Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/0f169c-6da7-4350-8d3c-4ca44802b563/1/jjozQ26qgxC_jKf_vgusAevK_6o.roa
File:                     jjozQ26qgxC_jKf_vgusAevK_6o.roa (raw, json)
Hash identifier:          djTF3E5mqFNJTNjNp5Rhi57fyNg0OQ2bF9dRyXrzkfM=
Subject key identifier:   8E:3A:33:43:6E:AA:83:10:BF:8C:A7:FF:BE:0B:AC:01:EB:CA:FF:AA
Certificate issuer:       /CN=cad79c126b82f77cc63b5a6b6cd8bdae6e0f5a3c
Certificate serial:       018571555A21B9EF572DF9D423E7DDF219AB
Authority key identifier: CA:D7:9C:12:6B:82:F7:7C:C6:3B:5A:6B:6C:D8:BD:AE:6E:0F:5A:3C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ytecEmuC93zGO1prbNi9rm4PWjw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a4/0f169c-6da7-4350-8d3c-4ca44802b563/1/jjozQ26qgxC_jKf_vgusAevK_6o.roa
Signing time:             Mon 02 Jan 2023 07:14:57 +0000
ROA not before:           Mon 02 Jan 2023 07:14:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     137
IP address blocks:        193.43.117.0/24 maxlen: 24
                          193.43.18.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:55:5a:21:b9:ef:57:2d:f9:d4:23:e7:dd:f2:19:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cad79c126b82f77cc63b5a6b6cd8bdae6e0f5a3c
        Validity
            Not Before: Jan  2 07:14:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8e3a33436eaa8310bf8ca7ffbe0bac01ebcaffaa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:e5:3e:8f:0b:2c:0e:af:19:31:97:a4:0e:1c:
                    a3:fe:54:a0:10:bc:0b:78:b1:61:7d:05:3c:8b:7e:
                    51:80:5e:29:e5:09:96:cb:19:33:2d:a5:12:c7:b6:
                    53:80:77:e4:fb:46:8c:80:e8:74:f6:06:d8:22:60:
                    89:bf:7c:fa:51:c8:f0:9f:dc:15:c3:8c:0c:96:2c:
                    65:a5:7c:2e:80:a8:cc:9d:12:3b:82:10:77:70:77:
                    fd:27:d0:4c:0e:04:21:c1:12:10:75:76:2b:13:29:
                    ec:6b:b5:9e:37:83:03:41:b7:f8:40:9d:b3:fd:85:
                    fa:32:ca:e6:5e:91:11:75:9b:b1:58:54:13:00:ee:
                    01:b6:43:72:31:24:e5:e7:1e:81:e9:67:8f:d3:61:
                    4d:e3:65:b4:1d:b3:17:ae:82:4d:25:ff:c5:fa:cd:
                    fe:83:66:ab:78:64:bb:6c:97:c3:7b:5c:4c:96:6b:
                    1b:53:97:2f:af:63:65:3f:c4:4d:8e:a6:84:6c:f4:
                    7e:53:06:e6:80:4d:9e:6e:bd:e5:32:ac:5d:15:54:
                    40:3a:ac:1d:e6:b3:ba:5a:e6:b0:84:8e:08:27:8d:
                    f4:84:ca:0c:3d:48:54:ad:0d:a2:57:35:3f:24:8e:
                    f2:fd:73:1c:40:e8:a4:a1:50:81:45:c1:1c:0b:f8:
                    6a:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:3A:33:43:6E:AA:83:10:BF:8C:A7:FF:BE:0B:AC:01:EB:CA:FF:AA
            X509v3 Authority Key Identifier:
                keyid:CA:D7:9C:12:6B:82:F7:7C:C6:3B:5A:6B:6C:D8:BD:AE:6E:0F:5A:3C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ytecEmuC93zGO1prbNi9rm4PWjw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/0f169c-6da7-4350-8d3c-4ca44802b563/1/jjozQ26qgxC_jKf_vgusAevK_6o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/0f169c-6da7-4350-8d3c-4ca44802b563/1/ytecEmuC93zGO1prbNi9rm4PWjw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.43.18.0/23
