Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/3eecf8-eb04-41ce-a9f6-3a91a613a407/1/2rylF1tG02T23KRFsFN5ek3LLws.roa
File:                     2rylF1tG02T23KRFsFN5ek3LLws.roa (raw, json)
Hash identifier:          gu2ZTuZX0tDMI4lUhSNCkHBcDQQpl+YfB+v4n5I9svk=
Subject key identifier:   DA:BC:A5:17:5B:46:D3:64:F6:DC:A4:45:B0:53:79:7A:4D:CB:2F:0B
Certificate issuer:       /CN=004718e7a263ebe45e7706739241ec6d6ae58e74
Certificate serial:       01871760684884D82D8FC339A00D24D302F2
Authority key identifier: 00:47:18:E7:A2:63:EB:E4:5E:77:06:73:92:41:EC:6D:6A:E5:8E:74
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AEcY56Jj6-RedwZzkkHsbWrljnQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/3eecf8-eb04-41ce-a9f6-3a91a613a407/1/2rylF1tG02T23KRFsFN5ek3LLws.roa
Signing time:             Sat 25 Mar 2023 06:06:46 +0000
ROA not before:           Sat 25 Mar 2023 06:06:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     28907
IP address blocks:        193.107.203.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:31:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:17:60:68:48:84:d8:2d:8f:c3:39:a0:0d:24:d3:02:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=004718e7a263ebe45e7706739241ec6d6ae58e74
        Validity
            Not Before: Mar 25 06:06:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=dabca5175b46d364f6dca445b053797a4dcb2f0b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:89:3e:20:cc:3e:84:55:88:b2:7e:38:5e:1b:
                    8d:89:71:d0:5e:ef:d1:22:08:ae:f5:4d:2d:23:d4:
                    68:27:bb:65:71:2c:fd:2d:a0:91:f2:63:5c:4c:1a:
                    02:6e:5e:98:97:bf:0a:48:e1:e5:21:32:fc:23:ee:
                    a7:01:b0:d0:b4:4b:ed:67:7b:ed:9d:9c:c9:c2:6b:
                    24:c6:ec:46:46:44:85:ce:20:dc:a1:c6:88:c6:f4:
                    d2:b7:d5:89:06:f1:47:8b:8e:80:3f:fc:59:5b:d7:
                    e0:91:8b:50:4c:63:72:38:a5:71:2f:b0:45:08:da:
                    47:c8:70:47:9f:23:06:fc:b2:42:51:07:ba:4f:bb:
                    2f:62:1f:fc:b3:3c:d5:78:2e:f4:2e:2d:ab:d6:01:
                    88:16:cc:8e:c3:eb:ce:36:18:90:5b:b1:da:c2:86:
                    cc:a7:1c:98:43:a1:09:54:21:81:d6:8d:81:de:7e:
                    7c:90:8a:a7:2c:e2:b9:4b:77:2d:60:b0:f9:9d:69:
                    62:eb:20:4f:29:0d:ca:50:f5:76:49:fa:ca:c2:23:
                    4f:d2:f7:bb:1f:ad:9c:b7:7f:ab:e1:38:48:cd:64:
                    75:60:33:cd:d2:5b:e7:53:3d:b7:51:34:89:06:4e:
                    f7:a0:90:2a:2a:42:e2:a0:3d:c8:6f:4d:e6:b0:77:
                    20:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:BC:A5:17:5B:46:D3:64:F6:DC:A4:45:B0:53:79:7A:4D:CB:2F:0B
            X509v3 Authority Key Identifier:
                keyid:00:47:18:E7:A2:63:EB:E4:5E:77:06:73:92:41:EC:6D:6A:E5:8E:74

