Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/422a4c-8394-46b4-aa18-d1fbe5a91d70/1/rMbSU6W0G4HzSKW6SQjhYznAJRw.roa
File:                     rMbSU6W0G4HzSKW6SQjhYznAJRw.roa (raw, json)
Hash identifier:          nCSJEIUvH9KBWCJidppav5hNfyU/5TCea3OIhnN+YNQ=
Subject key identifier:   AC:C6:D2:53:A5:B4:1B:81:F3:48:A5:BA:49:08:E1:63:39:C0:25:1C
Certificate issuer:       /CN=c0ba50fca33b180d68436e7ef0cbf6904baf45d4
Certificate serial:       018D308C83CEE1BB57208DF3FED030C7EA3F
Authority key identifier: C0:BA:50:FC:A3:3B:18:0D:68:43:6E:7E:F0:CB:F6:90:4B:AF:45:D4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wLpQ_KM7GA1oQ25-8Mv2kEuvRdQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/422a4c-8394-46b4-aa18-d1fbe5a91d70/1/rMbSU6W0G4HzSKW6SQjhYznAJRw.roa
Signing time:             Mon 22 Jan 2024 09:42:11 +0000
ROA not before:           Mon 22 Jan 2024 09:42:11 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     213296
IP address blocks:        194.33.28.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 08 Apr 2024 16:12:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:30:8c:83:ce:e1:bb:57:20:8d:f3:fe:d0:30:c7:ea:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c0ba50fca33b180d68436e7ef0cbf6904baf45d4
        Validity
            Not Before: Jan 22 09:42:11 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=acc6d253a5b41b81f348a5ba4908e16339c0251c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:ca:62:f0:fc:5f:e8:c9:85:50:9a:84:34:99:
                    43:f0:7a:c1:42:6a:29:c2:4c:95:e8:27:8c:20:32:
                    56:d4:2c:79:bc:97:a2:b0:3f:70:6b:8c:bc:a1:4d:
                    5f:d1:96:df:ed:ba:c2:c7:9c:58:36:46:d2:ba:11:
                    5e:c8:fb:af:43:11:1b:21:c3:87:02:ec:13:f9:ea:
                    9d:e6:52:00:2c:07:9e:74:a9:9e:22:fe:f9:05:a3:
                    26:8a:55:ac:02:ca:5b:69:be:f2:3e:01:e4:e9:a1:
                    7a:54:52:67:9f:94:c0:49:b0:aa:8b:26:ef:ec:b0:
                    70:40:99:fe:1c:bb:08:d1:53:67:a6:8c:9b:1e:5d:
                    36:8d:b1:ba:cb:fd:0d:d7:3f:76:ea:fd:62:a2:ea:
                    46:94:da:2b:54:b4:ec:3a:08:cb:30:17:10:96:ac:
                    7b:2f:93:42:16:c4:17:10:62:f2:4b:e4:89:10:07:
                    02:5b:02:b0:47:b8:cd:4a:b0:b0:7b:58:66:91:27:
                    26:5b:5e:b7:21:19:7f:36:3c:53:76:9a:ff:ae:11:
                    bb:e9:ba:1a:ca:88:15:e9:78:ff:34:ed:dc:37:76:
                    d1:9c:e8:fe:46:2e:e3:c7:e1:34:83:32:1b:28:91:
                    ab:e7:33:3d:f3:c9:f4:c5:0a:ba:a0:7c:0d:a9:a2:
                    78:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:C6:D2:53:A5:B4:1B:81:F3:48:A5:BA:49:08:E1:63:39:C0:25:1C
            X509v3 Authority Key Identifier:
