Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/4OO8MJosmqZ1fUn92NbodZ4WT1g.roa
File:                     4OO8MJosmqZ1fUn92NbodZ4WT1g.roa (raw, json)
Hash identifier:          K9Qho3zkZIhrsaWLEMVkbVd44qToHlIRyFtpoSlB3YU=
Subject key identifier:   E0:E3:BC:30:9A:2C:9A:A6:75:7D:49:FD:D8:D6:E8:75:9E:16:4F:58
Certificate issuer:       /CN=62a15cc88659f578cc159c52b3a7e9ec5819fb20
Certificate serial:       01892BDBAD0015EF80B2F6E1D4B053F01A04
Authority key identifier: 62:A1:5C:C8:86:59:F5:78:CC:15:9C:52:B3:A7:E9:EC:58:19:FB:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/4OO8MJosmqZ1fUn92NbodZ4WT1g.roa
Signing time:             Thu 06 Jul 2023 15:39:24 +0000
ROA not before:           Thu 06 Jul 2023 15:39:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     198652
IP address blocks:        93.89.219.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 22 Jul 2023 12:39:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:2b:db:ad:00:15:ef:80:b2:f6:e1:d4:b0:53:f0:1a:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=62a15cc88659f578cc159c52b3a7e9ec5819fb20
        Validity
            Not Before: Jul  6 15:39:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e0e3bc309a2c9aa6757d49fdd8d6e8759e164f58
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:ac:44:9b:05:31:45:76:29:a9:fc:e4:f2:db:
                    ad:23:21:c1:a4:6e:65:2d:e9:f7:f5:1f:83:8a:e4:
                    97:39:f9:f0:9b:1d:8e:3b:f2:4c:d8:20:72:33:45:
                    3f:1e:c7:17:f6:48:e8:4d:8a:d7:49:a1:dd:d9:ec:
                    24:0f:66:5f:7a:ed:48:d4:e6:24:8a:8d:f5:87:09:
                    1b:70:07:2d:0b:6c:51:03:38:46:df:f9:a5:b9:f2:
                    24:56:7e:cf:e3:36:ff:23:8f:ed:a0:e9:7b:d3:d9:
                    f2:68:ff:6d:13:c5:26:dc:08:57:c8:67:ce:b7:fb:
                    0a:31:7b:e6:c2:61:86:6d:c2:13:ac:66:ea:4d:4c:
                    c7:fc:9d:74:8c:ea:39:ba:cf:e4:cd:cb:52:68:07:
                    4e:a9:19:d8:0a:24:0e:51:f5:c0:73:fb:58:ba:70:
                    b9:24:f2:cb:5d:a0:81:89:80:fa:f4:0f:b1:1c:f7:
                    8f:83:c2:7d:4e:4b:70:ce:49:c0:dd:a9:25:f6:57:
                    02:1e:a9:03:d5:56:05:f2:7f:17:d2:86:57:b7:56:
                    fa:a1:37:e7:85:05:cf:ce:77:80:de:a1:88:7d:af:
                    f8:4e:95:9b:62:a8:32:3a:9a:47:57:c9:75:60:71:
                    ca:b8:80:63:18:e4:dc:b1:a8:12:29:66:6d:36:be:
                    19:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:E3:BC:30:9A:2C:9A:A6:75:7D:49:FD:D8:D6:E8:75:9E:16:4F:58
            X509v3 Authority Key Identifier:
                keyid:62:A1:5C:C8:86:59:F5:78:CC:15:9C:52:B3:A7:E9:EC:58:19:FB:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/4OO8MJosmqZ1fUn92NbodZ4WT1g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  93.89.219.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c4:ce:8e:ae:93:58:06:ab:4f:1b:c2:04:67:9d:0e:93:f4:b2:
