Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/4WO4PW1Y4VzR8hfZNzouCFF6KVQ.roa
File:                     4WO4PW1Y4VzR8hfZNzouCFF6KVQ.roa (raw, json)
Hash identifier:          Igw/LAW3ewgUpXMC1Mjp4JOMptVEuNDc65CcY8CSDOU=
Subject key identifier:   E1:63:B8:3D:6D:58:E1:5C:D1:F2:17:D9:37:3A:2E:08:51:7A:29:54
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       0188D8A7A1E2A18CD363C517A2213E2DB4B3
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/4WO4PW1Y4VzR8hfZNzouCFF6KVQ.roa
Signing time:             Tue 20 Jun 2023 11:54:04 +0000
ROA not before:           Tue 20 Jun 2023 11:54:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     23470
IP address blocks:        213.152.42.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 20 Jul 2023 16:15:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:d8:a7:a1:e2:a1:8c:d3:63:c5:17:a2:21:3e:2d:b4:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Jun 20 11:54:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e163b83d6d58e15cd1f217d9373a2e08517a2954
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:cc:e4:ba:5e:5a:dc:23:19:d4:70:aa:ad:b8:
                    46:9e:69:41:56:c8:c5:4c:ea:cc:df:8e:4f:1d:d7:
                    e6:0f:78:0d:0e:a7:ac:c7:a4:35:e9:dc:fd:b6:a7:
                    1c:80:b5:0d:6e:f1:0f:e2:ec:43:9f:9c:6e:8f:3b:
                    75:93:84:b8:04:a4:54:37:0d:89:e9:c6:3b:b7:c8:
                    c6:39:99:d3:cd:8b:80:28:e2:20:b2:9b:c8:c4:d2:
                    25:2c:0e:8d:b9:94:c4:2c:67:a4:1f:35:f3:75:9a:
                    1b:7f:97:22:31:03:55:82:5c:a3:eb:5e:d5:53:89:
                    51:35:42:c7:ab:31:80:7f:6c:49:fb:ab:b6:fe:4d:
                    97:4f:dc:d7:c1:c8:9e:a8:0d:30:fe:c7:8f:a7:e7:
                    52:12:3b:c2:ce:6b:fd:9f:88:79:ac:09:25:74:ef:
                    2f:33:56:e2:7f:d5:e1:a5:4f:ad:0b:2b:0c:58:38:
                    3f:80:76:01:88:4e:bf:25:1c:c8:ba:54:4a:6c:48:
                    c1:61:90:60:98:7e:ac:36:98:fa:9d:44:b0:3a:83:
                    6a:ad:88:ce:3b:a8:61:67:00:dd:04:60:8f:72:06:
                    8f:82:74:53:86:48:3c:72:2f:f2:61:d1:84:19:7e:
                    a1:61:62:79:d9:2e:49:a0:f4:e8:dc:0b:e7:6c:3f:
                    9e:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:63:B8:3D:6D:58:E1:5C:D1:F2:17:D9:37:3A:2E:08:51:7A:29:54
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/4WO4PW1Y4VzR8hfZNzouCFF6KVQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.152.42.0/24

    Signature Algorithm: sha256WithRSAEncryption
         22:2e:44:28:f2:89:f6:f3:1c:f4:27:1a:47:b3:27:57:aa:9d:
         21:a8:6e:09:6d:21:86:1e:b1:a8:f9:20:f5:f0:04:ae:c7:14:
         22:84:e8:af:43:69:c5:f1:76:bd:94:00:28:48:9c:6b:41:20:
         5a:14:58:ef:e3:1e:3c:76:c5:a0:7f:a8:97:42:be:a5:dd:bb:
         c8:7c:4f:74:f0:b5:fc:d7:17:9b:65:04:e3:8a:8b:de:25:15:
         a7:33:49:2e:4a:2a:9a:09:a1:05:78:15:2b:c6:bc:2c:90:33:
         47:c5:0f:c5:32:64:0f:43:6a:99:65:58:7f:fe:6b:8e:37:4f:
         af:84:0f:f5:3f:ad:e6:50:4a:74:5c:90:a3:5a:ea:a1:ff:40:
         bb:98:46:1f:1b:67:ad:f1:cd:23:73:8c:66:5e:80:0a:8a:2d:
         5b:f2:d4:89:ad:76:b9:e0:ce:cc:fb:0a:6f:bd:c4:1a:03:d2:
         ee:c3:c1:8e:98:2f:a1:71:ed:43:b9:3d:7e:6e:56:0a:c8:47:
         3a:2f:b0:5c:e2:f8:77:b6:97:95:44:8a:9c:cc:c3:18:81:44:
         9d:e1:39:6a:98:26:16:ec:09:07:6a:95:c6:32:05:ec:10:d7:
         af:9b:7d:21:c4:6b:f9:d4:7e:8d:75:7f:75:0b:6a:26:59:8a:
         48:12:cb:7b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYjYp6HioYzTY8UXoiE+LbSzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNjIwMTE1NDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTYzYjgzZDZkNThlMTVjZDFmMjE3ZDkzNzNhMmUwODUxN2EyOTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApczkul5a3CMZ1HCqrbhGnmlBVsjF
TOrM345PHdfmD3gNDqesx6Q16dz9tqccgLUNbvEP4uxDn5xujzt1k4S4BKRUNw2J
6cY7t8jGOZnTzYuAKOIgspvIxNIlLA6NuZTELGekHzXzdZobf5ciMQNVglyj617V
U4lRNULHqzGAf2xJ+6u2/k2XT9zXwcieqA0w/sePp+dSEjvCzmv9n4h5rAkldO8v
M1bif9XhpU+tCysMWDg/gHYBiE6/JRzIulRKbEjBYZBgmH6sNpj6nUSwOoNqrYjO
O6hhZwDdBGCPcgaPgnRThkg8ci/yYdGEGX6hYWJ52S5JoPTo3AvnbD+eGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOFjuD1tWOFc0fIX2Tc6LghReilUMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvNFdPNFBXMVk0VnpSOGhmWk56b3VDRkY2S1ZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1ZgqMA0G
CSqGSIb3DQEBCwUAA4IBAQAiLkQo8on28xz0JxpHsydXqp0hqG4JbSGGHrGo+SD1
8ASuxxQihOivQ2nF8Xa9lAAoSJxrQSBaFFjv4x48dsWgf6iXQr6l3bvIfE908LX8
1xebZQTjioveJRWnM0kuSiqaCaEFeBUrxrwskDNHxQ/FMmQPQ2qZZVh//muON0+v
hA/1P63mUEp0XJCjWuqh/0C7mEYfG2et8c0jc4xmXoAKii1b8tSJrXa54M7M+wpv
vcQaA9Luw8GOmC+hce1DuT1+blYKyEc6L7Bc4vh3tpeVRIqczMMYgUSd4TlqmCYW
7AkHapXGMgXsENevm30hxGv51H6NdX91C2omWYpIEst7
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:20 2024 by rpki-client on console-ams.rpki-client.org