Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/a19d51-07e5-4db5-9d0e-66d3198bf1a2/1/wI6wgzLy3_6BNVChqaJyFTfoXBc.roa
File:                     wI6wgzLy3_6BNVChqaJyFTfoXBc.roa (raw, json)
Hash identifier:          XD0A/dAa+12OFcXjPQw9z5gRmneD200zGziWiEmnUp4=
Subject key identifier:   C0:8E:B0:83:32:F2:DF:FE:81:35:50:A1:A9:A2:72:15:37:E8:5C:17
Certificate issuer:       /CN=3d4276373b040fa9ac77e566c5b6cdf35b53b937
Certificate serial:       0190D9F520C29331FA8A6DDC5D8661407510
Authority key identifier: 3D:42:76:37:3B:04:0F:A9:AC:77:E5:66:C5:B6:CD:F3:5B:53:B9:37
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PUJ2NzsED6msd-VmxbbN81tTuTc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/83/a19d51-07e5-4db5-9d0e-66d3198bf1a2/1/wI6wgzLy3_6BNVChqaJyFTfoXBc.roa
Signing time:             Mon 22 Jul 2024 10:20:38 +0000
ROA not before:           Mon 22 Jul 2024 10:20:38 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     15830
IP address blocks:        193.238.232.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 23 Jul 2024 15:18:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:d9:f5:20:c2:93:31:fa:8a:6d:dc:5d:86:61:40:75:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3d4276373b040fa9ac77e566c5b6cdf35b53b937
        Validity
            Not Before: Jul 22 10:20:38 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=c08eb08332f2dffe813550a1a9a2721537e85c17
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:1f:9d:99:1a:53:cb:b1:30:0e:0e:06:f8:bd:
                    d8:2c:6f:ee:29:16:f5:46:dc:5f:88:79:7a:d7:86:
                    c8:d3:a3:15:e7:22:ea:5c:e9:91:d8:b0:cc:e3:0d:
                    ce:b2:bf:b3:dd:1e:91:82:31:66:fc:0d:a3:35:7d:
                    5e:74:a1:3d:1a:bb:4e:2a:b1:d9:74:a4:be:21:fe:
                    7f:19:ab:5f:d3:25:13:66:c9:09:59:de:3a:bb:70:
                    fe:ac:50:0f:a7:69:8e:71:58:26:d0:c4:2f:30:63:
                    b1:e4:42:c8:96:07:8c:5a:fc:c2:30:20:79:ba:68:
                    b8:40:d3:53:96:08:85:24:58:5b:e5:a9:5d:5c:95:
                    a1:bb:1e:9e:27:d7:8f:b5:5b:cf:7e:18:94:9f:b8:
                    aa:1b:56:32:c6:50:7f:ca:5e:c5:ae:36:f7:ae:37:
                    2c:f1:c6:5d:62:38:ee:f4:cf:11:64:0a:d3:c4:95:
                    5f:e0:14:9b:17:7e:52:0e:9d:57:50:ab:67:c9:ac:
                    da:4e:d0:93:04:b4:a7:90:03:6d:ef:26:3a:4a:4a:
                    aa:4f:3b:69:98:0b:c8:2d:87:b7:29:96:8c:15:3f:
                    48:0c:2d:02:41:3c:d3:75:3e:fb:90:cc:bd:6a:d6:
                    c9:b3:01:92:9d:c8:01:81:ad:51:67:f1:b8:9d:58:
                    ad:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:8E:B0:83:32:F2:DF:FE:81:35:50:A1:A9:A2:72:15:37:E8:5C:17
            X509v3 Authority Key Identifier:
                keyid:3D:42:76:37:3B:04:0F:A9:AC:77:E5:66:C5:B6:CD:F3:5B:53:B9:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PUJ2NzsED6msd-VmxbbN81tTuTc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/a19d51-07e5-4db5-9d0e-66d3198bf1a2/1/wI6wgzLy3_6BNVChqaJyFTfoXBc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/83/a19d51-07e5-4db5-9d0e-66d3198bf1a2/1/PUJ2NzsED6msd-VmxbbN81tTuTc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.238.232.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c6:33:01:78:fb:ce:f5:8e:ae:98:c5:d0:02:9a:f0:bd:8b:d5:
         6c:bd:cf:42:a5:9e:4a:ab:5b:df:94:75:5f:50:29:cf:2d:2a:
         24:17:02:78:47:a8:ad:a7:39:24:6c:19:2e:2c:b1:4a:ee:4f:
         e1:49:26:ad:e4:f9:20:48:3a:5b:47:8f:7f:b6:73:a0:70:94:
         f8:93:f9:00:23:03:e5:c8:5c:3b:01:37:73:25:a5:33:bd:14:
         e2:77:b8:66:4e:df:7f:a7:7e:c0:38:c5:f7:2a:a6:1a:fc:39:
         48:5f:ad:ae:3c:5f:89:05:27:b9:40:eb:5a:68:d0:58:e2:22:
         9b:d6:86:ff:3d:c8:ef:66:53:8b:b4:a5:22:4b:90:2f:96:98:
         ab:6a:46:c4:8b:d7:ee:3f:c7:2b:7b:e5:f1:d9:49:06:85:5e:
         dc:af:8f:1a:fb:c9:8c:b3:36:35:9c:f9:3d:be:79:a5:10:a1:
         e1:a6:d0:bd:1e:11:80:5d:5d:b9:46:1f:e4:89:0b:8d:23:19:
         28:8a:57:0e:1d:12:bb:76:80:0d:87:dd:5a:23:6f:2b:02:ba:
         7e:32:75:50:0e:32:ea:95:c8:8c:45:0c:fb:81:02:87:9c:98:
         53:7a:90:b7:4d:ab:86:1c:0d:8c:f7:d5:5a:f6:91:5a:f9:a5:
         94:32:45:51
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZDZ9SDCkzH6im3cXYZhQHUQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkNDI3NjM3M2IwNDBmYTlhYzc3ZTU2NmM1YjZjZGYzNWI1
M2I5MzcwHhcNMjQwNzIyMTAyMDM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDhlYjA4MzMyZjJkZmZlODEzNTUwYTFhOWEyNzIxNTM3ZTg1YzE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1R+dmRpTy7EwDg4G+L3YLG/uKRb1
RtxfiHl614bI06MV5yLqXOmR2LDM4w3Osr+z3R6RgjFm/A2jNX1edKE9GrtOKrHZ
dKS+If5/Gatf0yUTZskJWd46u3D+rFAPp2mOcVgm0MQvMGOx5ELIlgeMWvzCMCB5
umi4QNNTlgiFJFhb5aldXJWhux6eJ9ePtVvPfhiUn7iqG1YyxlB/yl7Frjb3rjcs
8cZdYjju9M8RZArTxJVf4BSbF35SDp1XUKtnyazaTtCTBLSnkANt7yY6SkqqTztp
mAvILYe3KZaMFT9IDC0CQTzTdT77kMy9atbJswGSncgBga1RZ/G4nVit2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMCOsIMy8t/+gTVQoamichU36FwXMB8GA1UdIwQY
MBaAFD1Cdjc7BA+prHflZsW2zfNbU7k3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFVKMk56c0VENm1zZC1WbXhiYk44MXRUdVRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My9hMTlkNTEtMDdlNS00ZGI1LTlkMGUt
NjZkMzE5OGJmMWEyLzEvd0k2d2d6THkzXzZCTlZDaHFhSnlGVGZvWEJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My9hMTlkNTEtMDdlNS00ZGI1LTlkMGUtNjZkMzE5OGJmMWEy
LzEvUFVKMk56c0VENm1zZC1WbXhiYk44MXRUdVRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwe7oMA0G
CSqGSIb3DQEBCwUAA4IBAQDGMwF4+871jq6YxdACmvC9i9Vsvc9CpZ5Kq1vflHVf
UCnPLSokFwJ4R6itpzkkbBkuLLFK7k/hSSat5PkgSDpbR49/tnOgcJT4k/kAIwPl
yFw7ATdzJaUzvRTid7hmTt9/p37AOMX3KqYa/DlIX62uPF+JBSe5QOtaaNBY4iKb
1ob/PcjvZlOLtKUiS5AvlpirakbEi9fuP8cre+Xx2UkGhV7cr48a+8mMszY1nPk9
vnmlEKHhptC9HhGAXV25Rh/kiQuNIxkoilcOHRK7doANh91aI28rArp+MnVQDjLq
lciMRQz7gQKHnJhTepC3TauGHA2M99Va9pFa+aWUMkVR
-----END CERTIFICATE-----
Generated at Tue Jul 23 19:32:02 2024 by rpki-client on console-fra.rpki-client.org