Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/2fac9f-618c-42f6-9483-777f86166221/1/5jzhZaLsvYeWO-fMdhmW1oEORAs.roa
File:                     5jzhZaLsvYeWO-fMdhmW1oEORAs.roa (raw, json)
Hash identifier:          RId11aWsoBZtWnY6BXfmUjvK+I888djOW8NlhkZ2q5w=
Subject key identifier:   E6:3C:E1:65:A2:EC:BD:87:96:3B:E7:CC:76:19:96:D6:81:0E:44:0B
Certificate issuer:       /CN=fac089a9cd6a0375bae499cc06a4caa3071b5d4c
Certificate serial:       01856D8AF3FCF6FC051704FC5261D518112E
Authority key identifier: FA:C0:89:A9:CD:6A:03:75:BA:E4:99:CC:06:A4:CA:A3:07:1B:5D:4C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-sCJqc1qA3W65JnMBqTKowcbXUw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8b/2fac9f-618c-42f6-9483-777f86166221/1/5jzhZaLsvYeWO-fMdhmW1oEORAs.roa
Signing time:             Sun 01 Jan 2023 13:35:00 +0000
ROA not before:           Sun 01 Jan 2023 13:35:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209154
IP address blocks:        193.35.200.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:30:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:8a:f3:fc:f6:fc:05:17:04:fc:52:61:d5:18:11:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fac089a9cd6a0375bae499cc06a4caa3071b5d4c
        Validity
            Not Before: Jan  1 13:35:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e63ce165a2ecbd87963be7cc761996d6810e440b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:ae:b6:d4:46:ea:d2:e2:56:6f:b9:14:14:f1:
                    5a:4b:a1:aa:b1:14:03:c2:e1:bd:00:65:8d:a4:28:
                    e8:3c:77:60:f4:34:8e:a7:56:9f:ec:83:53:dd:7b:
                    e6:c3:2a:d0:6c:f3:79:73:f6:dd:ce:78:26:2c:98:
                    74:4b:0e:03:2c:8c:f0:8f:95:9d:96:61:89:00:66:
                    51:6c:23:b2:ca:8d:c2:3b:c8:b0:ef:03:f9:9d:cc:
                    bd:0c:29:0c:d7:eb:2d:69:a4:0f:92:54:94:55:d9:
                    88:f3:95:46:e3:29:10:88:0c:dc:89:e6:59:04:95:
                    a4:32:29:1e:47:9b:5a:5a:9a:f2:90:e0:1a:df:48:
                    66:7b:8b:ad:d2:0b:c9:46:1b:61:37:05:a3:07:65:
                    03:e2:f4:12:f0:d2:53:99:bc:33:fe:5a:d5:f6:8d:
                    21:a4:f0:0f:2f:e8:cf:c7:0e:20:80:75:fd:ed:b7:
                    4e:f3:e4:5c:1c:f7:af:45:2e:0f:52:31:84:d0:10:
                    75:66:69:5a:8f:f0:7a:df:56:eb:07:1d:bb:ce:3e:
                    6b:3a:33:98:11:6f:d0:64:19:1b:ca:e4:85:13:6a:
                    ac:e7:3e:fc:7c:a9:14:3b:d6:72:24:4d:dd:ff:aa:
                    dd:4c:7f:cf:b2:f5:51:3b:52:07:56:13:ba:24:9e:
                    34:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:3C:E1:65:A2:EC:BD:87:96:3B:E7:CC:76:19:96:D6:81:0E:44:0B
            X509v3 Authority Key Identifier:
                keyid:FA:C0:89:A9:CD:6A:03:75:BA:E4:99:CC:06:A4:CA:A3:07:1B:5D:4C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-sCJqc1qA3W65JnMBqTKowcbXUw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/2fac9f-618c-42f6-9483-777f86166221/1/5jzhZaLsvYeWO-fMdhmW1oEORAs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/2fac9f-618c-42f6-9483-777f86166221/1/1-sCJqc1qA3W65JnMBqTKowcbXUw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.35.200.0/22

