Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/RhA9BGfM7lFsLyHbF4qBaL1woio.roa
File:                     RhA9BGfM7lFsLyHbF4qBaL1woio.roa (raw, json)
Hash identifier:          HmvWWTUlBwaNkd6Cfd53SjMYHwEplGxVfndR1yNoa9c=
Subject key identifier:   46:10:3D:04:67:CC:EE:51:6C:2F:21:DB:17:8A:81:68:BD:70:A2:2A
Certificate issuer:       /CN=a7fd3f89335dcf828666b28fad8ae993bd448878
Certificate serial:       0188F19A3C0FC496A379E331006C572DA1FE
Authority key identifier: A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/RhA9BGfM7lFsLyHbF4qBaL1woio.roa
Signing time:             Sun 25 Jun 2023 08:09:56 +0000
ROA not before:           Sun 25 Jun 2023 08:09:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        194.32.144.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Fri 08 Sep 2023 06:12:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:f1:9a:3c:0f:c4:96:a3:79:e3:31:00:6c:57:2d:a1:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a7fd3f89335dcf828666b28fad8ae993bd448878
        Validity
            Not Before: Jun 25 08:09:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=46103d0467ccee516c2f21db178a8168bd70a22a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:17:7f:c5:c8:86:29:c5:92:c2:42:68:26:79:
                    35:53:3f:19:ac:a0:0d:38:15:db:85:8a:31:b0:d6:
                    34:1a:16:06:60:cc:6e:22:87:32:fe:17:41:09:84:
                    2a:d5:08:26:01:b5:c9:80:e5:f2:0a:7b:7d:40:0c:
                    ea:39:d6:ef:49:53:e0:97:a2:23:f7:13:5c:66:86:
                    7b:49:c9:f2:b3:30:f5:11:9f:62:f4:21:84:9a:1e:
                    4a:5b:df:de:db:89:3b:fb:8e:f7:4f:2d:d9:c2:49:
                    67:0e:10:11:f3:f7:04:94:55:0f:e6:90:8b:7d:b1:
                    fc:12:e5:92:0d:79:17:fb:02:45:cd:ea:e4:5a:05:
                    28:28:80:64:b4:72:45:64:24:e5:da:54:7f:82:9e:
                    03:2e:d9:f9:0a:a5:43:d6:3e:6f:35:25:8b:e0:ea:
                    0d:d6:dd:24:e4:1b:b3:0f:e2:c2:9c:e4:c5:2b:a6:
                    2d:31:a7:80:0b:f1:a8:5d:0d:de:b2:62:a8:b9:68:
                    c5:78:cd:fc:0f:9b:d6:0b:bd:d8:ed:9a:a3:54:75:
                    bf:2c:69:17:bf:3e:2b:4c:5f:5a:5c:82:4e:25:93:
                    5b:70:d9:14:67:a7:1e:3d:d9:cb:e6:ba:96:bc:d1:
                    7b:16:44:6f:18:e9:84:af:ee:cf:78:f7:f9:91:32:
                    aa:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:10:3D:04:67:CC:EE:51:6C:2F:21:DB:17:8A:81:68:BD:70:A2:2A
            X509v3 Authority Key Identifier:
                keyid:A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/RhA9BGfM7lFsLyHbF4qBaL1woio.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/p_0_iTNdz4KGZrKPrYrpk71EiHg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.32.144.0/23

