Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/4f2367-73f3-4816-bea8-a045ff8e2ac0/1/byHuUNu8cCBy41DJo_cQGXrjWGk.roa
File:                     byHuUNu8cCBy41DJo_cQGXrjWGk.roa (raw, json)
Hash identifier:          LD0kcA1ZYDx4YlEb86AZiWS/KqkuwWHOcfZ5dGC4/Eg=
Subject key identifier:   6F:21:EE:50:DB:BC:70:20:72:E3:50:C9:A3:F7:10:19:7A:E3:58:69
Certificate issuer:       /CN=9cce3b1197d0cf9511540572a58fd372dcc07489
Certificate serial:       01856CAEF76CDCFF51CA407B436A6357047B
Authority key identifier: 9C:CE:3B:11:97:D0:CF:95:11:54:05:72:A5:8F:D3:72:DC:C0:74:89
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nM47EZfQz5URVAVypY_TctzAdIk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/74/4f2367-73f3-4816-bea8-a045ff8e2ac0/1/byHuUNu8cCBy41DJo_cQGXrjWGk.roa
Signing time:             Sun 01 Jan 2023 09:34:43 +0000
ROA not before:           Sun 01 Jan 2023 09:34:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     41705
IP address blocks:        193.32.240.0/22 maxlen: 24
                          193.32.240.0/24 maxlen: 24
                          193.32.242.0/24 maxlen: 24
                          193.32.243.0/24 maxlen: 24
                          193.32.241.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:29:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:ae:f7:6c:dc:ff:51:ca:40:7b:43:6a:63:57:04:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9cce3b1197d0cf9511540572a58fd372dcc07489
        Validity
            Not Before: Jan  1 09:34:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6f21ee50dbbc702072e350c9a3f710197ae35869
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:a3:66:c2:33:b7:0d:0b:e6:24:84:02:e7:2f:
                    66:51:e2:50:77:5a:0b:dc:8c:9b:fc:8a:9a:99:ac:
                    30:a6:37:f5:ff:38:34:22:0c:21:a1:d6:ae:bb:5e:
                    fa:3b:46:c8:8a:d5:c0:79:40:55:92:a4:36:48:01:
                    6c:2d:17:52:ab:f9:9e:7c:f0:d7:50:29:f5:95:58:
                    3e:6c:08:80:9f:d4:30:b6:77:db:bc:50:cb:2c:a6:
                    2e:f5:d2:ed:05:ac:e9:35:8e:7f:71:35:57:c9:0c:
                    9d:19:eb:9a:e6:16:75:78:85:76:eb:01:60:e6:14:
                    75:70:f6:70:11:96:6f:a2:fa:54:56:9e:c9:f1:ee:
                    09:85:42:16:c3:c2:8e:06:93:9f:ea:49:21:71:ca:
                    00:48:11:23:4a:26:60:50:80:04:9d:5b:a3:8b:11:
                    5f:c8:4a:51:e7:0f:91:3a:b5:e9:c0:3d:bd:8b:d8:
                    64:83:c1:56:1f:af:c3:03:b1:99:91:17:f1:7c:3c:
                    c1:95:7b:58:62:b8:eb:c1:22:c2:2e:25:50:5d:7a:
                    60:ec:f9:58:b1:6c:5c:b9:94:4e:8f:96:9c:04:ca:
                    25:b1:88:f7:14:cc:15:02:b6:86:af:03:30:bc:6c:
                    88:6b:84:d8:30:44:3a:69:76:ea:0f:54:75:15:9c:
                    e9:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:21:EE:50:DB:BC:70:20:72:E3:50:C9:A3:F7:10:19:7A:E3:58:69
            X509v3 Authority Key Identifier:
                keyid:9C:CE:3B:11:97:D0:CF:95:11:54:05:72:A5:8F:D3:72:DC:C0:74:89

