Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/d29fe7-8c22-4aaa-b8d6-660f39f64316/1/X3U1s0761ZGJ0cOFtqZVndtIopI.roa
File:                     X3U1s0761ZGJ0cOFtqZVndtIopI.roa (raw, json)
Hash identifier:          jK5saEBj3X3xNdFTHPFXWvdczPOVzmHwfVnX9FMkm/U=
Subject key identifier:   5F:75:35:B3:4E:FA:D5:91:89:D1:C3:85:B6:A6:55:9D:DB:48:A2:92
Certificate issuer:       /CN=1da81713853c9b18d410d4ff3099ab668e69b3f5
Certificate serial:       01856D4193855A33B54587B948565D8DA003
Authority key identifier: 1D:A8:17:13:85:3C:9B:18:D4:10:D4:FF:30:99:AB:66:8E:69:B3:F5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HagXE4U8mxjUENT_MJmrZo5ps_U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/83/d29fe7-8c22-4aaa-b8d6-660f39f64316/1/X3U1s0761ZGJ0cOFtqZVndtIopI.roa
Signing time:             Sun 01 Jan 2023 12:14:52 +0000
ROA not before:           Sun 01 Jan 2023 12:14:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     14618
IP address blocks:        193.131.114.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:41:93:85:5a:33:b5:45:87:b9:48:56:5d:8d:a0:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1da81713853c9b18d410d4ff3099ab668e69b3f5
        Validity
            Not Before: Jan  1 12:14:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5f7535b34efad59189d1c385b6a6559ddb48a292
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:e2:d0:c1:79:d8:ad:d1:ad:fc:c6:8d:bc:ee:
                    82:a9:6d:bb:bb:93:92:90:5c:3b:7f:07:79:6b:c2:
                    05:bc:63:48:f0:df:b5:bc:c4:49:c7:52:de:65:7d:
                    49:30:e5:2c:fa:bf:f3:46:0f:39:49:5a:b3:81:fb:
                    96:8f:fc:80:bb:43:bb:8d:56:16:c0:c6:32:0a:ca:
                    2b:3d:c1:c2:a4:9e:55:80:23:3f:b9:1f:31:45:b1:
                    95:6d:5e:bb:22:fc:91:11:c7:ba:88:7b:bf:f3:14:
                    4c:8c:65:f5:69:f5:49:c3:0b:b2:2c:68:dd:ef:7c:
                    3c:61:8f:21:34:9b:a6:7c:91:4a:69:15:04:2f:38:
                    f5:bb:57:b6:d6:73:78:f2:be:b4:9e:89:58:07:d3:
                    f9:76:e1:5f:34:33:5c:4d:b6:a9:1e:e7:8f:72:10:
                    36:aa:ca:0e:18:f8:5a:c7:5e:37:1c:6e:da:5c:b3:
                    95:73:62:46:d6:66:74:f5:d7:c1:b9:21:d2:e5:8f:
                    15:40:c4:36:a9:e4:68:19:72:4e:a8:27:4d:e3:51:
                    8a:22:aa:90:d4:64:2a:dd:94:d4:a7:05:ef:d3:6c:
                    f9:c6:29:5e:aa:19:fe:40:8d:00:7d:cd:51:aa:2c:
                    14:40:88:e7:c9:67:86:8d:45:41:c6:80:fe:31:78:
                    37:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:75:35:B3:4E:FA:D5:91:89:D1:C3:85:B6:A6:55:9D:DB:48:A2:92
            X509v3 Authority Key Identifier:
                keyid:1D:A8:17:13:85:3C:9B:18:D4:10:D4:FF:30:99:AB:66:8E:69:B3:F5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HagXE4U8mxjUENT_MJmrZo5ps_U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/d29fe7-8c22-4aaa-b8d6-660f39f64316/1/X3U1s0761ZGJ0cOFtqZVndtIopI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/83/d29fe7-8c22-4aaa-b8d6-660f39f64316/1/HagXE4U8mxjUENT_MJmrZo5ps_U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.131.114.0/23