                  193.43.117.0/24

    Signature Algorithm: sha256WithRSAEncryption
         03:3f:2e:84:33:a2:f5:03:de:ef:dd:52:1e:72:53:49:01:37:
         de:e7:b2:57:86:c0:bd:af:40:03:d1:24:bc:f3:40:d9:b6:e1:
         48:f0:4d:bc:84:8f:27:3d:98:6d:fd:62:c4:62:05:89:d7:77:
         44:a4:d7:6c:6e:69:bb:5d:1d:75:fb:39:53:34:ea:e6:ae:26:
         67:f8:45:5b:6e:92:7e:17:0b:cf:36:45:ad:6d:42:9e:94:91:
         d8:17:11:29:c0:f3:8b:c1:28:be:9c:69:85:da:6d:b3:5a:1d:
         68:1e:e9:f2:46:20:e3:c1:93:62:4d:28:8a:e5:5d:a9:cf:b8:
         f4:99:30:92:b4:bb:17:28:8e:db:57:5b:5c:5b:50:43:64:21:
         c1:0f:1b:34:48:59:d8:e9:8a:d7:a1:bc:08:91:cf:a0:d6:b5:
         1d:04:34:0a:da:92:60:04:32:69:3a:b6:2d:7d:7d:20:b3:2f:
         f2:c0:48:7f:80:a4:4d:b2:57:b7:b3:be:02:ab:c7:2b:fe:b4:
         3b:b8:1d:49:31:e9:0a:db:ee:15:16:c0:86:da:12:6f:a5:a7:
         9c:07:d1:4a:44:4f:f9:e8:74:c0:25:d2:20:81:65:94:24:e7:
         b8:e1:9f:20:4c:70:2b:f4:cc:3d:8e:3b:20:a4:ca:70:9e:26:
         5b:c4:82:ec
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxVVohue9XLfnUI+fd8hmrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhZDc5YzEyNmI4MmY3N2NjNjNiNWE2YjZjZDhiZGFlNmUw
ZjVhM2MwHhcNMjMwMTAyMDcxNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTNhMzM0MzZlYWE4MzEwYmY4Y2E3ZmZiZTBiYWMwMWViY2FmZmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3uU+jwssDq8ZMZekDhyj/lSgELwL
eLFhfQU8i35RgF4p5QmWyxkzLaUSx7ZTgHfk+0aMgOh09gbYImCJv3z6Ucjwn9wV
w4wMlixlpXwugKjMnRI7ghB3cHf9J9BMDgQhwRIQdXYrEynsa7WeN4MDQbf4QJ2z
/YX6MsrmXpERdZuxWFQTAO4BtkNyMSTl5x6B6WeP02FN42W0HbMXroJNJf/F+s3+
g2areGS7bJfDe1xMlmsbU5cvr2NlP8RNjqaEbPR+UwbmgE2ebr3lMqxdFVRAOqwd
5rO6WuawhI4IJ430hMoMPUhUrQ2iVzU/JI7y/XMcQOikoVCBRcEcC/hqWwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFI46M0NuqoMQv4yn/74LrAHryv+qMB8GA1UdIwQY
MBaAFMrXnBJrgvd8xjtaa2zYva5uD1o8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXRlY0VtdUM5M3pHTzFwcmJOaTlybTRQV2p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC8wZjE2OWMtNmRhNy00MzUwLThkM2Mt
NGNhNDQ4MDJiNTYzLzEvampvelEyNnFneENfaktmX3ZndXNBZXZLXzZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC8wZjE2OWMtNmRhNy00MzUwLThkM2MtNGNhNDQ4MDJiNTYz
LzEveXRlY0VtdUM5M3pHTzFwcmJOaTlybTRQV2p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwSsSAwQA
wSt1MA0GCSqGSIb3DQEBCwUAA4IBAQADPy6EM6L1A97v3VIeclNJATfe57JXhsC9
r0AD0SS880DZtuFI8E28hI8nPZht/WLEYgWJ13dEpNdsbmm7XR11+zlTNOrmriZn
+EVbbpJ+FwvPNkWtbUKelJHYFxEpwPOLwSi+nGmF2m2zWh1oHunyRiDjwZNiTSiK
5V2pz7j0mTCStLsXKI7bV1tcW1BDZCHBDxs0SFnY6YrXobwIkc+g1rUdBDQK2pJg
BDJpOrYtfX0gsy/ywEh/gKRNsle3s74Cq8cr/rQ7uB1JMekK2+4VFsCG2hJvpaec
B9FKRE/56HTAJdIggWWUJOe44Z8gTHAr9Mw9jjsgpMpwniZbxILs
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:25 2024 by rpki-client on console-ams.rpki-client.org