Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/f8314e-a3bc-45e9-a9f5-4c98d9a51405/1/olDT_BXHSLMIHEqvWoTUZYCW9j8.roa
File:                     olDT_BXHSLMIHEqvWoTUZYCW9j8.roa (raw, json)
Hash identifier:          3/gYlPeezrqG8l3cgujF883fxU+P2NVc6gPUCnlHzg0=
Subject key identifier:   A2:50:D3:FC:15:C7:48:B3:08:1C:4A:AF:5A:84:D4:65:80:96:F6:3F
Certificate issuer:       /CN=c441738baab988b1d68693bb05e29bfbb4f0f671
Certificate serial:       01856D4ABE5A05AD9F55FF200F832DB5AACF
Authority key identifier: C4:41:73:8B:AA:B9:88:B1:D6:86:93:BB:05:E2:9B:FB:B4:F0:F6:71
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xEFzi6q5iLHWhpO7BeKb-7Tw9nE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/93/f8314e-a3bc-45e9-a9f5-4c98d9a51405/1/olDT_BXHSLMIHEqvWoTUZYCW9j8.roa
Signing time:             Sun 01 Jan 2023 12:24:53 +0000
ROA not before:           Sun 01 Jan 2023 12:24:53 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     41905
IP address blocks:        195.137.238.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:30:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:4a:be:5a:05:ad:9f:55:ff:20:0f:83:2d:b5:aa:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c441738baab988b1d68693bb05e29bfbb4f0f671
        Validity
            Not Before: Jan  1 12:24:53 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a250d3fc15c748b3081c4aaf5a84d4658096f63f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:97:35:03:ac:58:0f:da:4a:f8:97:7d:6a:bb:
                    85:fe:1b:64:78:ae:4b:64:83:c1:39:66:fc:e4:48:
                    a9:b7:72:79:da:e4:7e:61:8a:f1:68:96:d4:06:65:
                    12:4e:1f:49:89:0f:fd:a2:7f:79:52:ff:c1:c5:f0:
                    24:b8:dd:79:00:59:36:61:95:41:a1:15:1c:0a:8a:
                    7f:aa:f4:3c:c4:0c:41:1a:cd:9c:f5:ef:de:0e:2a:
                    1a:16:94:7c:0a:40:b1:d5:cf:41:fa:98:ed:0b:e9:
                    03:fa:29:ce:6d:d5:9b:a6:9d:ad:31:c5:18:f9:13:
                    0e:f1:49:9e:b3:0f:c4:5c:50:6b:27:3f:74:31:f7:
                    35:4a:66:7d:69:a4:40:25:da:1f:dc:8e:62:82:9b:
                    c7:93:16:f1:e6:f6:d2:6e:80:52:d5:b1:98:e6:71:
                    59:41:06:71:75:c9:43:ba:96:1f:80:82:6e:1e:97:
                    c7:79:21:85:e0:8e:b6:49:43:58:58:aa:84:d3:6b:
                    e9:08:26:dc:ac:40:58:98:03:14:e4:91:c8:54:5f:
                    b5:0d:a0:ed:00:b6:67:37:c1:26:34:51:e4:e7:62:
                    f2:ab:7e:fe:b7:b2:84:58:bd:93:b6:8b:93:d4:94:
                    09:95:f5:18:ab:61:98:99:42:64:52:d4:b1:5d:4c:
                    47:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:50:D3:FC:15:C7:48:B3:08:1C:4A:AF:5A:84:D4:65:80:96:F6:3F
            X509v3 Authority Key Identifier:
