Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/lb5co7SQg_ShPOVtqCIyduMq0NE.roa
File:                     lb5co7SQg_ShPOVtqCIyduMq0NE.roa (raw, json)
Hash identifier:          p3MfC9X1wZZqixMakIXPsoU24pipnxATJHH0HnMQcds=
Subject key identifier:   95:BE:5C:A3:B4:90:83:F4:A1:3C:E5:6D:A8:22:32:76:E3:2A:D0:D1
Certificate issuer:       /CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Certificate serial:       018AA818C5245669D0A0312F2AB5EC814BA2
Authority key identifier: 8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/lb5co7SQg_ShPOVtqCIyduMq0NE.roa
Signing time:             Mon 18 Sep 2023 11:41:50 +0000
ROA not before:           Mon 18 Sep 2023 11:41:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        188.191.100.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 19 Sep 2023 10:25:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:a8:18:c5:24:56:69:d0:a0:31:2f:2a:b5:ec:81:4b:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
        Validity
            Not Before: Sep 18 11:41:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=95be5ca3b49083f4a13ce56da8223276e32ad0d1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:a6:2f:7b:fd:11:13:f7:15:d0:a2:64:09:9c:
                    d7:d5:13:14:2c:43:02:19:26:97:c6:25:cd:4d:65:
                    91:f7:cf:aa:56:f0:64:15:2a:d6:db:68:e0:fb:48:
                    e8:c8:03:d8:85:4a:5b:ed:1d:86:d0:cc:11:b9:8c:
                    42:04:e4:af:7d:95:5f:62:a3:5b:96:eb:72:a9:24:
                    c0:34:fc:30:6a:83:05:bc:a4:7e:29:3b:d9:bf:ed:
                    e7:9c:77:b7:99:fb:98:45:a5:7a:00:24:8c:be:66:
                    6a:e8:60:0b:0c:06:6a:ab:f2:69:9c:88:a1:f7:d0:
                    ea:9e:8a:d9:c0:9e:9c:bb:b4:b2:79:3b:ec:ca:37:
                    e3:91:5b:dc:2e:bd:94:8e:39:90:72:91:56:22:16:
                    cd:c3:8b:78:12:7b:59:00:da:3f:95:eb:b8:b2:5b:
                    73:d9:fa:82:a9:a0:4c:4a:34:86:5b:bd:c3:43:5c:
                    18:33:e9:70:39:1e:b3:50:bb:bf:9d:41:c4:f1:d6:
                    f9:d9:4c:0a:fa:86:7f:f7:0f:87:54:50:cc:1c:ec:
                    56:85:1c:dc:6f:30:ce:27:25:f6:84:71:9c:28:e7:
                    a8:15:4d:68:75:94:e7:17:f6:e7:19:fb:06:94:05:
                    99:a2:6e:69:6c:5a:9f:18:06:88:1b:00:1a:eb:e1:
                    d8:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:BE:5C:A3:B4:90:83:F4:A1:3C:E5:6D:A8:22:32:76:E3:2A:D0:D1
            X509v3 Authority Key Identifier:
                keyid:8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/lb5co7SQg_ShPOVtqCIyduMq0NE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.191.100.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8d:9b:85:da:d2:2a:5b:0e:c2:e9:9b:be:b1:15:ec:cd:de:f6:
         a9:f1:ec:17:ff:d1:8e:cc:7b:f2:ed:25:11:55:e6:dc:7e:8f:
         d7:5e:db:56:9c:c5:dc:e8:00:e1:f0:f8:c0:51:a2:a3:0e:95:
         85:eb:16:a8:47:18:a4:e4:84:8d:7a:68:2c:89:4c:39:85:98:
         7a:81:b4:5d:08:0a:0a:42:0a:0a:50:27:34:af:39:16:27:ca:
         ed:1b:86:0a:c0:f5:e0:b3:a9:f0:e7:b5:66:d8:1b:ff:4f:ea:
         79:12:39:72:d2:f6:91:72:cf:36:a3:8b:db:cd:df:4b:00:04:
         c3:2e:be:ba:ee:c1:63:6c:32:b3:3e:d7:4e:b7:a4:d6:d1:39:
         6a:ac:0a:02:b2:2e:0f:7b:73:d3:6c:de:16:f0:d0:24:e9:88:
         af:87:77:85:66:e6:58:58:45:41:35:6a:f1:4d:fb:d2:c7:5d:
         a4:d1:6f:c6:1b:ad:5e:8d:45:b2:80:27:28:f4:19:09:f3:fe:
         2e:f9:7a:9b:e0:f5:6b:83:53:39:0c:68:17:97:05:2e:21:82:
         24:a3:fd:f7:9d:d6:4b:49:2d:f3:ae:1d:67:a3:81:73:bc:2f:
         75:21:64:b1:4a:49:56:df:af:d4:e4:b7:96:7f:c6:70:e4:15:
         86:89:01:4a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYqoGMUkVmnQoDEvKrXsgUuiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWFjODNlZTNhM2Y5NjhkNjZhZDJmZGY0NjE2ZTdiYjFl
NGQxZDcwHhcNMjMwOTE4MTE0MTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWJlNWNhM2I0OTA4M2Y0YTEzY2U1NmRhODIyMzI3NmUzMmFkMGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkaYve/0RE/cV0KJkCZzX1RMULEMC
GSaXxiXNTWWR98+qVvBkFSrW22jg+0joyAPYhUpb7R2G0MwRuYxCBOSvfZVfYqNb
lutyqSTANPwwaoMFvKR+KTvZv+3nnHe3mfuYRaV6ACSMvmZq6GALDAZqq/JpnIih
99DqnorZwJ6cu7SyeTvsyjfjkVvcLr2UjjmQcpFWIhbNw4t4EntZANo/leu4sltz
2fqCqaBMSjSGW73DQ1wYM+lwOR6zULu/nUHE8db52UwK+oZ/9w+HVFDMHOxWhRzc
bzDOJyX2hHGcKOeoFU1odZTnF/bnGfsGlAWZom5pbFqfGAaIGwAa6+HYGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJW+XKO0kIP0oTzlbagiMnbjKtDRMB8GA1UdIwQY
MBaAFI0ayD7jo/lo1mrS/fRhbnux5NHXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWIt
ZGRmNTY3ZWRlZDAzLzEvbGI1Y283U1FnX1NoUE9WdHFDSXlkdU1xME5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWItZGRmNTY3ZWRlZDAz
LzEvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvL9kMA0G
CSqGSIb3DQEBCwUAA4IBAQCNm4Xa0ipbDsLpm76xFezN3vap8ewX/9GOzHvy7SUR
Vebcfo/XXttWnMXc6ADh8PjAUaKjDpWF6xaoRxik5ISNemgsiUw5hZh6gbRdCAoK
QgoKUCc0rzkWJ8rtG4YKwPXgs6nw57Vm2Bv/T+p5Ejly0vaRcs82o4vbzd9LAATD
Lr667sFjbDKzPtdOt6TW0TlqrAoCsi4Pe3PTbN4W8NAk6Yivh3eFZuZYWEVBNWrx
TfvSx12k0W/GG61ejUWygCco9BkJ8/4u+Xqb4PVrg1M5DGgXlwUuIYIko/33ndZL
SS3zrh1no4FzvC91IWSxSklW36/U5LeWf8Zw5BWGiQFK
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:49 2024 by rpki-client on console-ams.rpki-client.org