Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/8c48ac-d96a-441a-b186-8787d0bf1207/1/dnI6QZgdePLyXfokWUb7M0p2gNQ.roa
File:                     dnI6QZgdePLyXfokWUb7M0p2gNQ.roa (raw, json)
Hash identifier:          NQ3Xb3B7b66bmZPlVJZzWrPs6eUNMk30vTTf0D82nsw=
Subject key identifier:   76:72:3A:41:98:1D:78:F2:F2:5D:FA:24:59:46:FB:33:4A:76:80:D4
Certificate issuer:       /CN=ef803a490fd6203518bbe644bc7209afb77ec7b4
Certificate serial:       018CC42451FD4D8EA026ED1EEDADDC5932B2
Authority key identifier: EF:80:3A:49:0F:D6:20:35:18:BB:E6:44:BC:72:09:AF:B7:7E:C7:B4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/74A6SQ_WIDUYu-ZEvHIJr7d-x7Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/68/8c48ac-d96a-441a-b186-8787d0bf1207/1/dnI6QZgdePLyXfokWUb7M0p2gNQ.roa
Signing time:             Mon 01 Jan 2024 08:29:23 +0000
ROA not before:           Mon 01 Jan 2024 08:29:23 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     203170
IP address blocks:        193.177.232.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Wed 31 Jan 2024 14:27:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c4:24:51:fd:4d:8e:a0:26:ed:1e:ed:ad:dc:59:32:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ef803a490fd6203518bbe644bc7209afb77ec7b4
        Validity
            Not Before: Jan  1 08:29:23 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=76723a41981d78f2f25dfa245946fb334a7680d4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:20:64:42:c8:03:d1:19:4f:b2:19:17:56:f6:
                    4b:99:38:a6:1b:c7:b4:d8:a1:59:44:be:fc:34:93:
                    f6:c5:48:64:e4:df:9c:94:0a:bc:ef:ea:6b:69:a6:
                    ea:3d:bf:6f:3f:90:88:03:39:4c:62:63:54:97:e6:
                    7a:9c:fc:51:9c:3e:4f:d3:68:67:23:37:bf:ea:45:
                    7b:64:ef:fe:d7:5e:27:5f:14:2f:3f:0a:9c:d3:3f:
                    b9:dd:3b:a2:bc:6b:91:df:2a:09:d8:7f:c9:aa:99:
                    b4:10:2d:0e:e8:cb:4f:3f:26:e0:d9:47:93:10:4e:
                    47:26:1a:42:f1:1f:72:6f:ba:98:e0:8a:fa:ff:4f:
                    a6:8f:f3:9a:2a:4d:8e:1e:43:48:1d:02:af:c2:7d:
                    71:82:5f:34:4e:4a:22:6e:7e:ed:31:63:7c:07:15:
                    1a:a0:09:84:26:99:41:ae:95:a3:58:42:d3:d8:21:
                    94:34:e5:5c:fd:5a:99:5d:5e:ea:e8:8a:81:25:49:
                    7a:fb:e7:d5:70:3a:2d:f1:28:f8:5e:c3:27:3c:60:
                    32:4b:97:fd:4c:9a:72:dc:bd:33:f4:33:fa:43:85:
                    a9:c0:a6:57:fc:ec:ab:09:34:a2:57:12:88:38:35:
                    4f:c7:98:bc:2b:64:41:2d:2e:fe:f3:91:7b:e4:d7:
                    e3:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:72:3A:41:98:1D:78:F2:F2:5D:FA:24:59:46:FB:33:4A:76:80:D4
            X509v3 Authority Key Identifier:
                keyid:EF:80:3A:49:0F:D6:20:35:18:BB:E6:44:BC:72:09:AF:B7:7E:C7:B4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/74A6SQ_WIDUYu-ZEvHIJr7d-x7Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/8c48ac-d96a-441a-b186-8787d0bf1207/1/dnI6QZgdePLyXfokWUb7M0p2gNQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/68/8c48ac-d96a-441a-b186-8787d0bf1207/1/74A6SQ_WIDUYu-ZEvHIJr7d-x7Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.177.232.0/23

    Signature Algorithm: sha256WithRSAEncryption
         9d:e8:58:bf:3d:26:71:1c:3c:61:1d:7e:3f:dd:72:38:ee:cf:
         dd:3e:29:ea:b2:94:af:f5:06:74:db:70:dd:a7:45:c1:e2:e7:
         df:21:6f:f9:7a:a4:3b:a2:b5:ad:d2:e6:e2:a8:87:66:e3:98:
         49:bb:2a:c0:35:e4:b4:29:36:51:11:14:be:7a:f8:16:53:13:
         3a:2f:11:d6:1f:fa:3b:4b:87:e1:6a:fb:de:60:4e:67:01:f3:
         76:73:d8:f4:08:66:69:71:26:7e:f6:24:99:f2:1f:36:40:80:
         3d:3f:f8:19:4d:17:3b:bb:5a:69:5f:90:22:e3:d4:44:94:ec:
         5c:04:f7:43:fd:f8:07:47:c0:07:af:eb:0f:87:98:78:6c:46:
         b0:97:6a:c2:3a:13:7e:8a:aa:56:20:05:2b:b6:9b:41:bf:48:
         72:73:f0:fe:2d:48:86:17:16:bc:0d:44:9a:ed:24:6d:96:28:
         c8:47:4f:3f:1a:38:f5:dd:d8:8c:df:fb:7f:5e:2b:1e:33:6d:
         e6:2e:46:93:f0:7e:ad:99:23:15:af:23:bc:3f:23:a5:95:2f:
         fe:75:0b:c5:af:a4:d7:97:11:32:c3:68:77:96:74:87:72:53:
         83:44:72:6e:24:37:67:bd:a7:6a:5b:17:69:93:9a:a4:f7:96:
         63:d8:d7:07
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJFH9TY6gJu0e7a3cWTKyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmODAzYTQ5MGZkNjIwMzUxOGJiZTY0NGJjNzIwOWFmYjc3
ZWM3YjQwHhcNMjQwMTAxMDgyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjcyM2E0MTk4MWQ3OGYyZjI1ZGZhMjQ1OTQ2ZmIzMzRhNzY4MGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgyBkQsgD0RlPshkXVvZLmTimG8e0
2KFZRL78NJP2xUhk5N+clAq87+praabqPb9vP5CIAzlMYmNUl+Z6nPxRnD5P02hn
Ize/6kV7ZO/+114nXxQvPwqc0z+53TuivGuR3yoJ2H/Jqpm0EC0O6MtPPybg2UeT
EE5HJhpC8R9yb7qY4Ir6/0+mj/OaKk2OHkNIHQKvwn1xgl80Tkoibn7tMWN8BxUa
oAmEJplBrpWjWELT2CGUNOVc/VqZXV7q6IqBJUl6++fVcDot8Sj4XsMnPGAyS5f9
TJpy3L0z9DP6Q4WpwKZX/OyrCTSiVxKIODVPx5i8K2RBLS7+85F75NfjDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHZyOkGYHXjy8l36JFlG+zNKdoDUMB8GA1UdIwQY
MBaAFO+AOkkP1iA1GLvmRLxyCa+3fse0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzRBNlNRX1dJRFVZdS1aRXZISUpyN2QteDdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC84YzQ4YWMtZDk2YS00NDFhLWIxODYt
ODc4N2QwYmYxMjA3LzEvZG5JNlFaZ2RlUEx5WGZva1dVYjdNMHAyZ05RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC84YzQ4YWMtZDk2YS00NDFhLWIxODYtODc4N2QwYmYxMjA3
LzEvNzRBNlNRX1dJRFVZdS1aRXZISUpyN2QteDdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwbHoMA0G
CSqGSIb3DQEBCwUAA4IBAQCd6Fi/PSZxHDxhHX4/3XI47s/dPinqspSv9QZ023Dd
p0XB4uffIW/5eqQ7orWt0ubiqIdm45hJuyrANeS0KTZRERS+evgWUxM6LxHWH/o7
S4fhavveYE5nAfN2c9j0CGZpcSZ+9iSZ8h82QIA9P/gZTRc7u1ppX5Ai49RElOxc
BPdD/fgHR8AHr+sPh5h4bEawl2rCOhN+iqpWIAUrtptBv0hyc/D+LUiGFxa8DUSa
7SRtlijIR08/Gjj13diM3/t/XiseM23mLkaT8H6tmSMVryO8PyOllS/+dQvFr6TX
lxEyw2h3lnSHclODRHJuJDdnvadqWxdpk5qk95Zj2NcH
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:37 2024 by rpki-client on console-ams.rpki-client.org