Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/21ba83-f94e-455a-a2b7-a62556d25447/1/JcqQ8E_njNdR4KqlJgR0uheDtgE.roa
File:                     JcqQ8E_njNdR4KqlJgR0uheDtgE.roa (raw, json)
Hash identifier:          NGMcZJzgiGSGo5SuS7BCGrziHJDw4bnlEkXpyQFcokA=
Subject key identifier:   25:CA:90:F0:4F:E7:8C:D7:51:E0:AA:A5:26:04:74:BA:17:83:B6:01
Certificate issuer:       /CN=0f37397d8b6c873e29be6e099de7b746eafd0eb4
Certificate serial:       018BB0759336202914F0710A4501E225BC0F
Authority key identifier: 0F:37:39:7D:8B:6C:87:3E:29:BE:6E:09:9D:E7:B7:46:EA:FD:0E:B4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Dzc5fYtshz4pvm4Jnee3Rur9DrQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/21ba83-f94e-455a-a2b7-a62556d25447/1/JcqQ8E_njNdR4KqlJgR0uheDtgE.roa
Signing time:             Wed 08 Nov 2023 19:42:57 +0000
ROA not before:           Wed 08 Nov 2023 19:42:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     44679
IP address blocks:        193.201.232.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:31:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:b0:75:93:36:20:29:14:f0:71:0a:45:01:e2:25:bc:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0f37397d8b6c873e29be6e099de7b746eafd0eb4
        Validity
            Not Before: Nov  8 19:42:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=25ca90f04fe78cd751e0aaa5260474ba1783b601
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:73:56:2e:92:07:06:4f:8e:d6:bc:da:8f:38:
                    ae:17:1d:95:50:f1:1f:3e:64:f8:92:c6:7e:ce:96:
                    2f:9b:d1:d1:eb:d8:c3:7c:ab:26:25:83:86:a7:33:
                    1a:10:46:46:66:0a:c1:2b:b8:fb:86:ee:71:dc:9a:
                    93:b1:fb:a2:eb:2b:5f:6d:d0:13:5f:67:b6:80:af:
                    de:20:e8:ca:a1:b1:c6:77:d2:e6:97:63:f7:26:14:
                    5f:2c:34:b8:2b:66:7f:8e:19:10:c2:48:e0:e1:e6:
                    aa:f1:58:77:2f:97:40:2a:25:34:ac:ce:12:ba:0e:
                    24:c3:0c:6d:86:bc:0a:fe:16:0d:14:25:1f:8d:45:
                    65:18:fd:2f:06:6a:1b:8f:5c:0b:a2:b1:1e:8a:4c:
                    25:ff:93:9e:8c:f8:28:e6:cc:a7:86:9a:bd:37:a3:
                    9b:62:fc:a4:73:b7:9e:a3:d9:d9:ce:b7:b6:19:c1:
                    1f:d5:9a:dc:ef:23:38:ab:51:9f:52:04:00:85:5b:
                    a9:fd:a2:85:e7:47:2c:2f:ff:f2:74:7e:3f:89:81:
                    8b:3b:6d:df:f7:af:86:01:75:31:20:40:91:8e:db:
                    da:32:01:37:96:40:d6:a0:8c:84:36:ad:3f:4c:9d:
                    a1:4b:26:ab:c5:a9:9b:56:a1:3a:64:7e:4e:9a:5b:
                    65:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:CA:90:F0:4F:E7:8C:D7:51:E0:AA:A5:26:04:74:BA:17:83:B6:01
            X509v3 Authority Key Identifier:
                keyid:0F:37:39:7D:8B:6C:87:3E:29:BE:6E:09:9D:E7:B7:46:EA:FD:0E:B4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dzc5fYtshz4pvm4Jnee3Rur9DrQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/21ba83-f94e-455a-a2b7-a62556d25447/1/JcqQ8E_njNdR4KqlJgR0uheDtgE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/21ba83-f94e-455a-a2b7-a62556d25447/1/Dzc5fYtshz4pvm4Jnee3Rur9DrQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.201.232.0/22

    Signature Algorithm: sha256WithRSAEncryption
         0a:e2:d7:2a:1a:08:b9:ad:87:5a:78:94:13:72:5d:b2:e4:78:
         58:5e:48:8e:5d:72:dc:19:f0:b7:24:49:e9:02:3a:11:af:a6:
         28:7e:d4:d2:f1:10:12:88:f0:f8:f2:6b:5f:de:3b:3f:11:4c:
         22:31:10:d6:a8:26:d7:b6:6f:d9:54:ac:87:03:fb:2e:c3:b6:
         72:e8:25:5f:d2:de:6a:93:b7:6e:e2:cf:6a:3e:39:eb:c2:a9:
         8a:58:01:c1:7e:34:18:82:73:cb:99:5c:ca:68:24:8c:d3:1c:
         7b:f2:d9:ab:66:9e:c3:f7:5a:dc:02:75:74:71:12:8e:58:58:
         e2:ac:76:5d:be:16:73:3c:f3:88:69:e5:29:88:7b:d2:cb:96:
         b4:d2:df:df:88:c4:f6:7b:92:72:5f:9c:52:51:6e:b0:17:08:
         94:41:75:6b:e5:8e:a6:10:1f:8b:a1:02:5c:9f:af:9a:2b:d1:
         5b:67:d9:cc:65:7e:0c:02:55:cb:5d:40:b9:b0:8d:78:f3:01:
         8e:62:81:b0:38:6c:f6:fa:16:65:16:f8:5f:8e:5c:7a:77:95:
         6f:c6:2c:bf:5d:e9:1b:7d:e5:2a:30:cd:87:c2:20:ab:cd:89:
         a6:ab:c8:7e:32:67:fa:b4:62:59:5c:7d:af:ec:d5:a8:22:da:
         3e:79:d5:f7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYuwdZM2ICkU8HEKRQHiJbwPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmMzczOTdkOGI2Yzg3M2UyOWJlNmUwOTlkZTdiNzQ2ZWFm
ZDBlYjQwHhcNMjMxMTA4MTk0MjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWNhOTBmMDRmZTc4Y2Q3NTFlMGFhYTUyNjA0NzRiYTE3ODNiNjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAknNWLpIHBk+O1rzajziuFx2VUPEf
PmT4ksZ+zpYvm9HR69jDfKsmJYOGpzMaEEZGZgrBK7j7hu5x3JqTsfui6ytfbdAT
X2e2gK/eIOjKobHGd9Lml2P3JhRfLDS4K2Z/jhkQwkjg4eaq8Vh3L5dAKiU0rM4S
ug4kwwxthrwK/hYNFCUfjUVlGP0vBmobj1wLorEeikwl/5OejPgo5synhpq9N6Ob
Yvykc7eeo9nZzre2GcEf1Zrc7yM4q1GfUgQAhVup/aKF50csL//ydH4/iYGLO23f
96+GAXUxIECRjtvaMgE3lkDWoIyENq0/TJ2hSyarxambVqE6ZH5OmltlWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCXKkPBP54zXUeCqpSYEdLoXg7YBMB8GA1UdIwQY
MBaAFA83OX2LbIc+Kb5uCZ3nt0bq/Q60MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHpjNWZZdHNoejRwdm00Sm5lZTNSdXI5RHJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy8yMWJhODMtZjk0ZS00NTVhLWEyYjct
YTYyNTU2ZDI1NDQ3LzEvSmNxUThFX25qTmRSNEtxbEpnUjB1aGVEdGdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy8yMWJhODMtZjk0ZS00NTVhLWEyYjctYTYyNTU2ZDI1NDQ3
LzEvRHpjNWZZdHNoejRwdm00Sm5lZTNSdXI5RHJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwcnoMA0G
CSqGSIb3DQEBCwUAA4IBAQAK4tcqGgi5rYdaeJQTcl2y5HhYXkiOXXLcGfC3JEnp
AjoRr6YoftTS8RASiPD48mtf3js/EUwiMRDWqCbXtm/ZVKyHA/suw7Zy6CVf0t5q
k7du4s9qPjnrwqmKWAHBfjQYgnPLmVzKaCSM0xx78tmrZp7D91rcAnV0cRKOWFji
rHZdvhZzPPOIaeUpiHvSy5a00t/fiMT2e5JyX5xSUW6wFwiUQXVr5Y6mEB+LoQJc
n6+aK9FbZ9nMZX4MAlXLXUC5sI148wGOYoGwOGz2+hZlFvhfjlx6d5Vvxiy/Xekb
feUqMM2HwiCrzYmmq8h+Mmf6tGJZXH2v7NWoIto+edX3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:40 2024 by rpki-client on console-fra.rpki-client.org