Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/K3nzru-m6mSrIvgX6dkJ58spJiA.roa
File:                     K3nzru-m6mSrIvgX6dkJ58spJiA.roa (raw, json)
Hash identifier:          j/RABhf08sbaBKtrqTEe33oOMlyiNut06z7pWRIVnF4=
Subject key identifier:   2B:79:F3:AE:EF:A6:EA:64:AB:22:F8:17:E9:D9:09:E7:CB:29:26:20
Certificate issuer:       /CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Certificate serial:       018BA8CAF91C21DD6AEE15688D095E24E48C
Authority key identifier: 93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/K3nzru-m6mSrIvgX6dkJ58spJiA.roa
Signing time:             Tue 07 Nov 2023 07:59:16 +0000
ROA not before:           Tue 07 Nov 2023 07:59:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     50738
IP address blocks:        193.37.197.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:29:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:a8:ca:f9:1c:21:dd:6a:ee:15:68:8d:09:5e:24:e4:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
        Validity
            Not Before: Nov  7 07:59:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2b79f3aeefa6ea64ab22f817e9d909e7cb292620
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:4b:50:10:0c:9d:80:ef:46:88:d5:85:e8:12:
                    a3:aa:df:c1:f5:6e:73:f4:3c:70:c8:ca:cc:d4:20:
                    e2:45:e2:aa:18:07:ac:ff:4c:2a:e8:0f:61:3e:e3:
                    66:fa:0b:78:d4:09:66:c3:fb:1e:68:06:87:26:e4:
                    2a:48:8c:d8:d6:b2:08:bf:f4:9f:0e:65:3a:c5:28:
                    7c:1a:48:b2:30:20:c6:4d:62:df:43:c9:6c:27:f9:
                    00:df:2f:59:ca:7d:62:b2:54:83:54:57:02:9b:c3:
                    07:17:e6:33:f5:ed:12:de:44:e3:1a:66:45:92:75:
                    fd:dc:2e:63:b9:68:75:60:08:8a:52:91:d7:c6:74:
                    df:52:93:6e:7a:b7:85:d9:09:53:9a:03:b2:d6:f8:
                    3a:f9:34:74:38:b6:0f:2a:9a:4b:0a:54:e0:f8:d0:
                    7e:dc:f5:7e:f0:f2:0e:b8:c1:64:de:65:c8:8e:a3:
                    19:89:e7:e4:9a:06:3c:29:c0:f7:48:ca:5a:5f:3f:
                    60:24:54:e8:02:ea:ca:e7:4f:e7:41:53:85:70:8a:
                    b5:3c:80:5d:42:c4:5b:8e:5a:9f:8e:3d:2e:cd:e3:
                    47:b9:f8:c2:e2:35:08:1c:eb:32:1a:c0:6a:ac:a2:
                    2a:56:65:a8:38:ce:fb:61:3f:55:57:71:00:51:49:
                    31:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:79:F3:AE:EF:A6:EA:64:AB:22:F8:17:E9:D9:09:E7:CB:29:26:20
            X509v3 Authority Key Identifier:
                keyid:93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/K3nzru-m6mSrIvgX6dkJ58spJiA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.37.197.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4d:9f:70:fa:72:15:04:44:00:9b:ac:28:4f:71:81:88:c5:08:
         48:9f:61:cb:52:c5:d1:84:4a:e2:23:76:92:37:be:c4:e1:2f:
         c4:f7:60:a6:bc:25:be:04:c4:7c:20:65:39:0a:49:f6:df:2c:
         eb:4f:0c:4b:ca:44:05:56:03:85:59:8f:fd:0a:0d:8b:65:d0:
         3b:bd:a5:f3:b0:b1:da:fc:1c:4a:92:9f:0e:66:a3:2b:70:9f:
         6a:c9:71:bb:aa:62:42:a8:37:b4:c6:eb:30:85:29:6d:3e:9c:
         83:05:92:c3:f3:93:7d:a8:87:62:0d:63:af:29:2a:0e:87:b0:
         a6:d4:f1:69:72:c8:3e:6b:ea:ef:1b:47:1c:00:ee:c2:7b:06:
         a1:96:53:4b:15:d1:3d:08:6b:51:9d:79:fd:67:89:a7:ce:9e:
         ee:67:ab:c5:2d:98:d4:44:61:7a:2e:92:1b:e9:9c:66:b9:85:
         c4:6b:8c:78:f2:bc:9a:4c:6a:bc:92:0f:55:86:26:2d:80:b6:
         bf:f7:89:34:62:48:a8:b1:b1:69:eb:92:3c:99:55:37:3b:c1:
         08:21:dc:ce:bb:16:39:3e:91:8e:61:c5:d7:d5:88:c9:34:d8:
         31:03:36:ae:53:36:4f:50:31:4a:3d:12:58:ce:6b:2b:67:ef:
         e1:aa:34:22
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYuoyvkcId1q7hVojQleJOSMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjc3ZDdjYjkyNzFjZTM2MTI1NmU5ODMzY2M3YjE0ZmQw
MjNlYmUwHhcNMjMxMTA3MDc1OTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjc5ZjNhZWVmYTZlYTY0YWIyMmY4MTdlOWQ5MDllN2NiMjkyNjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgEtQEAydgO9GiNWF6BKjqt/B9W5z
9DxwyMrM1CDiReKqGAes/0wq6A9hPuNm+gt41Almw/seaAaHJuQqSIzY1rIIv/Sf
DmU6xSh8GkiyMCDGTWLfQ8lsJ/kA3y9Zyn1islSDVFcCm8MHF+Yz9e0S3kTjGmZF
knX93C5juWh1YAiKUpHXxnTfUpNuereF2QlTmgOy1vg6+TR0OLYPKppLClTg+NB+
3PV+8PIOuMFk3mXIjqMZiefkmgY8KcD3SMpaXz9gJFToAurK50/nQVOFcIq1PIBd
QsRbjlqfjj0uzeNHufjC4jUIHOsyGsBqrKIqVmWoOM77YT9VV3EAUUkxWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCt5867vpupkqyL4F+nZCefLKSYgMB8GA1UdIwQY
MBaAFJNnfXy5JxzjYSVumDPMexT9Aj6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYt
OTlhY2I5OWNlNzU0LzEvSzNuenJ1LW02bVNySXZnWDZka0o1OHNwSmlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYtOTlhY2I5OWNlNzU0
LzEvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSXFMA0G
CSqGSIb3DQEBCwUAA4IBAQBNn3D6chUERACbrChPcYGIxQhIn2HLUsXRhEriI3aS
N77E4S/E92CmvCW+BMR8IGU5Ckn23yzrTwxLykQFVgOFWY/9Cg2LZdA7vaXzsLHa
/BxKkp8OZqMrcJ9qyXG7qmJCqDe0xuswhSltPpyDBZLD85N9qIdiDWOvKSoOh7Cm
1PFpcsg+a+rvG0ccAO7CewahllNLFdE9CGtRnXn9Z4mnzp7uZ6vFLZjURGF6LpIb
6ZxmuYXEa4x48ryaTGq8kg9VhiYtgLa/94k0YkiosbFp65I8mVU3O8EIIdzOuxY5
PpGOYcXX1YjJNNgxAzauUzZPUDFKPRJYzmsrZ+/hqjQi
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:35 2024 by rpki-client on console-fra.rpki-client.org