Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/95300a-7d16-4d0a-868c-38383f82bcf9/1/q_hWWejmO4gNx4hQgF8rvzyo7eg.roa
File:                     q_hWWejmO4gNx4hQgF8rvzyo7eg.roa (raw, json)
Hash identifier:          WCxtWkLAORWM0M+PleMFy8c7B/U5t9wuoxIjwNNcXls=
Subject key identifier:   AB:F8:56:59:E8:E6:3B:88:0D:C7:88:50:80:5F:2B:BF:3C:A8:ED:E8
Certificate issuer:       /CN=8f6b25b17c4d04e0b0492340e7ac24cc84d2a347
Certificate serial:       0185720317232AE6375F13AFE775BB12C321
Authority key identifier: 8F:6B:25:B1:7C:4D:04:E0:B0:49:23:40:E7:AC:24:CC:84:D2:A3:47
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/j2slsXxNBOCwSSNA56wkzITSo0c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ce/95300a-7d16-4d0a-868c-38383f82bcf9/1/q_hWWejmO4gNx4hQgF8rvzyo7eg.roa
Signing time:             Mon 02 Jan 2023 10:24:43 +0000
ROA not before:           Mon 02 Jan 2023 10:24:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     15404
IP address blocks:        193.33.245.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:30:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:03:17:23:2a:e6:37:5f:13:af:e7:75:bb:12:c3:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8f6b25b17c4d04e0b0492340e7ac24cc84d2a347
        Validity
            Not Before: Jan  2 10:24:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=abf85659e8e63b880dc78850805f2bbf3ca8ede8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:cb:ca:ed:a0:2b:19:7f:d2:d2:0c:84:c7:76:
                    89:27:22:cd:37:35:1c:44:a2:ff:fa:76:27:8d:85:
                    ce:16:ae:f7:26:fb:b8:de:c7:bd:33:72:8a:68:b2:
                    e4:9f:74:6f:24:f2:f5:e6:8a:44:57:f3:72:02:ea:
                    71:7b:7a:1e:93:32:fa:38:7d:69:a1:41:5e:b1:c6:
                    e0:f4:1a:3a:c2:0e:1b:c0:35:84:47:32:54:25:93:
                    62:40:8a:72:64:c3:1d:c3:d5:44:ca:59:e5:59:5d:
                    7e:61:1d:01:d0:3c:2b:36:3e:b6:bd:21:6c:33:e2:
                    b0:50:52:5c:11:88:ca:a5:1b:5a:a9:c2:5d:57:89:
                    25:f1:41:78:3c:71:88:5c:1a:94:3e:21:36:fe:b2:
                    30:91:cd:aa:44:0e:04:fc:10:73:7c:5e:8a:5f:aa:
                    b3:45:93:11:1f:d4:a4:38:38:cc:06:3a:0f:94:fd:
                    09:bb:57:f7:91:ad:f9:5b:c1:c0:0e:a3:31:aa:ce:
                    0e:12:3c:bc:7c:60:45:cd:70:1b:df:40:06:1b:31:
                    62:9a:2a:23:02:a8:ce:75:80:13:58:20:d7:67:5e:
                    72:d0:70:22:f0:7a:a9:5a:2a:94:49:b2:7e:d4:33:
                    48:8c:47:cd:4a:1d:64:e1:f9:fb:2b:65:81:57:9b:
                    62:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:F8:56:59:E8:E6:3B:88:0D:C7:88:50:80:5F:2B:BF:3C:A8:ED:E8
            X509v3 Authority Key Identifier:
                keyid:8F:6B:25:B1:7C:4D:04:E0:B0:49:23:40:E7:AC:24:CC:84:D2:A3:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j2slsXxNBOCwSSNA56wkzITSo0c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/95300a-7d16-4d0a-868c-38383f82bcf9/1/q_hWWejmO4gNx4hQgF8rvzyo7eg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/95300a-7d16-4d0a-868c-38383f82bcf9/1/j2slsXxNBOCwSSNA56wkzITSo0c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.33.245.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4f:a8:95:01:4f:b0:1d:47:df:ef:66:b9:cb:11:e4:db:cc:99:
         a2:34:b3:45:f4:dd:a7:7e:1c:37:2e:62:d4:61:b1:12:84:35:
         5a:c5:a1:27:d7:60:1c:cb:af:4c:e2:f7:71:de:4e:38:ac:17:
         36:7a:ff:fd:11:ae:9e:2a:d7:2f:e4:79:b1:90:87:b0:a7:58:
         89:69:15:d8:df:fc:97:91:2b:66:6b:31:9d:b8:1a:7b:6b:5e:
         34:3a:0b:f8:42:6a:a6:70:68:c6:19:25:f8:90:64:dd:56:f6:
         38:4f:0e:48:a2:c8:48:73:f3:37:87:aa:81:50:2e:de:7a:76:
         50:8f:51:b4:ca:93:37:91:2f:40:32:d2:ee:d0:80:0c:25:e7:
         4c:d5:46:79:a8:66:00:6d:62:47:b3:c3:a2:0c:2d:62:90:1d:
         19:a1:88:99:16:52:d0:bf:5a:3a:65:4e:e6:4c:e5:d7:77:ff:
         8b:a5:9f:ca:3f:96:4d:5b:10:ab:07:82:94:e9:03:47:6b:4f:
         0c:d8:c2:3a:87:da:f4:ab:6c:08:77:e7:d1:23:bf:63:3b:2d:
         87:4a:a8:80:db:89:3e:71:96:40:fb:84:34:17:48:82:93:6b:
         ab:6b:7e:99:a0:8a:d3:67:64:80:8f:95:c8:2a:28:ce:18:a8:
         93:fd:17:7c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyAxcjKuY3XxOv53W7EsMhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmNmIyNWIxN2M0ZDA0ZTBiMDQ5MjM0MGU3YWMyNGNjODRk
MmEzNDcwHhcNMjMwMTAyMTAyNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmY4NTY1OWU4ZTYzYjg4MGRjNzg4NTA4MDVmMmJiZjNjYThlZGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtcvK7aArGX/S0gyEx3aJJyLNNzUc
RKL/+nYnjYXOFq73Jvu43se9M3KKaLLkn3RvJPL15opEV/NyAupxe3oekzL6OH1p
oUFescbg9Bo6wg4bwDWERzJUJZNiQIpyZMMdw9VEylnlWV1+YR0B0DwrNj62vSFs
M+KwUFJcEYjKpRtaqcJdV4kl8UF4PHGIXBqUPiE2/rIwkc2qRA4E/BBzfF6KX6qz
RZMRH9SkODjMBjoPlP0Ju1f3ka35W8HADqMxqs4OEjy8fGBFzXAb30AGGzFimioj
AqjOdYATWCDXZ15y0HAi8HqpWiqUSbJ+1DNIjEfNSh1k4fn7K2WBV5tiuwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKv4Vlno5juIDceIUIBfK788qO3oMB8GA1UdIwQY
MBaAFI9rJbF8TQTgsEkjQOesJMyE0qNHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajJzbHNYeE5CT0N3U1NOQTU2d2t6SVRTbzBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS85NTMwMGEtN2QxNi00ZDBhLTg2OGMt
MzgzODNmODJiY2Y5LzEvcV9oV1dlam1PNGdOeDRoUWdGOHJ2enlvN2VnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS85NTMwMGEtN2QxNi00ZDBhLTg2OGMtMzgzODNmODJiY2Y5
LzEvajJzbHNYeE5CT0N3U1NOQTU2d2t6SVRTbzBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSH1MA0G
CSqGSIb3DQEBCwUAA4IBAQBPqJUBT7AdR9/vZrnLEeTbzJmiNLNF9N2nfhw3LmLU
YbEShDVaxaEn12Acy69M4vdx3k44rBc2ev/9Ea6eKtcv5HmxkIewp1iJaRXY3/yX
kStmazGduBp7a140Ogv4QmqmcGjGGSX4kGTdVvY4Tw5IoshIc/M3h6qBUC7eenZQ
j1G0ypM3kS9AMtLu0IAMJedM1UZ5qGYAbWJHs8OiDC1ikB0ZoYiZFlLQv1o6ZU7m
TOXXd/+LpZ/KP5ZNWxCrB4KU6QNHa08M2MI6h9r0q2wId+fRI79jOy2HSqiA24k+
cZZA+4Q0F0iCk2ura36ZoIrTZ2SAj5XIKijOGKiT/Rd8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:00 2024 by rpki-client on console-ams.rpki-client.org