Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/280ca9-f7d8-4ffa-ba34-a13f4481bc6c/1/mKoIOHV0Aqzpd-TYXlYY52Ee4cQ.roa
File:                     mKoIOHV0Aqzpd-TYXlYY52Ee4cQ.roa (raw, json)
Hash identifier:          XG621jAt5EcoBcTSFCg4xo5X55zORYcYqOXwYvAKOwU=
Subject key identifier:   98:AA:08:38:75:74:02:AC:E9:77:E4:D8:5E:56:18:E7:61:1E:E1:C4
Certificate issuer:       /CN=bb82b8d3c1b0f78c3a19f6164eb2821e230cfe4e
Certificate serial:       01856CE5E15D3133DEB819F82F02326703FD
Authority key identifier: BB:82:B8:D3:C1:B0:F7:8C:3A:19:F6:16:4E:B2:82:1E:23:0C:FE:4E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/u4K408Gw94w6GfYWTrKCHiMM_k4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/280ca9-f7d8-4ffa-ba34-a13f4481bc6c/1/mKoIOHV0Aqzpd-TYXlYY52Ee4cQ.roa
Signing time:             Sun 01 Jan 2023 10:34:42 +0000
ROA not before:           Sun 01 Jan 2023 10:34:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     25149
IP address blocks:        193.178.188.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:29:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:e5:e1:5d:31:33:de:b8:19:f8:2f:02:32:67:03:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bb82b8d3c1b0f78c3a19f6164eb2821e230cfe4e
        Validity
            Not Before: Jan  1 10:34:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=98aa0838757402ace977e4d85e5618e7611ee1c4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:5f:bd:62:bd:20:76:57:98:8a:ed:3b:ed:db:
                    8d:45:98:0b:88:85:13:4a:95:61:57:33:19:2b:06:
                    b8:82:cb:4a:7b:00:66:f1:5f:f5:17:b8:29:09:c7:
                    49:f3:41:4d:59:cf:05:6c:45:9c:45:db:4b:1d:8f:
                    95:14:49:51:85:76:bf:d3:57:a7:0c:31:74:42:7b:
                    f8:b4:fa:0d:cd:db:09:a2:26:75:dd:0f:5f:fe:d3:
                    55:a9:25:0b:74:67:8b:02:b0:79:05:70:5f:26:1d:
                    77:10:8f:60:cc:ca:d9:17:fb:03:33:23:20:ef:52:
                    68:b1:8c:7b:10:e1:eb:c1:1f:8b:50:2c:8e:e3:87:
                    2d:69:24:c9:7a:ae:04:16:4f:42:24:f0:27:f3:11:
                    6c:fd:c2:32:84:b6:c5:bb:03:b4:3d:f8:64:e1:1a:
                    0a:d8:73:0f:70:19:b0:bd:97:4f:87:b4:ca:3c:84:
                    0a:fd:1e:f7:05:c3:78:16:43:f9:85:1b:e7:68:91:
                    dd:99:5f:17:60:dc:ff:47:c9:e0:7b:ac:3f:b5:77:
                    5d:ef:90:b5:2e:33:0d:45:9a:65:2f:92:03:18:ca:
                    76:5b:b7:e7:c0:5f:d2:c9:c0:49:3d:b0:c3:ac:65:
                    6e:12:d9:13:ba:61:a8:31:84:2e:bf:18:b5:ff:93:
                    82:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:AA:08:38:75:74:02:AC:E9:77:E4:D8:5E:56:18:E7:61:1E:E1:C4
            X509v3 Authority Key Identifier:
                keyid:BB:82:B8:D3:C1:B0:F7:8C:3A:19:F6:16:4E:B2:82:1E:23:0C:FE:4E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u4K408Gw94w6GfYWTrKCHiMM_k4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/280ca9-f7d8-4ffa-ba34-a13f4481bc6c/1/mKoIOHV0Aqzpd-TYXlYY52Ee4cQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/280ca9-f7d8-4ffa-ba34-a13f4481bc6c/1/u4K408Gw94w6GfYWTrKCHiMM_k4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.178.188.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a3:83:49:54:7b:aa:d9:f2:a7:c2:54:37:b1:bd:cf:c0:bf:69:
         e0:58:75:1b:0f:43:80:c5:3c:7e:25:dd:a5:60:b1:0a:92:3c:
         a0:01:8d:cb:66:90:8b:0f:ad:11:f9:b4:68:7e:4b:df:f8:79:
         52:9f:5f:00:4b:be:64:e7:a9:90:b6:cb:07:2f:7d:2f:e3:53:
         d7:15:61:73:19:57:19:9a:a5:d2:40:35:7f:c6:ce:2a:eb:44:
         6e:ea:07:80:09:05:61:f8:22:f8:8d:38:e8:4a:9a:76:c0:5d:
         4c:d2:b8:fc:f6:38:63:f0:88:3d:cf:c4:26:08:8c:24:f7:b9:
         a1:7f:c3:68:63:7c:f9:f5:4e:f6:fa:b4:44:3b:ee:5c:60:82:
         db:b2:e9:9c:01:8c:5c:a0:59:05:a6:50:2a:5e:00:5a:da:63:
         df:b9:c6:43:45:b4:93:82:b5:e6:8e:b6:23:fb:57:06:d1:46:
         a7:24:5e:0c:e7:38:08:08:2a:d3:ca:af:5e:64:ef:20:b5:64:
         da:02:7d:60:fd:1d:df:03:8c:ab:b3:33:60:64:95:9f:37:2e:
         f3:6a:f0:af:73:b3:2b:ea:0c:e9:13:42:6c:0a:7d:4e:d4:78:
         c4:f7:4c:25:1b:98:fe:d4:de:82:70:15:f9:1d:c6:04:ff:6e:
         83:db:65:42
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVs5eFdMTPeuBn4LwIyZwP9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiODJiOGQzYzFiMGY3OGMzYTE5ZjYxNjRlYjI4MjFlMjMw
Y2ZlNGUwHhcNMjMwMTAxMTAzNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGFhMDgzODc1NzQwMmFjZTk3N2U0ZDg1ZTU2MThlNzYxMWVlMWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtV+9Yr0gdleYiu077duNRZgLiIUT
SpVhVzMZKwa4gstKewBm8V/1F7gpCcdJ80FNWc8FbEWcRdtLHY+VFElRhXa/01en
DDF0Qnv4tPoNzdsJoiZ13Q9f/tNVqSULdGeLArB5BXBfJh13EI9gzMrZF/sDMyMg
71JosYx7EOHrwR+LUCyO44ctaSTJeq4EFk9CJPAn8xFs/cIyhLbFuwO0Pfhk4RoK
2HMPcBmwvZdPh7TKPIQK/R73BcN4FkP5hRvnaJHdmV8XYNz/R8nge6w/tXdd75C1
LjMNRZplL5IDGMp2W7fnwF/SycBJPbDDrGVuEtkTumGoMYQuvxi1/5OCCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJiqCDh1dAKs6Xfk2F5WGOdhHuHEMB8GA1UdIwQY
MBaAFLuCuNPBsPeMOhn2Fk6ygh4jDP5OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTRLNDA4R3c5NHc2R2ZZV1RyS0NIaU1NX2s0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8yODBjYTktZjdkOC00ZmZhLWJhMzQt
YTEzZjQ0ODFiYzZjLzEvbUtvSU9IVjBBcXpwZC1UWVhsWVk1MkVlNGNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8yODBjYTktZjdkOC00ZmZhLWJhMzQtYTEzZjQ0ODFiYzZj
LzEvdTRLNDA4R3c5NHc2R2ZZV1RyS0NIaU1NX2s0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwbK8MA0G
CSqGSIb3DQEBCwUAA4IBAQCjg0lUe6rZ8qfCVDexvc/Av2ngWHUbD0OAxTx+Jd2l
YLEKkjygAY3LZpCLD60R+bRofkvf+HlSn18AS75k56mQtssHL30v41PXFWFzGVcZ
mqXSQDV/xs4q60Ru6geACQVh+CL4jTjoSpp2wF1M0rj89jhj8Ig9z8QmCIwk97mh
f8NoY3z59U72+rREO+5cYILbsumcAYxcoFkFplAqXgBa2mPfucZDRbSTgrXmjrYj
+1cG0UanJF4M5zgICCrTyq9eZO8gtWTaAn1g/R3fA4yrszNgZJWfNy7zavCvc7Mr
6gzpE0JsCn1O1HjE90wlG5j+1N6CcBX5HcYE/26D22VC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:57 2024 by rpki-client on console-fra.rpki-client.org