Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/4581b7-35bc-4bc8-85b3-f4596e7767a8/1/aTziPKuxuJSgGZvaqZvsPSk9-zc.roa
File:                     aTziPKuxuJSgGZvaqZvsPSk9-zc.roa (raw, json)
Hash identifier:          GbMmwwuzFUZiU7JIvcfA8O4oTA7Z8GAknR0qlIQ42k0=
Subject key identifier:   69:3C:E2:3C:AB:B1:B8:94:A0:19:9B:DA:A9:9B:EC:3D:29:3D:FB:37
Certificate issuer:       /CN=dd47ed588ba9069457a2a898fc7a0cb977d1f81e
Certificate serial:       01856D94061EBE4028930C3C1C3FC2E5B7CC
Authority key identifier: DD:47:ED:58:8B:A9:06:94:57:A2:A8:98:FC:7A:0C:B9:77:D1:F8:1E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3UftWIupBpRXoqiY_HoMuXfR-B4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/4581b7-35bc-4bc8-85b3-f4596e7767a8/1/aTziPKuxuJSgGZvaqZvsPSk9-zc.roa
Signing time:             Sun 01 Jan 2023 13:44:55 +0000
ROA not before:           Sun 01 Jan 2023 13:44:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     208598
IP address blocks:        194.156.108.0/24 maxlen: 24
                          194.156.108.0/22 maxlen: 22
                          194.156.110.0/23 maxlen: 24
                          194.156.109.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:30:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:94:06:1e:be:40:28:93:0c:3c:1c:3f:c2:e5:b7:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd47ed588ba9069457a2a898fc7a0cb977d1f81e
        Validity
            Not Before: Jan  1 13:44:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=693ce23cabb1b894a0199bdaa99bec3d293dfb37
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:2b:64:86:1f:a8:ce:ff:25:b5:09:b4:32:ae:
                    06:0e:e8:91:3d:3e:54:4b:e6:44:59:cf:d8:ff:8d:
                    93:c8:28:49:7f:fe:81:cd:c0:03:0f:0e:f6:1e:58:
                    22:95:23:1d:e6:38:52:85:ad:90:27:5d:79:f2:a8:
                    82:42:d2:e8:5d:7d:86:24:34:1a:fe:13:41:a6:1f:
                    9e:d6:8e:ad:f9:a6:4f:87:9b:07:28:ea:0f:24:5d:
                    98:7e:ed:6a:cb:9a:c1:87:d7:c6:b6:b2:df:35:34:
                    0e:01:53:fc:ad:37:30:52:0a:58:1e:b8:c2:42:53:
                    cf:8f:35:1f:2d:08:72:1b:2c:77:15:f3:3b:35:02:
                    13:6e:87:77:91:04:d9:8b:f6:87:14:51:ee:21:2e:
                    ed:1e:11:3a:29:3e:99:74:18:1a:77:0f:01:fb:2b:
                    05:0e:b5:37:77:03:20:19:fd:49:16:be:18:9e:62:
                    84:9a:84:26:b4:29:bd:64:0b:2e:9a:97:5b:23:d3:
                    c0:6f:20:a2:bf:62:db:f2:c4:f4:dd:82:d1:a2:a2:
                    17:f7:d0:7e:62:88:bc:19:61:66:0f:dd:b3:80:b9:
                    6b:fb:0b:75:68:a5:68:de:79:2d:b1:2b:ce:92:3c:
                    f8:a2:8c:ab:fc:c0:b1:14:f8:f0:2b:29:76:1e:f9:
                    18:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:3C:E2:3C:AB:B1:B8:94:A0:19:9B:DA:A9:9B:EC:3D:29:3D:FB:37
            X509v3 Authority Key Identifier:
