Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/307b98-c222-4835-8381-09c8fe724cd7/1/vhqWIncOyIhjrNKmcXCN7QG_Zng.roa
File:                     vhqWIncOyIhjrNKmcXCN7QG_Zng.roa (raw, json)
Hash identifier:          Pyp1RZaciBwlhg857KHCQow5uUnHbykJVSISKrVYv5w=
Subject key identifier:   BE:1A:96:22:77:0E:C8:88:63:AC:D2:A6:71:70:8D:ED:01:BF:66:78
Certificate issuer:       /CN=d9f200e2d38683a7cb1ce5cabbee34c068834a0b
Certificate serial:       018C4476908937AF87AEE04B1D2218022F81
Authority key identifier: D9:F2:00:E2:D3:86:83:A7:CB:1C:E5:CA:BB:EE:34:C0:68:83:4A:0B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2fIA4tOGg6fLHOXKu-40wGiDSgs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/80/307b98-c222-4835-8381-09c8fe724cd7/1/vhqWIncOyIhjrNKmcXCN7QG_Zng.roa
Signing time:             Thu 07 Dec 2023 13:27:50 +0000
ROA not before:           Thu 07 Dec 2023 13:27:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     16509
IP address blocks:        193.134.240.0/21 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:29:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:44:76:90:89:37:af:87:ae:e0:4b:1d:22:18:02:2f:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9f200e2d38683a7cb1ce5cabbee34c068834a0b
        Validity
            Not Before: Dec  7 13:27:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=be1a9622770ec88863acd2a671708ded01bf6678
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:58:49:43:a2:08:73:9c:2c:e6:54:84:14:3f:
                    1c:eb:de:85:bd:02:1e:af:90:62:da:18:7d:09:bd:
                    49:c7:f3:64:c8:7a:cf:f8:6f:f4:f9:fb:33:b5:87:
                    12:04:10:26:f9:e5:36:73:e0:c2:58:73:75:5d:7d:
                    99:a9:b1:b8:c9:79:cd:71:d3:a1:11:d7:23:91:1f:
                    83:e8:b3:23:09:f2:2a:6b:1b:2f:2d:16:50:93:e0:
                    32:b1:42:c2:5a:e0:05:63:48:99:cd:59:b9:79:df:
                    cb:e2:0b:26:e3:22:7c:69:f0:72:81:2b:3a:72:57:
                    7e:50:62:78:0b:39:28:a6:90:8a:cd:4d:35:a4:8b:
                    c9:a8:6c:ef:f7:f4:d0:1e:b0:75:81:34:88:77:69:
                    50:83:10:82:6c:8d:89:27:3e:a2:0c:f7:61:51:5d:
                    2f:43:c3:72:39:c9:e1:9e:32:51:99:64:76:5a:3d:
                    4c:67:58:c4:d8:f3:e8:31:25:67:51:2e:20:63:b7:
                    21:86:d6:14:3b:5f:57:be:2b:b8:3d:c0:68:e2:8f:
                    82:1d:21:7b:be:e3:ce:5a:26:96:c0:15:d5:14:36:
                    78:42:38:56:fc:87:90:e4:24:48:17:c0:89:09:1e:
                    75:8d:38:ed:60:2c:92:28:58:35:9e:11:5c:a8:72:
                    13:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:1A:96:22:77:0E:C8:88:63:AC:D2:A6:71:70:8D:ED:01:BF:66:78
            X509v3 Authority Key Identifier:
                keyid:D9:F2:00:E2:D3:86:83:A7:CB:1C:E5:CA:BB:EE:34:C0:68:83:4A:0B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2fIA4tOGg6fLHOXKu-40wGiDSgs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/307b98-c222-4835-8381-09c8fe724cd7/1/vhqWIncOyIhjrNKmcXCN7QG_Zng.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/80/307b98-c222-4835-8381-09c8fe724cd7/1/2fIA4tOGg6fLHOXKu-40wGiDSgs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.134.240.0/21

    Signature Algorithm: sha256WithRSAEncryption
         79:0e:7c:86:62:a1:86:f1:31:83:74:fe:38:f7:de:cf:b7:35:
         7b:11:26:72:5a:bb:ec:5f:fc:62:75:05:99:6a:58:48:7f:61:
         17:ab:09:81:d4:eb:d4:d9:da:86:6a:d4:4c:53:bd:59:82:53:
         a9:49:7b:e5:f5:ca:78:7e:72:91:8b:f3:24:5a:ae:31:11:84:
         fb:a5:6d:30:ad:93:83:b5:4a:5e:50:33:2e:bd:6f:8e:98:c3:
         67:6b:fc:6d:c1:e0:cb:83:b2:b9:b8:60:82:b8:ba:37:48:4c:
         8b:90:d5:3d:bf:b3:bc:45:e4:de:d8:9e:8b:4c:e3:af:b1:53:
         5b:c7:24:00:49:89:bf:d3:fd:9d:6b:63:23:bf:60:48:af:52:
         0d:83:f9:cd:ae:a5:0c:74:77:7d:51:bb:06:d4:3d:0d:2e:b2:
         75:fb:47:d2:c0:7d:f1:6e:09:45:b0:53:ee:e1:0a:cf:a8:79:
         dc:02:09:02:9e:6f:cc:fc:5b:30:fc:0f:80:a6:e3:73:45:52:
         bf:68:16:4c:59:4c:2b:5f:42:40:05:db:ac:45:a0:cc:fd:fe:
         42:e9:22:97:1c:74:ab:9c:f8:3e:6d:6f:80:0b:4f:7b:fd:9f:
         bb:09:2f:d3:ce:a1:08:0c:3b:a0:17:b5:84:ca:84:50:fa:98:
         eb:27:8e:5b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxEdpCJN6+HruBLHSIYAi+BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZjIwMGUyZDM4NjgzYTdjYjFjZTVjYWJiZWUzNGMwNjg4
MzRhMGIwHhcNMjMxMjA3MTMyNzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTFhOTYyMjc3MGVjODg4NjNhY2QyYTY3MTcwOGRlZDAxYmY2Njc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjVhJQ6IIc5ws5lSEFD8c696FvQIe
r5Bi2hh9Cb1Jx/NkyHrP+G/0+fsztYcSBBAm+eU2c+DCWHN1XX2ZqbG4yXnNcdOh
EdcjkR+D6LMjCfIqaxsvLRZQk+AysULCWuAFY0iZzVm5ed/L4gsm4yJ8afBygSs6
cld+UGJ4CzkoppCKzU01pIvJqGzv9/TQHrB1gTSId2lQgxCCbI2JJz6iDPdhUV0v
Q8NyOcnhnjJRmWR2Wj1MZ1jE2PPoMSVnUS4gY7chhtYUO19Xviu4PcBo4o+CHSF7
vuPOWiaWwBXVFDZ4QjhW/IeQ5CRIF8CJCR51jTjtYCySKFg1nhFcqHIT9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL4aliJ3DsiIY6zSpnFwje0Bv2Z4MB8GA1UdIwQY
MBaAFNnyAOLThoOnyxzlyrvuNMBog0oLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmZJQTR0T0dnNmZMSE9YS3UtNDB3R2lEU2dzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMDdiOTgtYzIyMi00ODM1LTgzODEt
MDljOGZlNzI0Y2Q3LzEvdmhxV0luY095SWhqck5LbWNYQ043UUdfWm5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMDdiOTgtYzIyMi00ODM1LTgzODEtMDljOGZlNzI0Y2Q3
LzEvMmZJQTR0T0dnNmZMSE9YS3UtNDB3R2lEU2dzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDwYbwMA0G
CSqGSIb3DQEBCwUAA4IBAQB5DnyGYqGG8TGDdP44997PtzV7ESZyWrvsX/xidQWZ
alhIf2EXqwmB1OvU2dqGatRMU71ZglOpSXvl9cp4fnKRi/MkWq4xEYT7pW0wrZOD
tUpeUDMuvW+OmMNna/xtweDLg7K5uGCCuLo3SEyLkNU9v7O8ReTe2J6LTOOvsVNb
xyQASYm/0/2da2Mjv2BIr1INg/nNrqUMdHd9UbsG1D0NLrJ1+0fSwH3xbglFsFPu
4QrPqHncAgkCnm/M/Fsw/A+ApuNzRVK/aBZMWUwrX0JABdusRaDM/f5C6SKXHHSr
nPg+bW+AC097/Z+7CS/TzqEIDDugF7WEyoRQ+pjrJ45b
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:25 2024 by rpki-client on console-ams.rpki-client.org