Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/cbf93c-6dda-4824-8033-41c3cf908e97/1/l5gEDPjjvWW292qVPfstis7I638.roa
File:                     l5gEDPjjvWW292qVPfstis7I638.roa (raw, json)
Hash identifier:          z1wM33scvBsI1vPlqu46Iqmukb7rsUSLIPbpNzG6Ez0=
Subject key identifier:   97:98:04:0C:F8:E3:BD:65:B6:F7:6A:95:3D:FB:2D:8A:CE:C8:EB:7F
Certificate issuer:       /CN=31c6bbaf409f5fd6d709c4d7d24344a292a3caa5
Certificate serial:       018B474F6129C241647955650F157A396C2D
Authority key identifier: 31:C6:BB:AF:40:9F:5F:D6:D7:09:C4:D7:D2:43:44:A2:92:A3:CA:A5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Mca7r0CfX9bXCcTX0kNEopKjyqU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a2/cbf93c-6dda-4824-8033-41c3cf908e97/1/l5gEDPjjvWW292qVPfstis7I638.roa
Signing time:             Thu 19 Oct 2023 09:41:06 +0000
ROA not before:           Thu 19 Oct 2023 09:41:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     6730
IP address blocks:        193.223.208.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:29:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:47:4f:61:29:c2:41:64:79:55:65:0f:15:7a:39:6c:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=31c6bbaf409f5fd6d709c4d7d24344a292a3caa5
        Validity
            Not Before: Oct 19 09:41:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9798040cf8e3bd65b6f76a953dfb2d8acec8eb7f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:41:e8:ec:a3:f3:24:7a:5e:6d:a9:55:2a:61:
                    fe:8e:36:88:3a:d0:0c:09:60:18:db:81:da:ea:6a:
                    a4:f7:00:f6:f8:ef:5a:13:66:a5:d8:21:15:36:56:
                    a4:ae:0e:82:11:27:fd:a8:a4:99:ea:a2:52:98:8f:
                    aa:b7:01:af:4e:51:f0:23:54:59:9a:26:b1:a6:29:
                    58:70:55:53:9b:bd:9b:79:b6:6f:f1:27:a2:fa:fb:
                    f7:2d:1f:9f:3c:70:43:d6:c2:f1:98:6d:1b:15:50:
                    67:38:36:ba:19:a8:bd:d3:eb:ba:3c:e9:d5:bf:a9:
                    ad:0e:f0:38:94:6b:e3:62:17:a1:45:6b:0f:e4:25:
                    c3:6a:5b:aa:b1:a4:92:da:13:62:f9:4c:39:18:c0:
                    6e:52:ae:d3:cc:44:7f:04:00:f5:92:6b:62:4c:95:
                    02:d7:7e:8d:dc:a1:fd:85:8c:a5:ec:2f:91:fc:cb:
                    2d:6c:1d:1b:f3:41:ba:8d:bd:fc:89:1a:5b:fd:dd:
                    0a:3b:d7:4c:73:7c:cb:2b:8e:cc:f3:93:ed:d3:ac:
                    ec:f8:e1:a1:3d:46:5b:0b:f3:c3:ac:cd:8a:10:28:
                    a4:26:c1:b7:82:33:62:29:e7:e4:f0:78:c0:c0:0b:
                    62:bf:07:30:22:f6:ec:2a:0f:49:9c:e4:aa:a6:cb:
                    85:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:98:04:0C:F8:E3:BD:65:B6:F7:6A:95:3D:FB:2D:8A:CE:C8:EB:7F
            X509v3 Authority Key Identifier:
                keyid:31:C6:BB:AF:40:9F:5F:D6:D7:09:C4:D7:D2:43:44:A2:92:A3:CA:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mca7r0CfX9bXCcTX0kNEopKjyqU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/cbf93c-6dda-4824-8033-41c3cf908e97/1/l5gEDPjjvWW292qVPfstis7I638.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/cbf93c-6dda-4824-8033-41c3cf908e97/1/Mca7r0CfX9bXCcTX0kNEopKjyqU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.223.208.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2d:28:08:9e:39:68:fc:00:29:a0:fe:fc:47:0a:5a:09:fd:55:
         71:09:69:9f:6f:f9:42:21:d1:c5:8f:d3:0d:bd:1e:98:d5:64:
         ab:f5:38:c4:9f:c0:67:18:c4:96:cf:5c:18:8f:9e:39:9e:f1:
         f1:b4:60:24:7b:7f:6b:e1:30:db:82:e7:65:55:69:ef:50:85:
         bc:e6:2c:e3:80:0e:12:ed:af:c0:25:12:32:a5:a7:08:51:d4:
         aa:df:6a:4e:43:55:45:23:e2:97:31:fc:cc:ca:a9:b5:4a:39:
         0d:3e:ca:36:ba:04:8c:5a:d3:bf:7a:d2:16:31:1c:18:ad:e2:
         82:2f:9c:b3:34:8c:3f:79:54:d0:92:0a:10:17:3d:36:a6:15:
         c7:b5:ad:ac:2a:c8:31:9c:8b:1f:42:8a:ad:89:b8:5f:aa:03:
         47:dc:15:c7:90:39:9e:3a:13:89:e9:ca:b9:4e:d7:06:f6:32:
         38:e2:bc:ae:87:a8:98:3a:07:dc:e6:f1:fa:d8:b5:27:fa:67:
         d0:5f:fa:54:c8:a6:e2:79:7c:17:f0:fc:a1:90:6b:dd:8c:f0:
         a2:45:19:35:e7:36:ef:34:21:cd:2f:64:e1:f3:60:18:43:9f:
         34:44:6a:1a:08:91:ce:e2:ae:96:5a:47:39:ea:1c:29:56:16:
         4c:77:5a:44
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYtHT2EpwkFkeVVlDxV6OWwtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxYzZiYmFmNDA5ZjVmZDZkNzA5YzRkN2QyNDM0NGEyOTJh
M2NhYTUwHhcNMjMxMDE5MDk0MTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Nzk4MDQwY2Y4ZTNiZDY1YjZmNzZhOTUzZGZiMmQ4YWNlYzhlYjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnUHo7KPzJHpebalVKmH+jjaIOtAM
CWAY24Ha6mqk9wD2+O9aE2al2CEVNlakrg6CESf9qKSZ6qJSmI+qtwGvTlHwI1RZ
miaxpilYcFVTm72bebZv8Sei+vv3LR+fPHBD1sLxmG0bFVBnODa6Gai90+u6POnV
v6mtDvA4lGvjYhehRWsP5CXDaluqsaSS2hNi+Uw5GMBuUq7TzER/BAD1kmtiTJUC
136N3KH9hYyl7C+R/MstbB0b80G6jb38iRpb/d0KO9dMc3zLK47M85Pt06zs+OGh
PUZbC/PDrM2KECikJsG3gjNiKefk8HjAwAtivwcwIvbsKg9JnOSqpsuF5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJeYBAz4471ltvdqlT37LYrOyOt/MB8GA1UdIwQY
MBaAFDHGu69An1/W1wnE19JDRKKSo8qlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWNhN3IwQ2ZYOWJYQ2NUWDBrTkVvcEtqeXFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9jYmY5M2MtNmRkYS00ODI0LTgwMzMt
NDFjM2NmOTA4ZTk3LzEvbDVnRURQamp2V1cyOTJxVlBmc3RpczdJNjM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9jYmY5M2MtNmRkYS00ODI0LTgwMzMtNDFjM2NmOTA4ZTk3
LzEvTWNhN3IwQ2ZYOWJYQ2NUWDBrTkVvcEtqeXFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwd/QMA0G
CSqGSIb3DQEBCwUAA4IBAQAtKAieOWj8ACmg/vxHCloJ/VVxCWmfb/lCIdHFj9MN
vR6Y1WSr9TjEn8BnGMSWz1wYj545nvHxtGAke39r4TDbgudlVWnvUIW85izjgA4S
7a/AJRIypacIUdSq32pOQ1VFI+KXMfzMyqm1SjkNPso2ugSMWtO/etIWMRwYreKC
L5yzNIw/eVTQkgoQFz02phXHta2sKsgxnIsfQoqtibhfqgNH3BXHkDmeOhOJ6cq5
TtcG9jI44ryuh6iYOgfc5vH62LUn+mfQX/pUyKbieXwX8PyhkGvdjPCiRRk15zbv
NCHNL2Th82AYQ580RGoaCJHO4q6WWkc56hwpVhZMd1pE
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:07 2024 by rpki-client on console-fra.rpki-client.org