Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/1ed3e2-a09c-49c2-9928-c5c082a313f7/1/XxODjgW3PrRTl2g5Jx127Su_yQY.roa
File:                     XxODjgW3PrRTl2g5Jx127Su_yQY.roa (raw, json)
Hash identifier:          27Ih1UN118mpIvTlKWjY85EW6w/u7w9KvPkfu7p/nDc=
Subject key identifier:   5F:13:83:8E:05:B7:3E:B4:53:97:68:39:27:1D:76:ED:2B:BF:C9:06
Certificate issuer:       /CN=45962ea566054656ef82aace2d71c76d1b0b88bb
Certificate serial:       01856F2FFC262DD20A5F97FC878B94381E67
Authority key identifier: 45:96:2E:A5:66:05:46:56:EF:82:AA:CE:2D:71:C7:6D:1B:0B:88:BB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RZYupWYFRlbvgqrOLXHHbRsLiLs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/98/1ed3e2-a09c-49c2-9928-c5c082a313f7/1/XxODjgW3PrRTl2g5Jx127Su_yQY.roa
Signing time:             Sun 01 Jan 2023 21:14:53 +0000
ROA not before:           Sun 01 Jan 2023 21:14:53 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     14618
IP address blocks:        130.193.2.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:30:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:2f:fc:26:2d:d2:0a:5f:97:fc:87:8b:94:38:1e:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=45962ea566054656ef82aace2d71c76d1b0b88bb
        Validity
            Not Before: Jan  1 21:14:53 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5f13838e05b73eb453976839271d76ed2bbfc906
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:6c:c9:cc:ba:6c:ce:d0:1d:b1:d6:12:a1:d1:
                    a9:c9:71:a5:f0:ae:dd:a5:ab:ae:f4:33:a6:7a:1d:
                    fd:20:be:50:44:0e:93:9b:ec:12:4d:10:8c:cd:11:
                    5c:ed:a6:41:b6:51:f0:c1:65:6f:43:4f:82:e9:54:
                    42:d2:db:fb:aa:a2:51:49:c2:59:27:54:52:90:bd:
                    e9:9e:57:6a:e1:27:3a:b9:83:ba:90:30:48:df:40:
                    6b:7a:23:cc:13:03:06:27:72:d5:09:3c:dd:95:20:
                    d6:9c:59:0a:9c:2f:bb:6f:8f:69:1d:44:64:9b:24:
                    63:51:0a:8a:d7:b8:9e:c1:55:fc:a5:8f:31:a0:67:
                    0c:4a:c0:40:fa:79:5a:e2:4a:4e:69:bb:15:b6:3a:
                    ab:4d:6d:b2:d0:69:ad:83:79:04:09:9c:8f:f9:27:
                    d3:f5:a4:6c:e6:35:c4:8b:31:27:7c:3d:19:c9:89:
                    f6:75:5a:30:6e:d4:c6:27:00:64:d7:45:78:6e:05:
                    23:f5:76:de:ea:e3:1c:63:17:81:93:eb:d3:7f:d2:
                    d0:af:64:ab:ec:01:3f:59:06:1c:ad:34:d5:f5:33:
                    d2:88:44:dd:51:0d:5f:32:0a:b1:bc:e4:46:6b:4b:
                    d1:78:32:fd:7d:56:a1:d2:10:0c:d5:e0:b2:3b:86:
                    20:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:13:83:8E:05:B7:3E:B4:53:97:68:39:27:1D:76:ED:2B:BF:C9:06
            X509v3 Authority Key Identifier:
                keyid:45:96:2E:A5:66:05:46:56:EF:82:AA:CE:2D:71:C7:6D:1B:0B:88:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RZYupWYFRlbvgqrOLXHHbRsLiLs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/1ed3e2-a09c-49c2-9928-c5c082a313f7/1/XxODjgW3PrRTl2g5Jx127Su_yQY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/98/1ed3e2-a09c-49c2-9928-c5c082a313f7/1/RZYupWYFRlbvgqrOLXHHbRsLiLs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  130.193.2.0/24

    Signature Algorithm: sha256WithRSAEncryption
         38:cb:7b:4b:24:68:76:8b:94:82:fc:c0:a1:2a:23:e8:20:a7:
         3e:2c:16:c1:16:88:ad:c4:e7:a7:f4:f1:a7:a6:7a:12:1d:a7:
         21:37:3c:37:2e:f1:36:ec:c3:47:a7:a8:fa:e5:04:64:56:fd:
         b8:45:71:17:b9:73:13:a0:dc:f0:a7:0b:e9:a1:66:2b:ad:1e:
         9f:db:84:42:ef:ba:e5:0d:5e:72:bf:4a:fb:91:cb:f1:54:4c:
         f2:8d:c1:b6:0c:de:4d:c5:44:06:80:63:b2:d2:b4:0f:68:22:
         90:8a:7c:bf:86:09:4f:62:7d:54:3e:75:01:52:36:23:b6:e5:
         92:20:77:b8:af:f9:53:56:69:e0:bc:4a:bc:9f:84:14:5f:8f:
         8b:37:a3:ad:aa:ed:0f:a3:97:16:a1:03:76:da:dc:05:bd:95:
         ed:c1:b4:24:64:d6:61:5d:c1:f4:d5:00:da:84:49:dd:36:1a:
         a2:44:35:c3:24:32:0f:98:7f:bb:58:0f:12:b7:ac:bb:9f:0c:
         2e:e7:01:cd:88:e9:a1:0c:c9:80:d0:ca:8a:7c:62:c0:fa:80:
         0d:ad:33:aa:3e:3c:a2:89:6b:63:fa:38:84:ee:4c:bf:e8:05:
         4a:c0:3e:ce:cd:63:be:b5:8f:71:f1:de:ba:42:ca:14:2b:01:
         b2:fc:0b:22
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvL/wmLdIKX5f8h4uUOB5nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1OTYyZWE1NjYwNTQ2NTZlZjgyYWFjZTJkNzFjNzZkMWIw
Yjg4YmIwHhcNMjMwMTAxMjExNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjEzODM4ZTA1YjczZWI0NTM5NzY4MzkyNzFkNzZlZDJiYmZjOTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArWzJzLpsztAdsdYSodGpyXGl8K7d
pauu9DOmeh39IL5QRA6Tm+wSTRCMzRFc7aZBtlHwwWVvQ0+C6VRC0tv7qqJRScJZ
J1RSkL3pnldq4Sc6uYO6kDBI30BreiPMEwMGJ3LVCTzdlSDWnFkKnC+7b49pHURk
myRjUQqK17iewVX8pY8xoGcMSsBA+nla4kpOabsVtjqrTW2y0Gmtg3kECZyP+SfT
9aRs5jXEizEnfD0ZyYn2dVowbtTGJwBk10V4bgUj9Xbe6uMcYxeBk+vTf9LQr2Sr
7AE/WQYcrTTV9TPSiETdUQ1fMgqxvORGa0vReDL9fVah0hAM1eCyO4YgzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF8Tg44Ftz60U5doOScddu0rv8kGMB8GA1UdIwQY
MBaAFEWWLqVmBUZW74Kqzi1xx20bC4i7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlpZdXBXWUZSbGJ2Z3FyT0xYSEhiUnNMaUxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC8xZWQzZTItYTA5Yy00OWMyLTk5Mjgt
YzVjMDgyYTMxM2Y3LzEvWHhPRGpnVzNQclJUbDJnNUp4MTI3U3VfeVFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC8xZWQzZTItYTA5Yy00OWMyLTk5MjgtYzVjMDgyYTMxM2Y3
LzEvUlpZdXBXWUZSbGJ2Z3FyT0xYSEhiUnNMaUxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAgsECMA0G
CSqGSIb3DQEBCwUAA4IBAQA4y3tLJGh2i5SC/MChKiPoIKc+LBbBFoitxOen9PGn
pnoSHachNzw3LvE27MNHp6j65QRkVv24RXEXuXMToNzwpwvpoWYrrR6f24RC77rl
DV5yv0r7kcvxVEzyjcG2DN5NxUQGgGOy0rQPaCKQiny/hglPYn1UPnUBUjYjtuWS
IHe4r/lTVmngvEq8n4QUX4+LN6Otqu0Po5cWoQN22twFvZXtwbQkZNZhXcH01QDa
hEndNhqiRDXDJDIPmH+7WA8St6y7nwwu5wHNiOmhDMmA0MqKfGLA+oANrTOqPjyi
iWtj+jiE7ky/6AVKwD7OzWO+tY9x8d66QsoUKwGy/Asi
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:07 2024 by rpki-client on console-fra.rpki-client.org