Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/9e47e9-3281-4d17-a6bc-e2a7fb848318/1/0N0zQZShn2K0T8s1oTIxtnGr_GY.roa
File:                     0N0zQZShn2K0T8s1oTIxtnGr_GY.roa (raw, json)
Hash identifier:          SH8vEsh+Uadq7b/9hrZbKPRRwA7dGMu5z5QVb8IH01o=
Subject key identifier:   D0:DD:33:41:94:A1:9F:62:B4:4F:CB:35:A1:32:31:B6:71:AB:FC:66
Certificate issuer:       /CN=74b4cd3edf521df8ec0a151111272d3fb91b99c3
Certificate serial:       0188BE9A3185CEBE3F6AD1E15B470107AA6F
Authority key identifier: 74:B4:CD:3E:DF:52:1D:F8:EC:0A:15:11:11:27:2D:3F:B9:1B:99:C3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dLTNPt9SHfjsChURESctP7kbmcM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/9e47e9-3281-4d17-a6bc-e2a7fb848318/1/0N0zQZShn2K0T8s1oTIxtnGr_GY.roa
Signing time:             Thu 15 Jun 2023 10:29:16 +0000
ROA not before:           Thu 15 Jun 2023 10:29:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     41152
IP address blocks:        193.148.64.0/22 maxlen: 22
                          91.227.246.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:34:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:be:9a:31:85:ce:be:3f:6a:d1:e1:5b:47:01:07:aa:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=74b4cd3edf521df8ec0a151111272d3fb91b99c3
        Validity
            Not Before: Jun 15 10:29:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d0dd334194a19f62b44fcb35a13231b671abfc66
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:37:f4:21:f9:e3:3c:bc:68:83:a5:13:7f:18:
                    0b:74:23:08:37:70:d4:4f:da:30:7e:0e:c3:9d:ab:
                    2f:50:b1:a5:da:80:ab:00:71:ef:5e:10:1f:df:bf:
                    e6:bb:ad:fe:cf:44:91:ec:9f:98:88:eb:86:df:46:
                    f1:a6:f1:bb:69:5a:fb:8a:d0:e7:3b:d0:d3:1b:d0:
                    fa:e2:c1:c3:55:0b:a7:13:8c:bf:b3:3f:bd:9b:71:
                    11:33:0b:a9:09:d7:59:f8:5f:d4:54:05:2e:83:04:
                    19:3f:6b:89:83:51:0e:43:b9:de:0c:8d:8c:2a:0c:
                    38:b4:f6:5d:fd:df:cf:d1:2d:ea:f3:5f:a0:7d:88:
                    03:dc:97:98:02:fc:1c:7b:cf:fc:a0:21:f5:1b:94:
                    8d:27:8a:9e:d6:6f:28:09:34:99:1f:55:05:7c:99:
                    a0:04:d4:6e:8b:20:99:70:41:1d:cc:25:32:9d:c4:
                    0c:e4:ad:ad:e4:7f:ef:4e:91:82:e1:e4:00:00:03:
                    4c:44:81:ce:10:2f:fd:4e:80:e5:03:e2:41:d5:0e:
                    c3:5a:c7:26:ef:97:5b:a6:46:d4:f7:dd:45:b0:c3:
                    aa:ab:50:a6:fd:82:ad:22:ed:7e:a3:89:4c:99:37:
                    76:8d:d0:84:ae:b3:c9:5f:72:b2:b1:33:7b:6e:b9:
                    8e:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:DD:33:41:94:A1:9F:62:B4:4F:CB:35:A1:32:31:B6:71:AB:FC:66
            X509v3 Authority Key Identifier:
                keyid:74:B4:CD:3E:DF:52:1D:F8:EC:0A:15:11:11:27:2D:3F:B9:1B:99:C3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dLTNPt9SHfjsChURESctP7kbmcM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/9e47e9-3281-4d17-a6bc-e2a7fb848318/1/0N0zQZShn2K0T8s1oTIxtnGr_GY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/9e47e9-3281-4d17-a6bc-e2a7fb848318/1/dLTNPt9SHfjsChURESctP7kbmcM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.227.246.0/23
                  193.148.64.0/22

    Signature Algorithm: sha256WithRSAEncryption
         a3:00:3b:aa:4f:90:2d:ea:c5:b7:3e:f7:81:48:ea:9c:1f:7c:
         25:ec:9f:a1:40:42:68:b1:f0:f2:c7:28:65:e0:dd:c3:28:04:
         b7:27:38:24:d6:ce:fc:10:d5:cb:30:f0:f4:d2:6b:8a:0f:4c:
         31:fa:3a:88:cb:60:c1:e4:f6:43:68:3a:29:10:89:1a:42:a4:
         21:d5:6f:ba:36:2c:a0:8c:a3:49:bb:bc:b1:82:17:0e:65:89:
         93:d1:58:e5:cf:fe:7b:ec:b9:1f:53:cc:47:fe:24:ec:13:51:
         13:2b:c4:ad:7f:94:b2:cb:60:42:18:a5:b0:1b:47:aa:52:8f:
         ae:a7:20:c6:92:7a:9e:e2:0f:2f:73:8b:c5:96:37:2a:80:c8:
         40:df:7a:20:32:cf:a1:6b:50:e8:fd:3e:ce:dd:9c:d5:e5:fb:
         4c:87:f3:93:11:df:d4:59:14:21:57:5a:f6:45:eb:ef:e8:0c:
         98:72:14:6e:20:7d:49:6b:a4:a1:ea:b3:37:86:37:62:c0:c2:
         d4:23:40:cc:06:0e:14:ee:51:65:fd:de:a5:e2:15:5f:68:6e:
         bc:0f:41:a3:66:a5:4a:be:cd:3a:cf:75:42:f6:fa:40:ba:cb:
         0a:c9:3d:b2:ea:58:ea:b2:88:be:f4:2e:87:81:ec:2d:59:a2:
         48:91:de:78
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYi+mjGFzr4/atHhW0cBB6pvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0YjRjZDNlZGY1MjFkZjhlYzBhMTUxMTExMjcyZDNmYjkx
Yjk5YzMwHhcNMjMwNjE1MTAyOTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGRkMzM0MTk0YTE5ZjYyYjQ0ZmNiMzVhMTMyMzFiNjcxYWJmYzY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjTf0IfnjPLxog6UTfxgLdCMIN3DU
T9owfg7DnasvULGl2oCrAHHvXhAf37/mu63+z0SR7J+YiOuG30bxpvG7aVr7itDn
O9DTG9D64sHDVQunE4y/sz+9m3ERMwupCddZ+F/UVAUugwQZP2uJg1EOQ7neDI2M
Kgw4tPZd/d/P0S3q81+gfYgD3JeYAvwce8/8oCH1G5SNJ4qe1m8oCTSZH1UFfJmg
BNRuiyCZcEEdzCUyncQM5K2t5H/vTpGC4eQAAANMRIHOEC/9ToDlA+JB1Q7DWscm
75dbpkbU991FsMOqq1Cm/YKtIu1+o4lMmTd2jdCErrPJX3KysTN7brmOUwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNDdM0GUoZ9itE/LNaEyMbZxq/xmMB8GA1UdIwQY
MBaAFHS0zT7fUh347AoVEREnLT+5G5nDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZExUTlB0OVNIZmpzQ2hVUkVTY3RQN2tibWNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS85ZTQ3ZTktMzI4MS00ZDE3LWE2YmMt
ZTJhN2ZiODQ4MzE4LzEvME4welFaU2huMkswVDhzMW9USXh0bkdyX0dZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS85ZTQ3ZTktMzI4MS00ZDE3LWE2YmMtZTJhN2ZiODQ4MzE4
LzEvZExUTlB0OVNIZmpzQ2hVUkVTY3RQN2tibWNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW+P2AwQC
wZRAMA0GCSqGSIb3DQEBCwUAA4IBAQCjADuqT5At6sW3PveBSOqcH3wl7J+hQEJo
sfDyxyhl4N3DKAS3Jzgk1s78ENXLMPD00muKD0wx+jqIy2DB5PZDaDopEIkaQqQh
1W+6NiygjKNJu7yxghcOZYmT0Vjlz/577LkfU8xH/iTsE1ETK8Stf5Syy2BCGKWw
G0eqUo+upyDGknqe4g8vc4vFljcqgMhA33ogMs+ha1Do/T7O3ZzV5ftMh/OTEd/U
WRQhV1r2Revv6AyYchRuIH1Ja6Sh6rM3hjdiwMLUI0DMBg4U7lFl/d6l4hVfaG68
D0GjZqVKvs06z3VC9vpAussKyT2y6ljqsoi+9C6HgewtWaJIkd54
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:56 2024 by rpki-client on console-fra.rpki-client.org