Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/J3CVuz5nb7ATC89r_cEavGwXOFA.roa
File:                     J3CVuz5nb7ATC89r_cEavGwXOFA.roa (raw, json)
Hash identifier:          774pOfZj6s9FIVAcUpVh6yYtcacv1PvX4+t8HXSuWTY=
Subject key identifier:   27:70:95:BB:3E:67:6F:B0:13:0B:CF:6B:FD:C1:1A:BC:6C:17:38:50
Certificate issuer:       /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial:       01856F1DDA9AFD9EC46805AB2A01706EFB2A
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/J3CVuz5nb7ATC89r_cEavGwXOFA.roa
Signing time:             Sun 01 Jan 2023 20:55:05 +0000
ROA not before:           Sun 01 Jan 2023 20:55:05 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207193
IP address blocks:        194.104.152.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 05 Jan 2023 11:29:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:1d:da:9a:fd:9e:c4:68:05:ab:2a:01:70:6e:fb:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
        Validity
            Not Before: Jan  1 20:55:05 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=277095bb3e676fb0130bcf6bfdc11abc6c173850
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:3c:4f:6e:47:da:07:f5:39:5e:20:93:51:dc:
                    fb:b2:b9:9b:d9:24:11:9f:ec:e1:45:d8:fe:3a:7e:
                    6c:cd:d1:15:b2:d4:d9:9d:6c:b4:1a:e1:d7:56:8e:
                    c4:f2:68:db:26:03:bf:e2:65:b5:c5:dd:62:ec:41:
                    9a:c4:a0:e8:ae:82:11:ab:a3:56:d7:e4:14:a7:8f:
                    09:82:ad:ac:19:61:29:14:4a:95:7d:de:68:ed:4d:
                    d6:87:67:3c:81:9f:35:00:9a:39:16:12:72:a9:53:
                    7c:e2:68:48:73:eb:c3:6b:ad:fb:30:1b:bc:43:1c:
                    c6:a8:4b:b1:1e:3a:1f:83:47:24:2e:04:f5:16:23:
                    ce:df:68:70:ac:2d:fd:73:5f:9d:35:2f:76:ea:c0:
                    11:6c:ca:a2:e9:67:63:f1:59:ac:c9:0a:6a:a6:27:
                    7f:4c:b7:0d:e4:be:c0:2e:3f:83:af:17:0d:d6:0e:
                    1e:f7:a7:91:bd:78:a7:e0:c6:e9:fd:bb:5e:50:7a:
                    e5:a0:f4:78:93:36:ea:cf:0e:f6:fd:d4:c0:ba:f2:
                    a9:47:55:6c:94:19:df:3c:d3:22:92:f7:5c:f3:e4:
                    71:00:8f:18:4d:76:98:41:f0:8a:2d:f3:02:a6:84:
                    1f:59:1e:a2:ef:ba:10:38:86:9a:ea:99:19:1d:36:
                    3b:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:70:95:BB:3E:67:6F:B0:13:0B:CF:6B:FD:C1:1A:BC:6C:17:38:50
            X509v3 Authority Key Identifier:
                keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/J3CVuz5nb7ATC89r_cEavGwXOFA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.104.152.0/24

    Signature Algorithm: sha256WithRSAEncryption
         62:17:09:49:22:68:fe:f4:85:f6:39:87:31:21:27:a3:49:00:
         37:63:34:84:58:ec:0f:24:9b:a4:a4:9a:b0:46:62:a4:10:24:
         cb:84:19:79:2e:f5:f3:10:35:5c:00:79:58:a6:26:1e:28:41:
         09:b9:5e:17:6c:34:07:d6:d5:c1:5d:15:74:e1:c5:b7:9f:10:
         71:8e:6a:0b:79:82:36:54:ab:82:72:3c:88:ea:48:34:42:d3:
         75:e8:c9:66:71:79:cd:fc:b6:6d:17:20:a0:66:fa:6e:93:79:
         dc:0f:aa:4c:d8:34:7d:a3:51:50:53:d0:09:1a:55:a7:de:e7:
         65:d6:21:d3:6c:e0:5a:5a:d9:9b:95:b7:f7:91:4f:12:87:57:
         ce:3f:1a:73:aa:76:70:4c:a5:8c:49:59:87:99:48:b2:d0:6a:
         2c:71:bf:5a:b6:96:7c:24:26:8a:ef:aa:38:7b:6d:55:ef:84:
         65:22:8b:34:63:a2:d6:23:cc:fa:7a:41:9b:4a:84:c3:7f:1f:
         e7:f4:4b:29:7d:6c:a4:e7:fa:c8:40:db:27:21:40:7b:57:65:
         31:11:ed:36:85:99:b3:01:b3:2a:af:80:2d:38:96:ae:d5:e3:
         c3:64:a2:97:e4:90:bb:0c:fc:78:9c:6e:6d:76:1f:4c:f9:09:
         73:aa:9e:a6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvHdqa/Z7EaAWrKgFwbvsqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjMwMTAxMjA1NTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzcwOTViYjNlNjc2ZmIwMTMwYmNmNmJmZGMxMWFiYzZjMTczODUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkjxPbkfaB/U5XiCTUdz7srmb2SQR
n+zhRdj+On5szdEVstTZnWy0GuHXVo7E8mjbJgO/4mW1xd1i7EGaxKDoroIRq6NW
1+QUp48Jgq2sGWEpFEqVfd5o7U3Wh2c8gZ81AJo5FhJyqVN84mhIc+vDa637MBu8
QxzGqEuxHjofg0ckLgT1FiPO32hwrC39c1+dNS926sARbMqi6Wdj8VmsyQpqpid/
TLcN5L7ALj+DrxcN1g4e96eRvXin4Mbp/bteUHrloPR4kzbqzw72/dTAuvKpR1Vs
lBnfPNMikvdc8+RxAI8YTXaYQfCKLfMCpoQfWR6i77oQOIaa6pkZHTY7ywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCdwlbs+Z2+wEwvPa/3BGrxsFzhQMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvSjNDVnV6NW5iN0FUQzg5cl9jRWF2R3dYT0ZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwmiYMA0G
CSqGSIb3DQEBCwUAA4IBAQBiFwlJImj+9IX2OYcxISejSQA3YzSEWOwPJJukpJqw
RmKkECTLhBl5LvXzEDVcAHlYpiYeKEEJuV4XbDQH1tXBXRV04cW3nxBxjmoLeYI2
VKuCcjyI6kg0QtN16MlmcXnN/LZtFyCgZvpuk3ncD6pM2DR9o1FQU9AJGlWn3udl
1iHTbOBaWtmblbf3kU8Sh1fOPxpzqnZwTKWMSVmHmUiy0Goscb9atpZ8JCaK76o4
e21V74RlIos0Y6LWI8z6ekGbSoTDfx/n9EspfWyk5/rIQNsnIUB7V2UxEe02hZmz
AbMqr4AtOJau1ePDZKKX5JC7DPx4nG5tdh9M+Qlzqp6m
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:46 2024 by rpki-client on console-ams.rpki-client.org