Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/3eecf8-eb04-41ce-a9f6-3a91a613a407/1/JXy7ZrClL3CBI39kwza8VcR68jc.roa
File:                     JXy7ZrClL3CBI39kwza8VcR68jc.roa (raw, json)
Hash identifier:          8gP/sFNJMHq2Ijdcg9IExN+op3dukqIi8sfci+GvxQc=
Subject key identifier:   25:7C:BB:66:B0:A5:2F:70:81:23:7F:64:C3:36:BC:55:C4:7A:F2:37
Certificate issuer:       /CN=004718e7a263ebe45e7706739241ec6d6ae58e74
Certificate serial:       018CC870F5F8E45B7CFF0319A9014B8E2DE8
Authority key identifier: 00:47:18:E7:A2:63:EB:E4:5E:77:06:73:92:41:EC:6D:6A:E5:8E:74
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AEcY56Jj6-RedwZzkkHsbWrljnQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/3eecf8-eb04-41ce-a9f6-3a91a613a407/1/JXy7ZrClL3CBI39kwza8VcR68jc.roa
Signing time:             Tue 02 Jan 2024 04:31:35 +0000
ROA not before:           Tue 02 Jan 2024 04:31:35 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     196860
IP address blocks:        193.107.200.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Sun 07 Jan 2024 06:28:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:70:f5:f8:e4:5b:7c:ff:03:19:a9:01:4b:8e:2d:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=004718e7a263ebe45e7706739241ec6d6ae58e74
        Validity
            Not Before: Jan  2 04:31:35 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=257cbb66b0a52f7081237f64c336bc55c47af237
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:07:ed:8b:7d:f5:e6:0e:dd:d8:30:1b:66:d6:
                    33:8e:c1:c9:06:25:ff:8e:bd:e6:de:e0:c0:e9:be:
                    23:7c:bc:e1:4f:30:73:e9:12:64:81:79:d1:72:89:
                    a2:75:40:98:42:31:8a:b4:f8:17:09:b2:49:a5:1b:
                    2c:30:f6:c1:79:89:13:41:5c:2a:02:4d:eb:55:a1:
                    12:43:37:ea:93:02:fd:f6:e9:ad:82:b6:63:e4:5a:
                    33:3f:72:aa:ec:42:c0:d8:60:40:7b:66:26:e9:ee:
                    83:5b:3c:c3:33:ab:ee:20:fd:35:10:f0:7f:b0:0e:
                    7f:82:c9:58:33:c2:e5:df:e7:25:1f:74:a1:87:32:
                    a8:98:9b:9c:73:af:c2:79:c2:6c:4e:fa:de:88:9b:
                    a9:ef:e9:e4:8c:ae:5e:b5:a3:a8:29:c6:60:c9:86:
                    6a:50:89:88:bf:6d:b8:13:53:a0:02:d4:64:63:47:
                    40:2a:23:82:90:d2:b0:f3:98:03:6d:0f:60:e9:33:
                    18:85:e6:6d:3a:4a:05:f2:56:90:ec:d5:01:1e:4f:
                    fc:4d:4e:0b:e3:d2:40:c8:86:bb:b5:23:79:82:e1:
                    08:ea:3d:cd:0a:79:ac:03:e8:fa:e8:c7:b0:59:e9:
                    58:7c:e6:6d:9c:48:66:ce:a8:09:5a:86:88:50:d5:
                    58:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:7C:BB:66:B0:A5:2F:70:81:23:7F:64:C3:36:BC:55:C4:7A:F2:37
            X509v3 Authority Key Identifier:
                keyid:00:47:18:E7:A2:63:EB:E4:5E:77:06:73:92:41:EC:6D:6A:E5:8E:74

