Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/cec2a9-3013-42b4-9483-a72c404f26fd/1/SB88JgGbvVRqDXuVpjl7yK0ZaNI.roa
File:                     SB88JgGbvVRqDXuVpjl7yK0ZaNI.roa (raw, json)
Hash identifier:          GFmkOGOWPioxr1BlW0ZRbxDaqD5gRY7N/B7snmcnaI8=
Subject key identifier:   48:1F:3C:26:01:9B:BD:54:6A:0D:7B:95:A6:39:7B:C8:AD:19:68:D2
Certificate issuer:       /CN=99dd6f08822ae0ba5054542456923faf9040f5d0
Certificate serial:       018570704DB6FF7950AEE965AB92593FDD12
Authority key identifier: 99:DD:6F:08:82:2A:E0:BA:50:54:54:24:56:92:3F:AF:90:40:F5:D0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/md1vCIIq4LpQVFQkVpI_r5BA9dA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/cec2a9-3013-42b4-9483-a72c404f26fd/1/SB88JgGbvVRqDXuVpjl7yK0ZaNI.roa
Signing time:             Mon 02 Jan 2023 03:04:45 +0000
ROA not before:           Mon 02 Jan 2023 03:04:45 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     59752
IP address blocks:        193.109.237.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:30:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:70:4d:b6:ff:79:50:ae:e9:65:ab:92:59:3f:dd:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=99dd6f08822ae0ba5054542456923faf9040f5d0
        Validity
            Not Before: Jan  2 03:04:45 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=481f3c26019bbd546a0d7b95a6397bc8ad1968d2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:a5:9f:ec:8d:d0:c9:d7:9c:ca:7d:dc:7c:95:
                    fd:95:d1:95:c1:43:10:6d:5e:27:e6:64:4b:53:e9:
                    aa:8f:f1:2f:e2:2e:79:dd:71:50:f7:a0:e3:99:f5:
                    9f:da:d3:3b:9b:92:09:ce:8f:70:16:e2:81:23:df:
                    d2:3b:6f:48:07:36:7c:dc:48:26:4d:66:f3:35:97:
                    63:92:a9:62:34:61:cc:7e:4c:ea:73:2b:52:9a:ea:
                    64:41:28:d8:87:7b:00:8c:6a:1a:36:61:27:16:d4:
                    77:da:63:ac:a5:34:7d:f8:ac:ff:84:cd:8d:2a:a6:
                    e0:64:30:ec:2d:50:7c:d9:63:fa:27:03:5d:e0:fd:
                    12:fe:98:8f:db:7e:b3:71:9e:66:be:ae:ae:8a:1c:
                    06:89:dd:f2:81:71:85:44:d8:76:c4:ef:45:41:18:
                    39:21:d1:08:fe:21:6c:1e:61:07:55:83:04:ad:c2:
                    70:e2:1e:38:82:42:85:6c:9c:8c:6d:1b:09:e1:45:
                    91:61:98:0e:b9:59:dc:d6:ac:47:a2:1d:d3:6f:87:
                    4d:25:92:78:56:83:3d:e2:cd:35:e1:34:23:1d:42:
                    23:61:95:9c:d1:7a:de:2e:89:69:10:a2:c4:8f:94:
                    b4:de:79:99:75:e4:33:9e:3c:b7:24:5a:1f:49:17:
                    a0:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:1F:3C:26:01:9B:BD:54:6A:0D:7B:95:A6:39:7B:C8:AD:19:68:D2
            X509v3 Authority Key Identifier:
                keyid:99:DD:6F:08:82:2A:E0:BA:50:54:54:24:56:92:3F:AF:90:40:F5:D0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/md1vCIIq4LpQVFQkVpI_r5BA9dA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/cec2a9-3013-42b4-9483-a72c404f26fd/1/SB88JgGbvVRqDXuVpjl7yK0ZaNI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/cec2a9-3013-42b4-9483-a72c404f26fd/1/md1vCIIq4LpQVFQkVpI_r5BA9dA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.109.237.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3b:0e:09:52:b9:cf:b1:0f:1d:21:11:15:3c:33:35:20:2e:bc:
         ce:3c:ad:fc:19:06:2d:5a:36:77:05:e5:a3:16:c9:b7:8e:38:
         ef:97:a1:68:ff:d3:13:35:4f:f7:f5:2d:7f:2e:c4:e1:ed:a6:
         bf:c0:99:cb:7d:8d:32:0f:5e:55:81:2a:e5:9a:4a:bb:9b:cd:
         cd:3d:09:49:75:21:6e:87:35:48:c8:6a:89:59:de:ab:36:c9:
         73:af:b9:f1:34:1d:fd:a9:a2:7a:77:a7:c2:7b:6d:3e:74:8a:
         d8:f7:ec:52:00:04:22:87:1c:97:c3:6c:4b:8e:a8:d7:8d:b5:
         38:b9:d5:d9:95:0e:fa:83:b9:75:f9:ff:ab:04:ea:0b:fc:dc:
         d7:4a:ab:95:86:a9:76:a5:78:a8:10:7c:ea:76:61:c4:c5:19:
         6e:0a:c1:fc:a6:0e:e7:c8:6b:f5:35:9c:ae:4f:15:5a:ae:c8:
         bc:ef:50:0f:bf:dc:1e:66:4b:f4:48:82:48:b3:12:ca:21:e9:
         da:14:bf:85:7f:52:92:ec:e1:68:0c:2f:99:16:70:72:67:d8:
         42:4e:14:a1:ef:79:aa:07:78:1c:ca:89:27:9d:ab:17:bf:e2:
         d9:0e:02:ab:5b:c7:a4:46:ad:ea:d2:f5:a4:75:0b:60:c2:a9:
         e3:82:30:86
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwcE22/3lQrullq5JZP90SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5ZGQ2ZjA4ODIyYWUwYmE1MDU0NTQyNDU2OTIzZmFmOTA0
MGY1ZDAwHhcNMjMwMTAyMDMwNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODFmM2MyNjAxOWJiZDU0NmEwZDdiOTVhNjM5N2JjOGFkMTk2OGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqaWf7I3Qydecyn3cfJX9ldGVwUMQ
bV4n5mRLU+mqj/Ev4i553XFQ96DjmfWf2tM7m5IJzo9wFuKBI9/SO29IBzZ83Egm
TWbzNZdjkqliNGHMfkzqcytSmupkQSjYh3sAjGoaNmEnFtR32mOspTR9+Kz/hM2N
KqbgZDDsLVB82WP6JwNd4P0S/piP236zcZ5mvq6uihwGid3ygXGFRNh2xO9FQRg5
IdEI/iFsHmEHVYMErcJw4h44gkKFbJyMbRsJ4UWRYZgOuVnc1qxHoh3Tb4dNJZJ4
VoM94s014TQjHUIjYZWc0XreLolpEKLEj5S03nmZdeQznjy3JFofSRegDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEgfPCYBm71Uag17laY5e8itGWjSMB8GA1UdIwQY
MBaAFJndbwiCKuC6UFRUJFaSP6+QQPXQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWQxdkNJSXE0THBRVkZRa1ZwSV9yNUJBOWRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS9jZWMyYTktMzAxMy00MmI0LTk0ODMt
YTcyYzQwNGYyNmZkLzEvU0I4OEpnR2J2VlJxRFh1VnBqbDd5SzBaYU5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS9jZWMyYTktMzAxMy00MmI0LTk0ODMtYTcyYzQwNGYyNmZk
LzEvbWQxdkNJSXE0THBRVkZRa1ZwSV9yNUJBOWRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwW3tMA0G
CSqGSIb3DQEBCwUAA4IBAQA7DglSuc+xDx0hERU8MzUgLrzOPK38GQYtWjZ3BeWj
Fsm3jjjvl6Fo/9MTNU/39S1/LsTh7aa/wJnLfY0yD15VgSrlmkq7m83NPQlJdSFu
hzVIyGqJWd6rNslzr7nxNB39qaJ6d6fCe20+dIrY9+xSAAQihxyXw2xLjqjXjbU4
udXZlQ76g7l1+f+rBOoL/NzXSquVhql2pXioEHzqdmHExRluCsH8pg7nyGv1NZyu
TxVarsi871APv9weZkv0SIJIsxLKIenaFL+Ff1KS7OFoDC+ZFnByZ9hCThSh73mq
B3gcyoknnasXv+LZDgKrW8ekRq3q0vWkdQtgwqnjgjCG
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:13 2024 by rpki-client on console-ams.rpki-client.org