Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/2310b1-96a1-48e4-aa72-422aed3a7702/1/8Pn3IqssQA1dg_LPNJ_aIYRekMg.roa
File:                     8Pn3IqssQA1dg_LPNJ_aIYRekMg.roa (raw, json)
Hash identifier:          SIP/B5OYuhB5dyVIao3XY2Rd+IE8UTE7JW1tarax/LQ=
Subject key identifier:   F0:F9:F7:22:AB:2C:40:0D:5D:83:F2:CF:34:9F:DA:21:84:5E:90:C8
Certificate issuer:       /CN=64d4e8723450d0a710c32d90ffea18529104e538
Certificate serial:       018770D17AA8B28B95BBD4FDFA5DDD8C160C
Authority key identifier: 64:D4:E8:72:34:50:D0:A7:10:C3:2D:90:FF:EA:18:52:91:04:E5:38
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZNTocjRQ0KcQwy2Q_-oYUpEE5Tg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6d/2310b1-96a1-48e4-aa72-422aed3a7702/1/8Pn3IqssQA1dg_LPNJ_aIYRekMg.roa
Signing time:             Tue 11 Apr 2023 14:56:29 +0000
ROA not before:           Tue 11 Apr 2023 14:56:29 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204957
IP address blocks:        193.203.48.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 18 Apr 2023 08:35:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:70:d1:7a:a8:b2:8b:95:bb:d4:fd:fa:5d:dd:8c:16:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=64d4e8723450d0a710c32d90ffea18529104e538
        Validity
            Not Before: Apr 11 14:56:29 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f0f9f722ab2c400d5d83f2cf349fda21845e90c8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:26:fc:89:a0:76:41:a7:a8:5d:29:78:50:9e:
                    dd:c0:1d:e2:e9:f6:a6:6e:4e:49:64:b8:2e:e9:17:
                    95:e7:c5:81:75:ba:28:a1:88:7d:68:ec:9e:82:52:
                    7b:ee:b2:82:39:a8:6c:4a:20:aa:94:b6:22:1c:ce:
                    63:ef:97:44:61:8e:c2:b7:8e:59:8e:ed:17:19:8f:
                    cf:5d:d9:bc:2b:ed:1a:53:05:14:11:12:58:09:48:
                    3c:a4:25:75:2d:52:ce:57:30:eb:75:9a:3e:e0:f9:
                    92:62:c7:c2:34:2a:5b:09:a9:86:17:20:98:bd:0a:
                    3c:f2:ac:44:07:4f:d9:4c:8c:cd:50:0e:b4:85:ee:
                    02:b1:b7:b5:3e:70:77:e7:13:ca:ac:c5:f8:48:87:
                    52:3b:95:c0:25:f7:86:cb:15:85:b3:af:44:e7:f1:
                    a8:0e:31:08:86:f1:e1:00:f4:8f:20:75:81:68:29:
                    69:04:67:c0:87:af:eb:6b:ee:9a:d8:d1:1e:be:a5:
                    ed:b7:43:8c:d9:81:e6:44:95:39:a7:39:54:86:2f:
                    b6:83:1b:9a:ba:79:4c:f3:d7:66:9c:46:62:b9:b8:
                    9c:43:3c:a3:d7:25:b9:a4:98:34:df:ba:19:35:d4:
                    0c:a4:84:34:10:9b:ac:31:35:08:0b:ab:d7:fe:5b:
                    7a:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:F9:F7:22:AB:2C:40:0D:5D:83:F2:CF:34:9F:DA:21:84:5E:90:C8
            X509v3 Authority Key Identifier:
                keyid:64:D4:E8:72:34:50:D0:A7:10:C3:2D:90:FF:EA:18:52:91:04:E5:38

