Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/sBVSw7tnPHW_W8Sq4pWzSzusbzA.roa
File:                     sBVSw7tnPHW_W8Sq4pWzSzusbzA.roa (raw, json)
Hash identifier:          PcLz6QxIvAJ4MXck1yCG+jO8/91zDzqMiAkJcAiRqX4=
Subject key identifier:   B0:15:52:C3:BB:67:3C:75:BF:5B:C4:AA:E2:95:B3:4B:3B:AC:6F:30
Certificate issuer:       /CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Certificate serial:       018AB94B57C6E6F052E1692D86F274E9AB2B
Authority key identifier: 8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/sBVSw7tnPHW_W8Sq4pWzSzusbzA.roa
Signing time:             Thu 21 Sep 2023 19:50:37 +0000
ROA not before:           Thu 21 Sep 2023 19:50:37 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        188.191.104.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 25 Sep 2023 13:18:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:b9:4b:57:c6:e6:f0:52:e1:69:2d:86:f2:74:e9:ab:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
        Validity
            Not Before: Sep 21 19:50:37 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b01552c3bb673c75bf5bc4aae295b34b3bac6f30
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:9e:6c:f0:61:b0:97:a3:ca:7f:cb:2c:02:01:
                    69:55:a7:56:09:0e:ac:45:5c:31:82:ea:17:e6:d3:
                    bf:d6:c1:43:c4:85:fb:0c:3c:f8:c9:66:28:b6:91:
                    27:fa:09:91:19:da:83:bf:1b:a0:5e:c0:d8:ec:6c:
                    ec:e6:d5:41:a6:e5:ee:5d:27:12:37:b4:12:86:c3:
                    45:10:68:c2:1d:c8:97:5c:5a:aa:29:ea:4b:c3:b9:
                    69:b7:9f:7b:23:36:06:e2:de:1d:40:8e:a0:a6:81:
                    9e:0a:75:7b:a8:3e:73:8d:05:3d:a2:fc:d2:45:7e:
                    e0:f7:78:3e:de:bd:06:7f:63:62:f8:03:02:f7:20:
                    43:11:16:86:f7:af:63:02:e4:24:b0:37:d6:2f:77:
                    1d:11:3a:89:bc:5c:3e:11:f7:54:27:9b:d8:1d:22:
                    e0:e1:bd:4c:12:43:9b:ec:c0:6f:36:44:33:5d:5b:
                    b8:a6:c6:23:11:3d:0b:7a:92:08:89:42:5f:e7:d1:
                    e6:96:fd:76:54:70:bc:b5:2b:07:7b:aa:3c:47:6f:
                    15:18:71:d2:5d:ea:7a:38:21:bc:b4:8d:75:5f:36:
                    9e:2e:9d:9b:e2:6a:d8:37:2e:7c:f5:34:9e:47:fb:
                    40:6d:bf:0b:47:05:31:b5:95:4e:8e:93:f9:f7:12:
                    57:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:15:52:C3:BB:67:3C:75:BF:5B:C4:AA:E2:95:B3:4B:3B:AC:6F:30
            X509v3 Authority Key Identifier:
                keyid:8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/sBVSw7tnPHW_W8Sq4pWzSzusbzA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.191.104.0/24

    Signature Algorithm: sha256WithRSAEncryption
         39:9e:95:dc:a0:0c:d0:08:ac:46:34:9f:53:9e:a4:7b:03:29:
         0a:36:2f:87:42:4e:36:ee:d3:ac:e8:0a:2d:55:e2:48:f0:da:
         bd:65:80:82:83:62:bb:50:e5:e8:e2:09:22:e0:50:a5:97:e0:
         c8:27:5f:2b:6a:cc:76:0f:a9:aa:f7:3c:6d:43:7f:6f:6f:94:
         2f:ca:d3:63:0f:45:fd:c2:64:65:e8:21:a3:95:4e:36:87:33:
         86:3f:50:e0:90:74:1d:1a:ea:57:58:b7:f4:95:69:2e:1f:d0:
         65:3e:08:b9:59:b6:7e:db:2b:fa:ec:44:c7:31:06:40:a8:1f:
         9b:6a:8b:a5:ac:54:75:33:b2:74:c9:ba:e6:c5:9a:cd:e0:37:
         40:0e:fc:4f:60:dd:58:a5:96:6b:49:f5:70:ab:ff:be:ed:87:
         75:9a:6d:41:17:d5:ba:f0:96:1b:e5:b3:84:44:40:f7:12:42:
         c8:46:d3:a8:d7:40:4c:f9:ee:f8:79:ca:df:13:92:35:c0:54:
         44:8d:71:ee:35:33:e2:f6:2d:2d:06:f2:f6:b4:78:1e:0d:ba:
         49:a6:29:a9:f1:91:4b:a2:8c:8f:75:48:85:69:fe:98:31:66:
         fb:b1:22:89:0c:91:8c:d6:66:14:8c:04:2d:ec:e6:12:f5:6d:
         23:e2:cf:cb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYq5S1fG5vBS4WkthvJ06asrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWFjODNlZTNhM2Y5NjhkNjZhZDJmZGY0NjE2ZTdiYjFl
NGQxZDcwHhcNMjMwOTIxMTk1MDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDE1NTJjM2JiNjczYzc1YmY1YmM0YWFlMjk1YjM0YjNiYWM2ZjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu55s8GGwl6PKf8ssAgFpVadWCQ6s
RVwxguoX5tO/1sFDxIX7DDz4yWYotpEn+gmRGdqDvxugXsDY7Gzs5tVBpuXuXScS
N7QShsNFEGjCHciXXFqqKepLw7lpt597IzYG4t4dQI6gpoGeCnV7qD5zjQU9ovzS
RX7g93g+3r0Gf2Ni+AMC9yBDERaG969jAuQksDfWL3cdETqJvFw+EfdUJ5vYHSLg
4b1MEkOb7MBvNkQzXVu4psYjET0LepIIiUJf59Hmlv12VHC8tSsHe6o8R28VGHHS
Xep6OCG8tI11XzaeLp2b4mrYNy589TSeR/tAbb8LRwUxtZVOjpP59xJXlwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLAVUsO7Zzx1v1vEquKVs0s7rG8wMB8GA1UdIwQY
MBaAFI0ayD7jo/lo1mrS/fRhbnux5NHXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWIt
ZGRmNTY3ZWRlZDAzLzEvc0JWU3c3dG5QSFdfVzhTcTRwV3pTenVzYnpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWItZGRmNTY3ZWRlZDAz
LzEvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvL9oMA0G
CSqGSIb3DQEBCwUAA4IBAQA5npXcoAzQCKxGNJ9TnqR7AykKNi+HQk427tOs6Aot
VeJI8Nq9ZYCCg2K7UOXo4gki4FCll+DIJ18rasx2D6mq9zxtQ39vb5QvytNjD0X9
wmRl6CGjlU42hzOGP1DgkHQdGupXWLf0lWkuH9BlPgi5WbZ+2yv67ETHMQZAqB+b
aoulrFR1M7J0ybrmxZrN4DdADvxPYN1YpZZrSfVwq/++7Yd1mm1BF9W68JYb5bOE
RED3EkLIRtOo10BM+e74ecrfE5I1wFREjXHuNTPi9i0tBvL2tHgeDbpJpimp8ZFL
ooyPdUiFaf6YMWb7sSKJDJGM1mYUjAQt7OYS9W0j4s/L
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:49 2024 by rpki-client on console-ams.rpki-client.org