                keyid:C4:41:73:8B:AA:B9:88:B1:D6:86:93:BB:05:E2:9B:FB:B4:F0:F6:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xEFzi6q5iLHWhpO7BeKb-7Tw9nE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/f8314e-a3bc-45e9-a9f5-4c98d9a51405/1/olDT_BXHSLMIHEqvWoTUZYCW9j8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/93/f8314e-a3bc-45e9-a9f5-4c98d9a51405/1/xEFzi6q5iLHWhpO7BeKb-7Tw9nE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.137.238.0/23

    Signature Algorithm: sha256WithRSAEncryption
         a9:88:85:e4:e6:2f:52:b7:b2:b7:63:b3:b1:02:6c:6f:2d:7b:
         ec:6b:d6:04:01:c8:da:f1:67:e7:8f:f2:20:af:4b:57:09:41:
         c1:b8:6c:a6:b4:9d:e8:e6:58:51:35:fe:20:89:ae:8a:48:51:
         0d:e9:a4:92:90:7e:2b:de:7f:be:18:4a:00:9c:c8:22:fd:aa:
         30:0e:b2:3f:2e:09:ee:25:6f:bc:3e:b3:e3:9b:09:16:20:20:
         5d:3a:cc:e3:13:86:d7:85:0b:da:0d:1f:e1:58:11:e7:c5:bf:
         87:57:31:91:3c:d2:47:e7:5e:8d:1e:4a:59:e8:4f:af:cc:7c:
         74:22:8b:dd:76:e0:dd:71:58:29:bc:75:9e:d0:ca:18:44:14:
         9f:c9:1f:05:e0:e7:f9:2d:8a:b6:c6:16:8a:35:24:f7:c1:a7:
         8e:21:d5:db:64:e1:cc:32:0a:6c:78:a5:5b:7d:e5:e7:fc:09:
         b5:8b:14:86:9c:51:ee:16:b0:e9:67:bd:2b:c9:4f:cc:91:52:
         e9:d7:05:0d:66:dc:cb:27:1b:4b:cc:f7:1c:79:43:70:f0:ba:
         d3:19:e7:82:41:1a:2e:48:32:2e:a9:66:94:8b:38:4d:61:d3:
         3e:76:3f:e6:8c:cc:15:c2:8b:79:a1:d8:77:14:d5:bf:04:f4:
         bc:34:2f:c8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtSr5aBa2fVf8gD4MttarPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0NDE3MzhiYWFiOTg4YjFkNjg2OTNiYjA1ZTI5YmZiYjRm
MGY2NzEwHhcNMjMwMTAxMTIyNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjUwZDNmYzE1Yzc0OGIzMDgxYzRhYWY1YTg0ZDQ2NTgwOTZmNjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZc1A6xYD9pK+Jd9aruF/htkeK5L
ZIPBOWb85Eipt3J52uR+YYrxaJbUBmUSTh9JiQ/9on95Uv/BxfAkuN15AFk2YZVB
oRUcCop/qvQ8xAxBGs2c9e/eDioaFpR8CkCx1c9B+pjtC+kD+inObdWbpp2tMcUY
+RMO8Umesw/EXFBrJz90Mfc1SmZ9aaRAJdof3I5igpvHkxbx5vbSboBS1bGY5nFZ
QQZxdclDupYfgIJuHpfHeSGF4I62SUNYWKqE02vpCCbcrEBYmAMU5JHIVF+1DaDt
ALZnN8EmNFHk52Lyq37+t7KEWL2TtouT1JQJlfUYq2GYmUJkUtSxXUxHvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKJQ0/wVx0izCBxKr1qE1GWAlvY/MB8GA1UdIwQY
MBaAFMRBc4uquYix1oaTuwXim/u08PZxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEVGemk2cTVpTEhXaHBPN0JlS2ItN1R3OW5FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My9mODMxNGUtYTNiYy00NWU5LWE5ZjUt
NGM5OGQ5YTUxNDA1LzEvb2xEVF9CWEhTTE1JSEVxdldvVFVaWUNXOWo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My9mODMxNGUtYTNiYy00NWU5LWE5ZjUtNGM5OGQ5YTUxNDA1
LzEveEVGemk2cTVpTEhXaHBPN0JlS2ItN1R3OW5FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw4nuMA0G
CSqGSIb3DQEBCwUAA4IBAQCpiIXk5i9St7K3Y7OxAmxvLXvsa9YEAcja8Wfnj/Ig
r0tXCUHBuGymtJ3o5lhRNf4gia6KSFEN6aSSkH4r3n++GEoAnMgi/aowDrI/Lgnu
JW+8PrPjmwkWICBdOszjE4bXhQvaDR/hWBHnxb+HVzGRPNJH516NHkpZ6E+vzHx0
IovdduDdcVgpvHWe0MoYRBSfyR8F4Of5LYq2xhaKNST3waeOIdXbZOHMMgpseKVb
feXn/Am1ixSGnFHuFrDpZ70ryU/MkVLp1wUNZtzLJxtLzPcceUNw8LrTGeeCQRou
SDIuqWaUizhNYdM+dj/mjMwVwot5odh3FNW/BPS8NC/I
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:38 2024 by rpki-client on console-fra.rpki-client.org