Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/26b47b-f2ce-4f2b-9d33-45579e418ff7/1/Vg9nuj41Nn9tQRXiby2_wTN6hHE.roa
File:                     Vg9nuj41Nn9tQRXiby2_wTN6hHE.roa (raw, json)
Hash identifier:          17GS9hFuwQ1GVTxrJxpPYGRjSjoZQ6r+vb4sCaRZebE=
Subject key identifier:   56:0F:67:BA:3E:35:36:7F:6D:41:15:E2:6F:2D:BF:C1:33:7A:84:71
Certificate issuer:       /CN=d25622457a1be33a01258866a067e0447dfd8964
Certificate serial:       018C6C99C7D9614A2EAAE33CB96AF394F415
Authority key identifier: D2:56:22:45:7A:1B:E3:3A:01:25:88:66:A0:67:E0:44:7D:FD:89:64
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0lYiRXob4zoBJYhmoGfgRH39iWQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9d/26b47b-f2ce-4f2b-9d33-45579e418ff7/1/Vg9nuj41Nn9tQRXiby2_wTN6hHE.roa
Signing time:             Fri 15 Dec 2023 08:31:06 +0000
ROA not before:           Fri 15 Dec 2023 08:31:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207713
IP address blocks:        93.157.106.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:31:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:6c:99:c7:d9:61:4a:2e:aa:e3:3c:b9:6a:f3:94:f4:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d25622457a1be33a01258866a067e0447dfd8964
        Validity
            Not Before: Dec 15 08:31:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=560f67ba3e35367f6d4115e26f2dbfc1337a8471
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:e6:d9:37:ad:f3:74:78:64:79:36:2d:34:48:
                    2b:a7:bb:1d:3e:e2:87:d6:bd:ff:62:8b:29:ce:27:
                    fc:b7:8a:5a:ae:5f:6e:10:3d:51:fe:a2:48:00:65:
                    6e:cb:ee:1d:59:ac:2b:de:c1:a0:af:be:4f:e7:cf:
                    56:25:e5:89:c9:39:c9:86:12:70:44:87:26:50:c7:
                    1a:94:f1:67:2f:ec:6c:f1:13:1a:eb:89:af:3e:cc:
                    d4:0c:ef:27:0f:6e:1b:43:4f:9a:ac:78:66:f0:ce:
                    9a:2c:f2:b6:52:6e:6c:a7:63:25:56:51:55:5c:06:
                    b3:49:21:a6:fb:50:64:5b:79:b7:15:61:1e:79:71:
                    75:b5:01:a9:98:0a:41:1f:8f:a7:89:c4:55:af:3b:
                    05:8f:03:10:7a:53:fa:fb:b8:88:10:97:4c:d6:cb:
                    2f:fe:92:83:07:ff:20:e7:aa:c7:ae:35:bc:05:1e:
                    c9:ee:8e:78:28:64:42:55:b4:9c:1e:ed:fd:39:52:
                    1a:6d:89:85:ab:1c:b2:eb:a4:ee:85:f5:e6:bd:f8:
                    e2:de:44:29:ff:4c:1d:12:d8:cd:04:07:da:b4:8f:
                    80:c4:6a:35:73:82:fe:5c:bb:ae:d9:7b:8c:77:1d:
                    64:9c:6d:4e:5f:a8:85:e8:6e:1c:f0:61:09:73:3b:
                    e7:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:0F:67:BA:3E:35:36:7F:6D:41:15:E2:6F:2D:BF:C1:33:7A:84:71
            X509v3 Authority Key Identifier:
                keyid:D2:56:22:45:7A:1B:E3:3A:01:25:88:66:A0:67:E0:44:7D:FD:89:64