    Signature Algorithm: sha256WithRSAEncryption
         21:8f:f4:b4:3f:25:fe:dc:08:4e:58:d9:7d:95:66:95:7b:12:
         87:65:b3:f3:0c:0a:2d:19:e4:1f:46:d4:fa:74:a9:15:c8:cd:
         49:62:a0:5c:86:72:d5:d1:77:42:a4:da:a6:89:1a:7f:77:b3:
         6f:8f:07:eb:3d:28:f4:98:db:a0:41:37:4b:02:b5:c6:d9:39:
         8e:1a:d1:41:33:cb:c0:86:61:01:cd:63:21:a0:93:ab:a0:59:
         a7:10:dc:e6:cf:97:66:de:31:f3:b6:67:e7:9c:b2:c7:7d:af:
         c0:97:81:56:22:b6:46:c9:81:16:d8:27:fd:01:64:39:47:26:
         f6:e1:c2:13:66:45:a9:01:c1:7c:3f:36:8c:13:62:ad:51:d2:
         d5:84:1c:02:9a:8c:be:a0:5b:0e:ec:5f:35:cc:c8:3b:b7:a6:
         f8:12:2a:ee:57:52:1c:24:fb:40:65:1a:d2:98:8d:ce:d5:48:
         04:f2:8f:24:1c:4b:81:c6:dd:a5:58:ae:b4:39:5b:e5:aa:df:
         84:7e:a1:5f:4e:d1:c2:98:00:ed:c7:fb:4f:dd:d1:6c:0e:0d:
         fe:43:c1:4f:07:60:0a:11:d1:20:8d:b2:24:91:26:a8:38:d2:
         a9:0f:24:50:bf:05:36:b2:cc:81:66:32:35:fa:a8:36:51:af:
         d5:82:74:a8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYjxmjwPxJajeeMxAGxXLaH+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3ZmQzZjg5MzM1ZGNmODI4NjY2YjI4ZmFkOGFlOTkzYmQ0
NDg4NzgwHhcNMjMwNjI1MDgwOTU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjEwM2QwNDY3Y2NlZTUxNmMyZjIxZGIxNzhhODE2OGJkNzBhMjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuhd/xciGKcWSwkJoJnk1Uz8ZrKAN
OBXbhYoxsNY0GhYGYMxuIocy/hdBCYQq1QgmAbXJgOXyCnt9QAzqOdbvSVPgl6Ij
9xNcZoZ7ScnyszD1EZ9i9CGEmh5KW9/e24k7+473Ty3ZwklnDhAR8/cElFUP5pCL
fbH8EuWSDXkX+wJFzerkWgUoKIBktHJFZCTl2lR/gp4DLtn5CqVD1j5vNSWL4OoN
1t0k5BuzD+LCnOTFK6YtMaeAC/GoXQ3esmKouWjFeM38D5vWC73Y7ZqjVHW/LGkX
vz4rTF9aXIJOJZNbcNkUZ6cePdnL5rqWvNF7FkRvGOmEr+7PePf5kTKqLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEYQPQRnzO5RbC8h2xeKgWi9cKIqMB8GA1UdIwQY
MBaAFKf9P4kzXc+Chmayj62K6ZO9RIh4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcF8wX2lUTmR6NEtHWnJLUHJZcnBrNzFFaUhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8zODhmZDgtYzgxZi00ZTcxLWFmNTIt
YzBiMWFkNDM1Yjk1LzEvUmhBOUJHZk03bEZzTHlIYkY0cUJhTDF3b2lvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC8zODhmZDgtYzgxZi00ZTcxLWFmNTItYzBiMWFkNDM1Yjk1
LzEvcF8wX2lUTmR6NEtHWnJLUHJZcnBrNzFFaUhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwiCQMA0G
CSqGSIb3DQEBCwUAA4IBAQAhj/S0PyX+3AhOWNl9lWaVexKHZbPzDAotGeQfRtT6
dKkVyM1JYqBchnLV0XdCpNqmiRp/d7NvjwfrPSj0mNugQTdLArXG2TmOGtFBM8vA
hmEBzWMhoJOroFmnENzmz5dm3jHztmfnnLLHfa/Al4FWIrZGyYEW2Cf9AWQ5Ryb2
4cITZkWpAcF8PzaME2KtUdLVhBwCmoy+oFsO7F81zMg7t6b4EiruV1IcJPtAZRrS
mI3O1UgE8o8kHEuBxt2lWK60OVvlqt+EfqFfTtHCmADtx/tP3dFsDg3+Q8FPB2AK
EdEgjbIkkSaoONKpDyRQvwU2ssyBZjI1+qg2Ua/VgnSo
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:21 2024 by rpki-client on console-fra.rpki-client.org