Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/szPOR2XD6EXZHLu11jAtbDbxTL8.roa
File:                     szPOR2XD6EXZHLu11jAtbDbxTL8.roa (raw, json)
Hash identifier:          EDKpVioNudwI0IVPB21k+02cKlKZ4nEXtlOMPzAYfgs=
Subject key identifier:   B3:33:CE:47:65:C3:E8:45:D9:1C:BB:B5:D6:30:2D:6C:36:F1:4C:BF
Certificate issuer:       /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial:       018BB57491C0918460F04D519D0CD4ED04C0
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/szPOR2XD6EXZHLu11jAtbDbxTL8.roa
Signing time:             Thu 09 Nov 2023 18:59:57 +0000
ROA not before:           Thu 09 Nov 2023 18:59:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     21030
IP address blocks:        194.67.192.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:32:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:b5:74:91:c0:91:84:60:f0:4d:51:9d:0c:d4:ed:04:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
        Validity
            Not Before: Nov  9 18:59:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b333ce4765c3e845d91cbbb5d6302d6c36f14cbf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:30:44:2f:0e:ce:d6:fe:de:ac:a4:98:bf:a1:
                    19:89:c0:ea:de:16:cf:8f:27:42:c2:cb:96:52:b4:
                    6e:df:60:f1:31:b4:da:4a:bb:d5:a0:f2:0f:8c:af:
                    f2:4f:b1:fb:b5:e7:db:27:37:ab:5e:f2:10:91:ea:
                    d4:53:b2:96:d8:a6:45:7d:ce:01:06:92:34:2d:29:
                    a0:1b:e7:04:3b:cd:b8:bb:b0:6c:81:09:1a:25:aa:
                    ca:bb:17:ca:b0:4c:6f:23:e3:04:e0:34:c8:c5:de:
                    c7:6c:28:6f:9a:70:dc:fb:a0:1e:a7:43:0c:5f:06:
                    05:5e:68:d9:eb:40:e7:5f:66:84:c5:ca:5d:02:26:
                    37:ef:09:38:ab:49:1c:19:c6:52:c2:b3:7a:b1:1c:
                    eb:32:70:2f:8b:09:6e:b7:3b:10:fc:c1:ab:51:49:
                    6c:90:1c:5a:49:3e:29:63:bc:3e:a0:3b:a7:e2:aa:
                    22:a0:0f:63:6a:f6:e4:24:f7:ea:fc:db:3c:32:e6:
                    8e:f1:0d:4a:9e:99:bd:e5:c4:d3:b7:4c:73:1b:f3:
                    b2:08:14:e8:3b:fb:a2:11:fb:22:00:3b:f0:17:bf:
                    c8:d5:e6:7f:a6:c1:e0:cc:8c:f9:39:2d:22:21:1f:
                    d8:3f:1b:6a:f8:af:17:cb:2c:9f:04:2b:14:0e:96:
                    44:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:33:CE:47:65:C3:E8:45:D9:1C:BB:B5:D6:30:2D:6C:36:F1:4C:BF
            X509v3 Authority Key Identifier:
                keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/szPOR2XD6EXZHLu11jAtbDbxTL8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.67.192.0/24

    Signature Algorithm: sha256WithRSAEncryption
         60:14:35:9d:36:c9:30:3b:1c:4c:26:51:b0:a0:26:93:1e:ac:
         3f:84:67:4e:21:1e:8b:dc:ec:fc:16:57:c0:1b:ea:9d:f3:3c:
         8c:c8:f2:b1:39:5a:b4:07:a4:af:c6:0c:a2:71:37:69:4c:2e:
         a8:67:f7:a0:41:ae:10:e6:43:a2:14:c4:58:23:e7:4c:34:c9:
         4e:8a:05:de:c0:b4:9c:da:53:ca:dc:97:8a:96:f5:bd:e3:71:
         9d:a7:b9:c3:50:24:9d:e8:35:14:17:bd:ea:14:51:ca:e9:c0:
         8c:92:f4:ec:f5:67:a9:d3:65:ab:93:99:76:8a:d4:93:94:df:
         99:80:2a:f3:05:95:87:fc:c3:ec:6d:39:bf:8a:1b:c5:b1:29:
         8b:42:b2:ba:8e:fd:a9:7b:79:c2:2d:43:6d:5c:39:db:4f:3a:
         d8:3f:9a:71:2e:56:09:4f:07:45:8e:d5:84:aa:11:d0:b7:34:
         1a:65:15:e0:dd:5d:bf:23:7d:fd:e8:f7:84:46:95:f8:0a:04:
         c4:05:47:f9:ad:b9:1b:65:97:41:0b:d8:cb:6b:85:2a:7f:b3:
         77:26:e0:91:c9:4f:0b:1d:5f:25:6b:35:70:47:21:7f:71:33:
         66:09:f0:16:63:4e:bf:b3:6d:1c:df:1c:4b:78:3a:b9:c3:a7:
         c6:a5:d4:6c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYu1dJHAkYRg8E1RnQzU7QTAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjMxMTA5MTg1OTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzMzY2U0NzY1YzNlODQ1ZDkxY2JiYjVkNjMwMmQ2YzM2ZjE0Y2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlDBELw7O1v7erKSYv6EZicDq3hbP
jydCwsuWUrRu32DxMbTaSrvVoPIPjK/yT7H7tefbJzerXvIQkerUU7KW2KZFfc4B
BpI0LSmgG+cEO824u7BsgQkaJarKuxfKsExvI+ME4DTIxd7HbChvmnDc+6Aep0MM
XwYFXmjZ60DnX2aExcpdAiY37wk4q0kcGcZSwrN6sRzrMnAviwlutzsQ/MGrUUls
kBxaST4pY7w+oDun4qoioA9javbkJPfq/Ns8MuaO8Q1Knpm95cTTt0xzG/OyCBTo
O/uiEfsiADvwF7/I1eZ/psHgzIz5OS0iIR/YPxtq+K8XyyyfBCsUDpZE0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLMzzkdlw+hF2Ry7tdYwLWw28Uy/MB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvc3pQT1IyWEQ2RVhaSEx1MTFqQXRiRGJ4VEw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwkPAMA0G
CSqGSIb3DQEBCwUAA4IBAQBgFDWdNskwOxxMJlGwoCaTHqw/hGdOIR6L3Oz8FlfA
G+qd8zyMyPKxOVq0B6SvxgyicTdpTC6oZ/egQa4Q5kOiFMRYI+dMNMlOigXewLSc
2lPK3JeKlvW943Gdp7nDUCSd6DUUF73qFFHK6cCMkvTs9Wep02Wrk5l2itSTlN+Z
gCrzBZWH/MPsbTm/ihvFsSmLQrK6jv2pe3nCLUNtXDnbTzrYP5pxLlYJTwdFjtWE
qhHQtzQaZRXg3V2/I3396PeERpX4CgTEBUf5rbkbZZdBC9jLa4Uqf7N3JuCRyU8L
HV8lazVwRyF/cTNmCfAWY06/s20c3xxLeDq5w6fGpdRs
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:11 2024 by rpki-client on console-ams.rpki-client.org