c9:5c:10:a6:07:db:1e:99:24:b9:c3:37:31:95:eb:b4:c8:
         18:51:ac:62
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYlOLJOJnWbq+LrCMF+qoTFqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1ZGQ5Yjg0OWMwZGFmYWUzODZmNDcwMTIzYjA5MjYxYWUz
NTU1MTcwHhcNMjMwNzEzMDczNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWRmMDhlNzY2N2NhYTc5NTU0NDNmZDQwMTRlMjY4MzJjNjViZDk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhHbOC4m/cepdLIu/kgUZsEQK5ndt
l8l487uX1b9agS0huZlVpF03MygeaM1FneFMB37WhPKR3oaUaZ5w7kd6f7LoCKEd
ZvU4QzxPmIZ9qE8csDUrwnvGLfqVirEaacFnFfduAC9Nnwu0eVfQ8dTAZAhxLgUq
0nsR5o33A0bIqT3leg94aMkvIRdkY+z53uLhhv1EScaqzEydCmjuN9P6IJdjTRJb
CCPgezse6aSUeGd7KheKvxfIzdoNTGbEV+nLak4yyWvKV0Yodl9Cak1jYfJnskkY
WtT0izHpAYp/Ryz/vjvIJU2nFLkjjSwWAr08QJL7dpVpZh7msO0JqhhEvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKHfCOdmfKp5VUQ/1AFOJoMsZb2ZMB8GA1UdIwQY
MBaAFCXdm4ScDa+uOG9HASOwkmGuNVUXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmQyYmhKd05yNjQ0YjBjQkk3Q1NZYTQxVlJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9kNGU0MzQtNjM1Ni00NmZkLThiMzUt
N2ZmZDVjNTUwMzg1LzEvb2Q4STUyWjhxbmxWUkRfVUFVNG1neXhsdlprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9kNGU0MzQtNjM1Ni00NmZkLThiMzUtN2ZmZDVjNTUwMzg1
LzEvSmQyYmhKd05yNjQ0YjBjQkk3Q1NZYTQxVlJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwbKkMA0G
CSqGSIb3DQEBCwUAA4IBAQCjJy5TptPTFOJ9IBd1pnbetpeGu9LaTFrjURloPUaM
5RYMsNYjHMS34hoT2pNhNLqhj2fqB1VhSprCuZbyFOEcWUE3jgbmZls4rNKGmGAq
ICixRdPEA0v2FsFRhNB3XE1/R5cYEMx5OXPLKYIBV4tS7Bjox/5QeP40LWu/6yi2
w3tgQ/P/+b+ty2G1/TQDpuZAMCKRWOl4N/IK0UV6O95NpAXMj8nHGXs3/jcnoMZc
l1cpz7XMIJmPp0rXuQmhWSFdkPyUD2oOobgLcCFnj+yKj5ZSP+4IagMtJ7vd9861
PtifldMy3PKP7Rd3yVwQpgfbHpkkucM3MZXrtMgYUaxi
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:50 2024 by rpki-client on console-ams.rpki-client.org