                keyid:DD:47:ED:58:8B:A9:06:94:57:A2:A8:98:FC:7A:0C:B9:77:D1:F8:1E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3UftWIupBpRXoqiY_HoMuXfR-B4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/4581b7-35bc-4bc8-85b3-f4596e7767a8/1/aTziPKuxuJSgGZvaqZvsPSk9-zc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/4581b7-35bc-4bc8-85b3-f4596e7767a8/1/3UftWIupBpRXoqiY_HoMuXfR-B4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.156.108.0/22

    Signature Algorithm: sha256WithRSAEncryption
         d8:aa:5e:9a:33:1f:1e:6a:1d:36:75:07:93:c5:e3:ce:ec:e9:
         39:54:94:c7:a3:8b:4d:b3:83:d1:17:3a:de:59:62:52:58:55:
         59:48:92:e4:01:00:f1:3b:a3:04:89:5d:86:f1:8d:b2:20:3f:
         a0:73:c0:c9:8d:40:58:3f:a3:f4:77:4a:b4:5b:5c:33:31:ad:
         b3:83:b1:bf:49:1f:a7:9d:43:a6:e8:10:9f:19:a5:d3:87:d7:
         e8:eb:95:8e:b6:0e:f8:0b:a5:04:ba:7b:73:f6:6e:41:54:0a:
         55:9d:ad:3f:54:49:ff:f8:d8:55:9e:4a:4e:eb:e1:d0:ba:4f:
         45:2c:26:a1:68:83:f4:7c:a0:ce:d7:51:fa:a3:f0:b1:f8:3e:
         b1:dd:5f:af:91:02:9d:6f:93:c9:2b:96:94:72:cd:23:fd:d2:
         07:37:7a:84:25:7a:0e:82:6f:37:eb:e5:f7:56:b8:07:a7:c6:
         43:cd:41:2c:6e:f0:9e:80:eb:59:83:8c:84:3c:8b:bf:89:37:
         5a:ed:ad:24:3b:a0:ac:a1:3e:2b:22:f9:95:88:14:6e:6c:89:
         31:b1:55:c5:a4:20:7a:d2:a2:75:4b:1c:0f:ec:8c:a0:d9:12:
         ec:77:cf:6c:e7:1b:3c:23:15:e1:8b:89:68:49:63:d9:05:78:
         24:e4:7f:9b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtlAYevkAokww8HD/C5bfMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNDdlZDU4OGJhOTA2OTQ1N2EyYTg5OGZjN2EwY2I5Nzdk
MWY4MWUwHhcNMjMwMTAxMTM0NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTNjZTIzY2FiYjFiODk0YTAxOTliZGFhOTliZWMzZDI5M2RmYjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgCtkhh+ozv8ltQm0Mq4GDuiRPT5U
S+ZEWc/Y/42TyChJf/6BzcADDw72HlgilSMd5jhSha2QJ1158qiCQtLoXX2GJDQa
/hNBph+e1o6t+aZPh5sHKOoPJF2Yfu1qy5rBh9fGtrLfNTQOAVP8rTcwUgpYHrjC
QlPPjzUfLQhyGyx3FfM7NQITbod3kQTZi/aHFFHuIS7tHhE6KT6ZdBgadw8B+ysF
DrU3dwMgGf1JFr4YnmKEmoQmtCm9ZAsumpdbI9PAbyCiv2Lb8sT03YLRoqIX99B+
Yoi8GWFmD92zgLlr+wt1aKVo3nktsSvOkjz4ooyr/MCxFPjwKyl2HvkYuwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGk84jyrsbiUoBmb2qmb7D0pPfs3MB8GA1UdIwQY
MBaAFN1H7ViLqQaUV6KomPx6DLl30fgeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1VmdFdJdXBCcFJYb3FpWV9Ib011WGZSLUI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny80NTgxYjctMzViYy00YmM4LTg1YjMt
ZjQ1OTZlNzc2N2E4LzEvYVR6aVBLdXh1SlNnR1p2YXFadnNQU2s5LXpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny80NTgxYjctMzViYy00YmM4LTg1YjMtZjQ1OTZlNzc2N2E4
LzEvM1VmdFdJdXBCcFJYb3FpWV9Ib011WGZSLUI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwpxsMA0G
CSqGSIb3DQEBCwUAA4IBAQDYql6aMx8eah02dQeTxePO7Ok5VJTHo4tNs4PRFzre
WWJSWFVZSJLkAQDxO6MEiV2G8Y2yID+gc8DJjUBYP6P0d0q0W1wzMa2zg7G/SR+n
nUOm6BCfGaXTh9fo65WOtg74C6UEuntz9m5BVApVna0/VEn/+NhVnkpO6+HQuk9F
LCahaIP0fKDO11H6o/Cx+D6x3V+vkQKdb5PJK5aUcs0j/dIHN3qEJXoOgm836+X3
VrgHp8ZDzUEsbvCegOtZg4yEPIu/iTda7a0kO6CsoT4rIvmViBRubIkxsVXFpCB6
0qJ1SxwP7Iyg2RLsd89s5xs8IxXhi4loSWPZBXgk5H+b
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:26 2024 by rpki-client on console-ams.rpki-client.org