Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/djqIRJ-ZShGYuL7Jx7bqGkZ1ptM.roa
File:                     djqIRJ-ZShGYuL7Jx7bqGkZ1ptM.roa (raw, json)
Hash identifier:          F2QxkDsNC7FTsxDlp3PYY0nJBd9JMmdMGMvkQL31AbQ=
Subject key identifier:   76:3A:88:44:9F:99:4A:11:98:B8:BE:C9:C7:B6:EA:1A:46:75:A6:D3
Certificate issuer:       /CN=3aba1172472ea80265d12982967de0a8b0bc5901
Certificate serial:       018A85263C120E20C7DBD3B7ED016230A2AA
Authority key identifier: 3A:BA:11:72:47:2E:A8:02:65:D1:29:82:96:7D:E0:A8:B0:BC:59:01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OroRckcuqAJl0SmCln3gqLC8WQE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/djqIRJ-ZShGYuL7Jx7bqGkZ1ptM.roa
Signing time:             Mon 11 Sep 2023 16:49:50 +0000
ROA not before:           Mon 11 Sep 2023 16:49:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49600
IP address blocks:        193.46.219.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:29:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:85:26:3c:12:0e:20:c7:db:d3:b7:ed:01:62:30:a2:aa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3aba1172472ea80265d12982967de0a8b0bc5901
        Validity
            Not Before: Sep 11 16:49:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=763a88449f994a1198b8bec9c7b6ea1a4675a6d3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:1d:42:d4:d4:c3:d6:62:4b:54:05:a6:5e:79:
                    39:a9:97:65:9b:bf:52:bc:a1:24:2a:87:2e:2b:d8:
                    a8:91:2b:08:b4:4e:2d:4d:ea:91:a5:db:66:2e:14:
                    d6:40:32:d8:97:ed:28:df:dd:af:fc:79:eb:23:39:
                    9b:c6:b9:59:34:d9:39:dc:0e:21:60:e0:20:31:4b:
                    ce:1a:43:3f:94:fd:ed:e5:85:4a:62:57:f4:15:5a:
                    9e:de:73:23:0a:ff:97:1b:92:16:2d:0c:e5:38:4e:
                    ca:f3:dc:ed:51:19:f4:65:6d:1d:64:6a:1e:43:bb:
                    bf:8d:bb:1d:05:4d:0d:ca:ac:0b:d9:ef:16:15:63:
                    55:fe:19:02:c0:23:9c:c0:13:af:3a:f0:49:e4:e1:
                    df:42:be:00:bd:e6:91:33:1b:da:09:8f:12:b4:43:
                    ef:eb:5a:fa:4c:46:5b:e7:fe:5b:59:33:95:fe:bc:
                    25:ec:37:90:56:3f:0c:41:35:d6:fb:a8:d2:6d:dd:
                    c9:4e:41:df:ea:29:b2:3b:e4:77:fa:35:ce:59:0c:
                    88:e5:f1:7b:99:6e:00:4c:92:13:e8:fb:92:db:0e:
                    80:07:a0:f2:6b:bc:c8:90:f1:41:59:4c:91:a6:d0:
                    47:9e:68:ed:10:3a:d6:e0:56:0b:45:10:a2:3d:89:
                    d1:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:3A:88:44:9F:99:4A:11:98:B8:BE:C9:C7:B6:EA:1A:46:75:A6:D3
            X509v3 Authority Key Identifier:
                keyid:3A:BA:11:72:47:2E:A8:02:65:D1:29:82:96:7D:E0:A8:B0:BC:59:01