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZNTocjRQ0KcQwy2Q_-oYUpEE5Tg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2310b1-96a1-48e4-aa72-422aed3a7702/1/8Pn3IqssQA1dg_LPNJ_aIYRekMg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2310b1-96a1-48e4-aa72-422aed3a7702/1/ZNTocjRQ0KcQwy2Q_-oYUpEE5Tg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.203.48.0/24

    Signature Algorithm: sha256WithRSAEncryption
         06:9a:56:77:57:31:1d:d2:da:a5:cb:47:6c:38:61:47:29:ed:
         ed:c2:5b:54:da:8b:fb:f8:05:d6:4f:15:8b:ab:64:be:09:be:
         84:f4:95:ff:c4:4b:70:e5:a0:f6:8a:43:53:a6:85:88:34:fe:
         60:52:c6:ee:e5:a8:9e:47:32:d3:1a:56:0b:08:d7:7c:e2:89:
         53:6b:0a:06:28:51:2d:2e:03:02:0c:9b:16:ae:0b:4d:f1:59:
         5e:d4:d8:2b:17:56:f3:36:e7:5b:34:c9:4e:0c:f3:8b:f6:fd:
         f2:3c:c2:9b:fa:6f:36:f0:56:98:e9:55:b0:e6:9f:3d:9a:d3:
         4a:d6:81:53:4d:42:fc:da:5a:cc:e9:4a:7e:a2:02:c1:d2:55:
         a8:82:77:c3:e0:2d:0f:75:12:58:f0:c2:02:f6:00:ea:0d:92:
         78:84:29:b2:14:ec:86:af:f7:b3:50:6f:13:fd:23:eb:68:ff:
         69:a7:40:ed:6c:2c:4b:68:58:18:a4:66:ee:a9:db:d7:46:6a:
         d3:aa:2b:47:38:57:36:35:d1:a7:3f:d3:c6:fb:ae:86:0d:6f:
         12:0a:17:99:85:68:8b:5f:0c:8e:a4:ee:7d:5b:d8:67:f3:1d:
         c3:62:e2:33:14:fc:68:1f:85:f0:fe:ae:14:a5:ea:a7:33:c0:
         7e:f3:f6:08
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYdw0XqosouVu9T9+l3djBYMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0ZDRlODcyMzQ1MGQwYTcxMGMzMmQ5MGZmZWExODUyOTEw
NGU1MzgwHhcNMjMwNDExMTQ1NjI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGY5ZjcyMmFiMmM0MDBkNWQ4M2YyY2YzNDlmZGEyMTg0NWU5MGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhSb8iaB2QaeoXSl4UJ7dwB3i6fam
bk5JZLgu6ReV58WBdboooYh9aOyeglJ77rKCOahsSiCqlLYiHM5j75dEYY7Ct45Z
ju0XGY/PXdm8K+0aUwUUERJYCUg8pCV1LVLOVzDrdZo+4PmSYsfCNCpbCamGFyCY
vQo88qxEB0/ZTIzNUA60he4Csbe1PnB35xPKrMX4SIdSO5XAJfeGyxWFs69E5/Go
DjEIhvHhAPSPIHWBaClpBGfAh6/ra+6a2NEevqXtt0OM2YHmRJU5pzlUhi+2gxua
unlM89dmnEZiubicQzyj1yW5pJg037oZNdQMpIQ0EJusMTUIC6vX/lt6MQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPD59yKrLEANXYPyzzSf2iGEXpDIMB8GA1UdIwQY
MBaAFGTU6HI0UNCnEMMtkP/qGFKRBOU4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWk5Ub2NqUlEwS2NRd3kyUV8tb1lVcEVFNVRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC8yMzEwYjEtOTZhMS00OGU0LWFhNzIt
NDIyYWVkM2E3NzAyLzEvOFBuM0lxc3NRQTFkZ19MUE5KX2FJWVJla01nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC8yMzEwYjEtOTZhMS00OGU0LWFhNzItNDIyYWVkM2E3NzAy
LzEvWk5Ub2NqUlEwS2NRd3kyUV8tb1lVcEVFNVRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwcswMA0G
CSqGSIb3DQEBCwUAA4IBAQAGmlZ3VzEd0tqly0dsOGFHKe3twltU2ov7+AXWTxWL
q2S+Cb6E9JX/xEtw5aD2ikNTpoWINP5gUsbu5aieRzLTGlYLCNd84olTawoGKFEt
LgMCDJsWrgtN8Vle1NgrF1bzNudbNMlODPOL9v3yPMKb+m828FaY6VWw5p89mtNK
1oFTTUL82lrM6Up+ogLB0lWognfD4C0PdRJY8MIC9gDqDZJ4hCmyFOyGr/ezUG8T
/SPraP9pp0DtbCxLaFgYpGbuqdvXRmrTqitHOFc2NdGnP9PG+66GDW8SCheZhWiL
XwyOpO59W9hn8x3DYuIzFPxoH4Xw/q4UpeqnM8B+8/YI
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:37 2024 by rpki-client on console-ams.rpki-client.org