Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/6a9cf9-c0cc-4011-860e-4685782ac2c3/1/TnAbIXhY9KBq-XK6uQD5nvL6tis.roa
File:                     TnAbIXhY9KBq-XK6uQD5nvL6tis.roa (raw, json)
Hash identifier:          xFxDUL8uB7hQ2Ob9D1qTjsEEr15AVJzhaoiBP1a5jCw=
Subject key identifier:   4E:70:1B:21:78:58:F4:A0:6A:F9:72:BA:B9:00:F9:9E:F2:FA:B6:2B
Certificate issuer:       /CN=753d476db96de1e58623119a70b9d7b00b676da0
Certificate serial:       018A6FF525613905578B9E92A329F76A129A
Authority key identifier: 75:3D:47:6D:B9:6D:E1:E5:86:23:11:9A:70:B9:D7:B0:0B:67:6D:A0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dT1Hbblt4eWGIxGacLnXsAtnbaA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7f/6a9cf9-c0cc-4011-860e-4685782ac2c3/1/TnAbIXhY9KBq-XK6uQD5nvL6tis.roa
Signing time:             Thu 07 Sep 2023 14:04:11 +0000
ROA not before:           Thu 07 Sep 2023 14:04:11 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     20980
IP address blocks:        193.108.8.0/21 maxlen: 21

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:30:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:6f:f5:25:61:39:05:57:8b:9e:92:a3:29:f7:6a:12:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=753d476db96de1e58623119a70b9d7b00b676da0
        Validity
            Not Before: Sep  7 14:04:11 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4e701b217858f4a06af972bab900f99ef2fab62b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:6a:01:51:43:a3:8f:5f:08:e8:0c:af:85:9b:
                    1f:ca:3e:81:23:cf:4f:6d:b6:ee:78:5f:49:c6:5b:
                    5a:01:59:a6:91:d3:99:80:06:1a:1a:8a:18:87:1c:
                    93:1d:7e:4b:be:b9:57:aa:2c:87:74:ea:f0:15:a7:
                    d7:93:d4:dc:6b:e5:0b:b2:ba:a6:0a:3c:d8:2f:5d:
                    98:af:51:b1:98:18:01:26:86:5f:34:ee:df:f1:96:
                    00:64:16:78:fd:7f:09:b5:64:bd:ae:87:5e:d5:2c:
                    cb:c2:fb:6a:71:d9:8e:44:b7:f2:0c:e3:b9:d5:b3:
                    f7:ce:82:a7:46:3a:fe:f0:2d:7d:83:67:a5:24:64:
                    e4:f1:cf:f3:c1:ae:43:b1:05:f5:86:ec:d5:a4:1c:
                    fc:4a:69:13:7e:03:c2:55:16:50:ca:71:d4:e4:8e:
                    87:32:3d:78:b4:a9:a9:2a:dc:20:a5:c9:05:fb:57:
                    1d:e0:de:22:79:c2:77:3a:0a:f2:1a:6d:71:1d:8e:
                    32:f7:1f:c7:ac:a8:b4:0a:cd:97:6a:55:57:63:69:
                    b3:f3:64:1d:1c:fb:b4:f8:55:8f:c6:2a:d9:ac:70:
                    2e:51:d1:13:91:d6:6b:ba:b9:27:99:ca:7f:90:81:
                    c4:de:5e:cd:05:e9:52:cd:81:36:2d:da:8f:f9:28:
                    d1:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:70:1B:21:78:58:F4:A0:6A:F9:72:BA:B9:00:F9:9E:F2:FA:B6:2B
            X509v3 Authority Key Identifier:
                keyid:75:3D:47:6D:B9:6D:E1:E5:86:23:11:9A:70:B9:D7:B0:0B:67:6D:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dT1Hbblt4eWGIxGacLnXsAtnbaA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/6a9cf9-c0cc-4011-860e-4685782ac2c3/1/TnAbIXhY9KBq-XK6uQD5nvL6tis.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/6a9cf9-c0cc-4011-860e-4685782ac2c3/1/dT1Hbblt4eWGIxGacLnXsAtnbaA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.108.8.0/21

    Signature Algorithm: sha256WithRSAEncryption
         15:8e:c0:d8:c4:d2:c4:c2:f8:ef:38:3c:6c:6a:cc:ee:21:ff:
         fe:c2:bb:6b:8c:89:f2:9c:45:99:9c:16:9b:43:ec:dd:58:f0:
         aa:35:ec:a0:10:9b:f0:cd:5e:73:89:3f:47:08:5d:1a:ec:fb:
         4a:e8:64:8b:7b:17:08:9b:a6:0e:2b:99:4a:d8:0f:fe:ef:80:
         34:99:fe:a9:fc:e4:7e:59:ef:bd:8b:db:2b:de:db:3b:c9:c8:
         d4:a0:80:ea:73:8b:89:a3:5b:55:6a:e6:c0:c4:5c:0e:70:13:
         ea:5f:d9:71:e5:96:9f:a6:4c:79:3b:e4:48:dc:b9:e4:44:b3:
         fb:bf:6b:8f:9d:50:7e:f8:a3:9c:d6:3b:d5:4b:fc:0a:1c:81:
         52:5a:87:59:47:fc:d0:4b:b0:fb:a7:da:9a:26:4c:cc:b3:a1:
         ed:11:18:33:6d:2d:96:6d:c8:22:f7:90:63:4c:48:c1:77:33:
         99:60:8e:62:0d:bc:89:22:6b:d2:df:45:a1:d3:26:49:8f:b3:
         ad:a9:4a:a2:b9:92:c3:99:2b:db:21:08:2e:23:2a:64:bd:24:
         42:54:24:d0:1e:d0:d6:f9:97:3d:5d:78:f3:a8:5a:57:2d:c0:
         af:b6:3a:c9:f0:c1:92:77:3e:99:18:18:68:cd:b3:88:a8:88:
         1b:f6:96:9b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYpv9SVhOQVXi56Soyn3ahKaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1M2Q0NzZkYjk2ZGUxZTU4NjIzMTE5YTcwYjlkN2IwMGI2
NzZkYTAwHhcNMjMwOTA3MTQwNDExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTcwMWIyMTc4NThmNGEwNmFmOTcyYmFiOTAwZjk5ZWYyZmFiNjJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxmoBUUOjj18I6AyvhZsfyj6BI89P
bbbueF9JxltaAVmmkdOZgAYaGooYhxyTHX5LvrlXqiyHdOrwFafXk9Tca+ULsrqm
CjzYL12Yr1GxmBgBJoZfNO7f8ZYAZBZ4/X8JtWS9rode1SzLwvtqcdmORLfyDOO5
1bP3zoKnRjr+8C19g2elJGTk8c/zwa5DsQX1huzVpBz8SmkTfgPCVRZQynHU5I6H
Mj14tKmpKtwgpckF+1cd4N4iecJ3OgryGm1xHY4y9x/HrKi0Cs2XalVXY2mz82Qd
HPu0+FWPxirZrHAuUdETkdZrurknmcp/kIHE3l7NBelSzYE2LdqP+SjRywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE5wGyF4WPSgavlyurkA+Z7y+rYrMB8GA1UdIwQY
MBaAFHU9R225beHlhiMRmnC517ALZ22gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFQxSGJibHQ0ZVdHSXhHYWNMblhzQXRuYmFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi82YTljZjktYzBjYy00MDExLTg2MGUt
NDY4NTc4MmFjMmMzLzEvVG5BYklYaFk5S0JxLVhLNnVRRDVudkw2dGlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi82YTljZjktYzBjYy00MDExLTg2MGUtNDY4NTc4MmFjMmMz
LzEvZFQxSGJibHQ0ZVdHSXhHYWNMblhzQXRuYmFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDwWwIMA0G
CSqGSIb3DQEBCwUAA4IBAQAVjsDYxNLEwvjvODxsaszuIf/+wrtrjInynEWZnBab
Q+zdWPCqNeygEJvwzV5ziT9HCF0a7PtK6GSLexcIm6YOK5lK2A/+74A0mf6p/OR+
We+9i9sr3ts7ycjUoIDqc4uJo1tVaubAxFwOcBPqX9lx5Zafpkx5O+RI3LnkRLP7
v2uPnVB++KOc1jvVS/wKHIFSWodZR/zQS7D7p9qaJkzMs6HtERgzbS2Wbcgi95Bj
TEjBdzOZYI5iDbyJImvS30Wh0yZJj7OtqUqiuZLDmSvbIQguIypkvSRCVCTQHtDW
+Zc9XXjzqFpXLcCvtjrJ8MGSdz6ZGBhozbOIqIgb9pab
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:10 2024 by rpki-client on console-ams.rpki-client.org