Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/P_-Brv1U3oUdN_0VxcS5c8ebBvo.roa
File:                     P_-Brv1U3oUdN_0VxcS5c8ebBvo.roa (raw, json)
Hash identifier:          L71sc4TeWJ7A0l/T73xVlBaWZ1D6E+BGc92YAPtKrvc=
Subject key identifier:   3F:FF:81:AE:FD:54:DE:85:1D:37:FD:15:C5:C4:B9:73:C7:9B:06:FA
Certificate issuer:       /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial:       018BD80A16CB580673DD4494FA6EA3AFDBF2
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/P_-Brv1U3oUdN_0VxcS5c8ebBvo.roa
Signing time:             Thu 16 Nov 2023 12:10:21 +0000
ROA not before:           Thu 16 Nov 2023 12:10:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     216234
IP address blocks:        194.67.193.0/24 maxlen: 24
                          45.9.74.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:32:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:d8:0a:16:cb:58:06:73:dd:44:94:fa:6e:a3:af:db:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
        Validity
            Not Before: Nov 16 12:10:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3fff81aefd54de851d37fd15c5c4b973c79b06fa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:db:21:e0:e7:98:8c:06:f6:ba:b8:c4:2f:fa:
                    f3:eb:99:cd:22:63:e2:f0:ac:a2:3a:88:27:54:f4:
                    5f:ac:65:66:72:83:df:e5:6c:0d:6f:d2:bb:c3:64:
                    00:11:4d:95:d2:5c:a1:01:f1:0a:47:ae:b4:08:5d:
                    e0:bf:49:54:6f:73:02:ad:49:26:83:c2:fe:b7:68:
                    4e:21:22:e1:f1:20:37:36:d4:7a:79:34:e9:e2:d6:
                    c8:14:a3:8e:53:ad:c6:88:6e:6a:9c:38:79:b0:4c:
                    80:90:08:c8:ac:43:73:12:90:f6:03:20:32:29:e0:
                    5b:46:9d:2c:45:95:c9:4e:d7:1f:36:38:c3:da:2e:
                    78:52:30:9f:06:26:41:c8:43:bf:1f:b4:1b:8b:96:
                    1f:d8:25:bf:b4:78:e6:50:2f:e1:3d:99:3d:52:b5:
                    35:ca:30:80:96:8b:97:1a:31:6f:47:b9:d8:f7:70:
                    6b:d5:1b:b1:c3:12:a1:fa:e2:67:37:03:b7:bd:a7:
                    19:9b:83:89:87:fb:da:9b:61:19:5a:a1:0a:f9:d4:
                    47:23:b0:61:17:e1:7c:83:54:f4:ac:0b:0e:d4:9f:
                    bf:70:f2:ed:fa:3d:a2:9e:be:bf:b4:73:4e:ef:fb:
                    59:3d:79:f3:d5:af:16:68:75:94:90:f2:ca:25:1f:
                    ae:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:FF:81:AE:FD:54:DE:85:1D:37:FD:15:C5:C4:B9:73:C7:9B:06:FA
            X509v3 Authority Key Identifier:
                keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/P_-Brv1U3oUdN_0VxcS5c8ebBvo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.9.74.0/24
                  194.67.193.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2f:89:a8:96:ba:5b:a0:5c:a5:b3:f7:c3:dd:d6:02:56:cc:c2:
         de:e3:9b:f1:ab:84:4a:3d:24:df:c0:c4:a6:ac:d4:0e:23:01:
         32:3f:8b:4b:f3:44:a7:c3:34:cb:1d:57:3b:03:75:df:14:09:
         cf:e8:1e:8b:58:d9:eb:dc:52:8b:76:16:f0:e6:08:f7:df:91:
         b7:6e:f4:71:66:3e:61:e6:1e:1d:fd:b6:cc:f8:ef:a7:69:2f:
         38:33:c0:1a:54:21:1f:3b:33:e4:2a:37:cb:0a:1a:84:34:d0:
         07:78:ad:c4:f1:2b:2d:e6:1f:5b:34:0f:a7:e0:81:6f:94:be:
         72:b5:74:43:37:fe:fc:b8:40:4e:80:b8:dc:24:43:bb:c3:ce:
         61:e6:69:4e:c0:aa:b4:d0:eb:c8:a9:3a:01:09:62:b1:f5:6b:
         a6:68:2c:a4:40:53:ed:a0:07:0e:46:c8:7f:37:d6:a4:37:a8:
         c3:e3:15:06:7f:35:fc:c4:9f:b1:d7:76:42:4f:95:86:27:46:
         14:70:44:df:d0:dc:68:b2:1b:97:92:dd:b9:79:9e:eb:b7:04:
         46:76:73:26:f7:b5:aa:db:36:ce:e5:89:b6:8a:99:8a:f5:ab:
         d0:45:32:59:21:a0:b9:e0:87:c3:45:d7:60:33:04:ac:60:62:
         13:20:4a:bd
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYvYChbLWAZz3USU+m6jr9vyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjMxMTE2MTIxMDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmZmODFhZWZkNTRkZTg1MWQzN2ZkMTVjNWM0Yjk3M2M3OWIwNmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvdsh4OeYjAb2urjEL/rz65nNImPi
8KyiOognVPRfrGVmcoPf5WwNb9K7w2QAEU2V0lyhAfEKR660CF3gv0lUb3MCrUkm
g8L+t2hOISLh8SA3NtR6eTTp4tbIFKOOU63GiG5qnDh5sEyAkAjIrENzEpD2AyAy
KeBbRp0sRZXJTtcfNjjD2i54UjCfBiZByEO/H7Qbi5Yf2CW/tHjmUC/hPZk9UrU1
yjCAlouXGjFvR7nY93Br1RuxwxKh+uJnNwO3vacZm4OJh/vam2EZWqEK+dRHI7Bh
F+F8g1T0rAsO1J+/cPLt+j2inr6/tHNO7/tZPXnz1a8WaHWUkPLKJR+ucwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFD//ga79VN6FHTf9FcXEuXPHmwb6MB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvUF8tQnJ2MVUzb1VkTl8wVnhjUzVjOGViQnZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALQlKAwQA
wkPBMA0GCSqGSIb3DQEBCwUAA4IBAQAviaiWulugXKWz98Pd1gJWzMLe45vxq4RK
PSTfwMSmrNQOIwEyP4tL80SnwzTLHVc7A3XfFAnP6B6LWNnr3FKLdhbw5gj335G3
bvRxZj5h5h4d/bbM+O+naS84M8AaVCEfOzPkKjfLChqENNAHeK3E8Sst5h9bNA+n
4IFvlL5ytXRDN/78uEBOgLjcJEO7w85h5mlOwKq00OvIqToBCWKx9WumaCykQFPt
oAcORsh/N9akN6jD4xUGfzX8xJ+x13ZCT5WGJ0YUcETf0NxoshuXkt25eZ7rtwRG
dnMm97Wq2zbO5Ym2ipmK9avQRTJZIaC54IfDRddgMwSsYGITIEq9
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:10 2024 by rpki-client on console-ams.rpki-client.org