Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/b41519-46fc-44da-a9af-e3f4bbcbbbd7/1/D-83e6x9r4X7qN5XVqbe5f4ozcw.roa
File:                     D-83e6x9r4X7qN5XVqbe5f4ozcw.roa (raw, json)
Hash identifier:          q0v8XCffWcVwSFJVhV8mBMMLc1xf4wq61tqcFeFKiuA=
Subject key identifier:   0F:EF:37:7B:AC:7D:AF:85:FB:A8:DE:57:56:A6:DE:E5:FE:28:CD:CC
Certificate issuer:       /CN=2031bc7f71bb0d1a8566fd4604214507c0d4711b
Certificate serial:       01857203530F4D6C4AAECCAB565B3A08510F
Authority key identifier: 20:31:BC:7F:71:BB:0D:1A:85:66:FD:46:04:21:45:07:C0:D4:71:1B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IDG8f3G7DRqFZv1GBCFFB8DUcRs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/89/b41519-46fc-44da-a9af-e3f4bbcbbbd7/1/D-83e6x9r4X7qN5XVqbe5f4ozcw.roa
Signing time:             Mon 02 Jan 2023 10:24:58 +0000
ROA not before:           Mon 02 Jan 2023 10:24:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49362
IP address blocks:        193.9.160.0/19 maxlen: 19
                          2a0d:aa00::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:03:53:0f:4d:6c:4a:ae:cc:ab:56:5b:3a:08:51:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2031bc7f71bb0d1a8566fd4604214507c0d4711b
        Validity
            Not Before: Jan  2 10:24:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0fef377bac7daf85fba8de5756a6dee5fe28cdcc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:ec:fd:ee:c8:5c:91:35:8d:0d:79:df:6d:6b:
                    fc:76:c9:3c:66:a1:5f:1f:45:f1:df:1f:bf:20:73:
                    f0:13:39:01:c0:56:4d:86:86:b7:90:72:35:87:71:
                    0a:0e:f1:a3:91:72:79:e0:5d:a3:b8:ef:4a:67:78:
                    31:b7:28:58:4d:df:aa:7e:c7:01:01:ce:ac:78:f6:
                    6e:c4:c3:cb:6e:44:2e:50:1f:40:bd:90:a1:ae:f2:
                    a9:ce:91:ba:be:00:57:39:e8:a4:79:db:a3:ab:81:
                    91:b5:9e:c9:4d:16:3c:6f:5e:91:00:3c:ef:94:c9:
                    fe:60:f6:93:22:ae:d0:c3:bd:47:a3:32:d4:d0:6d:
                    25:ad:b2:7d:11:6b:f8:75:21:90:53:ae:38:43:68:
                    ab:a7:ce:48:ee:da:2a:47:26:9f:b5:84:bb:73:84:
                    4f:cb:73:3a:89:8c:57:cb:a7:1a:cf:65:28:0b:00:
                    c7:d2:b8:1d:f4:84:ad:53:0d:23:60:1f:01:9e:12:
                    4b:e8:d4:94:19:da:34:19:0c:f9:79:b2:dd:f3:e6:
                    91:9e:f7:e3:bc:be:27:03:a8:1a:7d:02:14:a8:11:
                    40:4c:aa:7a:d9:93:0d:b7:fe:5b:16:3e:e5:0f:58:
                    56:be:d0:23:e0:67:f0:a0:df:43:d8:0f:17:93:e6:
                    0c:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:EF:37:7B:AC:7D:AF:85:FB:A8:DE:57:56:A6:DE:E5:FE:28:CD:CC
            X509v3 Authority Key Identifier:
                keyid:20:31:BC:7F:71:BB:0D:1A:85:66:FD:46:04:21:45:07:C0:D4:71:1B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IDG8f3G7DRqFZv1GBCFFB8DUcRs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/b41519-46fc-44da-a9af-e3f4bbcbbbd7/1/D-83e6x9r4X7qN5XVqbe5f4ozcw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/89/b41519-46fc-44da-a9af-e3f4bbcbbbd7/1/IDG8f3G7DRqFZv1GBCFFB8DUcRs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.9.160.0/19