                keyid:C0:BA:50:FC:A3:3B:18:0D:68:43:6E:7E:F0:CB:F6:90:4B:AF:45:D4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wLpQ_KM7GA1oQ25-8Mv2kEuvRdQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/422a4c-8394-46b4-aa18-d1fbe5a91d70/1/rMbSU6W0G4HzSKW6SQjhYznAJRw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/422a4c-8394-46b4-aa18-d1fbe5a91d70/1/wLpQ_KM7GA1oQ25-8Mv2kEuvRdQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.33.28.0/24

    Signature Algorithm: sha256WithRSAEncryption
         81:7e:10:11:4b:3c:34:49:66:b1:68:4e:d9:5f:b7:e8:e8:82:
         c6:3d:eb:c8:b4:20:20:ad:fc:06:c2:bc:08:0f:79:53:ac:d0:
         87:8f:1f:d7:dd:60:7e:eb:16:ad:46:3d:37:ae:d8:37:f4:09:
         e8:e4:fa:d2:ef:bf:78:33:26:d8:9c:06:a0:c4:8c:2d:23:f5:
         c9:97:ac:84:9e:bb:9c:96:8f:86:89:ab:06:65:9c:ac:72:bb:
         b7:15:c0:4a:d7:15:19:b8:e8:68:80:6c:88:e0:d6:11:ef:da:
         44:a1:5e:b3:08:a2:a8:e3:1c:66:25:23:7c:dd:bd:41:3b:1b:
         a9:03:99:7c:58:3a:5a:26:2a:e6:f8:d7:f3:a5:d4:4e:7f:24:
         74:c0:90:e8:c7:99:a9:85:b6:13:13:a0:54:b0:0e:0c:11:42:
         79:d4:da:ac:3b:15:ea:e8:63:d6:07:af:be:f5:33:40:49:ab:
         58:bd:78:4c:8a:f5:30:07:eb:8d:24:79:59:44:2b:35:fa:89:
         f8:0e:a8:48:3a:60:2e:f2:9c:8a:dd:ac:db:f2:56:78:30:bb:
         71:04:98:1b:17:3f:80:53:29:b3:36:31:03:c4:12:2e:c9:06:
         9f:51:cd:76:6e:f7:0d:1f:41:c7:18:a5:9e:82:b4:b6:8d:c4:
         a1:57:65:d3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0wjIPO4btXII3z/tAwx+o/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwYmE1MGZjYTMzYjE4MGQ2ODQzNmU3ZWYwY2JmNjkwNGJh
ZjQ1ZDQwHhcNMjQwMTIyMDk0MjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2M2ZDI1M2E1YjQxYjgxZjM0OGE1YmE0OTA4ZTE2MzM5YzAyNTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAicpi8Pxf6MmFUJqENJlD8HrBQmop
wkyV6CeMIDJW1Cx5vJeisD9wa4y8oU1f0Zbf7brCx5xYNkbSuhFeyPuvQxEbIcOH
AuwT+eqd5lIALAeedKmeIv75BaMmilWsAspbab7yPgHk6aF6VFJnn5TASbCqiybv
7LBwQJn+HLsI0VNnpoybHl02jbG6y/0N1z926v1ioupGlNorVLTsOgjLMBcQlqx7
L5NCFsQXEGLyS+SJEAcCWwKwR7jNSrCwe1hmkScmW163IRl/NjxTdpr/rhG76boa
yogV6Xj/NO3cN3bRnOj+Ri7jx+E0gzIbKJGr5zM988n0xQq6oHwNqaJ4ZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKzG0lOltBuB80ilukkI4WM5wCUcMB8GA1UdIwQY
MBaAFMC6UPyjOxgNaENufvDL9pBLr0XUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0xwUV9LTTdHQTFvUTI1LThNdjJrRXV2UmRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC80MjJhNGMtODM5NC00NmI0LWFhMTgt
ZDFmYmU1YTkxZDcwLzEvck1iU1U2VzBHNEh6U0tXNlNRamhZem5BSlJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC80MjJhNGMtODM5NC00NmI0LWFhMTgtZDFmYmU1YTkxZDcw
LzEvd0xwUV9LTTdHQTFvUTI1LThNdjJrRXV2UmRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwiEcMA0G
CSqGSIb3DQEBCwUAA4IBAQCBfhARSzw0SWaxaE7ZX7fo6ILGPevItCAgrfwGwrwI
D3lTrNCHjx/X3WB+6xatRj03rtg39Ano5PrS7794MybYnAagxIwtI/XJl6yEnruc
lo+GiasGZZyscru3FcBK1xUZuOhogGyI4NYR79pEoV6zCKKo4xxmJSN83b1BOxup
A5l8WDpaJirm+NfzpdROfyR0wJDox5mphbYTE6BUsA4MEUJ51NqsOxXq6GPWB6++
9TNASatYvXhMivUwB+uNJHlZRCs1+on4DqhIOmAu8pyK3azb8lZ4MLtxBJgbFz+A
UymzNjEDxBIuyQafUc12bvcNH0HHGKWegrS2jcShV2XT
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:54 2024 by rpki-client on console-ams.rpki-client.org