Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/0ef6de-b3f1-4430-8b49-114ffc20f9aa/1/8Ws-TpRUdQUPwbrTovuWs-je8lg.roa
File:                     8Ws-TpRUdQUPwbrTovuWs-je8lg.roa (raw, json)
Hash identifier:          LXQwQlAShuABp/7tuG0pWX0vIxb3oRh7JkeBlcVkT8w=
Subject key identifier:   F1:6B:3E:4E:94:54:75:05:0F:C1:BA:D3:A2:FB:96:B3:E8:DE:F2:58
Certificate issuer:       /CN=1d6d9ccb02715849b3a1ecbcd34b6887f649940f
Certificate serial:       01856F5DC157EFE978B3A602C2FCBA3FFD13
Authority key identifier: 1D:6D:9C:CB:02:71:58:49:B3:A1:EC:BC:D3:4B:68:87:F6:49:94:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HW2cywJxWEmzoey800toh_ZJlA8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/73/0ef6de-b3f1-4430-8b49-114ffc20f9aa/1/8Ws-TpRUdQUPwbrTovuWs-je8lg.roa
Signing time:             Sun 01 Jan 2023 22:04:53 +0000
ROA not before:           Sun 01 Jan 2023 22:04:53 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     8220
IP address blocks:        193.141.139.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:29:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:5d:c1:57:ef:e9:78:b3:a6:02:c2:fc:ba:3f:fd:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1d6d9ccb02715849b3a1ecbcd34b6887f649940f
        Validity
            Not Before: Jan  1 22:04:53 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f16b3e4e945475050fc1bad3a2fb96b3e8def258
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:23:52:5b:c9:84:06:18:42:75:50:70:5f:03:
                    9e:04:5f:f7:76:55:b7:6d:e0:d2:1d:41:0e:0e:13:
                    42:5a:89:11:cc:68:90:0c:87:f0:13:d4:09:ac:ba:
                    10:52:0b:ae:57:e5:08:9d:e1:c7:f5:b8:41:94:08:
                    5f:6b:69:ed:62:c8:0c:3a:2c:d8:84:7c:17:b1:65:
                    0f:05:e3:6d:af:f6:b7:81:21:3b:7c:68:12:b5:7c:
                    83:c2:33:ef:7c:3b:6b:a8:28:ba:87:b9:70:b1:f7:
                    47:52:b1:8a:b5:6f:c4:16:a3:41:b9:14:ae:55:2e:
                    da:2c:58:9a:88:e2:6b:72:b8:0a:77:ed:d2:12:28:
                    57:51:81:2d:ff:19:c9:6c:bf:66:bc:81:33:41:c4:
                    a0:0c:7d:89:f8:c7:b3:4f:b8:18:e3:e0:cf:8e:22:
                    38:17:22:9f:9e:e8:85:51:51:7d:09:21:98:07:9e:
                    29:5b:55:f1:a0:6c:af:4a:93:45:4d:7b:31:77:5e:
                    4c:78:c6:f5:aa:08:63:89:fa:5e:bd:7d:48:e2:d4:
                    74:ca:31:13:c9:aa:cb:99:84:38:c6:0a:74:f2:0e:
                    eb:47:36:d5:02:53:86:8c:99:40:c3:dc:7f:eb:47:
                    5e:71:58:ee:92:2d:e0:49:30:3d:d4:9e:b0:ff:ae:
                    48:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:6B:3E:4E:94:54:75:05:0F:C1:BA:D3:A2:FB:96:B3:E8:DE:F2:58
            X509v3 Authority Key Identifier:
                keyid:1D:6D:9C:CB:02:71:58:49:B3:A1:EC:BC:D3:4B:68:87:F6:49:94:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HW2cywJxWEmzoey800toh_ZJlA8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/0ef6de-b3f1-4430-8b49-114ffc20f9aa/1/8Ws-TpRUdQUPwbrTovuWs-je8lg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/73/0ef6de-b3f1-4430-8b49-114ffc20f9aa/1/HW2cywJxWEmzoey800toh_ZJlA8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.141.139.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a8:dc:f2:6a:a1:57:c6:35:5e:6c:d5:86:18:64:51:58:9c:e4:
         3a:80:92:90:c4:6b:84:46:a0:d3:27:43:7a:8c:05:00:72:fc:
         31:cf:d3:81:c9:fd:34:4c:0b:2f:2f:e4:98:11:4b:90:87:2e:
         9b:eb:71:d7:3e:05:7e:39:c9:17:6c:ab:42:d3:cc:6f:17:a5:
         92:fa:07:f6:6a:1e:98:5f:9f:9a:73:64:79:c3:52:41:59:96:
         33:5d:c4:9c:23:86:d1:53:c7:b5:7b:b8:1f:f4:7b:f8:22:23:
         5f:3a:7e:15:8b:59:38:4b:36:8f:d2:b8:24:b7:0a:22:1d:c1:
         de:02:9d:2c:4a:4b:c5:e5:25:1e:87:57:95:00:83:0b:c9:eb:
         b5:4e:b1:2c:45:08:b3:b3:c4:0c:b6:17:47:44:a6:12:04:76:
         f7:31:86:68:e7:33:53:99:ee:27:31:e8:0d:ee:9a:02:95:d9:
         b6:8d:df:64:86:ac:46:e4:4c:4b:9f:01:f5:1d:61:61:ca:01:
         f2:7d:84:28:0a:99:a9:f6:01:44:e8:ae:9a:22:fb:63:08:d6:
         a3:7b:21:c1:8e:49:50:97:ee:9c:37:17:70:e4:1d:41:71:4c:
         0a:ec:59:71:4d:97:c2:1f:74:85:a8:57:1c:f2:e3:f7:19:a7:
         5c:ea:c0:18
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvXcFX7+l4s6YCwvy6P/0TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkNmQ5Y2NiMDI3MTU4NDliM2ExZWNiY2QzNGI2ODg3ZjY0
OTk0MGYwHhcNMjMwMTAxMjIwNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTZiM2U0ZTk0NTQ3NTA1MGZjMWJhZDNhMmZiOTZiM2U4ZGVmMjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3CNSW8mEBhhCdVBwXwOeBF/3dlW3
beDSHUEODhNCWokRzGiQDIfwE9QJrLoQUguuV+UIneHH9bhBlAhfa2ntYsgMOizY
hHwXsWUPBeNtr/a3gSE7fGgStXyDwjPvfDtrqCi6h7lwsfdHUrGKtW/EFqNBuRSu
VS7aLFiaiOJrcrgKd+3SEihXUYEt/xnJbL9mvIEzQcSgDH2J+MezT7gY4+DPjiI4
FyKfnuiFUVF9CSGYB54pW1XxoGyvSpNFTXsxd15MeMb1qghjifpevX1I4tR0yjET
yarLmYQ4xgp08g7rRzbVAlOGjJlAw9x/60decVjuki3gSTA91J6w/65IswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPFrPk6UVHUFD8G606L7lrPo3vJYMB8GA1UdIwQY
MBaAFB1tnMsCcVhJs6HsvNNLaIf2SZQPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFcyY3l3SnhXRW16b2V5ODAwdG9oX1pKbEE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My8wZWY2ZGUtYjNmMS00NDMwLThiNDkt
MTE0ZmZjMjBmOWFhLzEvOFdzLVRwUlVkUVVQd2JyVG92dVdzLWplOGxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My8wZWY2ZGUtYjNmMS00NDMwLThiNDktMTE0ZmZjMjBmOWFh
LzEvSFcyY3l3SnhXRW16b2V5ODAwdG9oX1pKbEE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwY2LMA0G
CSqGSIb3DQEBCwUAA4IBAQCo3PJqoVfGNV5s1YYYZFFYnOQ6gJKQxGuERqDTJ0N6
jAUAcvwxz9OByf00TAsvL+SYEUuQhy6b63HXPgV+OckXbKtC08xvF6WS+gf2ah6Y
X5+ac2R5w1JBWZYzXcScI4bRU8e1e7gf9Hv4IiNfOn4Vi1k4SzaP0rgktwoiHcHe
Ap0sSkvF5SUeh1eVAIMLyeu1TrEsRQizs8QMthdHRKYSBHb3MYZo5zNTme4nMegN
7poCldm2jd9khqxG5ExLnwH1HWFhygHyfYQoCpmp9gFE6K6aIvtjCNajeyHBjklQ
l+6cNxdw5B1BcUwK7FlxTZfCH3SFqFcc8uP3Gadc6sAY
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:52 2024 by rpki-client on console-ams.rpki-client.org