Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/0376d1-12ca-4135-9483-8e7149f04a4e/1/Ickk_xto0AqkMCUfLBeYGgu9ySw.roa
File:                     Ickk_xto0AqkMCUfLBeYGgu9ySw.roa (raw, json)
Hash identifier:          216xKawdYm4DixD3aQBy5oTliG2oYxMN4qOlgaO6uZk=
Subject key identifier:   21:C9:24:FF:1B:68:D0:0A:A4:30:25:1F:2C:17:98:1A:0B:BD:C9:2C
Certificate issuer:       /CN=ae1dc18a4b1fbfe2c2babd8bbb47fe1fd1cf22f8
Certificate serial:       0185708CAB3025DF285389CACF2BE83495B4
Authority key identifier: AE:1D:C1:8A:4B:1F:BF:E2:C2:BA:BD:8B:BB:47:FE:1F:D1:CF:22:F8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rh3Biksfv-LCur2Lu0f-H9HPIvg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/0376d1-12ca-4135-9483-8e7149f04a4e/1/Ickk_xto0AqkMCUfLBeYGgu9ySw.roa
Signing time:             Mon 02 Jan 2023 03:35:45 +0000
ROA not before:           Mon 02 Jan 2023 03:35:45 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     8881
IP address blocks:        194.99.113.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:30:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:8c:ab:30:25:df:28:53:89:ca:cf:2b:e8:34:95:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ae1dc18a4b1fbfe2c2babd8bbb47fe1fd1cf22f8
        Validity
            Not Before: Jan  2 03:35:45 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=21c924ff1b68d00aa430251f2c17981a0bbdc92c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:ba:53:1d:08:27:5a:61:b3:b2:e9:b2:e1:f2:
                    55:71:89:6b:bb:25:93:e8:7a:d4:b5:64:f1:ff:50:
                    4b:bf:d4:62:c8:5a:a2:90:73:bb:4e:f6:f1:7e:81:
                    ee:da:ef:7d:aa:a5:de:e2:ce:3c:e1:06:c3:fb:b7:
                    9b:7d:24:3a:b1:5f:6f:66:fa:9c:7e:ac:03:87:80:
                    3f:b8:25:a2:ef:de:14:59:d0:b8:ca:a6:7f:d9:19:
                    6b:ca:83:6d:b7:a7:04:3b:f1:ad:8c:52:c5:53:40:
                    8d:70:92:e0:53:2c:4b:92:25:b6:1a:44:0a:e5:ba:
                    2f:37:ff:fb:1d:68:e0:72:b3:cf:56:a0:5f:c2:d4:
                    77:a9:b5:6e:d9:04:67:9e:13:de:17:ea:57:b9:41:
                    25:76:b0:1d:ad:65:f9:fd:f8:ec:90:a9:8e:38:c1:
                    dc:73:17:4f:82:9a:76:8c:f3:94:9c:af:e9:be:a2:
                    5d:bd:7b:44:4f:7e:b6:8e:f3:92:a5:0a:50:03:87:
                    2d:2d:ff:05:14:87:ea:fb:17:a0:fa:12:98:78:9d:
                    31:b1:69:1e:2c:8a:e5:52:f0:4d:43:fd:45:f2:4b:
                    21:cb:99:42:5f:dd:b9:ad:6c:9a:39:28:31:5a:04:
                    20:9d:76:73:0b:ee:26:cc:69:d6:c4:75:97:dc:b8:
                    a3:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:C9:24:FF:1B:68:D0:0A:A4:30:25:1F:2C:17:98:1A:0B:BD:C9:2C
            X509v3 Authority Key Identifier:
                keyid:AE:1D:C1:8A:4B:1F:BF:E2:C2:BA:BD:8B:BB:47:FE:1F:D1:CF:22:F8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rh3Biksfv-LCur2Lu0f-H9HPIvg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/0376d1-12ca-4135-9483-8e7149f04a4e/1/Ickk_xto0AqkMCUfLBeYGgu9ySw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/0376d1-12ca-4135-9483-8e7149f04a4e/1/rh3Biksfv-LCur2Lu0f-H9HPIvg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.99.113.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b7:ce:f8:23:ed:39:65:cd:f2:5b:a8:9a:35:81:38:68:d6:d7:
         a5:72:5b:34:bd:aa:10:d3:87:fb:2b:d4:43:14:2b:1b:f8:5b:
         eb:a3:26:21:75:5b:02:38:9d:aa:15:35:00:e2:2c:30:87:d8:
         83:37:0a:21:21:6b:c2:43:cf:3b:0a:e8:69:eb:c6:51:a2:96:
         1b:69:92:cf:2a:34:5d:6e:6e:6b:50:91:18:eb:cb:c7:6f:8c:
         78:28:61:ec:22:c3:a0:cc:3b:39:8c:26:5a:60:b9:d6:25:d8:
         07:06:be:c3:5c:05:9f:6f:5e:6f:1c:56:71:2e:d0:14:be:cd:
         b9:33:ff:fa:c9:d7:a7:6e:ae:2a:96:ce:1c:2d:08:22:a9:c0:
         ea:72:d5:7d:b8:da:6b:22:fe:8a:fd:15:9e:0d:26:fa:17:e7:
         a6:65:9d:72:15:19:d8:e4:ad:cb:7b:89:df:34:ee:ef:59:88:
         be:c8:94:e3:65:c3:ff:a5:2e:4d:78:e7:97:2f:ab:fd:0c:3a:
         be:38:c3:f1:f5:1a:0b:83:66:26:60:86:d5:95:bd:64:f1:a6:
         b7:69:15:5e:74:fb:cd:fe:1a:39:0b:1c:40:76:2b:35:90:96:
         bd:55:48:7c:03:7d:89:78:12:d2:84:76:e0:c1:b1:8c:5a:e7:
         ff:65:83:14
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwjKswJd8oU4nKzyvoNJW0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlMWRjMThhNGIxZmJmZTJjMmJhYmQ4YmJiNDdmZTFmZDFj
ZjIyZjgwHhcNMjMwMTAyMDMzNTQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWM5MjRmZjFiNjhkMDBhYTQzMDI1MWYyYzE3OTgxYTBiYmRjOTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl7pTHQgnWmGzsumy4fJVcYlruyWT
6HrUtWTx/1BLv9RiyFqikHO7TvbxfoHu2u99qqXe4s484QbD+7ebfSQ6sV9vZvqc
fqwDh4A/uCWi794UWdC4yqZ/2RlryoNtt6cEO/GtjFLFU0CNcJLgUyxLkiW2GkQK
5bovN//7HWjgcrPPVqBfwtR3qbVu2QRnnhPeF+pXuUEldrAdrWX5/fjskKmOOMHc
cxdPgpp2jPOUnK/pvqJdvXtET362jvOSpQpQA4ctLf8FFIfq+xeg+hKYeJ0xsWke
LIrlUvBNQ/1F8kshy5lCX925rWyaOSgxWgQgnXZzC+4mzGnWxHWX3Lij2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCHJJP8baNAKpDAlHywXmBoLvcksMB8GA1UdIwQY
MBaAFK4dwYpLH7/iwrq9i7tH/h/RzyL4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmgzQmlrc2Z2LUxDdXIyTHUwZi1IOUhQSXZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS8wMzc2ZDEtMTJjYS00MTM1LTk0ODMt
OGU3MTQ5ZjA0YTRlLzEvSWNra194dG8wQXFrTUNVZkxCZVlHZ3U5eVN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS8wMzc2ZDEtMTJjYS00MTM1LTk0ODMtOGU3MTQ5ZjA0YTRl
LzEvcmgzQmlrc2Z2LUxDdXIyTHUwZi1IOUhQSXZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwmNxMA0G
CSqGSIb3DQEBCwUAA4IBAQC3zvgj7TllzfJbqJo1gTho1telcls0vaoQ04f7K9RD
FCsb+FvroyYhdVsCOJ2qFTUA4iwwh9iDNwohIWvCQ887Cuhp68ZRopYbaZLPKjRd
bm5rUJEY68vHb4x4KGHsIsOgzDs5jCZaYLnWJdgHBr7DXAWfb15vHFZxLtAUvs25
M//6ydenbq4qls4cLQgiqcDqctV9uNprIv6K/RWeDSb6F+emZZ1yFRnY5K3Le4nf
NO7vWYi+yJTjZcP/pS5NeOeXL6v9DDq+OMPx9RoLg2YmYIbVlb1k8aa3aRVedPvN
/ho5CxxAdis1kJa9VUh8A32JeBLShHbgwbGMWuf/ZYMU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:28 2024 by rpki-client on console-fra.rpki-client.org