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AEcY56Jj6-RedwZzkkHsbWrljnQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/3eecf8-eb04-41ce-a9f6-3a91a613a407/1/JXy7ZrClL3CBI39kwza8VcR68jc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/3eecf8-eb04-41ce-a9f6-3a91a613a407/1/AEcY56Jj6-RedwZzkkHsbWrljnQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.107.200.0/22

    Signature Algorithm: sha256WithRSAEncryption
         09:63:c6:60:67:bf:bc:34:99:7e:db:40:cd:11:92:59:14:70:
         ac:7f:09:b8:d3:36:53:81:f7:fb:2c:ed:42:3f:df:68:ff:47:
         96:73:66:3e:12:1d:96:c4:a2:2c:88:84:31:00:7b:84:7c:a1:
         2c:03:8c:bf:7a:ae:fb:58:49:6d:b1:57:cd:b0:31:6a:7d:1a:
         a1:ea:0a:f8:fd:8a:c1:86:dc:2e:53:df:9f:83:e1:74:0c:7d:
         ab:31:53:ce:49:e8:b5:1e:cc:81:e0:ec:cf:82:79:11:c7:c1:
         da:8a:e6:94:c1:24:88:24:4c:02:77:2e:8b:96:db:b8:d5:94:
         d3:44:eb:7c:d9:5b:69:ce:b1:bd:a6:52:08:5c:fa:01:67:04:
         6b:0b:39:cb:58:ff:11:f1:71:8c:3e:1b:34:3a:22:e7:c1:0a:
         4c:91:00:c5:e2:c9:ba:04:75:04:96:31:86:f0:5c:94:4d:28:
         18:73:3e:70:91:28:ad:de:99:f0:aa:53:79:c1:29:16:f6:e9:
         bf:58:00:21:d6:25:bd:52:53:7a:37:27:79:71:d1:5d:77:13:
         7b:84:89:aa:5b:a3:61:64:9c:42:a6:ad:36:b3:c1:af:84:da:
         79:d7:05:c7:4a:8f:f5:c2:9d:62:57:4a:1f:32:4f:68:b8:7f:
         f2:64:bf:7e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIcPX45Ft8/wMZqQFLji3oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNDcxOGU3YTI2M2ViZTQ1ZTc3MDY3MzkyNDFlYzZkNmFl
NThlNzQwHhcNMjQwMTAyMDQzMTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTdjYmI2NmIwYTUyZjcwODEyMzdmNjRjMzM2YmM1NWM0N2FmMjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAngfti3315g7d2DAbZtYzjsHJBiX/
jr3m3uDA6b4jfLzhTzBz6RJkgXnRcomidUCYQjGKtPgXCbJJpRssMPbBeYkTQVwq
Ak3rVaESQzfqkwL99umtgrZj5FozP3Kq7ELA2GBAe2Ym6e6DWzzDM6vuIP01EPB/
sA5/gslYM8Ll3+clH3ShhzKomJucc6/CecJsTvreiJup7+nkjK5etaOoKcZgyYZq
UImIv224E1OgAtRkY0dAKiOCkNKw85gDbQ9g6TMYheZtOkoF8laQ7NUBHk/8TU4L
49JAyIa7tSN5guEI6j3NCnmsA+j66MewWelYfOZtnEhmzqgJWoaIUNVYmQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCV8u2awpS9wgSN/ZMM2vFXEevI3MB8GA1UdIwQY
MBaAFABHGOeiY+vkXncGc5JB7G1q5Y50MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUVjWTU2Smo2LVJlZHdaemtrSHNiV3Jsam5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC8zZWVjZjgtZWIwNC00MWNlLWE5ZjYt
M2E5MWE2MTNhNDA3LzEvSlh5N1pyQ2xMM0NCSTM5a3d6YThWY1I2OGpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC8zZWVjZjgtZWIwNC00MWNlLWE5ZjYtM2E5MWE2MTNhNDA3
LzEvQUVjWTU2Smo2LVJlZHdaemtrSHNiV3Jsam5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwWvIMA0G
CSqGSIb3DQEBCwUAA4IBAQAJY8ZgZ7+8NJl+20DNEZJZFHCsfwm40zZTgff7LO1C
P99o/0eWc2Y+Eh2WxKIsiIQxAHuEfKEsA4y/eq77WEltsVfNsDFqfRqh6gr4/YrB
htwuU9+fg+F0DH2rMVPOSei1HsyB4OzPgnkRx8HaiuaUwSSIJEwCdy6Lltu41ZTT
ROt82VtpzrG9plIIXPoBZwRrCznLWP8R8XGMPhs0OiLnwQpMkQDF4sm6BHUEljGG
8FyUTSgYcz5wkSit3pnwqlN5wSkW9um/WAAh1iW9UlN6Nyd5cdFddxN7hImqW6Nh
ZJxCpq02s8GvhNp51wXHSo/1wp1iV0ofMk9ouH/yZL9+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:18 2024 by rpki-client on console-fra.rpki-client.org