Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/846607-00c8-401d-bcfe-0a6f8b1c654d/1/9b7WfiLJ-gaqf02G8380VSRf5dQ.roa
File:                     9b7WfiLJ-gaqf02G8380VSRf5dQ.roa (raw, json)
Hash identifier:          ksD2DUY2QjP/0S1pi0gnepDyuateFaD/GpbBJ0SJj0c=
Subject key identifier:   F5:BE:D6:7E:22:C9:FA:06:AA:7F:4D:86:F3:7F:34:55:24:5F:E5:D4
Certificate issuer:       /CN=c77ff58d19af10bda4fcb0cf31e58de094bbbb48
Certificate serial:       018570C2CA6882B440BAA658550CCB87DFE6
Authority key identifier: C7:7F:F5:8D:19:AF:10:BD:A4:FC:B0:CF:31:E5:8D:E0:94:BB:BB:48
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/x3_1jRmvEL2k_LDPMeWN4JS7u0g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8b/846607-00c8-401d-bcfe-0a6f8b1c654d/1/9b7WfiLJ-gaqf02G8380VSRf5dQ.roa
Signing time:             Mon 02 Jan 2023 04:34:52 +0000
ROA not before:           Mon 02 Jan 2023 04:34:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     31493
IP address blocks:        194.33.63.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:30:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:c2:ca:68:82:b4:40:ba:a6:58:55:0c:cb:87:df:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c77ff58d19af10bda4fcb0cf31e58de094bbbb48
        Validity
            Not Before: Jan  2 04:34:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f5bed67e22c9fa06aa7f4d86f37f3455245fe5d4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:7b:74:67:b5:e2:91:9b:f8:21:a9:81:ff:2d:
                    3c:eb:c5:59:d1:73:48:32:f3:59:1b:94:e4:5a:d9:
                    83:b7:ba:23:80:bb:c0:60:4d:5e:d8:39:a9:c5:21:
                    c2:70:a2:dc:fc:4c:1b:66:f4:d8:b8:20:e9:a8:15:
                    80:28:59:fa:b8:c7:f6:88:46:c4:67:5c:70:78:62:
                    0d:44:4a:50:5e:98:a4:af:87:49:f9:b5:50:7d:f9:
                    96:ca:48:ba:41:62:78:20:e5:1e:ca:b0:7f:6c:3c:
                    fe:9f:40:fc:b5:c1:19:4f:06:84:a5:ce:13:68:b7:
                    dc:10:a7:77:d7:13:08:ab:bc:bb:8d:77:e9:0b:b9:
                    0d:02:43:6b:6c:4c:e6:bb:53:97:40:a6:73:9d:ec:
                    4d:b1:19:fa:c0:4e:10:07:20:7d:aa:7b:ea:26:45:
                    ce:77:cb:72:61:5a:ce:5e:8b:7d:92:9c:69:c8:53:
                    6b:18:6e:72:1e:63:21:8c:f1:47:7b:b1:ed:81:af:
                    54:d8:78:4c:ec:ce:a8:62:d9:e1:20:8c:96:cf:28:
                    fa:32:e0:17:53:f0:b4:27:cf:40:c3:a2:53:88:6d:
                    96:e2:bf:44:88:16:32:52:3f:a7:3c:ce:4e:41:72:
                    94:83:52:30:37:58:46:33:18:f8:77:11:b1:01:f0:
                    12:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:BE:D6:7E:22:C9:FA:06:AA:7F:4D:86:F3:7F:34:55:24:5F:E5:D4
            X509v3 Authority Key Identifier:
                keyid:C7:7F:F5:8D:19:AF:10:BD:A4:FC:B0:CF:31:E5:8D:E0:94:BB:BB:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x3_1jRmvEL2k_LDPMeWN4JS7u0g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/846607-00c8-401d-bcfe-0a6f8b1c654d/1/9b7WfiLJ-gaqf02G8380VSRf5dQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/846607-00c8-401d-bcfe-0a6f8b1c654d/1/x3_1jRmvEL2k_LDPMeWN4JS7u0g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.33.63.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2f:94:07:50:4a:e6:aa:31:9b:e5:77:86:d3:15:4b:38:da:0e:
         63:25:80:9e:5c:43:7e:68:f8:c9:b6:a5:0d:d6:cd:2f:57:3e:
         f3:1a:59:0e:95:a6:e4:76:94:9d:ad:ac:4d:61:e7:32:a8:f2:
         68:f6:8c:55:92:27:15:9e:1a:6c:97:f5:0d:2d:5f:8e:75:72:
         df:b6:e0:d1:8c:64:60:c8:ed:f3:1c:10:85:a8:05:b9:29:0d:
         48:d0:23:62:79:2a:02:af:f4:95:dd:a6:dc:08:2a:a4:7f:34:
         d0:e6:17:67:b2:ed:4d:6e:74:82:09:a2:46:94:76:ec:90:36:
         9e:a2:1d:e0:1b:73:f2:af:d2:e0:2f:d2:dc:6c:dc:bf:31:50:
         f4:ec:c2:84:9a:08:a7:33:f4:4e:b2:6e:cd:2e:5f:2c:a9:b0:
         0c:5b:5e:9a:07:f0:d9:65:4e:91:3f:b6:2d:86:87:f0:9d:bf:
         d6:66:72:08:3d:e6:ec:f5:94:88:4d:ce:20:eb:e7:b0:f8:d5:
         5e:3b:c7:13:44:9d:39:6e:bc:14:a1:41:17:c7:8c:86:d1:b2:
         99:3e:36:fb:66:44:47:bb:37:2a:0e:b4:c5:98:dd:0c:20:45:
         12:17:83:0e:07:2a:aa:26:71:1a:9b:c6:b9:0a:92:8e:9b:61:
         97:b7:4a:20
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwwspogrRAuqZYVQzLh9/mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3N2ZmNThkMTlhZjEwYmRhNGZjYjBjZjMxZTU4ZGUwOTRi
YmJiNDgwHhcNMjMwMTAyMDQzNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWJlZDY3ZTIyYzlmYTA2YWE3ZjRkODZmMzdmMzQ1NTI0NWZlNWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiHt0Z7XikZv4IamB/y0868VZ0XNI
MvNZG5TkWtmDt7ojgLvAYE1e2DmpxSHCcKLc/EwbZvTYuCDpqBWAKFn6uMf2iEbE
Z1xweGINREpQXpikr4dJ+bVQffmWyki6QWJ4IOUeyrB/bDz+n0D8tcEZTwaEpc4T
aLfcEKd31xMIq7y7jXfpC7kNAkNrbEzmu1OXQKZznexNsRn6wE4QByB9qnvqJkXO
d8tyYVrOXot9kpxpyFNrGG5yHmMhjPFHe7Htga9U2HhM7M6oYtnhIIyWzyj6MuAX
U/C0J89Aw6JTiG2W4r9EiBYyUj+nPM5OQXKUg1IwN1hGMxj4dxGxAfASIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPW+1n4iyfoGqn9NhvN/NFUkX+XUMB8GA1UdIwQY
MBaAFMd/9Y0ZrxC9pPywzzHljeCUu7tIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDNfMWpSbXZFTDJrX0xEUE1lV040SlM3dTBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi84NDY2MDctMDBjOC00MDFkLWJjZmUt
MGE2ZjhiMWM2NTRkLzEvOWI3V2ZpTEotZ2FxZjAyRzgzODBWU1JmNWRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi84NDY2MDctMDBjOC00MDFkLWJjZmUtMGE2ZjhiMWM2NTRk
LzEveDNfMWpSbXZFTDJrX0xEUE1lV040SlM3dTBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwiE/MA0G
CSqGSIb3DQEBCwUAA4IBAQAvlAdQSuaqMZvld4bTFUs42g5jJYCeXEN+aPjJtqUN
1s0vVz7zGlkOlabkdpSdraxNYecyqPJo9oxVkicVnhpsl/UNLV+OdXLftuDRjGRg
yO3zHBCFqAW5KQ1I0CNieSoCr/SV3abcCCqkfzTQ5hdnsu1NbnSCCaJGlHbskDae
oh3gG3Pyr9LgL9LcbNy/MVD07MKEmginM/ROsm7NLl8sqbAMW16aB/DZZU6RP7Yt
hofwnb/WZnIIPebs9ZSITc4g6+ew+NVeO8cTRJ05brwUoUEXx4yG0bKZPjb7ZkRH
uzcqDrTFmN0MIEUSF4MOByqqJnEam8a5CpKOm2GXt0og
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:46 2024 by rpki-client on console-ams.rpki-client.org