    Signature Algorithm: sha256WithRSAEncryption
         04:73:0e:4e:e9:a9:c9:82:8d:b2:e7:b4:f6:70:a7:00:28:09:
         30:15:9b:e5:d7:32:d9:43:04:fe:6f:78:38:87:73:c2:2d:54:
         79:3c:11:50:98:0d:b7:e8:8c:f1:d6:9a:a3:e9:39:90:65:e3:
         50:4c:8c:55:19:1b:2f:6d:6b:7c:35:27:ed:8d:1d:b7:09:4c:
         59:8d:c1:34:4c:2c:74:02:bc:d5:08:77:bf:c3:fe:0a:bc:8e:
         33:ae:7b:51:73:45:30:70:d5:d9:ea:6a:9b:fa:5e:41:d4:b8:
         e0:4d:86:f2:91:fe:eb:e9:be:6a:fb:a9:e8:f1:5f:4d:a6:1e:
         b6:9b:51:be:11:f0:a1:6d:37:9a:6d:2f:da:92:f9:16:69:e8:
         57:a3:77:15:f6:c5:4e:ca:3d:21:bd:41:63:e2:57:4e:14:80:
         26:98:96:e5:ce:ee:2c:15:61:cb:3e:b5:bb:05:b4:b8:c1:b5:
         be:30:7b:46:ab:6f:47:cc:8e:81:9d:c3:1b:47:77:ce:e3:6d:
         09:fb:89:43:26:d5:ee:5a:7f:51:c6:ee:1f:40:d1:91:8b:73:
         72:ae:a1:32:11:05:40:6c:06:95:27:63:d9:98:95:e4:a1:f3:
         3a:17:b2:8a:65:cc:ff:77:6d:b0:8d:77:3f:1f:a1:25:d5:f6:
         40:3d:3c:39
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVtivP89vwFFwT8UmHVGBEuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhYzA4OWE5Y2Q2YTAzNzViYWU0OTljYzA2YTRjYWEzMDcx
YjVkNGMwHhcNMjMwMTAxMTMzNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjNjZTE2NWEyZWNiZDg3OTYzYmU3Y2M3NjE5OTZkNjgxMGU0NDBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0q621Ebq0uJWb7kUFPFaS6GqsRQD
wuG9AGWNpCjoPHdg9DSOp1af7INT3XvmwyrQbPN5c/bdzngmLJh0Sw4DLIzwj5Wd
lmGJAGZRbCOyyo3CO8iw7wP5ncy9DCkM1+staaQPklSUVdmI85VG4ykQiAzcieZZ
BJWkMikeR5taWprykOAa30hme4ut0gvJRhthNwWjB2UD4vQS8NJTmbwz/lrV9o0h
pPAPL+jPxw4ggHX97bdO8+RcHPevRS4PUjGE0BB1Zmlaj/B631brBx27zj5rOjOY
EW/QZBkbyuSFE2qs5z78fKkUO9ZyJE3d/6rdTH/PsvVRO1IHVhO6JJ40AwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFOY84WWi7L2HljvnzHYZltaBDkQLMB8GA1UdIwQY
MBaAFPrAianNagN1uuSZzAakyqMHG11MMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1zQ0pxYzFxQTNXNjVKbk1CcVRLb3djYlhVdy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGIvMmZhYzlmLTYxOGMtNDJmNi05NDgz
LTc3N2Y4NjE2NjIyMS8xLzVqemhaYUxzdlllV08tZk1kaG1XMW9FT1JBcy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOGIvMmZhYzlmLTYxOGMtNDJmNi05NDgzLTc3N2Y4NjE2NjIy
MS8xLzEtc0NKcWMxcUEzVzY1Sm5NQnFUS293Y2JYVXcuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBALBI8gw
DQYJKoZIhvcNAQELBQADggEBAARzDk7pqcmCjbLntPZwpwAoCTAVm+XXMtlDBP5v
eDiHc8ItVHk8EVCYDbfojPHWmqPpOZBl41BMjFUZGy9ta3w1J+2NHbcJTFmNwTRM
LHQCvNUId7/D/gq8jjOue1FzRTBw1dnqapv6XkHUuOBNhvKR/uvpvmr7qejxX02m
HrabUb4R8KFtN5ptL9qS+RZp6FejdxX2xU7KPSG9QWPiV04UgCaYluXO7iwVYcs+
tbsFtLjBtb4we0arb0fMjoGdwxtHd87jbQn7iUMm1e5af1HG7h9A0ZGLc3KuoTIR
BUBsBpUnY9mYleSh8zoXsoplzP93bbCNdz8foSXV9kA9PDk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:42 2024 by rpki-client on console-ams.rpki-client.org