                IPv6:
                  2a0d:aa00::/29

    Signature Algorithm: sha256WithRSAEncryption
         01:fc:d1:ab:76:b3:be:67:60:43:9a:00:d6:f7:2f:3a:38:27:
         db:e4:f8:3b:d7:64:fc:9b:55:36:c9:28:a6:e0:6a:94:b4:0e:
         99:74:73:da:c4:a3:02:f6:2a:29:e3:7e:fc:b0:4e:9c:77:c2:
         9a:f5:f9:19:84:86:0c:ab:4f:e6:7e:04:99:f8:59:cc:31:2e:
         de:49:ec:1e:04:2b:3c:14:4e:a7:34:3a:40:2d:6b:cf:e0:05:
         77:c4:1b:6a:b1:f8:90:3b:ae:f5:ae:73:ef:5d:ca:0c:3c:e6:
         35:dc:58:70:b0:5b:59:c5:f5:75:73:90:f9:f6:26:c1:39:3d:
         d7:b5:60:5f:bb:1c:47:47:d4:75:2d:9f:76:20:13:62:68:6d:
         a9:92:f1:b3:2b:7f:3d:4a:87:27:d5:8d:4f:31:c6:c6:aa:06:
         31:08:da:a6:d3:16:9a:2c:4f:dc:1c:4a:76:ee:4c:b6:7e:e0:
         86:2b:ab:24:cb:4a:27:5a:5e:f1:ec:fd:90:5b:79:67:87:0c:
         b7:84:d2:2a:d4:62:e4:49:6d:a3:f3:fa:9e:94:02:94:9a:07:
         24:0e:db:25:c8:06:cf:ee:79:07:3f:52:84:54:69:bd:14:31:
         7e:82:f5:62:27:ab:95:10:7a:ca:37:93:c7:c6:7b:36:00:f6:
         a0:03:65:9b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVyA1MPTWxKrsyrVls6CFEPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMzFiYzdmNzFiYjBkMWE4NTY2ZmQ0NjA0MjE0NTA3YzBk
NDcxMWIwHhcNMjMwMTAyMTAyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmVmMzc3YmFjN2RhZjg1ZmJhOGRlNTc1NmE2ZGVlNWZlMjhjZGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuOz97shckTWNDXnfbWv8dsk8ZqFf
H0Xx3x+/IHPwEzkBwFZNhoa3kHI1h3EKDvGjkXJ54F2juO9KZ3gxtyhYTd+qfscB
Ac6sePZuxMPLbkQuUB9AvZChrvKpzpG6vgBXOeikedujq4GRtZ7JTRY8b16RADzv
lMn+YPaTIq7Qw71HozLU0G0lrbJ9EWv4dSGQU644Q2irp85I7toqRyaftYS7c4RP
y3M6iYxXy6caz2UoCwDH0rgd9IStUw0jYB8BnhJL6NSUGdo0GQz5ebLd8+aRnvfj
vL4nA6gafQIUqBFATKp62ZMNt/5bFj7lD1hWvtAj4GfwoN9D2A8Xk+YMTQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFA/vN3usfa+F+6jeV1am3uX+KM3MMB8GA1UdIwQY
MBaAFCAxvH9xuw0ahWb9RgQhRQfA1HEbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSURHOGYzRzdEUnFGWnYxR0JDRkZCOERVY1JzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9iNDE1MTktNDZmYy00NGRhLWE5YWYt
ZTNmNGJiY2JiYmQ3LzEvRC04M2U2eDlyNFg3cU41WFZxYmU1ZjRvemN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9iNDE1MTktNDZmYy00NGRhLWE5YWYtZTNmNGJiY2JiYmQ3
LzEvSURHOGYzRzdEUnFGWnYxR0JDRkZCOERVY1JzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQFwQmgMA0E
AgACMAcDBQMqDaoAMA0GCSqGSIb3DQEBCwUAA4IBAQAB/NGrdrO+Z2BDmgDW9y86
OCfb5Pg712T8m1U2ySim4GqUtA6ZdHPaxKMC9iop4378sE6cd8Ka9fkZhIYMq0/m
fgSZ+FnMMS7eSeweBCs8FE6nNDpALWvP4AV3xBtqsfiQO671rnPvXcoMPOY13Fhw
sFtZxfV1c5D59ibBOT3XtWBfuxxHR9R1LZ92IBNiaG2pkvGzK389Socn1Y1PMcbG
qgYxCNqm0xaaLE/cHEp27ky2fuCGK6sky0onWl7x7P2QW3lnhwy3hNIq1GLkSW2j
8/qelAKUmgckDtslyAbP7nkHP1KEVGm9FDF+gvViJ6uVEHrKN5PHxns2APagA2Wb
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:04 2024 by rpki-client on console-ams.rpki-client.org