Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/f8a9eb-7f8d-4bf7-83d9-9096e1674e22/1/93Aeit0w-yQqRtVOUV8sAgG9umA.roa
File:                     93Aeit0w-yQqRtVOUV8sAgG9umA.roa (raw, json)
Hash identifier:          os/biNiUSJc9Q0sdk5ma3aq8yfkA8JcPUf9LuLCd7cc=
Subject key identifier:   F7:70:1E:8A:DD:30:FB:24:2A:46:D5:4E:51:5F:2C:02:01:BD:BA:60
Certificate issuer:       /CN=92e720465c5cd0da9c6a13b44fa0d86f649e5055
Certificate serial:       018B03FC3BDA1D0CA4ACACC0FB7B89AF8951
Authority key identifier: 92:E7:20:46:5C:5C:D0:DA:9C:6A:13:B4:4F:A0:D8:6F:64:9E:50:55
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/kucgRlxc0NqcahO0T6DYb2SeUFU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/f8a9eb-7f8d-4bf7-83d9-9096e1674e22/1/93Aeit0w-yQqRtVOUV8sAgG9umA.roa
Signing time:             Fri 06 Oct 2023 07:55:43 +0000
ROA not before:           Fri 06 Oct 2023 07:55:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        147.161.3.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 06 Oct 2023 14:04:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:03:fc:3b:da:1d:0c:a4:ac:ac:c0:fb:7b:89:af:89:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=92e720465c5cd0da9c6a13b44fa0d86f649e5055
        Validity
            Not Before: Oct  6 07:55:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f7701e8add30fb242a46d54e515f2c0201bdba60
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:2e:84:e7:aa:e1:1a:6c:6f:00:98:9c:62:41:
                    bf:30:0f:30:fa:47:5d:75:a6:73:43:5d:17:fa:f3:
                    42:21:f3:1f:35:bd:e1:c4:ec:cf:dc:8a:0e:1d:31:
                    c9:2a:ab:59:d9:f1:b7:fc:3e:d2:9b:60:b5:f5:b3:
                    45:6a:50:bc:66:31:cf:c2:86:ac:f1:ef:05:fd:2f:
                    83:3e:d3:4e:31:5c:34:d1:3c:1f:b6:36:bb:2c:94:
                    85:30:8a:39:54:19:c4:c4:84:97:60:cb:2e:42:2f:
                    65:08:a4:18:31:df:f4:3c:8c:c0:e0:33:fe:1c:cd:
                    fa:af:06:b9:1e:38:20:1d:40:be:3f:b2:25:6d:1e:
                    d8:7a:a5:49:39:03:d0:20:93:4b:bd:86:ae:59:27:
                    27:ed:b4:04:11:8a:67:0e:9b:90:83:b5:97:28:8d:
                    77:42:4e:dc:c7:a0:9e:a6:32:61:68:f9:5d:24:d3:
                    8f:df:a2:23:3f:45:97:f0:42:65:d5:04:e3:a8:38:
                    eb:45:d1:d7:62:7e:b8:67:db:10:57:81:fb:2e:ee:
                    b0:4f:e7:27:74:22:cb:90:79:24:ba:8c:8a:d7:50:
                    f1:65:19:67:68:88:79:30:a5:17:5b:5d:dc:d1:66:
                    68:94:dc:0e:16:b6:96:97:bf:1f:23:ba:b9:32:f0:
                    1d:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:70:1E:8A:DD:30:FB:24:2A:46:D5:4E:51:5F:2C:02:01:BD:BA:60
            X509v3 Authority Key Identifier:
                keyid:92:E7:20:46:5C:5C:D0:DA:9C:6A:13:B4:4F:A0:D8:6F:64:9E:50:55

