Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/L1icwb5RXXRNyUOpPaIsAtab4wY.roa
File:                     L1icwb5RXXRNyUOpPaIsAtab4wY.roa (raw, json)
Hash identifier:          hm0Y/V6WBC8ovWCbObA+MasFr+gB948kEC7XNVWGZS8=
Subject key identifier:   2F:58:9C:C1:BE:51:5D:74:4D:C9:43:A9:3D:A2:2C:02:D6:9B:E3:06
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       01860DA04504E5EBE1D40A3C539BED15877E
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/L1icwb5RXXRNyUOpPaIsAtab4wY.roa
Signing time:             Wed 01 Feb 2023 15:37:32 +0000
ROA not before:           Wed 01 Feb 2023 15:37:32 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     210912
IP address blocks:        193.23.130.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Thu 09 Feb 2023 13:37:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:0d:a0:45:04:e5:eb:e1:d4:0a:3c:53:9b:ed:15:87:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Feb  1 15:37:32 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2f589cc1be515d744dc943a93da22c02d69be306
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:d4:26:9f:28:96:f6:0d:df:4e:a1:05:6d:fe:
                    17:df:7f:df:99:60:64:3c:38:3e:2d:fc:df:6a:4b:
                    6d:4f:34:b7:ad:f6:1c:11:42:0b:fd:43:43:b7:5b:
                    f2:f5:54:1f:4b:b9:b6:1f:32:7d:7c:a3:51:87:f6:
                    1e:b6:88:9d:3c:6c:1b:ba:0f:d7:97:2c:94:6e:1c:
                    8d:e8:71:87:08:7a:25:8c:15:1a:64:2d:23:35:d5:
                    56:4b:1d:c0:40:4b:c2:6c:a4:57:80:26:fe:4c:c1:
                    31:ac:c3:d1:5a:bc:d8:53:36:24:cc:d7:2e:26:8c:
                    b1:f0:8d:2e:cd:fd:fc:4e:57:35:f9:b8:e8:77:f7:
                    07:b2:bb:2d:c6:db:9f:0a:c2:3a:f6:31:e1:9b:f9:
                    f3:f6:e1:43:10:68:60:67:02:31:22:bc:3b:21:90:
                    76:82:fe:18:56:0a:c3:ea:e6:2f:16:8a:30:62:ba:
                    61:bf:0e:ea:fb:c4:8a:82:61:d5:4d:d4:06:a9:9d:
                    b9:62:f5:1f:03:88:fc:8b:9a:97:95:43:5f:02:b3:
                    d5:3d:f1:20:64:67:df:90:13:d3:99:8a:4a:4b:07:
                    58:a6:6f:ef:6d:68:9e:2b:d6:97:3e:2f:e4:21:bc:
                    83:23:73:fe:e4:f8:27:21:b6:85:38:0c:2b:c3:b9:
                    a0:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:58:9C:C1:BE:51:5D:74:4D:C9:43:A9:3D:A2:2C:02:D6:9B:E3:06
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/L1icwb5RXXRNyUOpPaIsAtab4wY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.23.130.0/23

    Signature Algorithm: sha256WithRSAEncryption
         6b:78:78:91:a7:8b:d6:4b:23:eb:03:fd:57:82:bd:84:5c:60:
         17:36:50:c4:ad:59:d9:d5:7b:74:0c:d6:93:00:cb:ef:e0:99:
         48:23:9b:2e:e3:c6:92:86:86:e0:a9:46:85:34:ea:bd:20:94:
         20:be:f9:64:78:32:0d:ca:d9:2e:21:8b:b5:c9:e4:3c:b8:7b:
         2a:b5:88:df:9e:5a:78:dd:28:70:bf:b0:6c:f6:56:91:f3:25:
         f1:a5:9f:1f:e1:67:f0:9a:f8:9b:3c:4a:b1:58:72:47:09:e0:
         e3:dd:35:3f:c1:01:64:6f:b0:5a:00:c7:a8:a1:fa:d2:7d:8e:
         14:3c:6c:e0:12:33:2f:1f:22:0a:ca:5f:6a:d7:f4:0e:63:4f:
         e0:7c:af:28:63:52:c0:fd:3a:12:d5:d1:4b:09:29:53:a0:cb:
         f8:c7:f7:15:41:5b:e1:ce:f2:b7:7f:d9:4b:63:3c:80:28:b1:
         73:99:b2:38:59:21:55:27:2a:27:ad:9f:3b:45:d9:59:cb:52:
         7d:f0:3c:ce:ec:02:0b:46:5b:92:e9:e8:a2:e9:87:f2:1b:b3:
         73:c7:d1:1e:64:0c:4d:fd:1b:ff:46:82:d1:33:13:ef:07:64:
         0b:b5:65:95:11:52:bc:e2:6f:6d:43:d8:46:7f:89:26:9e:fd:
         a5:54:fc:13
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYYNoEUE5evh1Ao8U5vtFYd+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMjAxMTUzNzMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjU4OWNjMWJlNTE1ZDc0NGRjOTQzYTkzZGEyMmMwMmQ2OWJlMzA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArtQmnyiW9g3fTqEFbf4X33/fmWBk
PDg+LfzfakttTzS3rfYcEUIL/UNDt1vy9VQfS7m2HzJ9fKNRh/YetoidPGwbug/X
lyyUbhyN6HGHCHoljBUaZC0jNdVWSx3AQEvCbKRXgCb+TMExrMPRWrzYUzYkzNcu
Joyx8I0uzf38Tlc1+bjod/cHsrstxtufCsI69jHhm/nz9uFDEGhgZwIxIrw7IZB2
gv4YVgrD6uYvFoowYrphvw7q+8SKgmHVTdQGqZ25YvUfA4j8i5qXlUNfArPVPfEg
ZGffkBPTmYpKSwdYpm/vbWieK9aXPi/kIbyDI3P+5PgnIbaFOAwrw7mgpwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC9YnMG+UV10TclDqT2iLALWm+MGMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvTDFpY3diNVJYWFJOeVVPcFBhSXNBdGFiNHdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwReCMA0G
CSqGSIb3DQEBCwUAA4IBAQBreHiRp4vWSyPrA/1Xgr2EXGAXNlDErVnZ1Xt0DNaT
AMvv4JlII5su48aShobgqUaFNOq9IJQgvvlkeDINytkuIYu1yeQ8uHsqtYjfnlp4
3Shwv7Bs9laR8yXxpZ8f4WfwmvibPEqxWHJHCeDj3TU/wQFkb7BaAMeoofrSfY4U
PGzgEjMvHyIKyl9q1/QOY0/gfK8oY1LA/ToS1dFLCSlToMv4x/cVQVvhzvK3f9lL
YzyAKLFzmbI4WSFVJyonrZ87RdlZy1J98DzO7AILRluS6eii6YfyG7Nzx9EeZAxN
/Rv/RoLRMxPvB2QLtWWVEVK84m9tQ9hGf4kmnv2lVPwT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:45 2024 by rpki-client on console-fra.rpki-client.org