Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/OJvQ2dOHr8zt3O63-gQs6-O95qc.roa
File:                     OJvQ2dOHr8zt3O63-gQs6-O95qc.roa (raw, json)
Hash identifier:          xD/x8HigjnJwXGCqulj5INnrx9Uh78SA72Qxe1k+0MA=
Subject key identifier:   38:9B:D0:D9:D3:87:AF:CC:ED:DC:EE:B7:FA:04:2C:EB:E3:BD:E6:A7
Certificate issuer:       /CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Certificate serial:       01859053FEAE69B79007C6C29E9EE5B39966
Authority key identifier: 8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/OJvQ2dOHr8zt3O63-gQs6-O95qc.roa
Signing time:             Sun 08 Jan 2023 07:41:41 +0000
ROA not before:           Sun 08 Jan 2023 07:41:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49581
IP address blocks:        188.191.99.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 01 Aug 2023 11:41:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:90:53:fe:ae:69:b7:90:07:c6:c2:9e:9e:e5:b3:99:66
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
        Validity
            Not Before: Jan  8 07:41:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=389bd0d9d387afcceddceeb7fa042cebe3bde6a7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:8f:bf:62:aa:f9:6b:95:2c:c9:46:9d:2f:d6:
                    10:ec:b3:53:0a:70:19:89:61:7b:b3:52:97:82:cc:
                    77:23:c7:62:63:16:9a:e2:1e:ba:46:94:c4:f9:ff:
                    c3:b2:3b:e4:f9:98:38:0a:ae:55:5a:f5:f0:f2:f3:
                    76:b0:3d:bd:1b:38:a4:58:ed:58:c3:62:c5:92:03:
                    10:20:f6:b8:d0:de:72:7e:2a:e2:e2:80:c3:14:3d:
                    81:ea:09:0f:f6:32:02:5b:63:63:d4:4e:26:5d:b4:
                    f9:bc:94:65:18:87:69:77:95:e4:30:48:09:9c:3e:
                    0e:e3:2d:34:16:da:30:78:d8:82:66:e9:6d:b4:62:
                    14:f6:38:21:4c:ff:4e:21:f0:bc:04:c3:9a:70:2c:
                    50:d2:0c:0d:ed:43:e3:08:76:0e:86:1e:5b:6d:36:
                    9d:14:f8:8b:03:eb:cd:12:7f:1a:fb:f1:ac:ed:72:
                    a1:7f:4f:48:d4:33:75:2b:c6:a6:c4:0f:5d:16:de:
                    fc:17:ff:65:f3:41:c8:45:45:15:18:17:c7:7a:b4:
                    3a:9f:75:e2:83:5b:a7:94:e7:7a:3d:25:b7:47:a4:
                    3c:b3:d6:3d:8e:4c:8c:a9:c6:be:ff:9f:f4:21:52:
                    e9:01:ef:4b:db:ca:60:8c:42:17:2d:6c:a7:c0:51:
                    29:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:9B:D0:D9:D3:87:AF:CC:ED:DC:EE:B7:FA:04:2C:EB:E3:BD:E6:A7
            X509v3 Authority Key Identifier:
                keyid:8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/OJvQ2dOHr8zt3O63-gQs6-O95qc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.191.99.0/24

    Signature Algorithm: sha256WithRSAEncryption
         45:69:ec:d4:86:fc:b5:db:db:95:16:07:c6:32:05:d3:78:4d:
         e4:57:88:8d:be:4f:87:7b:6a:9b:73:1e:ea:71:7d:f1:63:75:
         be:5a:a4:13:8b:44:68:53:51:d6:19:79:4e:88:96:e4:b6:40:
         b9:23:91:e2:a8:73:49:55:1a:f8:fe:e0:aa:d4:0b:d9:de:aa:
         1d:ce:59:b8:24:a2:46:8f:1b:39:bb:fb:af:ec:5d:cc:01:0e:
         21:ea:f6:08:ad:fc:28:34:4f:cf:4e:63:b9:38:3d:8b:3d:a8:
         6e:57:f3:de:0a:a9:fa:37:be:4f:b1:6f:5e:ef:b1:e8:74:fa:
         b2:ea:6f:c7:6d:e4:b8:97:4c:75:5e:7d:aa:83:91:6b:19:81:
         b2:1d:35:c6:6c:98:b0:c2:b5:cf:5d:13:31:a4:5f:23:0e:40:
         53:86:b8:10:53:b5:bd:f9:15:6a:9c:85:f0:ea:ab:17:d7:5d:
         54:fb:be:3f:92:fa:6c:fa:08:b5:60:df:03:bf:a2:f2:41:8f:
         20:d1:40:0a:1c:ad:70:7f:82:4d:9f:72:e7:47:73:d6:79:19:
         1b:65:5c:4f:09:01:f4:b7:aa:f4:d8:88:04:0e:e4:04:e8:a8:
         bd:0d:a7:3e:e9:7b:ec:00:ab:8e:8c:96:30:f3:30:7f:9a:c6:
         6c:a6:de:f9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYWQU/6uabeQB8bCnp7ls5lmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWFjODNlZTNhM2Y5NjhkNjZhZDJmZGY0NjE2ZTdiYjFl
NGQxZDcwHhcNMjMwMTA4MDc0MTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODliZDBkOWQzODdhZmNjZWRkY2VlYjdmYTA0MmNlYmUzYmRlNmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4+/Yqr5a5UsyUadL9YQ7LNTCnAZ
iWF7s1KXgsx3I8diYxaa4h66RpTE+f/Dsjvk+Zg4Cq5VWvXw8vN2sD29GzikWO1Y
w2LFkgMQIPa40N5yfiri4oDDFD2B6gkP9jICW2Nj1E4mXbT5vJRlGIdpd5XkMEgJ
nD4O4y00FtoweNiCZulttGIU9jghTP9OIfC8BMOacCxQ0gwN7UPjCHYOhh5bbTad
FPiLA+vNEn8a+/Gs7XKhf09I1DN1K8amxA9dFt78F/9l80HIRUUVGBfHerQ6n3Xi
g1unlOd6PSW3R6Q8s9Y9jkyMqca+/5/0IVLpAe9L28pgjEIXLWynwFEp4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDib0NnTh6/M7dzut/oELOvjveanMB8GA1UdIwQY
MBaAFI0ayD7jo/lo1mrS/fRhbnux5NHXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWIt
ZGRmNTY3ZWRlZDAzLzEvT0p2UTJkT0hyOHp0M082My1nUXM2LU85NXFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWItZGRmNTY3ZWRlZDAz
LzEvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvL9jMA0G
CSqGSIb3DQEBCwUAA4IBAQBFaezUhvy129uVFgfGMgXTeE3kV4iNvk+He2qbcx7q
cX3xY3W+WqQTi0RoU1HWGXlOiJbktkC5I5HiqHNJVRr4/uCq1AvZ3qodzlm4JKJG
jxs5u/uv7F3MAQ4h6vYIrfwoNE/PTmO5OD2LPahuV/PeCqn6N75PsW9e77HodPqy
6m/HbeS4l0x1Xn2qg5FrGYGyHTXGbJiwwrXPXRMxpF8jDkBThrgQU7W9+RVqnIXw
6qsX111U+74/kvps+gi1YN8Dv6LyQY8g0UAKHK1wf4JNn3LnR3PWeRkbZVxPCQH0
t6r02IgEDuQE6Ki9Dac+6XvsAKuOjJYw8zB/msZspt75
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:49 2024 by rpki-client on console-ams.rpki-client.org