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AEcY56Jj6-RedwZzkkHsbWrljnQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/3eecf8-eb04-41ce-a9f6-3a91a613a407/1/2rylF1tG02T23KRFsFN5ek3LLws.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/3eecf8-eb04-41ce-a9f6-3a91a613a407/1/AEcY56Jj6-RedwZzkkHsbWrljnQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.107.203.0/24

    Signature Algorithm: sha256WithRSAEncryption
         63:06:4f:08:cd:45:14:45:48:be:aa:c6:0c:a0:bd:d9:86:f9:
         f8:ab:ad:04:c9:27:aa:72:d5:55:ba:5e:2f:2b:f3:ab:ac:7a:
         7a:75:ec:b6:8b:0a:6b:06:e7:e7:e2:6c:10:e9:ab:ad:04:8b:
         5d:21:80:08:2f:d5:71:21:8f:c1:2e:bf:9f:a7:3b:6c:c6:b6:
         61:ee:a1:51:56:dd:b0:97:77:36:c5:52:90:96:82:fe:46:00:
         3e:12:b3:64:76:a9:a1:c5:80:f2:e6:74:d5:4b:c4:6d:76:4a:
         8c:2f:4b:14:43:a0:a9:01:1e:8b:a9:aa:54:84:48:af:7a:ad:
         8e:b8:8a:2c:cb:9f:c9:4b:1c:ad:0c:34:1e:eb:62:7e:c0:4d:
         45:e1:82:d7:d5:ea:b9:a2:24:92:ef:57:1d:38:a5:25:5b:a5:
         7f:0c:7f:b9:f8:a1:44:9e:96:6c:89:8f:a0:1a:e2:44:12:19:
         32:54:59:ed:5e:a1:a2:2a:e7:89:4e:5d:c4:bc:3f:d4:58:b0:
         4c:e6:50:1f:94:be:9d:70:43:19:a6:0d:c2:44:b2:3b:22:c5:
         09:12:04:16:89:17:06:fd:36:b6:8d:da:6e:db:18:42:20:ae:
         59:77:e5:10:fa:83:b0:2d:30:13:a8:78:c6:33:29:5c:1c:c8:
         0f:14:b3:f3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYcXYGhIhNgtj8M5oA0k0wLyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNDcxOGU3YTI2M2ViZTQ1ZTc3MDY3MzkyNDFlYzZkNmFl
NThlNzQwHhcNMjMwMzI1MDYwNjQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWJjYTUxNzViNDZkMzY0ZjZkY2E0NDViMDUzNzk3YTRkY2IyZjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiYk+IMw+hFWIsn44XhuNiXHQXu/R
Igiu9U0tI9RoJ7tlcSz9LaCR8mNcTBoCbl6Yl78KSOHlITL8I+6nAbDQtEvtZ3vt
nZzJwmskxuxGRkSFziDcocaIxvTSt9WJBvFHi46AP/xZW9fgkYtQTGNyOKVxL7BF
CNpHyHBHnyMG/LJCUQe6T7svYh/8szzVeC70Li2r1gGIFsyOw+vONhiQW7HawobM
pxyYQ6EJVCGB1o2B3n58kIqnLOK5S3ctYLD5nWli6yBPKQ3KUPV2SfrKwiNP0ve7
H62ct3+r4ThIzWR1YDPN0lvnUz23UTSJBk73oJAqKkLioD3Ib03msHcg9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNq8pRdbRtNk9tykRbBTeXpNyy8LMB8GA1UdIwQY
MBaAFABHGOeiY+vkXncGc5JB7G1q5Y50MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUVjWTU2Smo2LVJlZHdaemtrSHNiV3Jsam5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC8zZWVjZjgtZWIwNC00MWNlLWE5ZjYt
M2E5MWE2MTNhNDA3LzEvMnJ5bEYxdEcwMlQyM0tSRnNGTjVlazNMTHdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC8zZWVjZjgtZWIwNC00MWNlLWE5ZjYtM2E5MWE2MTNhNDA3
LzEvQUVjWTU2Smo2LVJlZHdaemtrSHNiV3Jsam5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwWvLMA0G
CSqGSIb3DQEBCwUAA4IBAQBjBk8IzUUURUi+qsYMoL3Zhvn4q60EySeqctVVul4v
K/OrrHp6dey2iwprBufn4mwQ6autBItdIYAIL9VxIY/BLr+fpztsxrZh7qFRVt2w
l3c2xVKQloL+RgA+ErNkdqmhxYDy5nTVS8RtdkqML0sUQ6CpAR6LqapUhEiveq2O
uIosy5/JSxytDDQe62J+wE1F4YLX1eq5oiSS71cdOKUlW6V/DH+5+KFEnpZsiY+g
GuJEEhkyVFntXqGiKueJTl3EvD/UWLBM5lAflL6dcEMZpg3CRLI7IsUJEgQWiRcG
/Ta2jdpu2xhCIK5Zd+UQ+oOwLTATqHjGMylcHMgPFLPz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:18 2024 by rpki-client on console-fra.rpki-client.org