Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/051fa2-c580-4a02-a186-e69f7a5d2d90/1/nFQ2pKlkoEuWXvCSKwbCZLXliiw.roa
File:                     nFQ2pKlkoEuWXvCSKwbCZLXliiw.roa (raw, json)
Hash identifier:          RXZ4LeIi7seNitCbvOGA+HtQlc6PW61i8LXFZp6pBoc=
Subject key identifier:   9C:54:36:A4:A9:64:A0:4B:96:5E:F0:92:2B:06:C2:64:B5:E5:8A:2C
Certificate issuer:       /CN=f0ff2c6229af763a99f5349a32510df4a4526143
Certificate serial:       018572A6F6B5368BEAD87CEBBE039632E05D
Authority key identifier: F0:FF:2C:62:29:AF:76:3A:99:F5:34:9A:32:51:0D:F4:A4:52:61:43
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8P8sYimvdjqZ9TSaMlEN9KRSYUM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cc/051fa2-c580-4a02-a186-e69f7a5d2d90/1/nFQ2pKlkoEuWXvCSKwbCZLXliiw.roa
Signing time:             Mon 02 Jan 2023 13:23:42 +0000
ROA not before:           Mon 02 Jan 2023 13:23:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209111
IP address blocks:        193.92.5.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:32:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:a6:f6:b5:36:8b:ea:d8:7c:eb:be:03:96:32:e0:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f0ff2c6229af763a99f5349a32510df4a4526143
        Validity
            Not Before: Jan  2 13:23:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9c5436a4a964a04b965ef0922b06c264b5e58a2c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:e8:60:43:10:4e:a8:1e:de:1c:a1:79:12:ca:
                    0e:32:2c:b8:70:54:32:21:c6:50:e4:30:60:88:24:
                    c6:e2:ff:e7:4d:d8:69:ec:8c:17:54:5e:47:1c:96:
                    0e:52:14:60:8a:e1:95:be:6a:4c:51:e2:31:63:fb:
                    ba:f9:dd:91:de:ac:48:7c:a0:f5:db:29:8d:91:9a:
                    e6:55:15:ba:8c:79:cd:48:4b:52:ac:7c:7d:1d:5b:
                    8e:1a:f0:55:68:75:93:f1:53:f1:db:2d:06:8b:09:
                    7f:d5:d4:2c:08:1d:ab:d4:66:cf:d7:3e:03:28:f2:
                    3b:02:3c:5c:4e:e7:80:c1:f0:19:bc:55:d3:83:48:
                    7f:da:d2:67:ed:56:c7:ed:36:f9:9a:c5:ea:c6:a8:
                    49:06:b3:f9:18:bc:55:56:98:20:00:b3:4e:7a:b6:
                    ad:da:49:18:3b:d1:37:05:a5:84:ee:9f:72:54:a1:
                    59:a2:16:2c:20:b2:42:dd:6f:42:f8:02:43:a9:00:
                    87:8f:79:47:54:d9:5d:12:c0:c5:dd:fb:bf:77:ad:
                    d5:14:7b:bf:7b:84:06:10:fd:45:2d:fa:be:14:b9:
                    ac:bc:e9:47:8f:a5:01:0e:a6:f1:10:78:43:18:0d:
                    b0:a6:97:25:5a:bf:01:74:ae:88:cd:33:b5:ea:04:
                    d1:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:54:36:A4:A9:64:A0:4B:96:5E:F0:92:2B:06:C2:64:B5:E5:8A:2C
            X509v3 Authority Key Identifier:
                keyid:F0:FF:2C:62:29:AF:76:3A:99:F5:34:9A:32:51:0D:F4:A4:52:61:43