         23:e7:3f:35:63:bc:1b:be:74:20:5a:51:ec:7c:52:9d:af:b2:
         56:60:b1:88:25:52:d6:a7:74:0f:51:72:ef:a2:4a:41:04:5e:
         71:5f:88:64:91:c9:f3:92:21:20:95:df:57:30:83:69:1f:e2:
         d8:3f:f5:58:19:1b:0a:a4:ee:de:cc:ed:b0:88:d3:b3:fd:12:
         f1:f4:13:00:ff:f6:7d:53:c2:4c:4f:13:73:21:89:f1:15:ea:
         52:1c:43:92:86:a8:e1:4a:91:ac:ff:ae:fa:a7:f3:4c:a4:af:
         67:ae:4b:8e:cb:ae:ca:d0:dc:7f:8b:5a:bb:df:f1:05:90:2f:
         ae:35:89:ec:a1:55:30:e2:2a:43:ee:3b:5b:eb:05:95:f9:5e:
         9b:aa:6d:6e:ab:a2:be:5e:e8:5a:ad:ec:44:48:2e:08:3a:74:
         f1:c7:e7:6f:fe:b2:dd:00:ee:fd:f3:80:bd:0f:e7:f0:4e:81:
         ab:af:87:64:5f:8a:cd:5e:15:7d:be:69:e7:49:d3:4d:40:29:
         83:e7:46:df:fe:fb:63:6a:09:27:db:89:87:01:10:11:80:4e:
         45:a9:b1:87:45:e1:09:b1:a3:95:ac:aa:c1:ca:47:b5:65:df:
         58:4d:ce:e5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYkr260AFe+Asvbh1LBT8BoEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyYTE1Y2M4ODY1OWY1NzhjYzE1OWM1MmIzYTdlOWVjNTgx
OWZiMjAwHhcNMjMwNzA2MTUzOTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGUzYmMzMDlhMmM5YWE2NzU3ZDQ5ZmRkOGQ2ZTg3NTllMTY0ZjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApqxEmwUxRXYpqfzk8tutIyHBpG5l
Len39R+DiuSXOfnwmx2OO/JM2CByM0U/HscX9kjoTYrXSaHd2ewkD2Zfeu1I1OYk
io31hwkbcActC2xRAzhG3/mlufIkVn7P4zb/I4/toOl709nyaP9tE8Um3AhXyGfO
t/sKMXvmwmGGbcITrGbqTUzH/J10jOo5us/kzctSaAdOqRnYCiQOUfXAc/tYunC5
JPLLXaCBiYD69A+xHPePg8J9TktwzknA3akl9lcCHqkD1VYF8n8X0oZXt1b6oTfn
hQXPzneA3qGIfa/4TpWbYqgyOppHV8l1YHHKuIBjGOTcsagSKWZtNr4ZwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFODjvDCaLJqmdX1J/djW6HWeFk9YMB8GA1UdIwQY
MBaAFGKhXMiGWfV4zBWcUrOn6exYGfsgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXFGY3lJWlo5WGpNRlp4U3M2ZnA3RmdaLXlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8yMTE3YmMtMWY5ZS00NTkwLWE1NTAt
NDI2OWI1NmJmN2Q0LzEvNE9POE1Kb3NtcVoxZlVuOTJOYm9kWjRXVDFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi8yMTE3YmMtMWY5ZS00NTkwLWE1NTAtNDI2OWI1NmJmN2Q0
LzEvWXFGY3lJWlo5WGpNRlp4U3M2ZnA3RmdaLXlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXVnbMA0G
CSqGSIb3DQEBCwUAA4IBAQDEzo6uk1gGq08bwgRnnQ6T9LIj5z81Y7wbvnQgWlHs
fFKdr7JWYLGIJVLWp3QPUXLvokpBBF5xX4hkkcnzkiEgld9XMINpH+LYP/VYGRsK
pO7ezO2wiNOz/RLx9BMA//Z9U8JMTxNzIYnxFepSHEOShqjhSpGs/676p/NMpK9n
rkuOy67K0Nx/i1q73/EFkC+uNYnsoVUw4ipD7jtb6wWV+V6bqm1uq6K+XuharexE
SC4IOnTxx+dv/rLdAO7984C9D+fwToGrr4dkX4rNXhV9vmnnSdNNQCmD50bf/vtj
agkn24mHARARgE5FqbGHReEJsaOVrKrByke1Zd9YTc7l
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:25 2024 by rpki-client on console-ams.rpki-client.org