Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/5bc134-5625-4eb1-9f70-f9fedbf63272/1/WdJJ3x2MtB61iddgQ4UR9fw6fNo.roa
File:                     WdJJ3x2MtB61iddgQ4UR9fw6fNo.roa (raw, json)
Hash identifier:          zo/ePbEoRDbLh4jmSq2tLcw6hnZQQth0b7UxAJFXFlc=
Subject key identifier:   59:D2:49:DF:1D:8C:B4:1E:B5:89:D7:60:43:85:11:F5:FC:3A:7C:DA
Certificate issuer:       /CN=82f59386fcde596f7459075edea4d74c19b01ca2
Certificate serial:       0187EBF2B73BB4F6269D4CFDD216BD81D12A
Authority key identifier: 82:F5:93:86:FC:DE:59:6F:74:59:07:5E:DE:A4:D7:4C:19:B0:1C:A2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gvWThvzeWW90WQde3qTXTBmwHKI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a8/5bc134-5625-4eb1-9f70-f9fedbf63272/1/WdJJ3x2MtB61iddgQ4UR9fw6fNo.roa
Signing time:             Fri 05 May 2023 12:46:05 +0000
ROA not before:           Fri 05 May 2023 12:46:05 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     30781
IP address blocks:        193.56.87.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 15 May 2023 08:30:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:eb:f2:b7:3b:b4:f6:26:9d:4c:fd:d2:16:bd:81:d1:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=82f59386fcde596f7459075edea4d74c19b01ca2
        Validity
            Not Before: May  5 12:46:05 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=59d249df1d8cb41eb589d760438511f5fc3a7cda
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:cb:a4:58:5e:a9:e3:d7:db:46:40:c2:eb:07:
                    14:f7:c6:a0:42:3c:a5:04:b2:61:85:d6:a4:dc:9b:
                    bd:c9:91:b4:c8:8b:c1:8b:ff:15:6b:ea:1e:5c:df:
                    bd:e8:57:86:66:8c:61:a2:f3:ea:b0:08:ff:e9:57:
                    7a:15:7d:a2:83:54:31:c9:7f:67:60:a9:b2:5e:3f:
                    00:6b:12:7e:69:48:1e:22:9c:2a:68:48:2e:01:77:
                    37:4e:7b:93:ed:a8:c0:e8:6b:41:8c:a7:03:8e:b3:
                    36:7d:08:c5:f5:2c:23:00:27:62:b6:58:fc:6c:d8:
                    17:e4:9d:4c:3d:cd:41:33:c6:f7:0f:96:66:0f:03:
                    6b:d7:99:d2:74:c0:2d:2f:37:c2:fa:f7:5d:0d:cc:
                    c0:54:81:eb:ef:20:5a:6a:05:28:4d:85:2f:f6:21:
                    31:7b:65:5c:e8:4a:30:26:fa:eb:b2:28:64:98:f8:
                    9f:ef:d1:7c:70:11:cb:d6:ce:63:c0:4d:da:64:4b:
                    97:d2:ee:db:0f:05:d8:86:68:a9:53:ea:35:53:b4:
                    2c:42:a1:c3:70:2a:1d:dc:41:dd:1a:ce:2d:4c:66:
                    e2:a4:b9:fb:f3:a4:81:20:a9:b3:78:8b:f6:c8:22:
                    ea:72:8f:e8:92:38:1f:df:b0:4f:32:5b:23:ec:76:
                    4b:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:D2:49:DF:1D:8C:B4:1E:B5:89:D7:60:43:85:11:F5:FC:3A:7C:DA
            X509v3 Authority Key Identifier:
                keyid:82:F5:93:86:FC:DE:59:6F:74:59:07:5E:DE:A4:D7:4C:19:B0:1C:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gvWThvzeWW90WQde3qTXTBmwHKI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/5bc134-5625-4eb1-9f70-f9fedbf63272/1/WdJJ3x2MtB61iddgQ4UR9fw6fNo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/5bc134-5625-4eb1-9f70-f9fedbf63272/1/gvWThvzeWW90WQde3qTXTBmwHKI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.56.87.0/24

    Signature Algorithm: sha256WithRSAEncryption
         89:99:36:36:5b:6e:13:f4:c7:19:f1:9c:a2:57:35:3c:84:35:
         c0:77:6f:e0:1b:c5:92:05:68:e8:c5:44:2c:e2:64:01:df:f6:
         29:32:21:45:44:e7:3b:3a:88:aa:83:69:0f:a3:4e:67:18:81:
         05:5b:ab:c6:8b:67:b9:34:40:d3:48:2f:19:41:a3:67:f3:02:
         47:b9:4a:86:e3:5e:c2:17:ed:4d:80:54:f0:e4:81:f1:9c:fc:
         38:2a:ab:65:47:88:8d:5a:fa:84:8f:49:58:73:67:14:44:74:
         9f:e3:4a:8a:b6:8e:08:ca:1d:02:42:98:ec:10:94:1f:35:70:
         d8:d3:95:13:0a:99:99:e3:86:91:f9:3d:b1:a7:1e:4e:a0:a6:
         e8:9e:9a:03:1a:3c:4b:0f:53:37:98:ec:fe:02:a3:85:16:08:
         71:83:d6:33:eb:60:91:ab:c6:1a:8e:13:81:95:c6:61:f8:33:
         5f:a0:02:86:5b:d5:3b:c0:0e:99:6b:07:7a:88:ca:4d:bd:3a:
         53:56:d5:56:bf:71:1d:bf:5c:51:eb:e8:91:5d:b8:cb:3c:b4:
         27:ae:8b:a8:4b:81:c1:51:1a:71:3f:f1:3f:05:55:2a:2f:2b:
         0a:c6:b9:a2:35:bd:25:07:09:dd:63:2d:ca:85:14:ce:41:b6:
         d4:a3:ee:b3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYfr8rc7tPYmnUz90ha9gdEqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyZjU5Mzg2ZmNkZTU5NmY3NDU5MDc1ZWRlYTRkNzRjMTli
MDFjYTIwHhcNMjMwNTA1MTI0NjA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWQyNDlkZjFkOGNiNDFlYjU4OWQ3NjA0Mzg1MTFmNWZjM2E3Y2RhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhMukWF6p49fbRkDC6wcU98agQjyl
BLJhhdak3Ju9yZG0yIvBi/8Va+oeXN+96FeGZoxhovPqsAj/6Vd6FX2ig1QxyX9n
YKmyXj8AaxJ+aUgeIpwqaEguAXc3TnuT7ajA6GtBjKcDjrM2fQjF9SwjACditlj8
bNgX5J1MPc1BM8b3D5ZmDwNr15nSdMAtLzfC+vddDczAVIHr7yBaagUoTYUv9iEx
e2Vc6EowJvrrsihkmPif79F8cBHL1s5jwE3aZEuX0u7bDwXYhmipU+o1U7QsQqHD
cCod3EHdGs4tTGbipLn786SBIKmzeIv2yCLqco/okjgf37BPMlsj7HZL8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFnSSd8djLQetYnXYEOFEfX8OnzaMB8GA1UdIwQY
MBaAFIL1k4b83llvdFkHXt6k10wZsByiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3ZXVGh2emVXVzkwV1FkZTNxVFhUQm13SEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC81YmMxMzQtNTYyNS00ZWIxLTlmNzAt
ZjlmZWRiZjYzMjcyLzEvV2RKSjN4Mk10QjYxaWRkZ1E0VVI5Znc2Zk5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC81YmMxMzQtNTYyNS00ZWIxLTlmNzAtZjlmZWRiZjYzMjcy
LzEvZ3ZXVGh2emVXVzkwV1FkZTNxVFhUQm13SEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwThXMA0G
CSqGSIb3DQEBCwUAA4IBAQCJmTY2W24T9McZ8ZyiVzU8hDXAd2/gG8WSBWjoxUQs
4mQB3/YpMiFFROc7Ooiqg2kPo05nGIEFW6vGi2e5NEDTSC8ZQaNn8wJHuUqG417C
F+1NgFTw5IHxnPw4KqtlR4iNWvqEj0lYc2cURHSf40qKto4Iyh0CQpjsEJQfNXDY
05UTCpmZ44aR+T2xpx5OoKbonpoDGjxLD1M3mOz+AqOFFghxg9Yz62CRq8YajhOB
lcZh+DNfoAKGW9U7wA6Zawd6iMpNvTpTVtVWv3Edv1xR6+iRXbjLPLQnrouoS4HB
URpxP/E/BVUqLysKxrmiNb0lBwndYy3KhRTOQbbUo+6z
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:08 2024 by rpki-client on console-ams.rpki-client.org