Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/a48388-2ed7-44cf-9557-f38b289ff969/1/IEKm5J-1HV8q95o-ESxpAso8X1g.roa
File:                     IEKm5J-1HV8q95o-ESxpAso8X1g.roa (raw, json)
Hash identifier:          Vs25kU16TY8ocBkK/1935YfW7uG1QB/FZNoOll3uwgg=
Subject key identifier:   20:42:A6:E4:9F:B5:1D:5F:2A:F7:9A:3E:11:2C:69:02:CA:3C:5F:58
Certificate issuer:       /CN=256452a3420f4f18dfa3a14d26b3348fdfcf3d3b
Certificate serial:       018B7A840C60894184B70D0450D2BB3585B7
Authority key identifier: 25:64:52:A3:42:0F:4F:18:DF:A3:A1:4D:26:B3:34:8F:DF:CF:3D:3B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JWRSo0IPTxjfo6FNJrM0j9_PPTs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8f/a48388-2ed7-44cf-9557-f38b289ff969/1/IEKm5J-1HV8q95o-ESxpAso8X1g.roa
Signing time:             Sun 29 Oct 2023 08:19:16 +0000
ROA not before:           Sun 29 Oct 2023 08:19:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     206894
IP address blocks:        193.24.38.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:30:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:7a:84:0c:60:89:41:84:b7:0d:04:50:d2:bb:35:85:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=256452a3420f4f18dfa3a14d26b3348fdfcf3d3b
        Validity
            Not Before: Oct 29 08:19:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2042a6e49fb51d5f2af79a3e112c6902ca3c5f58
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:b1:f2:7a:46:2e:b9:ef:f2:c8:83:26:88:5f:
                    a7:61:bc:54:ea:f9:51:e9:23:7d:a8:49:a8:0e:dd:
                    1d:53:78:f4:f3:39:92:fd:8f:ba:8f:79:56:8c:65:
                    69:bf:77:68:b0:71:35:8f:5a:79:d3:5a:d1:fa:6e:
                    d2:7a:3d:22:4d:c6:9b:f5:6a:2f:d8:c6:1e:2c:eb:
                    49:cb:78:61:d2:ce:94:6c:76:94:ad:3f:79:79:62:
                    80:71:c0:a2:f8:5e:5e:fe:83:d6:dd:e3:30:c2:cf:
                    bc:34:4e:10:90:e3:b7:ef:33:b5:d8:c6:cc:3e:c6:
                    0f:30:04:25:7a:0e:ec:94:9d:7e:81:af:c6:3b:2d:
                    30:5d:03:8b:84:56:71:68:75:40:80:ee:8d:cd:17:
                    13:96:b8:20:fe:8c:1b:a8:57:0c:e3:03:b0:95:05:
                    c8:ae:f5:9a:17:1a:6b:9b:04:ad:bd:9a:3f:19:92:
                    dd:50:2e:15:5f:b2:03:08:3b:9e:5f:0d:e8:4d:0d:
                    69:af:fd:4f:ea:27:f6:f7:a5:5f:d8:59:42:a5:fa:
                    f9:d6:4c:9e:33:9a:fb:b0:61:13:79:ba:f9:a2:d0:
                    bd:46:e6:b5:c6:0a:29:b2:ac:fb:58:38:14:95:79:
                    f7:51:a4:a4:55:21:e8:e1:6f:e3:bc:98:85:23:20:
                    65:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:42:A6:E4:9F:B5:1D:5F:2A:F7:9A:3E:11:2C:69:02:CA:3C:5F:58
            X509v3 Authority Key Identifier:
                keyid:25:64:52:A3:42:0F:4F:18:DF:A3:A1:4D:26:B3:34:8F:DF:CF:3D:3B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JWRSo0IPTxjfo6FNJrM0j9_PPTs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/a48388-2ed7-44cf-9557-f38b289ff969/1/IEKm5J-1HV8q95o-ESxpAso8X1g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/a48388-2ed7-44cf-9557-f38b289ff969/1/JWRSo0IPTxjfo6FNJrM0j9_PPTs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.24.38.0/23

    Signature Algorithm: sha256WithRSAEncryption
         20:16:5e:3b:ee:94:b4:b5:10:f7:80:b2:cc:cf:71:d2:52:59:
         5a:2b:c3:76:39:49:4a:a1:ec:0a:f2:92:3c:c5:41:0c:3c:ab:
         6f:81:b6:fb:d2:8a:e9:70:d7:73:37:25:6d:98:2f:99:c2:64:
         24:07:8c:1c:69:33:95:25:a8:e6:b3:05:93:e7:f4:67:cc:db:
         ef:ab:7a:07:76:6f:80:0c:09:e7:b5:f5:67:7d:b7:d1:eb:17:
         db:4d:b8:dc:88:32:92:a3:97:4d:e7:44:81:27:a5:f1:20:92:
         c1:96:c9:c7:a6:29:0e:57:33:d0:9a:cc:11:ce:ef:ea:cc:21:
         83:a2:c6:f3:8b:3b:13:83:d8:3d:47:52:d1:ae:02:84:31:a5:
         06:f5:d1:18:15:29:0c:78:61:8c:0f:d8:77:7f:dc:14:10:99:
         d8:85:8d:db:7e:b6:f0:28:b6:00:71:a3:68:6d:cf:28:7c:3c:
         b7:93:ec:dd:0d:2f:49:6d:ff:7d:de:d0:de:7d:54:9c:ee:9d:
         7e:45:bc:f3:06:7c:69:a5:be:b9:16:30:02:3b:e9:d8:39:09:
         2a:03:5c:0b:1f:05:ad:17:fe:98:90:cd:1d:b8:63:04:5a:28:
         63:41:e6:00:8d:72:14:79:58:ac:ef:51:42:36:ac:13:8d:50:
         df:01:f4:17
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYt6hAxgiUGEtw0EUNK7NYW3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1NjQ1MmEzNDIwZjRmMThkZmEzYTE0ZDI2YjMzNDhmZGZj
ZjNkM2IwHhcNMjMxMDI5MDgxOTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDQyYTZlNDlmYjUxZDVmMmFmNzlhM2UxMTJjNjkwMmNhM2M1ZjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu7HyekYuue/yyIMmiF+nYbxU6vlR
6SN9qEmoDt0dU3j08zmS/Y+6j3lWjGVpv3dosHE1j1p501rR+m7Sej0iTcab9Wov
2MYeLOtJy3hh0s6UbHaUrT95eWKAccCi+F5e/oPW3eMwws+8NE4QkOO37zO12MbM
PsYPMAQleg7slJ1+ga/GOy0wXQOLhFZxaHVAgO6NzRcTlrgg/owbqFcM4wOwlQXI
rvWaFxprmwStvZo/GZLdUC4VX7IDCDueXw3oTQ1pr/1P6if296Vf2FlCpfr51kye
M5r7sGETebr5otC9Rua1xgopsqz7WDgUlXn3UaSkVSHo4W/jvJiFIyBlUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCBCpuSftR1fKveaPhEsaQLKPF9YMB8GA1UdIwQY
MBaAFCVkUqNCD08Y36OhTSazNI/fzz07MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSldSU28wSVBUeGpmbzZGTkpyTTBqOV9QUFRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi9hNDgzODgtMmVkNy00NGNmLTk1NTct
ZjM4YjI4OWZmOTY5LzEvSUVLbTVKLTFIVjhxOTVvLUVTeHBBc284WDFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi9hNDgzODgtMmVkNy00NGNmLTk1NTctZjM4YjI4OWZmOTY5
LzEvSldSU28wSVBUeGpmbzZGTkpyTTBqOV9QUFRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwRgmMA0G
CSqGSIb3DQEBCwUAA4IBAQAgFl477pS0tRD3gLLMz3HSUllaK8N2OUlKoewK8pI8
xUEMPKtvgbb70orpcNdzNyVtmC+ZwmQkB4wcaTOVJajmswWT5/RnzNvvq3oHdm+A
DAnntfVnfbfR6xfbTbjciDKSo5dN50SBJ6XxIJLBlsnHpikOVzPQmswRzu/qzCGD
osbzizsTg9g9R1LRrgKEMaUG9dEYFSkMeGGMD9h3f9wUEJnYhY3bfrbwKLYAcaNo
bc8ofDy3k+zdDS9Jbf993tDefVSc7p1+RbzzBnxppb65FjACO+nYOQkqA1wLHwWt
F/6YkM0duGMEWihjQeYAjXIUeVis71FCNqwTjVDfAfQX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:04 2024 by rpki-client on console-fra.rpki-client.org