Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/Z2en4WVbrhPBCxKEnghMnD8o9zM.roa
File:                     Z2en4WVbrhPBCxKEnghMnD8o9zM.roa (raw, json)
Hash identifier:          7oJvRwIq+e3zK0P+Ean2/J+qIAln3A72mME9YVQaNLU=
Subject key identifier:   67:67:A7:E1:65:5B:AE:13:C1:0B:12:84:9E:08:4C:9C:3F:28:F7:33
Certificate issuer:       /CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Certificate serial:       018A68B61FFFDC5CA89FACC67DDB165E5349
Authority key identifier: 8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/Z2en4WVbrhPBCxKEnghMnD8o9zM.roa
Signing time:             Wed 06 Sep 2023 04:18:00 +0000
ROA not before:           Wed 06 Sep 2023 04:18:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49468
IP address blocks:        188.191.97.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 05 Oct 2023 04:56:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:68:b6:1f:ff:dc:5c:a8:9f:ac:c6:7d:db:16:5e:53:49
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
        Validity
            Not Before: Sep  6 04:18:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6767a7e1655bae13c10b12849e084c9c3f28f733
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:b4:18:79:26:da:c6:97:99:e9:2b:fc:43:a1:
                    4d:ff:0a:fb:e6:be:01:31:31:8b:f8:ee:05:e1:9e:
                    50:71:e6:ec:ca:df:4e:2c:54:eb:3f:3a:aa:a5:c9:
                    ce:97:49:ba:bc:f5:14:66:89:3a:51:f8:a1:2c:28:
                    f6:0c:9e:94:a7:05:5a:09:93:a4:43:4a:5c:50:cb:
                    c5:dc:cf:67:88:8e:7d:9a:5f:44:f2:fe:c5:43:5a:
                    75:46:47:b3:35:56:4f:fd:2b:9a:bc:34:d8:94:f2:
                    d1:41:f4:44:4f:e8:2a:f4:ec:ee:63:f2:76:9b:06:
                    88:ce:32:47:ac:4e:2d:ef:2a:76:59:dc:32:ff:9b:
                    db:e8:a4:53:6a:b8:68:c7:89:da:10:c7:48:26:d3:
                    5a:c2:16:7a:e2:f8:a4:49:f7:21:9a:46:aa:ab:5a:
                    96:b3:1d:9d:99:b3:8d:5a:9c:bc:8d:a6:83:19:83:
                    0e:bc:0c:a9:9a:9f:5b:2a:e0:fe:11:a4:cc:82:16:
                    2a:6a:0c:ed:1a:77:be:63:0a:ff:c6:b2:d6:6a:27:
                    9b:b9:da:f8:d2:bf:e6:90:cf:f9:ad:32:39:59:42:
                    28:b7:c8:e6:75:b0:2e:5a:ce:cb:2e:01:77:4f:38:
                    05:b9:7b:12:d5:e4:d9:a0:ef:17:20:97:29:8d:87:
                    16:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:67:A7:E1:65:5B:AE:13:C1:0B:12:84:9E:08:4C:9C:3F:28:F7:33
            X509v3 Authority Key Identifier:
                keyid:8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/Z2en4WVbrhPBCxKEnghMnD8o9zM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.191.97.0/24

    Signature Algorithm: sha256WithRSAEncryption
         24:0c:8b:a2:f5:0c:14:37:29:9b:34:5d:c1:04:5e:79:ad:76:
         93:35:8c:c9:2f:e2:ae:20:89:47:31:42:bc:7a:20:a7:59:a8:
         51:11:86:ae:5f:f5:37:8e:a0:cf:28:69:d1:60:47:9c:b2:e5:
         ed:61:40:45:08:6b:41:bf:52:f5:b5:e9:46:4a:f6:d6:85:4d:
         ed:90:0b:67:a9:c3:71:d5:b3:d9:91:0b:05:65:f8:35:0a:f8:
         68:2e:66:44:2a:12:ec:68:0d:00:f1:17:d6:63:fd:7b:02:b0:
         5b:7f:99:27:30:4f:c0:65:37:e5:48:a0:1e:4c:e5:cb:b9:1f:
         30:91:72:c5:dd:d3:e2:a4:33:db:68:c6:f0:5b:0d:21:ba:36:
         ad:95:0f:d0:80:a5:4d:2d:ea:73:3d:f1:37:44:6b:61:ff:77:
         6a:9b:9a:53:63:7f:c9:72:d0:ad:56:67:15:99:a0:6f:05:cd:
         8b:8a:ea:8b:15:94:11:9b:9e:e6:d6:b7:8c:de:e1:6a:6d:5b:
         8f:82:33:6f:56:22:3f:6a:86:69:4b:7e:f8:bc:43:ac:e6:98:
         c1:ac:67:23:2d:f2:92:0f:48:30:96:79:05:16:ab:4c:b3:01:
         ac:4e:19:d2:c7:7a:1a:bb:38:e2:bf:5c:f8:3e:95:fb:55:9d:
         9a:de:ee:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYpoth//3Fyon6zGfdsWXlNJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWFjODNlZTNhM2Y5NjhkNjZhZDJmZGY0NjE2ZTdiYjFl
NGQxZDcwHhcNMjMwOTA2MDQxODAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzY3YTdlMTY1NWJhZTEzYzEwYjEyODQ5ZTA4NGM5YzNmMjhmNzMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyrQYeSbaxpeZ6Sv8Q6FN/wr75r4B
MTGL+O4F4Z5Qcebsyt9OLFTrPzqqpcnOl0m6vPUUZok6UfihLCj2DJ6UpwVaCZOk
Q0pcUMvF3M9niI59ml9E8v7FQ1p1RkezNVZP/SuavDTYlPLRQfRET+gq9OzuY/J2
mwaIzjJHrE4t7yp2Wdwy/5vb6KRTarhox4naEMdIJtNawhZ64vikSfchmkaqq1qW
sx2dmbONWpy8jaaDGYMOvAypmp9bKuD+EaTMghYqagztGne+Ywr/xrLWaiebudr4
0r/mkM/5rTI5WUIot8jmdbAuWs7LLgF3TzgFuXsS1eTZoO8XIJcpjYcWOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGdnp+FlW64TwQsShJ4ITJw/KPczMB8GA1UdIwQY
MBaAFI0ayD7jo/lo1mrS/fRhbnux5NHXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWIt
ZGRmNTY3ZWRlZDAzLzEvWjJlbjRXVmJyaFBCQ3hLRW5naE1uRDhvOXpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWItZGRmNTY3ZWRlZDAz
LzEvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvL9hMA0G
CSqGSIb3DQEBCwUAA4IBAQAkDIui9QwUNymbNF3BBF55rXaTNYzJL+KuIIlHMUK8
eiCnWahREYauX/U3jqDPKGnRYEecsuXtYUBFCGtBv1L1telGSvbWhU3tkAtnqcNx
1bPZkQsFZfg1CvhoLmZEKhLsaA0A8RfWY/17ArBbf5knME/AZTflSKAeTOXLuR8w
kXLF3dPipDPbaMbwWw0hujatlQ/QgKVNLepzPfE3RGth/3dqm5pTY3/JctCtVmcV
maBvBc2LiuqLFZQRm57m1reM3uFqbVuPgjNvViI/aoZpS374vEOs5pjBrGcjLfKS
D0gwlnkFFqtMswGsThnSx3oauzjiv1z4PpX7VZ2a3u60
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:49 2024 by rpki-client on console-ams.rpki-client.org