Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/P0xfgeDCLfRZ5eo3AzMLF3_Tj0o.roa
File:                     P0xfgeDCLfRZ5eo3AzMLF3_Tj0o.roa (raw, json)
Hash identifier:          rigWKVKKULNwtVbjMAytF9NIGzL9MvkMDb3sn7APS7Q=
Subject key identifier:   3F:4C:5F:81:E0:C2:2D:F4:59:E5:EA:37:03:33:0B:17:7F:D3:8F:4A
Certificate issuer:       /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial:       019036A2C1F6075EE9D55F9A4DC36DE0AF11
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/P0xfgeDCLfRZ5eo3AzMLF3_Tj0o.roa
Signing time:             Thu 20 Jun 2024 17:12:34 +0000
ROA not before:           Thu 20 Jun 2024 17:12:34 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     2121
IP address blocks:        193.0.24.0/21 maxlen: 21
                          2001:67c:64::/48 maxlen: 48

Validation:               Failed, certificate revoked on Thu 20 Jun 2024 18:05:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:36:a2:c1:f6:07:5e:e9:d5:5f:9a:4d:c3:6d:e0:af:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
        Validity
            Not Before: Jun 20 17:12:34 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=3f4c5f81e0c22df459e5ea3703330b177fd38f4a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:22:10:e2:6a:95:69:24:23:a8:f5:1c:79:cb:
                    79:43:2b:88:e8:a6:2b:a4:cb:49:4a:f8:f1:50:b8:
                    76:9e:99:0e:a6:19:29:08:a0:9a:7d:5c:5b:5a:d7:
                    62:33:e5:a9:18:d1:94:73:93:98:2d:2e:35:5b:1e:
                    62:b9:c8:3a:f8:3b:87:5f:b4:80:4d:2c:c1:c9:2f:
                    28:8a:5b:79:2b:d2:3a:2a:18:63:8a:35:49:92:d8:
                    43:9c:79:fb:6f:2a:b8:f1:44:cf:fd:cb:94:29:50:
                    49:37:ad:ff:fe:64:ad:da:fc:f6:d8:f4:48:7e:e1:
                    13:d1:1c:86:e9:83:e6:b8:b9:bb:24:55:27:89:b4:
                    cd:3d:33:41:dc:a6:7f:3c:08:27:31:d0:ac:50:f1:
                    87:d2:c9:0c:49:1a:ce:ea:3f:d6:14:e1:db:22:26:
                    4b:ac:a5:42:43:e0:8a:ce:28:d6:c8:25:fc:f9:a0:
                    42:9d:5a:9b:58:f1:5e:09:6f:2f:e5:53:f1:97:5e:
                    dc:a7:35:2d:b5:dc:0e:61:12:a0:b5:1c:af:5a:fd:
                    aa:83:d3:d2:34:02:42:6c:7e:37:2f:c2:c4:6a:df:
                    26:9f:ae:30:c3:ec:01:26:63:6a:84:44:42:ca:06:
                    03:52:57:14:b5:bf:27:25:fd:94:57:89:1f:d3:fe:
                    47:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:4C:5F:81:E0:C2:2D:F4:59:E5:EA:37:03:33:0B:17:7F:D3:8F:4A
            X509v3 Authority Key Identifier:
                keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/P0xfgeDCLfRZ5eo3AzMLF3_Tj0o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.0.24.0/21
                IPv6:
                  2001:67c:64::/48

    Signature Algorithm: sha256WithRSAEncryption
         31:64:81:18:36:5f:1a:d7:d6:5d:86:5b:80:ca:00:26:95:ee:
         b0:93:74:15:43:f8:1d:31:5b:be:cf:66:9a:31:15:18:b2:d6:
         2b:60:1f:26:c1:fd:8d:8d:ef:6d:de:6e:8a:d7:a1:d6:8a:40:
         ba:7f:48:cf:eb:1e:6d:1f:0e:17:7f:bf:92:b9:d5:7d:7c:0e:
         10:68:5a:fc:46:fe:34:17:1d:bb:23:5b:e4:b5:b9:48:35:4e:
         fe:73:51:5e:65:77:35:73:4d:18:b0:36:d5:e1:ca:bf:9e:39:
         f5:42:b3:12:25:0b:04:54:2f:d0:c1:7f:17:72:80:b7:af:5f:
         e6:11:2c:8e:ef:c5:2f:30:ce:4f:dc:3f:09:94:1a:14:11:b7:
         2d:4e:40:ce:f4:b6:5f:c1:03:dc:8a:e7:54:35:ff:45:37:1c:
         d8:48:56:14:3f:7e:8e:5f:61:7c:d2:71:d6:05:d6:93:09:5b:
         d9:7c:9e:44:4d:38:f6:a6:a0:86:28:5a:a7:e3:bb:87:d4:71:
         55:9e:c5:73:df:5c:71:35:66:58:1f:7f:fe:37:7a:3d:18:89:
         7a:b4:49:df:91:51:13:d0:78:31:8a:04:a6:fe:e1:f2:8f:0d:
         9b:02:5f:52:08:53:2b:d8:97:67:1e:06:44:04:c0:98:0d:ef:
         16:09:f2:50
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZA2osH2B17p1V+aTcNt4K8RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjIwMTcxMjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjRjNWY4MWUwYzIyZGY0NTllNWVhMzcwMzMzMGIxNzdmZDM4ZjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwCIQ4mqVaSQjqPUcect5QyuI6KYr
pMtJSvjxULh2npkOphkpCKCafVxbWtdiM+WpGNGUc5OYLS41Wx5iucg6+DuHX7SA
TSzByS8oilt5K9I6KhhjijVJkthDnHn7byq48UTP/cuUKVBJN63//mSt2vz22PRI
fuET0RyG6YPmuLm7JFUnibTNPTNB3KZ/PAgnMdCsUPGH0skMSRrO6j/WFOHbIiZL
rKVCQ+CKzijWyCX8+aBCnVqbWPFeCW8v5VPxl17cpzUttdwOYRKgtRyvWv2qg9PS
NAJCbH43L8LEat8mn64ww+wBJmNqhERCygYDUlcUtb8nJf2UV4kf0/5HEwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFD9MX4Hgwi30WeXqNwMzCxd/049KMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvUDB4ZmdlRENMZlJaNWVvM0F6TUxGM19UajBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADFkgRg2XxrX1l2GW4DK
ACaV7rCTdBVD+B0xW77PZpoxFRiy1itgHybB/Y2N723eborXodaKQLp/SM/rHm0f
Dhd/v5K51X18DhBoWvxG/jQXHbsjW+S1uUg1Tv5zUV5ldzVzTRiwNtXhyr+eOfVC
sxIlCwRUL9DBfxdygLevX+YRLI7vxS8wzk/cPwmUGhQRty1OQM70tl/BA9yK51Q1
/0U3HNhIVhQ/fo5fYXzScdYF1pMJW9l8nkRNOPamoIYoWqfju4fUcVWexXPfXHE1
Zlgff/43ej0YiXq0Sd+RURPQeDGKBKb+4fKPDZsCX1IIUyvYl2ceBkQEwJgN7xYJ
8lA=
-----END CERTIFICATE-----
Generated at Thu Jun 20 20:41:18 2024 by rpki-client on console-fra.rpki-client.org