    Signature Algorithm: sha256WithRSAEncryption
         3b:64:6f:00:10:b7:7b:8d:00:43:a3:91:c8:6d:92:f8:a8:fb:
         04:76:68:9d:ef:ce:cb:6c:4a:3e:dd:a1:40:08:c9:5c:cc:f9:
         86:29:22:d6:0b:d7:94:df:68:25:af:e9:23:23:1a:e4:4d:b2:
         8c:4c:17:13:bd:fc:33:a0:40:2c:ef:45:d3:9b:27:55:b9:49:
         be:03:84:d8:cd:f1:2e:79:5e:bb:b9:46:8c:22:97:dd:01:c6:
         f3:66:c0:1f:35:cc:6f:58:42:78:52:d1:02:be:9e:c9:44:00:
         dc:35:0f:2a:ce:6d:0d:85:56:51:d1:ac:ee:a3:1f:fa:53:d1:
         64:86:8a:fc:ed:e4:05:4b:0b:66:14:7b:bc:07:cb:c6:3b:29:
         b4:0f:ef:cc:92:f8:b7:48:10:3d:5a:03:d4:e3:bd:d3:de:8e:
         3b:7a:cb:4d:dd:70:4a:67:1b:d3:54:20:cf:97:d9:97:44:c4:
         58:06:57:48:f1:28:39:74:6d:e8:ff:8c:25:32:2f:a3:0f:3c:
         b5:93:80:8b:7c:66:8f:5e:bd:fa:f8:d7:4c:f7:6d:6a:c3:b6:
         dc:4b:94:cc:2e:32:04:a9:10:9b:1c:12:22:f1:6e:58:bf:79:
         12:83:0c:09:46:5a:d7:88:75:1a:a9:a6:d0:8b:46:2a:fe:b2:
         37:3b:24:c3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtQZOFWjO1RYe5SFZdjaADMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkYTgxNzEzODUzYzliMThkNDEwZDRmZjMwOTlhYjY2OGU2
OWIzZjUwHhcNMjMwMTAxMTIxNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Zjc1MzViMzRlZmFkNTkxODlkMWMzODViNmE2NTU5ZGRiNDhhMjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk+LQwXnYrdGt/MaNvO6CqW27u5OS
kFw7fwd5a8IFvGNI8N+1vMRJx1LeZX1JMOUs+r/zRg85SVqzgfuWj/yAu0O7jVYW
wMYyCsorPcHCpJ5VgCM/uR8xRbGVbV67IvyREce6iHu/8xRMjGX1afVJwwuyLGjd
73w8YY8hNJumfJFKaRUELzj1u1e21nN48r60nolYB9P5duFfNDNcTbapHuePchA2
qsoOGPhax143HG7aXLOVc2JG1mZ09dfBuSHS5Y8VQMQ2qeRoGXJOqCdN41GKIqqQ
1GQq3ZTUpwXv02z5xileqhn+QI0Afc1RqiwUQIjnyWeGjUVBxoD+MXg3iwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF91NbNO+tWRidHDhbamVZ3bSKKSMB8GA1UdIwQY
MBaAFB2oFxOFPJsY1BDU/zCZq2aOabP1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGFnWEU0VThteGpVRU5UX01KbXJabzVwc19VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My9kMjlmZTctOGMyMi00YWFhLWI4ZDYt
NjYwZjM5ZjY0MzE2LzEvWDNVMXMwNzYxWkdKMGNPRnRxWlZuZHRJb3BJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My9kMjlmZTctOGMyMi00YWFhLWI4ZDYtNjYwZjM5ZjY0MzE2
LzEvSGFnWEU0VThteGpVRU5UX01KbXJabzVwc19VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwYNyMA0G
CSqGSIb3DQEBCwUAA4IBAQA7ZG8AELd7jQBDo5HIbZL4qPsEdmid787LbEo+3aFA
CMlczPmGKSLWC9eU32glr+kjIxrkTbKMTBcTvfwzoEAs70XTmydVuUm+A4TYzfEu
eV67uUaMIpfdAcbzZsAfNcxvWEJ4UtECvp7JRADcNQ8qzm0NhVZR0azuox/6U9Fk
hor87eQFSwtmFHu8B8vGOym0D+/Mkvi3SBA9WgPU473T3o47estN3XBKZxvTVCDP
l9mXRMRYBldI8Sg5dG3o/4wlMi+jDzy1k4CLfGaPXr36+NdM921qw7bcS5TMLjIE
qRCbHBIi8W5Yv3kSgwwJRlrXiHUaqabQi0Yq/rI3OyTD
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:19 2024 by rpki-client on console-fra.rpki-client.org