Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/0949fc-accd-471f-a9cd-97243e316272/1/g2yHn9ZE-gBR7FaiK30BQfDpf5M.roa
File:                     g2yHn9ZE-gBR7FaiK30BQfDpf5M.roa (raw, json)
Hash identifier:          vXlPfIbN7498uBlxr5l/WNpsRWjLxddIwZ+au1d3gIY=
Subject key identifier:   83:6C:87:9F:D6:44:FA:00:51:EC:56:A2:2B:7D:01:41:F0:E9:7F:93
Certificate issuer:       /CN=570fb0f1d8b8c198b0dc86158afbcbc529cf16be
Certificate serial:       018E9EA998B0DB2FC6BD23BAA6F87AD7278C
Authority key identifier: 57:0F:B0:F1:D8:B8:C1:98:B0:DC:86:15:8A:FB:CB:C5:29:CF:16:BE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Vw-w8di4wZiw3IYVivvLxSnPFr4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/0949fc-accd-471f-a9cd-97243e316272/1/g2yHn9ZE-gBR7FaiK30BQfDpf5M.roa
Signing time:             Tue 02 Apr 2024 11:54:58 +0000
ROA not before:           Tue 02 Apr 2024 11:54:58 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     21238
IP address blocks:        194.4.54.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 03 Apr 2024 14:19:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:9e:a9:98:b0:db:2f:c6:bd:23:ba:a6:f8:7a:d7:27:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=570fb0f1d8b8c198b0dc86158afbcbc529cf16be
        Validity
            Not Before: Apr  2 11:54:58 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=836c879fd644fa0051ec56a22b7d0141f0e97f93
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:f6:d9:e0:d1:74:49:74:e2:c2:81:9d:8f:a9:
                    12:0b:20:b7:e8:85:20:a4:84:38:a1:2f:88:9c:f7:
                    56:22:ff:71:ba:56:7e:53:54:a6:61:a4:0b:55:64:
                    78:2e:72:3e:d4:62:f9:9e:58:d7:13:3c:78:3b:dc:
                    f6:56:84:ca:56:81:c3:23:2f:1b:84:c3:2f:e5:1f:
                    d2:aa:45:cd:84:48:94:8d:22:7e:32:9b:cf:18:55:
                    5e:fc:97:b9:01:93:95:6b:d1:fd:77:30:6c:09:bc:
                    05:04:41:44:06:2e:f0:36:1c:2a:11:b8:61:ac:dd:
                    d5:c9:5f:6b:ac:e4:d8:4e:85:02:f1:a0:2c:58:be:
                    03:c4:f8:7e:88:26:ed:73:05:d9:d5:d9:66:0f:06:
                    93:43:f4:65:fb:87:c7:55:84:bc:d1:1e:2b:05:a5:
                    08:e1:fe:bd:c4:88:e7:4e:de:00:c8:58:80:03:33:
                    40:b9:6a:fc:bb:d3:74:99:68:ed:59:f6:35:8e:32:
                    ee:e5:50:d7:05:80:b9:a8:96:97:0e:a2:25:d0:0b:
                    bd:5e:50:b4:04:e9:8b:fc:7b:ed:79:eb:05:a1:5d:
                    37:c9:61:e7:bf:39:d8:31:27:a8:63:06:ec:73:14:
                    c0:82:b8:97:0b:b2:8f:70:f2:94:ff:58:ee:93:9a:
                    13:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:6C:87:9F:D6:44:FA:00:51:EC:56:A2:2B:7D:01:41:F0:E9:7F:93
            X509v3 Authority Key Identifier:
                keyid:57:0F:B0:F1:D8:B8:C1:98:B0:DC:86:15:8A:FB:CB:C5:29:CF:16:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vw-w8di4wZiw3IYVivvLxSnPFr4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/0949fc-accd-471f-a9cd-97243e316272/1/g2yHn9ZE-gBR7FaiK30BQfDpf5M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/0949fc-accd-471f-a9cd-97243e316272/1/Vw-w8di4wZiw3IYVivvLxSnPFr4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.4.54.0/24

    Signature Algorithm: sha256WithRSAEncryption
         42:31:1c:73:9e:e4:c3:1c:d6:e7:9c:0c:41:f3:54:e9:23:87:
         c9:18:a7:72:c2:4b:35:7e:02:e2:47:2c:f0:b9:c7:a3:42:bc:
         48:9d:68:d4:cc:21:70:b3:94:56:f4:fb:96:7b:8f:8c:2b:b6:
         40:b8:81:29:66:19:95:fd:9e:fe:49:64:9d:ff:c7:3b:1a:62:
         37:4f:ef:2e:cc:9e:78:58:45:05:42:54:35:dc:4f:f5:46:46:
         11:1e:b5:95:4e:11:9c:24:06:97:b5:5a:d7:a0:21:ba:78:81:
         d7:12:cb:1d:5b:7e:e3:9c:94:c2:49:9b:25:79:4d:3c:f9:04:
         70:c1:fd:2b:3d:8b:fb:7e:60:28:c2:62:e1:89:8b:91:d8:0c:
         0e:f8:88:c9:54:66:dd:7e:83:73:f4:1c:b1:82:e6:e5:89:37:
         aa:f4:97:ce:5a:f3:4d:4e:a0:e4:59:e9:a0:5b:f7:b5:45:7a:
         27:2d:b4:0d:6f:fb:bd:49:d2:b8:3f:aa:c9:aa:6d:86:c0:27:
         77:96:bf:5d:19:e0:3f:fe:21:b6:d3:ca:d0:02:b3:3d:bc:5d:
         c5:bf:5f:18:57:3e:49:9b:29:16:1b:fd:05:a7:37:fe:23:09:
         81:54:aa:80:80:ec:d1:41:2c:85:98:4d:99:7a:5b:08:98:fe:
         d2:cf:7a:1d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY6eqZiw2y/GvSO6pvh61yeMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3MGZiMGYxZDhiOGMxOThiMGRjODYxNThhZmJjYmM1Mjlj
ZjE2YmUwHhcNMjQwNDAyMTE1NDU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzZjODc5ZmQ2NDRmYTAwNTFlYzU2YTIyYjdkMDE0MWYwZTk3ZjkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAofbZ4NF0SXTiwoGdj6kSCyC36IUg
pIQ4oS+InPdWIv9xulZ+U1SmYaQLVWR4LnI+1GL5nljXEzx4O9z2VoTKVoHDIy8b
hMMv5R/SqkXNhEiUjSJ+MpvPGFVe/Je5AZOVa9H9dzBsCbwFBEFEBi7wNhwqEbhh
rN3VyV9rrOTYToUC8aAsWL4DxPh+iCbtcwXZ1dlmDwaTQ/Rl+4fHVYS80R4rBaUI
4f69xIjnTt4AyFiAAzNAuWr8u9N0mWjtWfY1jjLu5VDXBYC5qJaXDqIl0Au9XlC0
BOmL/HvteesFoV03yWHnvznYMSeoYwbscxTAgriXC7KPcPKU/1juk5oTHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFINsh5/WRPoAUexWoit9AUHw6X+TMB8GA1UdIwQY
MBaAFFcPsPHYuMGYsNyGFYr7y8Upzxa+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnctdzhkaTR3Wml3M0lZVml2dkx4U25QRnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS8wOTQ5ZmMtYWNjZC00NzFmLWE5Y2Qt
OTcyNDNlMzE2MjcyLzEvZzJ5SG45WkUtZ0JSN0ZhaUszMEJRZkRwZjVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS8wOTQ5ZmMtYWNjZC00NzFmLWE5Y2QtOTcyNDNlMzE2Mjcy
LzEvVnctdzhkaTR3Wml3M0lZVml2dkx4U25QRnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwgQ2MA0G
CSqGSIb3DQEBCwUAA4IBAQBCMRxznuTDHNbnnAxB81TpI4fJGKdywks1fgLiRyzw
ucejQrxInWjUzCFws5RW9PuWe4+MK7ZAuIEpZhmV/Z7+SWSd/8c7GmI3T+8uzJ54
WEUFQlQ13E/1RkYRHrWVThGcJAaXtVrXoCG6eIHXEssdW37jnJTCSZsleU08+QRw
wf0rPYv7fmAowmLhiYuR2AwO+IjJVGbdfoNz9ByxgubliTeq9JfOWvNNTqDkWemg
W/e1RXonLbQNb/u9SdK4P6rJqm2GwCd3lr9dGeA//iG208rQArM9vF3Fv18YVz5J
mykWG/0Fpzf+IwmBVKqAgOzRQSyFmE2ZelsImP7Sz3od
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:21 2024 by rpki-client on console-fra.rpki-client.org