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nM47EZfQz5URVAVypY_TctzAdIk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/4f2367-73f3-4816-bea8-a045ff8e2ac0/1/byHuUNu8cCBy41DJo_cQGXrjWGk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/74/4f2367-73f3-4816-bea8-a045ff8e2ac0/1/nM47EZfQz5URVAVypY_TctzAdIk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.32.240.0/22

    Signature Algorithm: sha256WithRSAEncryption
         46:1a:d1:7a:97:f7:1f:b7:d8:ef:bc:e6:74:57:f8:fd:68:d0:
         21:0d:f3:86:14:74:66:57:00:65:2d:8d:74:44:67:33:c1:24:
         04:38:bc:7f:bb:9f:5c:3d:ef:95:97:27:a8:fe:24:ac:1b:8f:
         8c:4e:e4:de:1b:ac:d7:e7:e9:f8:bd:15:6d:95:80:2e:f6:7d:
         72:64:fd:72:75:d9:a0:e5:88:7b:ae:77:3e:95:37:15:d7:94:
         1c:ce:5e:49:c6:2d:c7:06:bf:b9:07:ba:bd:a8:d3:6d:33:34:
         7d:9d:28:0b:de:85:3b:04:7e:c6:02:57:ed:c0:2d:b5:f8:2a:
         02:8b:2e:bd:d3:60:ba:6f:18:75:70:f1:b7:85:07:04:ae:af:
         c9:5b:f9:93:bc:a0:60:23:73:86:a4:3b:de:86:ad:5f:9d:61:
         85:89:b0:47:9d:30:f3:a9:6a:45:24:5a:57:88:32:e2:e0:40:
         84:9f:bf:1d:df:6e:77:30:9a:6d:ed:25:2e:28:56:7d:4d:3c:
         07:46:38:a0:ef:d2:3e:73:cb:b2:62:eb:a3:e0:f6:eb:97:2e:
         09:94:f1:e9:84:7a:97:88:b6:c2:d1:27:7b:28:d9:25:43:cc:
         9e:ed:43:76:1e:32:7a:39:0f:6a:99:51:51:49:25:53:80:ee:
         68:f1:c0:aa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsrvds3P9RykB7Q2pjVwR7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljY2UzYjExOTdkMGNmOTUxMTU0MDU3MmE1OGZkMzcyZGNj
MDc0ODkwHhcNMjMwMTAxMDkzNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjIxZWU1MGRiYmM3MDIwNzJlMzUwYzlhM2Y3MTAxOTdhZTM1ODY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr6NmwjO3DQvmJIQC5y9mUeJQd1oL
3Iyb/Iqamawwpjf1/zg0Igwhodauu176O0bIitXAeUBVkqQ2SAFsLRdSq/mefPDX
UCn1lVg+bAiAn9QwtnfbvFDLLKYu9dLtBazpNY5/cTVXyQydGeua5hZ1eIV26wFg
5hR1cPZwEZZvovpUVp7J8e4JhUIWw8KOBpOf6kkhccoASBEjSiZgUIAEnVujixFf
yEpR5w+ROrXpwD29i9hkg8FWH6/DA7GZkRfxfDzBlXtYYrjrwSLCLiVQXXpg7PlY
sWxcuZROj5acBMolsYj3FMwVAraGrwMwvGyIa4TYMEQ6aXbqD1R1FZzplwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG8h7lDbvHAgcuNQyaP3EBl641hpMB8GA1UdIwQY
MBaAFJzOOxGX0M+VEVQFcqWP03LcwHSJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbk00N0VaZlF6NVVSVkFWeXBZX1RjdHpBZElrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC80ZjIzNjctNzNmMy00ODE2LWJlYTgt
YTA0NWZmOGUyYWMwLzEvYnlIdVVOdThjQ0J5NDFESm9fY1FHWHJqV0drLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC80ZjIzNjctNzNmMy00ODE2LWJlYTgtYTA0NWZmOGUyYWMw
LzEvbk00N0VaZlF6NVVSVkFWeXBZX1RjdHpBZElrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwSDwMA0G
CSqGSIb3DQEBCwUAA4IBAQBGGtF6l/cft9jvvOZ0V/j9aNAhDfOGFHRmVwBlLY10
RGczwSQEOLx/u59cPe+Vlyeo/iSsG4+MTuTeG6zX5+n4vRVtlYAu9n1yZP1yddmg
5Yh7rnc+lTcV15Qczl5Jxi3HBr+5B7q9qNNtMzR9nSgL3oU7BH7GAlftwC21+CoC
iy6902C6bxh1cPG3hQcErq/JW/mTvKBgI3OGpDvehq1fnWGFibBHnTDzqWpFJFpX
iDLi4ECEn78d3253MJpt7SUuKFZ9TTwHRjig79I+c8uyYuuj4Pbrly4JlPHphHqX
iLbC0Sd7KNklQ8ye7UN2HjJ6OQ9qmVFRSSVTgO5o8cCq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:04 2024 by rpki-client on console-ams.rpki-client.org