Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/swsj3U3oiSS3p9DfbdVFURoQQns.roa
File:                     swsj3U3oiSS3p9DfbdVFURoQQns.roa (raw, json)
Hash identifier:          /2CM7lH3t2fJQDmCFsWbN3DbgztnlR9UaaJmGhLrK+M=
Subject key identifier:   B3:0B:23:DD:4D:E8:89:24:B7:A7:D0:DF:6D:D5:45:51:1A:10:42:7B
Certificate issuer:       /CN=4da84d247ce37cdccf06e1571d226a2b85677bcd
Certificate serial:       018D91D3D55D7DC207D7710BE2D3908F577B
Authority key identifier: 4D:A8:4D:24:7C:E3:7C:DC:CF:06:E1:57:1D:22:6A:2B:85:67:7B:CD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TahNJHzjfNzPBuFXHSJqK4Vne80.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/swsj3U3oiSS3p9DfbdVFURoQQns.roa
Signing time:             Sat 10 Feb 2024 07:03:15 +0000
ROA not before:           Sat 10 Feb 2024 07:03:15 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     60446
IP address blocks:        93.180.135.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 10 Feb 2024 09:11:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:91:d3:d5:5d:7d:c2:07:d7:71:0b:e2:d3:90:8f:57:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4da84d247ce37cdccf06e1571d226a2b85677bcd
        Validity
            Not Before: Feb 10 07:03:15 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=b30b23dd4de88924b7a7d0df6dd545511a10427b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:d5:fa:60:22:bd:8d:87:b0:21:fb:a8:32:79:
                    b1:41:04:d6:6f:8d:40:d4:30:ce:5a:f5:25:b9:7c:
                    22:dc:e4:d8:d4:33:17:86:00:19:c5:11:a4:b1:b6:
                    56:0d:04:05:bd:ba:1c:35:6d:d2:51:46:76:d8:d0:
                    b7:63:d1:e7:d4:62:07:75:a9:45:87:a7:00:c9:b4:
                    d2:e1:9b:1c:53:79:a6:4a:35:45:79:1c:09:4d:f6:
                    c2:ca:c3:19:ea:22:10:df:69:23:2a:91:59:59:44:
                    39:4b:b3:e8:38:4b:05:5e:63:93:ce:2e:b0:c3:05:
                    d1:8d:9f:65:71:52:29:d9:75:99:27:55:8e:50:fa:
                    1f:7b:ba:80:2d:30:6a:88:b0:66:ed:e9:b4:a5:89:
                    82:2c:87:71:20:f8:d1:4c:e8:31:19:61:e2:cb:a6:
                    24:8f:b3:be:d3:16:2c:8e:01:23:f2:6f:89:7e:c0:
                    7c:29:ce:f4:08:0a:7e:6c:f0:be:d9:14:e2:df:c2:
                    05:50:dd:52:45:c9:5c:95:af:d4:ac:25:8b:b7:b6:
                    3b:70:a7:29:fb:1c:62:a5:fc:c5:3a:d6:c5:b6:27:
                    d3:cf:7d:f3:c2:4d:7d:0b:76:3e:df:1b:8f:04:17:
                    e3:49:87:96:c1:fe:3b:4e:85:07:e0:69:52:10:91:
                    20:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:0B:23:DD:4D:E8:89:24:B7:A7:D0:DF:6D:D5:45:51:1A:10:42:7B
            X509v3 Authority Key Identifier:
                keyid:4D:A8:4D:24:7C:E3:7C:DC:CF:06:E1:57:1D:22:6A:2B:85:67:7B:CD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TahNJHzjfNzPBuFXHSJqK4Vne80.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/swsj3U3oiSS3p9DfbdVFURoQQns.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/TahNJHzjfNzPBuFXHSJqK4Vne80.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  93.180.135.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1d:dc:87:05:1d:95:4e:2a:51:79:66:e5:12:30:8b:09:be:7d:
         31:7f:c0:3e:94:05:a9:ae:48:7f:4b:96:58:aa:d5:c8:5a:94:
         ce:99:4d:e1:90:fa:71:ec:6e:63:28:8d:91:6b:73:2c:a5:30:
         5d:f6:8e:19:c0:e7:a0:20:81:04:8a:55:cc:3b:a3:fa:c5:96:
         f1:57:e6:4b:de:82:4b:a5:c1:69:5a:4a:58:cc:73:14:84:c5:
         dc:45:a5:2f:34:3a:50:70:e3:9c:46:fc:ec:39:1e:05:63:e9:
         d2:c2:75:07:91:4c:e4:ad:cc:af:2d:51:b0:c0:a2:18:6b:4f:
         5d:19:ca:cc:71:24:92:a4:74:c8:b6:2a:95:cf:71:12:1e:78:
         c5:5f:a9:e6:9d:cf:58:e5:b1:8e:d8:23:de:31:46:fe:b2:b3:
         c6:16:ae:23:ed:88:ea:c0:77:97:bc:e8:75:27:9e:a2:a0:4e:
         16:d3:ee:27:f6:2f:82:8d:b5:41:b6:3b:3f:6a:82:54:3f:0f:
         4c:1d:5a:73:45:91:92:a9:21:d8:51:43:ef:1a:83:78:42:20:
         2a:5b:8b:5e:38:24:66:e6:7e:cb:88:65:27:bd:a8:de:a4:2e:
         83:dd:06:85:bc:14:a3:a7:8b:56:6e:41:22:ea:35:39:d9:b4:
         8a:6e:9b:a5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY2R09VdfcIH13EL4tOQj1d7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkYTg0ZDI0N2NlMzdjZGNjZjA2ZTE1NzFkMjI2YTJiODU2
NzdiY2QwHhcNMjQwMjEwMDcwMzE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzBiMjNkZDRkZTg4OTI0YjdhN2QwZGY2ZGQ1NDU1MTFhMTA0MjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg9X6YCK9jYewIfuoMnmxQQTWb41A
1DDOWvUluXwi3OTY1DMXhgAZxRGksbZWDQQFvbocNW3SUUZ22NC3Y9Hn1GIHdalF
h6cAybTS4ZscU3mmSjVFeRwJTfbCysMZ6iIQ32kjKpFZWUQ5S7PoOEsFXmOTzi6w
wwXRjZ9lcVIp2XWZJ1WOUPofe7qALTBqiLBm7em0pYmCLIdxIPjRTOgxGWHiy6Yk
j7O+0xYsjgEj8m+JfsB8Kc70CAp+bPC+2RTi38IFUN1SRclcla/UrCWLt7Y7cKcp
+xxipfzFOtbFtifTz33zwk19C3Y+3xuPBBfjSYeWwf47ToUH4GlSEJEgzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLMLI91N6Ikkt6fQ323VRVEaEEJ7MB8GA1UdIwQY
MBaAFE2oTSR843zczwbhVx0iaiuFZ3vNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGFoTkpIempmTnpQQnVGWEhTSnFLNFZuZTgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC8yMTBmYmItYWE2ZS00OWM5LTkxOGIt
NTU1OGE4YjUzZTNkLzEvc3dzajNVM29pU1MzcDlEZmJkVkZVUm9RUW5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC8yMTBmYmItYWE2ZS00OWM5LTkxOGItNTU1OGE4YjUzZTNk
LzEvVGFoTkpIempmTnpQQnVGWEhTSnFLNFZuZTgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXbSHMA0G
CSqGSIb3DQEBCwUAA4IBAQAd3IcFHZVOKlF5ZuUSMIsJvn0xf8A+lAWprkh/S5ZY
qtXIWpTOmU3hkPpx7G5jKI2Ra3MspTBd9o4ZwOegIIEEilXMO6P6xZbxV+ZL3oJL
pcFpWkpYzHMUhMXcRaUvNDpQcOOcRvzsOR4FY+nSwnUHkUzkrcyvLVGwwKIYa09d
GcrMcSSSpHTItiqVz3ESHnjFX6nmnc9Y5bGO2CPeMUb+srPGFq4j7YjqwHeXvOh1
J56ioE4W0+4n9i+CjbVBtjs/aoJUPw9MHVpzRZGSqSHYUUPvGoN4QiAqW4teOCRm
5n7LiGUnvajepC6D3QaFvBSjp4tWbkEi6jU52bSKbpul
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:33 2024 by rpki-client on console-fra.rpki-client.org