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8P8sYimvdjqZ9TSaMlEN9KRSYUM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/051fa2-c580-4a02-a186-e69f7a5d2d90/1/nFQ2pKlkoEuWXvCSKwbCZLXliiw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/051fa2-c580-4a02-a186-e69f7a5d2d90/1/8P8sYimvdjqZ9TSaMlEN9KRSYUM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.92.5.0/24

    Signature Algorithm: sha256WithRSAEncryption
         94:57:52:8d:18:4f:66:6d:b6:3f:7d:ef:30:e9:c5:7d:17:17:
         94:e6:a6:4a:2c:54:90:25:b2:71:80:5a:3e:b4:ca:29:55:59:
         a3:e9:cd:7b:0f:45:8b:d6:c1:66:34:a1:f1:fa:35:b0:18:15:
         9f:ea:98:73:89:1b:69:82:08:ef:17:f2:c1:65:db:5d:a7:9e:
         86:6c:f4:68:09:63:ea:6d:b5:09:53:eb:78:33:09:23:1f:7f:
         39:5e:9e:7d:84:83:dd:8a:d6:fb:9d:1d:04:08:f0:f3:30:fe:
         91:98:df:22:af:4a:20:76:0f:c0:84:36:70:8c:e0:4d:85:14:
         16:3c:75:36:42:f9:bd:01:34:4b:fd:31:93:55:89:5a:a9:e5:
         1e:24:c2:ab:f2:10:7e:5e:66:d8:1a:43:17:19:18:49:4e:47:
         30:6b:ac:91:78:4d:a8:88:58:a3:50:1d:42:89:96:aa:ed:19:
         95:1e:b2:8e:d3:0b:c8:25:33:c2:cd:3d:b5:91:19:71:ea:5d:
         6c:85:29:e3:63:cf:72:79:1f:05:cd:47:72:d2:31:8a:c9:01:
         17:f6:9b:60:76:8f:29:c2:36:0c:a0:b2:89:67:fd:66:75:2d:
         33:46:9b:b8:cd:d7:c4:53:9b:2f:50:14:7f:52:da:e4:97:ac:
         61:80:c9:e6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVypva1Novq2HzrvgOWMuBdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwZmYyYzYyMjlhZjc2M2E5OWY1MzQ5YTMyNTEwZGY0YTQ1
MjYxNDMwHhcNMjMwMTAyMTMyMzQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzU0MzZhNGE5NjRhMDRiOTY1ZWYwOTIyYjA2YzI2NGI1ZTU4YTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtehgQxBOqB7eHKF5EsoOMiy4cFQy
IcZQ5DBgiCTG4v/nTdhp7IwXVF5HHJYOUhRgiuGVvmpMUeIxY/u6+d2R3qxIfKD1
2ymNkZrmVRW6jHnNSEtSrHx9HVuOGvBVaHWT8VPx2y0Giwl/1dQsCB2r1GbP1z4D
KPI7AjxcTueAwfAZvFXTg0h/2tJn7VbH7Tb5msXqxqhJBrP5GLxVVpggALNOerat
2kkYO9E3BaWE7p9yVKFZohYsILJC3W9C+AJDqQCHj3lHVNldEsDF3fu/d63VFHu/
e4QGEP1FLfq+FLmsvOlHj6UBDqbxEHhDGA2wppclWr8BdK6IzTO16gTRUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJxUNqSpZKBLll7wkisGwmS15YosMB8GA1UdIwQY
MBaAFPD/LGIpr3Y6mfU0mjJRDfSkUmFDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFA4c1lpbXZkanFaOVRTYU1sRU45S1JTWVVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy8wNTFmYTItYzU4MC00YTAyLWExODYt
ZTY5ZjdhNWQyZDkwLzEvbkZRMnBLbGtvRXVXWHZDU0t3YkNaTFhsaWl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy8wNTFmYTItYzU4MC00YTAyLWExODYtZTY5ZjdhNWQyZDkw
LzEvOFA4c1lpbXZkanFaOVRTYU1sRU45S1JTWVVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwVwFMA0G
CSqGSIb3DQEBCwUAA4IBAQCUV1KNGE9mbbY/fe8w6cV9FxeU5qZKLFSQJbJxgFo+
tMopVVmj6c17D0WL1sFmNKHx+jWwGBWf6phziRtpggjvF/LBZdtdp56GbPRoCWPq
bbUJU+t4MwkjH385Xp59hIPditb7nR0ECPDzMP6RmN8ir0ogdg/AhDZwjOBNhRQW
PHU2Qvm9ATRL/TGTVYlaqeUeJMKr8hB+XmbYGkMXGRhJTkcwa6yReE2oiFijUB1C
iZaq7RmVHrKO0wvIJTPCzT21kRlx6l1shSnjY89yeR8FzUdy0jGKyQEX9ptgdo8p
wjYMoLKJZ/1mdS0zRpu4zdfEU5svUBR/Utrkl6xhgMnm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:06 2024 by rpki-client on console-fra.rpki-client.org