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kucgRlxc0NqcahO0T6DYb2SeUFU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/f8a9eb-7f8d-4bf7-83d9-9096e1674e22/1/93Aeit0w-yQqRtVOUV8sAgG9umA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/f8a9eb-7f8d-4bf7-83d9-9096e1674e22/1/kucgRlxc0NqcahO0T6DYb2SeUFU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  147.161.3.0/24

    Signature Algorithm: sha256WithRSAEncryption
         45:44:4e:f0:e9:f8:03:10:b2:d3:fa:9c:76:d9:e1:d1:a0:bc:
         1a:b4:3c:6d:f2:ff:b1:ab:95:94:70:f3:a3:b4:78:4b:ad:4c:
         e4:fb:f8:72:7f:98:4f:30:60:96:e8:1c:0e:af:8b:7b:d6:3f:
         0c:0f:ec:1f:7c:33:f6:87:e6:16:59:f6:e1:cb:ed:38:6d:54:
         47:60:f4:2c:2d:a8:43:21:ea:69:ea:21:d2:c2:bb:da:c6:c0:
         2c:a4:97:fa:5c:21:37:eb:80:b6:35:95:01:91:e2:99:a0:8a:
         2f:88:48:2b:c5:27:16:87:1a:31:68:0e:99:82:8d:88:e9:01:
         43:d8:57:03:cf:96:f1:a7:fd:94:dd:2a:a0:97:74:7a:a0:f7:
         1b:6c:a8:4d:f0:7b:8b:f8:04:04:44:e5:35:4c:03:fc:84:51:
         61:5a:4e:c3:5c:a1:42:f2:58:74:ea:5e:b6:22:4c:f7:b0:b1:
         a5:d3:96:cb:59:b9:ad:36:d9:ff:d0:7e:84:5a:7c:76:5f:43:
         4d:70:1d:5a:50:be:1e:5e:2d:9e:71:03:bd:8d:96:c7:0e:bc:
         66:a3:59:00:85:ae:14:b7:09:6d:d7:69:29:bd:d0:5a:b9:8e:
         da:cf:be:66:d4:55:01:77:3b:4e:f5:4f:26:48:e3:59:2e:6c:
         47:75:5b:27
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYsD/DvaHQykrKzA+3uJr4lRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZTcyMDQ2NWM1Y2QwZGE5YzZhMTNiNDRmYTBkODZmNjQ5
ZTUwNTUwHhcNMjMxMDA2MDc1NTQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzcwMWU4YWRkMzBmYjI0MmE0NmQ1NGU1MTVmMmMwMjAxYmRiYTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArC6E56rhGmxvAJicYkG/MA8w+kdd
daZzQ10X+vNCIfMfNb3hxOzP3IoOHTHJKqtZ2fG3/D7Sm2C19bNFalC8ZjHPwoas
8e8F/S+DPtNOMVw00Twftja7LJSFMIo5VBnExISXYMsuQi9lCKQYMd/0PIzA4DP+
HM36rwa5HjggHUC+P7IlbR7YeqVJOQPQIJNLvYauWScn7bQEEYpnDpuQg7WXKI13
Qk7cx6CepjJhaPldJNOP36IjP0WX8EJl1QTjqDjrRdHXYn64Z9sQV4H7Lu6wT+cn
dCLLkHkkuoyK11DxZRlnaIh5MKUXW13c0WZolNwOFraWl78fI7q5MvAd+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPdwHordMPskKkbVTlFfLAIBvbpgMB8GA1UdIwQY
MBaAFJLnIEZcXNDanGoTtE+g2G9knlBVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3VjZ1JseGMwTnFjYWhPMFQ2RFliMlNlVUZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9mOGE5ZWItN2Y4ZC00YmY3LTgzZDkt
OTA5NmUxNjc0ZTIyLzEvOTNBZWl0MHcteVFxUnRWT1VWOHNBZ0c5dW1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9mOGE5ZWItN2Y4ZC00YmY3LTgzZDktOTA5NmUxNjc0ZTIy
LzEva3VjZ1JseGMwTnFjYWhPMFQ2RFliMlNlVUZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAk6EDMA0G
CSqGSIb3DQEBCwUAA4IBAQBFRE7w6fgDELLT+px22eHRoLwatDxt8v+xq5WUcPOj
tHhLrUzk+/hyf5hPMGCW6BwOr4t71j8MD+wffDP2h+YWWfbhy+04bVRHYPQsLahD
Iepp6iHSwrvaxsAspJf6XCE364C2NZUBkeKZoIoviEgrxScWhxoxaA6Zgo2I6QFD
2FcDz5bxp/2U3Sqgl3R6oPcbbKhN8HuL+AQEROU1TAP8hFFhWk7DXKFC8lh06l62
Ikz3sLGl05bLWbmtNtn/0H6EWnx2X0NNcB1aUL4eXi2ecQO9jZbHDrxmo1kAha4U
twlt12kpvdBauY7az75m1FUBdztO9U8mSONZLmxHdVsn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:20 2024 by rpki-client on console-fra.rpki-client.org