Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/7FapbXUX3PNnhBpPU5bn8WM2Hp0.roa
File:                     7FapbXUX3PNnhBpPU5bn8WM2Hp0.roa (raw, json)
Hash identifier:          8UPlLEiiB3NHn0cwGJ5QXA1h3K5JmfX8fIvV+qcyfUg=
Subject key identifier:   EC:56:A9:6D:75:17:DC:F3:67:84:1A:4F:53:96:E7:F1:63:36:1E:9D
Certificate issuer:       /CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Certificate serial:       0186BAB664B01ABE4E7456320C17BCDA7675
Authority key identifier: 8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/7FapbXUX3PNnhBpPU5bn8WM2Hp0.roa
Signing time:             Tue 07 Mar 2023 06:16:00 +0000
ROA not before:           Tue 07 Mar 2023 06:16:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        188.191.100.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 18 May 2023 03:31:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:ba:b6:64:b0:1a:be:4e:74:56:32:0c:17:bc:da:76:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
        Validity
            Not Before: Mar  7 06:16:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ec56a96d7517dcf367841a4f5396e7f163361e9d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:13:bb:4e:5e:30:0a:6e:8b:86:b4:9c:7b:51:
                    52:20:ff:4d:54:ca:cd:f4:30:28:cd:63:ac:d1:37:
                    6e:a0:f2:ee:98:fb:96:cb:bb:32:fc:ad:2f:bd:f1:
                    29:7a:3c:2f:5d:7f:e6:b8:47:13:0d:76:e0:5c:57:
                    5e:ab:3e:a1:dd:65:5c:3a:9b:e6:22:13:e0:7c:da:
                    d1:9a:17:7c:c8:28:b2:7c:65:dd:4d:b9:fe:af:94:
                    e5:6f:0d:a5:aa:9b:d7:81:e3:66:90:14:f8:d7:42:
                    b2:f5:bb:2f:06:eb:8e:c0:94:0a:a9:c4:99:9e:72:
                    11:b7:14:fb:83:cc:ba:c8:59:17:7f:b8:3c:db:34:
                    7b:e0:11:5c:ae:37:3d:6e:84:fd:22:94:90:84:39:
                    4a:d1:c7:44:b9:2f:f9:f0:a6:b0:2f:d9:cd:81:38:
                    76:4b:0f:50:81:bc:97:e5:2f:20:29:3a:74:76:52:
                    87:36:62:94:c9:64:66:cc:37:25:63:60:80:a0:be:
                    67:00:f9:ac:2d:3d:55:cc:c2:03:9b:5f:b5:08:a6:
                    05:9a:e7:31:0a:a6:04:7a:c8:1d:90:fe:fe:42:8c:
                    e8:aa:7b:ab:c9:58:24:bf:79:51:45:05:53:2e:a3:
                    9d:90:38:4c:d8:fd:27:34:d7:54:f5:6e:95:80:a1:
                    b9:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:56:A9:6D:75:17:DC:F3:67:84:1A:4F:53:96:E7:F1:63:36:1E:9D
            X509v3 Authority Key Identifier:
                keyid:8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/7FapbXUX3PNnhBpPU5bn8WM2Hp0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.191.100.0/24

    Signature Algorithm: sha256WithRSAEncryption
         22:df:e6:5a:1d:c0:eb:25:fa:f9:90:2c:b1:e1:c7:a2:5b:fb:
         c5:f7:f3:a8:57:14:a9:2f:a5:0f:ca:1d:73:9c:2e:66:d7:61:
         c7:5b:5d:74:32:ea:39:35:a5:4e:a3:8a:41:4b:35:9c:e9:e4:
         7e:5a:b9:4f:82:18:7d:5c:e9:b8:b9:c5:ba:ba:55:d3:2d:10:
         7d:37:86:b9:31:01:7a:9f:08:ec:2f:91:62:df:ea:c5:dd:57:
         0a:1f:24:8c:5e:ba:6a:25:0f:f6:b9:ec:5b:b4:3e:5f:2d:cb:
         ec:44:fa:a1:72:bd:6c:70:6e:e8:eb:d1:aa:21:2d:71:bf:5c:
         f3:32:2f:3c:7b:0f:9c:50:77:5b:0a:ba:bc:7c:6f:f3:d7:8f:
         05:5d:ba:56:f9:40:28:ac:06:3f:ec:96:c9:0d:bb:ec:e7:8e:
         3a:0d:68:85:ce:cd:5d:87:7b:07:af:a2:ff:cd:e4:d3:95:8b:
         18:72:fe:01:3a:ca:c3:98:87:d5:14:33:7d:08:95:90:0a:11:
         f3:fc:68:60:ff:07:14:8c:12:df:45:f6:35:9a:dd:21:7c:74:
         56:fd:cb:19:88:30:22:e2:20:62:c7:65:50:44:92:4f:d1:0b:
         a0:fd:36:8b:30:fa:3f:46:07:2c:f0:57:5b:7e:ad:a7:69:73:
         0c:99:d1:b7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYa6tmSwGr5OdFYyDBe82nZ1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWFjODNlZTNhM2Y5NjhkNjZhZDJmZGY0NjE2ZTdiYjFl
NGQxZDcwHhcNMjMwMzA3MDYxNjAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzU2YTk2ZDc1MTdkY2YzNjc4NDFhNGY1Mzk2ZTdmMTYzMzYxZTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmxO7Tl4wCm6LhrSce1FSIP9NVMrN
9DAozWOs0TduoPLumPuWy7sy/K0vvfEpejwvXX/muEcTDXbgXFdeqz6h3WVcOpvm
IhPgfNrRmhd8yCiyfGXdTbn+r5Tlbw2lqpvXgeNmkBT410Ky9bsvBuuOwJQKqcSZ
nnIRtxT7g8y6yFkXf7g82zR74BFcrjc9boT9IpSQhDlK0cdEuS/58KawL9nNgTh2
Sw9QgbyX5S8gKTp0dlKHNmKUyWRmzDclY2CAoL5nAPmsLT1VzMIDm1+1CKYFmucx
CqYEesgdkP7+QozoqnuryVgkv3lRRQVTLqOdkDhM2P0nNNdU9W6VgKG56QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOxWqW11F9zzZ4QaT1OW5/FjNh6dMB8GA1UdIwQY
MBaAFI0ayD7jo/lo1mrS/fRhbnux5NHXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWIt
ZGRmNTY3ZWRlZDAzLzEvN0ZhcGJYVVgzUE5uaEJwUFU1Ym44V00ySHAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWItZGRmNTY3ZWRlZDAz
LzEvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvL9kMA0G
CSqGSIb3DQEBCwUAA4IBAQAi3+ZaHcDrJfr5kCyx4ceiW/vF9/OoVxSpL6UPyh1z
nC5m12HHW110Muo5NaVOo4pBSzWc6eR+WrlPghh9XOm4ucW6ulXTLRB9N4a5MQF6
nwjsL5Fi3+rF3VcKHySMXrpqJQ/2uexbtD5fLcvsRPqhcr1scG7o69GqIS1xv1zz
Mi88ew+cUHdbCrq8fG/z148FXbpW+UAorAY/7JbJDbvs5446DWiFzs1dh3sHr6L/
zeTTlYsYcv4BOsrDmIfVFDN9CJWQChHz/Ghg/wcUjBLfRfY1mt0hfHRW/csZiDAi
4iBix2VQRJJP0Qug/TaLMPo/Rgcs8Fdbfq2naXMMmdG3
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:48 2024 by rpki-client on console-ams.rpki-client.org