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0lYiRXob4zoBJYhmoGfgRH39iWQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/26b47b-f2ce-4f2b-9d33-45579e418ff7/1/Vg9nuj41Nn9tQRXiby2_wTN6hHE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/26b47b-f2ce-4f2b-9d33-45579e418ff7/1/0lYiRXob4zoBJYhmoGfgRH39iWQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  93.157.106.0/24

    Signature Algorithm: sha256WithRSAEncryption
         52:70:fe:54:14:49:46:96:d5:3b:5c:09:07:38:49:fb:ed:90:
         e2:a4:01:bf:f6:a2:78:cd:64:c7:0a:c8:b2:38:a9:59:a6:9f:
         d3:10:4f:ac:e8:fc:7a:2d:0b:2f:3f:15:9d:ac:51:c4:fb:83:
         b4:4f:b3:79:45:e6:4b:01:87:f1:9f:62:4e:ff:d4:1c:b7:e6:
         0a:14:95:0b:ce:4f:e6:25:07:21:ec:4a:09:fa:16:90:54:c0:
         7b:8b:b2:2e:51:85:43:c4:a9:53:20:2a:53:85:29:f6:ed:e2:
         7b:37:ba:bf:2f:39:86:d3:de:7c:33:d1:8e:d5:7b:b1:c1:75:
         3c:28:11:2f:f9:01:9f:2f:ef:24:c6:c2:65:16:24:8e:79:ba:
         8b:7d:74:b7:4d:ad:dc:f8:c9:1f:b6:81:b4:ff:b5:db:56:7c:
         9b:b5:13:df:e7:4b:e1:96:0f:5a:a0:34:87:ab:7d:fe:33:7a:
         a0:2c:f1:8a:10:ad:8c:81:92:8b:9a:e2:a7:6d:ba:50:33:fa:
         d1:19:c5:48:f6:d4:91:c2:aa:31:ae:93:87:bb:ad:46:80:cc:
         9c:10:a3:26:a6:d8:4e:cd:fa:5f:29:17:c5:ea:64:9a:b0:8f:
         a1:25:95:cc:85:e0:fc:50:59:04:f8:fc:8e:e1:0b:50:51:c1:
         e7:ff:9b:11
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxsmcfZYUouquM8uWrzlPQVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNTYyMjQ1N2ExYmUzM2EwMTI1ODg2NmEwNjdlMDQ0N2Rm
ZDg5NjQwHhcNMjMxMjE1MDgzMTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjBmNjdiYTNlMzUzNjdmNmQ0MTE1ZTI2ZjJkYmZjMTMzN2E4NDcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiObZN63zdHhkeTYtNEgrp7sdPuKH
1r3/Yospzif8t4parl9uED1R/qJIAGVuy+4dWawr3sGgr75P589WJeWJyTnJhhJw
RIcmUMcalPFnL+xs8RMa64mvPszUDO8nD24bQ0+arHhm8M6aLPK2Um5sp2MlVlFV
XAazSSGm+1BkW3m3FWEeeXF1tQGpmApBH4+nicRVrzsFjwMQelP6+7iIEJdM1ssv
/pKDB/8g56rHrjW8BR7J7o54KGRCVbScHu39OVIabYmFqxyy66TuhfXmvfji3kQp
/0wdEtjNBAfatI+AxGo1c4L+XLuu2XuMdx1knG1OX6iF6G4c8GEJczvn0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFYPZ7o+NTZ/bUEV4m8tv8EzeoRxMB8GA1UdIwQY
MBaAFNJWIkV6G+M6ASWIZqBn4ER9/YlkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGxZaVJYb2I0em9CSllobW9HZmdSSDM5aVdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC8yNmI0N2ItZjJjZS00ZjJiLTlkMzMt
NDU1NzllNDE4ZmY3LzEvVmc5bnVqNDFObjl0UVJYaWJ5Ml93VE42aEhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC8yNmI0N2ItZjJjZS00ZjJiLTlkMzMtNDU1NzllNDE4ZmY3
LzEvMGxZaVJYb2I0em9CSllobW9HZmdSSDM5aVdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXZ1qMA0G
CSqGSIb3DQEBCwUAA4IBAQBScP5UFElGltU7XAkHOEn77ZDipAG/9qJ4zWTHCsiy
OKlZpp/TEE+s6Px6LQsvPxWdrFHE+4O0T7N5ReZLAYfxn2JO/9Qct+YKFJULzk/m
JQch7EoJ+haQVMB7i7IuUYVDxKlTICpThSn27eJ7N7q/LzmG0958M9GO1XuxwXU8
KBEv+QGfL+8kxsJlFiSOebqLfXS3Ta3c+MkftoG0/7XbVnybtRPf50vhlg9aoDSH
q33+M3qgLPGKEK2MgZKLmuKnbbpQM/rRGcVI9tSRwqoxrpOHu61GgMycEKMmpthO
zfpfKRfF6mSasI+hJZXMheD8UFkE+PyO4QtQUcHn/5sR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:55 2024 by rpki-client on console-fra.rpki-client.org