Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/vRlqBDabewE_zpNIQbW_5hx4yqQ.roa
File:                     vRlqBDabewE_zpNIQbW_5hx4yqQ.roa (raw, json)
Hash identifier:          K6EJ0u6UYJ/hC9/5BpE741Pbh/FMmInZdvRSuypXWks=
Subject key identifier:   BD:19:6A:04:36:9B:7B:01:3F:CE:93:48:41:B5:BF:E6:1C:78:CA:A4
Certificate issuer:       /CN=f93ac6cd2240249bba60171f086e9101cc87ca24
Certificate serial:       01895B94E29FC586D8799B831E8EA2915A87
Authority key identifier: F9:3A:C6:CD:22:40:24:9B:BA:60:17:1F:08:6E:91:01:CC:87:CA:24
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/vRlqBDabewE_zpNIQbW_5hx4yqQ.roa
Signing time:             Sat 15 Jul 2023 22:03:51 +0000
ROA not before:           Sat 15 Jul 2023 22:03:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     1100
IP address blocks:        147.189.138.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 16:30:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:5b:94:e2:9f:c5:86:d8:79:9b:83:1e:8e:a2:91:5a:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f93ac6cd2240249bba60171f086e9101cc87ca24
        Validity
            Not Before: Jul 15 22:03:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=bd196a04369b7b013fce934841b5bfe61c78caa4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:11:6f:7e:dc:64:0c:7f:83:41:96:8b:97:b6:
                    51:96:c5:fa:b3:b4:3a:c7:99:c5:01:b6:d4:e8:17:
                    15:4a:86:62:e5:5e:e3:9c:b0:3f:f1:8c:ab:9d:f4:
                    61:25:90:71:36:1e:28:99:a7:b0:34:c2:34:03:f7:
                    36:44:76:fc:bf:e2:c1:19:0c:a5:9c:e2:3e:25:94:
                    36:55:77:cb:af:e8:cf:0f:ca:3e:6b:33:bc:5b:51:
                    e4:8e:97:27:d7:2c:aa:59:07:ba:b7:40:36:f6:4b:
                    75:c2:8b:a2:6f:fe:6e:ae:a1:fc:97:af:09:6d:19:
                    46:1e:46:81:39:1a:bb:99:f4:8c:12:f5:83:bf:48:
                    ec:aa:44:fb:20:2d:5a:01:07:ba:18:91:0d:15:7b:
                    ab:bd:38:a8:5c:4d:a1:b5:71:44:ca:51:02:85:c8:
                    f3:c6:e1:1c:96:86:d0:ca:80:b5:7f:85:81:c8:41:
                    c7:54:bd:37:cc:f7:db:02:46:8f:24:3f:d8:7f:3e:
                    35:f7:05:1f:9f:f7:7a:6f:13:15:86:38:fd:ea:9d:
                    52:85:b6:fb:fc:ae:47:2c:d2:17:76:cf:4e:6b:02:
                    5e:bf:6a:07:b5:b9:91:eb:27:70:68:c3:c1:f4:3c:
                    76:38:2f:cd:e9:5f:c5:20:92:6f:1e:a5:4a:cd:73:
                    b1:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:19:6A:04:36:9B:7B:01:3F:CE:93:48:41:B5:BF:E6:1C:78:CA:A4
            X509v3 Authority Key Identifier:
                keyid:F9:3A:C6:CD:22:40:24:9B:BA:60:17:1F:08:6E:91:01:CC:87:CA:24

