Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/CznwW1t3w4HyOAbLZi0suQXO0KM.roa
File:                     CznwW1t3w4HyOAbLZi0suQXO0KM.roa (raw, json)
Hash identifier:          jeRMwVlZek55N5UvBF3lH+OsnA6JXyOLt8pr7sSjbF0=
Subject key identifier:   0B:39:F0:5B:5B:77:C3:81:F2:38:06:CB:66:2D:2C:B9:05:CE:D0:A3
Certificate issuer:       /CN=5c892aed3833e6100f5e0cf12271fd80b755c361
Certificate serial:       018A73F905F8CC35D45B8C41F3CD3A1C9EE8
Authority key identifier: 5C:89:2A:ED:38:33:E6:10:0F:5E:0C:F1:22:71:FD:80:B7:55:C3:61
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XIkq7Tgz5hAPXgzxInH9gLdVw2E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/CznwW1t3w4HyOAbLZi0suQXO0KM.roa
Signing time:             Fri 08 Sep 2023 08:46:54 +0000
ROA not before:           Fri 08 Sep 2023 08:46:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     20473
IP address blocks:        88.218.42.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:29:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:73:f9:05:f8:cc:35:d4:5b:8c:41:f3:cd:3a:1c:9e:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5c892aed3833e6100f5e0cf12271fd80b755c361
        Validity
            Not Before: Sep  8 08:46:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0b39f05b5b77c381f23806cb662d2cb905ced0a3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:75:bf:a5:e1:0d:4b:33:2a:4f:e9:c5:6b:f1:
                    27:87:78:67:79:73:39:b5:bf:cc:38:d4:45:b6:17:
                    2a:7a:03:68:6d:99:64:b9:5f:4f:c6:a2:37:09:70:
                    1b:29:54:cb:36:ba:ba:b4:ef:7a:4f:a1:e0:d7:29:
                    7f:5d:73:52:01:40:d7:99:5b:da:a0:db:60:6f:11:
                    77:79:be:98:56:9f:04:0f:11:ab:4d:ef:a0:d3:7f:
                    7b:16:d7:3a:ec:9e:eb:7e:c1:0e:61:6c:5e:26:17:
                    f8:31:bd:4e:44:73:46:71:01:2d:bf:09:21:65:42:
                    a5:05:a3:ab:85:aa:b4:0b:33:1d:c3:19:ed:8e:63:
                    f7:58:03:4a:92:9f:77:a8:cc:fa:5a:7c:08:8b:80:
                    b8:91:b1:ed:0b:f8:c5:e5:a6:f6:9f:fa:45:7f:a4:
                    6c:e6:bd:36:a9:4c:66:fb:f1:fc:43:c9:2e:73:c1:
                    20:dd:76:be:f7:f4:e3:f3:b4:0c:38:a9:2c:1d:9d:
                    1a:57:26:57:be:49:55:40:82:54:49:d0:9d:ca:d6:
                    db:67:72:6a:f4:50:c8:ec:db:1e:73:b4:cb:7f:14:
                    95:63:a1:58:eb:a7:4b:86:24:7a:42:02:1b:72:e4:
                    d2:26:75:25:5e:1e:b8:a4:01:38:d6:80:be:b2:6a:
                    71:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:39:F0:5B:5B:77:C3:81:F2:38:06:CB:66:2D:2C:B9:05:CE:D0:A3
            X509v3 Authority Key Identifier:
                keyid:5C:89:2A:ED:38:33:E6:10:0F:5E:0C:F1:22:71:FD:80:B7:55:C3:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XIkq7Tgz5hAPXgzxInH9gLdVw2E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/CznwW1t3w4HyOAbLZi0suQXO0KM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/XIkq7Tgz5hAPXgzxInH9gLdVw2E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  88.218.42.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3d:80:7a:0c:05:a8:f0:f8:17:3c:be:e3:b9:3b:47:70:d7:6f:
         b4:14:93:70:27:73:fe:4e:ad:2b:04:f5:d3:53:0b:58:21:db:
         a1:65:0d:22:a1:b7:8e:53:9b:2c:d6:6a:c0:f3:48:be:42:cd:
         c4:4a:e7:17:2a:19:4c:e8:6e:26:7e:de:00:2b:2b:70:7c:24:
         e7:a2:62:24:5d:50:cc:98:af:ba:48:9e:fb:00:0f:a1:50:22:
         64:80:5e:bc:e0:9b:1c:53:a6:46:52:a5:00:b1:2b:8f:21:b0:
         8d:cd:b3:4d:c3:9c:ad:19:87:20:e4:1e:cd:65:c3:b5:46:c5:
         ea:9f:55:17:33:c2:38:69:36:c7:c6:bc:8f:3e:4a:55:08:7e:
         b2:3a:be:e0:27:c4:c2:22:93:35:20:69:ef:4f:b2:cd:28:e5:
         93:99:d6:f7:eb:2b:37:91:6f:bd:fa:29:ae:65:b0:34:91:27:
         86:5d:28:96:8c:96:bc:ec:a7:75:38:73:29:b0:50:36:63:d1:
         8b:78:e8:8c:77:7c:46:c9:21:a5:4e:77:e5:73:a4:f7:c3:6d:
         ff:5c:39:fc:73:d2:92:bc:16:9b:43:b1:7e:bf:e1:a0:b3:e8:
         2d:c7:27:31:ed:89:77:6a:7b:9d:7a:43:8b:0e:de:d7:03:8c:
         18:82:35:74
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYpz+QX4zDXUW4xB8806HJ7oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjODkyYWVkMzgzM2U2MTAwZjVlMGNmMTIyNzFmZDgwYjc1
NWMzNjEwHhcNMjMwOTA4MDg0NjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjM5ZjA1YjViNzdjMzgxZjIzODA2Y2I2NjJkMmNiOTA1Y2VkMGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwXW/peENSzMqT+nFa/Enh3hneXM5
tb/MONRFthcqegNobZlkuV9PxqI3CXAbKVTLNrq6tO96T6Hg1yl/XXNSAUDXmVva
oNtgbxF3eb6YVp8EDxGrTe+g0397Ftc67J7rfsEOYWxeJhf4Mb1ORHNGcQEtvwkh
ZUKlBaOrhaq0CzMdwxntjmP3WANKkp93qMz6WnwIi4C4kbHtC/jF5ab2n/pFf6Rs
5r02qUxm+/H8Q8kuc8Eg3Xa+9/Tj87QMOKksHZ0aVyZXvklVQIJUSdCdytbbZ3Jq
9FDI7Nsec7TLfxSVY6FY66dLhiR6QgIbcuTSJnUlXh64pAE41oC+smpxJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAs58Ftbd8OB8jgGy2YtLLkFztCjMB8GA1UdIwQY
MBaAFFyJKu04M+YQD14M8SJx/YC3VcNhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWElrcTdUZ3o1aEFQWGd6eEluSDlnTGRWdzJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi84NmZiNDYtZDcxMi00NjAyLTljY2Ut
M2FhN2RhYTlkM2VjLzEvQ3pud1cxdDN3NEh5T0FiTFppMHN1UVhPMEtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi84NmZiNDYtZDcxMi00NjAyLTljY2UtM2FhN2RhYTlkM2Vj
LzEvWElrcTdUZ3o1aEFQWGd6eEluSDlnTGRWdzJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWNoqMA0G
CSqGSIb3DQEBCwUAA4IBAQA9gHoMBajw+Bc8vuO5O0dw12+0FJNwJ3P+Tq0rBPXT
UwtYIduhZQ0iobeOU5ss1mrA80i+Qs3ESucXKhlM6G4mft4AKytwfCTnomIkXVDM
mK+6SJ77AA+hUCJkgF684JscU6ZGUqUAsSuPIbCNzbNNw5ytGYcg5B7NZcO1RsXq
n1UXM8I4aTbHxryPPkpVCH6yOr7gJ8TCIpM1IGnvT7LNKOWTmdb36ys3kW+9+imu
ZbA0kSeGXSiWjJa87Kd1OHMpsFA2Y9GLeOiMd3xGySGlTnflc6T3w23/XDn8c9KS
vBabQ7F+v+Ggs+gtxycx7Yl3anudekOLDt7XA4wYgjV0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:03 2024 by rpki-client on console-fra.rpki-client.org