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OroRckcuqAJl0SmCln3gqLC8WQE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/djqIRJ-ZShGYuL7Jx7bqGkZ1ptM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/OroRckcuqAJl0SmCln3gqLC8WQE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.46.219.0/24

    Signature Algorithm: sha256WithRSAEncryption
         63:78:29:27:e9:52:7f:fc:b4:0f:46:84:28:c9:ce:92:62:88:
         3a:d3:f7:2b:1e:d7:6a:29:d2:a2:f6:b8:4b:3f:75:94:0a:4c:
         82:b3:96:ac:29:b4:eb:ca:88:79:c9:43:a1:84:e2:ae:f1:94:
         b7:12:8c:b2:8d:03:6d:42:fa:85:86:9f:fc:6e:98:44:b4:3c:
         5e:89:32:16:2e:fb:04:6e:b6:b7:e5:eb:61:32:13:86:01:0b:
         8a:95:5f:4c:ed:e8:d7:3c:d5:57:38:34:a4:53:1c:b1:97:76:
         48:80:a3:c1:b5:db:e5:e5:89:45:80:bb:0e:63:50:89:69:50:
         b6:e6:98:9f:88:a9:f2:e1:e0:ef:6a:56:46:36:8c:2f:10:92:
         77:eb:38:ca:38:6e:60:b5:54:96:96:a0:ed:4c:87:06:f5:f0:
         3e:8c:0e:8a:31:11:e2:aa:10:cc:d8:a2:ab:32:54:10:a6:d5:
         1c:c5:a1:bd:21:cf:c4:21:ce:50:84:89:34:f9:6f:70:88:03:
         cf:fe:69:3a:3c:7c:b6:72:e1:1c:1c:91:26:92:43:4a:7a:d6:
         d5:f6:2a:84:9a:6f:27:af:e2:68:d3:e3:c3:09:6b:0a:32:d4:
         c7:59:94:0d:40:22:d4:98:57:e5:92:99:43:4b:4e:f0:e1:28:
         a4:d6:2b:5d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYqFJjwSDiDH29O37QFiMKKqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhYmExMTcyNDcyZWE4MDI2NWQxMjk4Mjk2N2RlMGE4YjBi
YzU5MDEwHhcNMjMwOTExMTY0OTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjNhODg0NDlmOTk0YTExOThiOGJlYzljN2I2ZWExYTQ2NzVhNmQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlR1C1NTD1mJLVAWmXnk5qZdlm79S
vKEkKocuK9iokSsItE4tTeqRpdtmLhTWQDLYl+0o392v/HnrIzmbxrlZNNk53A4h
YOAgMUvOGkM/lP3t5YVKYlf0FVqe3nMjCv+XG5IWLQzlOE7K89ztURn0ZW0dZGoe
Q7u/jbsdBU0NyqwL2e8WFWNV/hkCwCOcwBOvOvBJ5OHfQr4AveaRMxvaCY8StEPv
61r6TEZb5/5bWTOV/rwl7DeQVj8MQTXW+6jSbd3JTkHf6imyO+R3+jXOWQyI5fF7
mW4ATJIT6PuS2w6AB6Dya7zIkPFBWUyRptBHnmjtEDrW4FYLRRCiPYnRRwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHY6iESfmUoRmLi+yce26hpGdabTMB8GA1UdIwQY
MBaAFDq6EXJHLqgCZdEpgpZ94KiwvFkBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3JvUmNrY3VxQUpsMFNtQ2xuM2dxTEM4V1FFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My83YjFjNTUtZGRkMC00MjgxLTgzNzgt
NGRkMDQzNDZhYmMzLzEvZGpxSVJKLVpTaEdZdUw3Sng3YnFHa1oxcHRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My83YjFjNTUtZGRkMC00MjgxLTgzNzgtNGRkMDQzNDZhYmMz
LzEvT3JvUmNrY3VxQUpsMFNtQ2xuM2dxTEM4V1FFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwS7bMA0G
CSqGSIb3DQEBCwUAA4IBAQBjeCkn6VJ//LQPRoQoyc6SYog60/crHtdqKdKi9rhL
P3WUCkyCs5asKbTryoh5yUOhhOKu8ZS3EoyyjQNtQvqFhp/8bphEtDxeiTIWLvsE
bra35ethMhOGAQuKlV9M7ejXPNVXODSkUxyxl3ZIgKPBtdvl5YlFgLsOY1CJaVC2
5pifiKny4eDvalZGNowvEJJ36zjKOG5gtVSWlqDtTIcG9fA+jA6KMRHiqhDM2KKr
MlQQptUcxaG9Ic/EIc5QhIk0+W9wiAPP/mk6PHy2cuEcHJEmkkNKetbV9iqEmm8n
r+Jo0+PDCWsKMtTHWZQNQCLUmFflkplDS07w4Sik1itd
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:04 2024 by rpki-client on console-ams.rpki-client.org