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/vRlqBDabewE_zpNIQbW_5hx4yqQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  147.189.138.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ab:07:dd:b5:0e:d3:6b:5b:81:05:b2:41:5d:93:bc:6e:e0:8b:
         fa:1d:11:12:d3:2a:f3:9b:23:e0:7e:a4:ac:c5:5a:95:e0:62:
         2e:b1:d2:74:fb:bf:75:84:51:63:48:ce:b5:0a:42:6c:53:e0:
         a9:f3:5d:12:d6:e1:9c:a0:59:5d:c7:07:c2:3d:dc:5f:d9:e0:
         2f:12:2a:b5:d5:5d:80:47:69:29:75:db:54:8f:63:2c:80:be:
         f5:af:2c:94:fe:1d:5a:fa:53:5f:4b:7e:71:d5:30:70:19:2d:
         dc:b0:62:e5:d7:87:f4:6c:8f:03:4a:2d:4e:87:f6:dc:45:e9:
         28:98:4b:b3:fa:36:49:13:1c:56:b6:1a:5c:e6:4e:a0:18:c8:
         2f:c0:cf:4c:82:b9:15:31:95:43:24:b1:65:49:b2:b9:1c:26:
         4f:23:89:96:51:8a:ad:ac:5f:10:d0:cf:4f:3f:bd:28:c4:56:
         89:fe:72:b8:55:ff:0e:c7:71:48:1d:30:db:e1:a3:b2:17:fa:
         ec:f1:0c:ab:06:e8:05:79:60:e6:74:5c:82:68:0b:5b:19:d0:
         1d:d6:15:e1:20:7a:bc:38:b8:1b:45:60:14:67:00:a8:43:6f:
         7b:a2:a2:0d:07:7a:e1:77:30:30:f1:88:b6:f9:44:a2:14:b5:
         01:d3:25:a8
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYlblOKfxYbYeZuDHo6ikVqHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5M2FjNmNkMjI0MDI0OWJiYTYwMTcxZjA4NmU5MTAxY2M4
N2NhMjQwHhcNMjMwNzE1MjIwMzUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDE5NmEwNDM2OWI3YjAxM2ZjZTkzNDg0MWI1YmZlNjFjNzhjYWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgBFvftxkDH+DQZaLl7ZRlsX6s7Q6
x5nFAbbU6BcVSoZi5V7jnLA/8YyrnfRhJZBxNh4omaewNMI0A/c2RHb8v+LBGQyl
nOI+JZQ2VXfLr+jPD8o+azO8W1Hkjpcn1yyqWQe6t0A29kt1wouib/5urqH8l68J
bRlGHkaBORq7mfSMEvWDv0jsqkT7IC1aAQe6GJENFXurvTioXE2htXFEylEChcjz
xuEclobQyoC1f4WByEHHVL03zPfbAkaPJD/Yfz419wUfn/d6bxMVhjj96p1Shbb7
/K5HLNIXds9OawJev2oHtbmR6ydwaMPB9Dx2OC/N6V/FIJJvHqVKzXOxuwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFL0ZagQ2m3sBP86TSEG1v+YceMqkMB8GA1UdIwQY
MBaAFPk6xs0iQCSbumAXHwhukQHMh8okMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1Uckd6U0pBSkp1NllCY2ZDRzZSQWN5SHlpUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTgvYjAzMjEzLTVlODAtNDkzMS04MWNl
LWY3NTJkODE2MDVmYi8xL3ZSbHFCRGFiZXdFX3pwTklRYldfNWh4NHlxUS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOTgvYjAzMjEzLTVlODAtNDkzMS04MWNlLWY3NTJkODE2MDVm
Yi8xLzEtVHJHelNKQUpKdTZZQmNmQ0c2UkFjeUh5aVEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTvYow
DQYJKoZIhvcNAQELBQADggEBAKsH3bUO02tbgQWyQV2TvG7gi/odERLTKvObI+B+
pKzFWpXgYi6x0nT7v3WEUWNIzrUKQmxT4KnzXRLW4ZygWV3HB8I93F/Z4C8SKrXV
XYBHaSl121SPYyyAvvWvLJT+HVr6U19LfnHVMHAZLdywYuXXh/RsjwNKLU6H9txF
6SiYS7P6NkkTHFa2GlzmTqAYyC/Az0yCuRUxlUMksWVJsrkcJk8jiZZRiq2sXxDQ
z08/vSjEVon+crhV/w7HcUgdMNvho7IX+uzxDKsG6AV5YOZ0XIJoC1sZ0B3WFeEg
erw4uBtFYBRnAKhDb3uiog0HeuF3MDDxiLb5RKIUtQHTJag=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:08 2024 by rpki-client on console-ams.rpki-client.org