Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/411696-93be-46ba-8e91-5c017bd43663/1/np5y0E2qFWjkhxntNZjQiqFtsOc.roa
File:                     np5y0E2qFWjkhxntNZjQiqFtsOc.roa (raw, json)
Hash identifier:          facYl5XWgC3M9/RzP8rfH56TpSF7pHPCneW45V9/slg=
Subject key identifier:   9E:9E:72:D0:4D:AA:15:68:E4:87:19:ED:35:98:D0:8A:A1:6D:B0:E7
Certificate issuer:       /CN=d833bfa014b9192f2700acaf6f279dbef8a0aff2
Certificate serial:       0185724C8D7D7DA0D85D3E7A8004EED455EF
Authority key identifier: D8:33:BF:A0:14:B9:19:2F:27:00:AC:AF:6F:27:9D:BE:F8:A0:AF:F2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2DO_oBS5GS8nAKyvbyedvvigr_I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6f/411696-93be-46ba-8e91-5c017bd43663/1/np5y0E2qFWjkhxntNZjQiqFtsOc.roa
Signing time:             Mon 02 Jan 2023 11:44:57 +0000
ROA not before:           Mon 02 Jan 2023 11:44:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     0
IP address blocks:        194.153.168.0/23 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:30:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:4c:8d:7d:7d:a0:d8:5d:3e:7a:80:04:ee:d4:55:ef
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d833bfa014b9192f2700acaf6f279dbef8a0aff2
        Validity
            Not Before: Jan  2 11:44:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9e9e72d04daa1568e48719ed3598d08aa16db0e7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:d2:3f:e9:29:41:f3:77:d8:12:3d:ed:8c:f3:
                    6f:da:35:3f:da:f1:b8:b8:22:a5:0f:79:5c:1d:95:
                    32:a6:2c:12:0f:f8:ba:60:b2:b1:f9:78:25:71:1d:
                    4c:dc:c6:ff:9d:26:16:3a:4f:81:0c:76:5b:44:a8:
                    4f:b9:fd:c0:51:97:de:c0:a6:15:d9:c4:e4:fc:3d:
                    4a:4a:43:35:d9:13:3d:91:cb:74:34:fd:8c:a0:87:
                    a0:7c:53:1f:67:a1:ed:51:3d:ed:b7:6b:b9:79:10:
                    97:cf:d8:99:75:46:7e:8c:80:4e:78:9d:dd:8b:30:
                    76:f1:23:c4:8a:e3:12:8a:ba:0e:f5:e1:df:f6:10:
                    9d:57:90:26:95:ab:f5:02:b1:89:a1:cf:9b:26:e0:
                    45:ef:dd:db:9c:d5:d9:8e:fe:b1:d8:0a:a7:e3:83:
                    9e:85:25:bd:43:4f:ad:f8:01:10:6c:97:00:9c:d3:
                    23:b8:e4:77:e4:d7:00:f1:1c:8e:7a:99:4b:5a:d5:
                    f7:24:41:c4:31:74:c1:1d:a9:21:46:39:32:d8:35:
                    ce:7b:6e:1e:18:da:83:fa:42:11:fc:70:1c:1e:e9:
                    88:8c:17:e9:e2:8d:a6:08:f1:d8:aa:f9:ec:7d:da:
                    82:e6:85:00:bc:e0:1a:1c:0b:7c:e2:5c:50:70:cd:
                    4b:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:9E:72:D0:4D:AA:15:68:E4:87:19:ED:35:98:D0:8A:A1:6D:B0:E7
            X509v3 Authority Key Identifier:
                keyid:D8:33:BF:A0:14:B9:19:2F:27:00:AC:AF:6F:27:9D:BE:F8:A0:AF:F2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2DO_oBS5GS8nAKyvbyedvvigr_I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/411696-93be-46ba-8e91-5c017bd43663/1/np5y0E2qFWjkhxntNZjQiqFtsOc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/411696-93be-46ba-8e91-5c017bd43663/1/2DO_oBS5GS8nAKyvbyedvvigr_I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.153.168.0/23

    Signature Algorithm: sha256WithRSAEncryption
         04:69:1a:cc:1a:4a:45:41:59:df:08:70:1a:fb:4c:75:95:12:
         5e:31:d3:f9:cf:7f:26:d5:05:89:d8:23:90:99:79:c1:d7:32:
         e9:b9:f3:f6:e4:6a:37:27:c3:d0:a6:a8:f6:9c:c5:d6:09:ca:
         02:e8:e0:30:37:ba:30:97:df:43:fd:a9:f0:45:38:c9:be:0b:
         f3:92:54:f8:51:4c:06:cd:ce:ac:57:4c:07:39:1b:43:48:18:
         89:5c:e7:55:00:ec:06:63:52:10:bc:c3:19:de:d0:b2:ab:b3:
         3b:0c:d6:e4:60:2d:93:50:11:bc:cd:87:80:a9:1a:42:3d:0b:
         9f:4c:2f:6c:4f:ba:c7:6c:03:b6:f1:ea:f1:82:ed:f2:89:ee:
         a6:82:25:cb:26:dd:93:e9:23:2c:93:a7:18:f1:49:1e:8c:99:
         29:27:91:61:83:44:32:7c:72:9b:e1:2b:7d:04:e4:9e:90:d5:
         a2:8d:4c:69:e5:f2:1c:a8:72:27:14:80:1d:cf:af:d9:c7:43:
         a1:71:83:88:5c:1a:d1:98:ca:1c:9d:c8:b1:e3:41:7a:7f:d5:
         da:e0:77:7c:8d:0d:3a:f2:54:8f:a5:09:54:cc:9b:5e:a1:be:
         4f:1a:67:49:f3:94:63:41:a3:f2:03:eb:52:44:7d:91:88:69:
         d3:a0:18:44
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyTI19faDYXT56gATu1FXvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MzNiZmEwMTRiOTE5MmYyNzAwYWNhZjZmMjc5ZGJlZjhh
MGFmZjIwHhcNMjMwMTAyMTE0NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTllNzJkMDRkYWExNTY4ZTQ4NzE5ZWQzNTk4ZDA4YWExNmRiMGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhtI/6SlB83fYEj3tjPNv2jU/2vG4
uCKlD3lcHZUypiwSD/i6YLKx+XglcR1M3Mb/nSYWOk+BDHZbRKhPuf3AUZfewKYV
2cTk/D1KSkM12RM9kct0NP2MoIegfFMfZ6HtUT3tt2u5eRCXz9iZdUZ+jIBOeJ3d
izB28SPEiuMSiroO9eHf9hCdV5Amlav1ArGJoc+bJuBF793bnNXZjv6x2Aqn44Oe
hSW9Q0+t+AEQbJcAnNMjuOR35NcA8RyOeplLWtX3JEHEMXTBHakhRjky2DXOe24e
GNqD+kIR/HAcHumIjBfp4o2mCPHYqvnsfdqC5oUAvOAaHAt84lxQcM1L0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ6ectBNqhVo5IcZ7TWY0IqhbbDnMB8GA1UdIwQY
MBaAFNgzv6AUuRkvJwCsr28nnb74oK/yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkRPX29CUzVHUzhuQUt5dmJ5ZWR2dmlncl9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi80MTE2OTYtOTNiZS00NmJhLThlOTEt
NWMwMTdiZDQzNjYzLzEvbnA1eTBFMnFGV2praHhudE5aalFpcUZ0c09jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi80MTE2OTYtOTNiZS00NmJhLThlOTEtNWMwMTdiZDQzNjYz
LzEvMkRPX29CUzVHUzhuQUt5dmJ5ZWR2dmlncl9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwpmoMA0G
CSqGSIb3DQEBCwUAA4IBAQAEaRrMGkpFQVnfCHAa+0x1lRJeMdP5z38m1QWJ2COQ
mXnB1zLpufP25Go3J8PQpqj2nMXWCcoC6OAwN7owl99D/anwRTjJvgvzklT4UUwG
zc6sV0wHORtDSBiJXOdVAOwGY1IQvMMZ3tCyq7M7DNbkYC2TUBG8zYeAqRpCPQuf
TC9sT7rHbAO28erxgu3yie6mgiXLJt2T6SMsk6cY8UkejJkpJ5Fhg0QyfHKb4St9
BOSekNWijUxp5fIcqHInFIAdz6/Zx0OhcYOIXBrRmMocncix40F6f9Xa4Hd8jQ06
8lSPpQlUzJteob5PGmdJ85RjQaPyA+tSRH2RiGnToBhE
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:19 2024 by rpki-client on console-fra.rpki-client.org