Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/0dda42-53a5-4aba-86ae-639e14d04de6/1/0RTmf00rS7kELlE26IeFhE2R9F0.roa
File:                     0RTmf00rS7kELlE26IeFhE2R9F0.roa (raw, json)
Hash identifier:          W9N0qpy+swyuBx7QM/CJxmn6kJ/ZekVLPwQ1NYp3Iz0=
Subject key identifier:   D1:14:E6:7F:4D:2B:4B:B9:04:2E:51:36:E8:87:85:84:4D:91:F4:5D
Certificate issuer:       /CN=8267fb4a0b677b8377907b82fb1fb8810a2fef08
Certificate serial:       0187E153DF2A316775EF4D08D18D8793BC1E
Authority key identifier: 82:67:FB:4A:0B:67:7B:83:77:90:7B:82:FB:1F:B8:81:0A:2F:EF:08
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gmf7Sgtne4N3kHuC-x-4gQov7wg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cf/0dda42-53a5-4aba-86ae-639e14d04de6/1/0RTmf00rS7kELlE26IeFhE2R9F0.roa
Signing time:             Wed 03 May 2023 11:16:22 +0000
ROA not before:           Wed 03 May 2023 11:16:22 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204341
IP address blocks:        193.200.52.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 00:29:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:e1:53:df:2a:31:67:75:ef:4d:08:d1:8d:87:93:bc:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8267fb4a0b677b8377907b82fb1fb8810a2fef08
        Validity
            Not Before: May  3 11:16:22 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d114e67f4d2b4bb9042e5136e88785844d91f45d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:52:d5:b1:75:50:7e:8b:6b:3d:c2:f6:43:60:
                    41:90:2f:29:40:f0:c7:5e:8f:c4:85:4e:1f:67:a0:
                    12:cf:88:ab:86:a9:37:8f:b4:c3:68:aa:c8:75:2d:
                    83:eb:33:75:54:cf:47:64:e9:be:c2:89:56:25:28:
                    4d:47:70:09:4f:33:1d:1a:26:43:bb:98:19:36:14:
                    f1:be:b7:07:85:58:dd:ce:f3:08:00:ea:25:da:5a:
                    2b:e3:aa:2a:7d:eb:ab:5b:c0:d1:7a:f8:62:8b:f0:
                    32:29:7c:50:7a:20:40:de:d2:bb:ea:3e:bd:88:be:
                    5d:c7:7e:e7:77:d3:43:41:52:0b:af:1c:39:d3:9d:
                    25:96:c3:7b:15:29:96:39:ba:9b:dd:d5:0c:e9:26:
                    f1:36:2c:20:c1:e1:d6:0e:8b:7a:38:6f:2a:15:6a:
                    67:63:5b:b5:87:e1:39:dc:2f:be:c2:f2:02:f4:ec:
                    e1:bc:61:bb:27:54:5b:68:df:40:2a:77:20:6a:97:
                    ba:69:89:d8:53:7f:f2:2a:01:8f:86:af:e3:7e:0e:
                    a7:3b:69:03:f8:bb:9d:aa:2b:74:a1:80:f4:20:f6:
                    95:0b:19:84:38:55:05:34:9a:a5:7f:73:ae:cf:c1:
                    57:2d:fe:a3:f0:63:fa:cd:dc:98:48:22:bb:af:5f:
                    1f:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:14:E6:7F:4D:2B:4B:B9:04:2E:51:36:E8:87:85:84:4D:91:F4:5D
            X509v3 Authority Key Identifier:
                keyid:82:67:FB:4A:0B:67:7B:83:77:90:7B:82:FB:1F:B8:81:0A:2F:EF:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gmf7Sgtne4N3kHuC-x-4gQov7wg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/0dda42-53a5-4aba-86ae-639e14d04de6/1/0RTmf00rS7kELlE26IeFhE2R9F0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/0dda42-53a5-4aba-86ae-639e14d04de6/1/gmf7Sgtne4N3kHuC-x-4gQov7wg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.200.52.0/24

    Signature Algorithm: sha256WithRSAEncryption
         98:1b:45:30:6d:7d:1a:f5:22:6c:13:62:fc:1a:bb:95:f8:bc:
         c2:1e:62:82:a2:26:eb:6d:65:65:80:cd:d2:8a:bb:42:19:46:
         80:b9:16:74:aa:60:93:81:33:fb:5d:d5:30:ab:c5:6f:6a:ba:
         57:06:d5:f1:20:38:e4:27:2c:1f:1c:88:ad:90:f0:00:c6:89:
         76:66:ec:58:9e:71:c1:7a:79:47:c5:a6:3c:1c:31:c0:e3:a7:
         fb:fd:5b:43:07:4a:ea:21:2b:19:db:96:38:84:48:6b:42:8d:
         d8:8e:2c:ef:e0:c0:cc:6b:fb:38:fb:03:b0:31:8b:44:e6:36:
         d0:68:2f:59:0e:14:c1:6a:2b:fa:e0:d8:af:23:9f:6d:dd:29:
         14:6e:f4:ad:c1:1c:70:fb:f1:ba:22:63:72:c2:65:e6:78:4c:
         6f:27:c8:fc:7e:fd:8e:e6:07:97:1a:dd:d2:a7:c4:f9:a2:56:
         e1:9f:a1:6a:40:72:e4:50:22:73:ea:7c:07:30:74:b4:11:7a:
         e9:ba:66:38:40:12:b1:f8:31:01:9a:73:c7:0b:ec:31:8e:37:
         4f:d0:54:0f:5d:1f:61:52:ee:a9:e3:28:d8:3c:1e:ff:df:cb:
         72:a9:c2:d5:36:8a:57:e1:37:b8:47:d8:6e:63:43:ee:75:71:
         84:5b:9b:fc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYfhU98qMWd1700I0Y2Hk7weMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNjdmYjRhMGI2NzdiODM3NzkwN2I4MmZiMWZiODgxMGEy
ZmVmMDgwHhcNMjMwNTAzMTExNjIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTE0ZTY3ZjRkMmI0YmI5MDQyZTUxMzZlODg3ODU4NDRkOTFmNDVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxVLVsXVQfotrPcL2Q2BBkC8pQPDH
Xo/EhU4fZ6ASz4irhqk3j7TDaKrIdS2D6zN1VM9HZOm+wolWJShNR3AJTzMdGiZD
u5gZNhTxvrcHhVjdzvMIAOol2lor46oqfeurW8DRevhii/AyKXxQeiBA3tK76j69
iL5dx37nd9NDQVILrxw5050llsN7FSmWObqb3dUM6SbxNiwgweHWDot6OG8qFWpn
Y1u1h+E53C++wvIC9OzhvGG7J1RbaN9AKncgape6aYnYU3/yKgGPhq/jfg6nO2kD
+Ludqit0oYD0IPaVCxmEOFUFNJqlf3Ouz8FXLf6j8GP6zdyYSCK7r18fWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNEU5n9NK0u5BC5RNuiHhYRNkfRdMB8GA1UdIwQY
MBaAFIJn+0oLZ3uDd5B7gvsfuIEKL+8IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ21mN1NndG5lNE4za0h1Qy14LTRnUW92N3dnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi8wZGRhNDItNTNhNS00YWJhLTg2YWUt
NjM5ZTE0ZDA0ZGU2LzEvMFJUbWYwMHJTN2tFTGxFMjZJZUZoRTJSOUYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi8wZGRhNDItNTNhNS00YWJhLTg2YWUtNjM5ZTE0ZDA0ZGU2
LzEvZ21mN1NndG5lNE4za0h1Qy14LTRnUW92N3dnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwcg0MA0G
CSqGSIb3DQEBCwUAA4IBAQCYG0UwbX0a9SJsE2L8GruV+LzCHmKCoibrbWVlgM3S
irtCGUaAuRZ0qmCTgTP7XdUwq8VvarpXBtXxIDjkJywfHIitkPAAxol2ZuxYnnHB
enlHxaY8HDHA46f7/VtDB0rqISsZ25Y4hEhrQo3Yjizv4MDMa/s4+wOwMYtE5jbQ
aC9ZDhTBaiv64NivI59t3SkUbvStwRxw+/G6ImNywmXmeExvJ8j8fv2O5geXGt3S
p8T5olbhn6FqQHLkUCJz6nwHMHS0EXrpumY4QBKx+DEBmnPHC+wxjjdP0FQPXR9h
Uu6p4yjYPB7/38tyqcLVNopX4Te4R9huY0PudXGEW5v8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:04 2024 by rpki-client on console-ams.rpki-client.org