Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/3eecf8-eb04-41ce-a9f6-3a91a613a407/1/WbvueuNQLv_bmxtFW-5Te2me7Yw.roa
File:                     WbvueuNQLv_bmxtFW-5Te2me7Yw.roa (raw, json)
Hash identifier:          81lSatntBhUCt+9xykeb4m9FqoC9Fijchj5jLfKYA6E=
Subject key identifier:   59:BB:EE:7A:E3:50:2E:FF:DB:9B:1B:45:5B:EE:53:7B:69:9E:ED:8C
Certificate issuer:       /CN=004718e7a263ebe45e7706739241ec6d6ae58e74
Certificate serial:       018CC870F578240B7F45ACB06E7C5AE1F832
Authority key identifier: 00:47:18:E7:A2:63:EB:E4:5E:77:06:73:92:41:EC:6D:6A:E5:8E:74
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AEcY56Jj6-RedwZzkkHsbWrljnQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/3eecf8-eb04-41ce-a9f6-3a91a613a407/1/WbvueuNQLv_bmxtFW-5Te2me7Yw.roa
Signing time:             Tue 02 Jan 2024 04:31:35 +0000
ROA not before:           Tue 02 Jan 2024 04:31:35 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     28907
IP address blocks:        193.107.203.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 22 Jan 2024 06:50:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:70:f5:78:24:0b:7f:45:ac:b0:6e:7c:5a:e1:f8:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=004718e7a263ebe45e7706739241ec6d6ae58e74
        Validity
            Not Before: Jan  2 04:31:35 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=59bbee7ae3502effdb9b1b455bee537b699eed8c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:b7:bf:7e:27:43:88:b4:89:8e:2d:49:cc:80:
                    db:4d:19:a4:78:02:ec:c8:42:d0:1b:25:14:72:a0:
                    01:02:db:f4:15:52:32:4a:55:1d:af:88:90:fb:60:
                    38:51:23:fa:d1:e4:55:4f:23:22:e7:17:24:cf:9b:
                    a2:1e:16:e0:d3:f3:28:ae:4d:4d:e5:37:5c:48:8b:
                    c4:63:ca:73:8a:88:d7:06:4d:5f:01:14:a2:74:70:
                    f9:23:1f:7a:74:00:e8:21:0a:7c:15:58:75:89:8d:
                    d9:f3:d6:7a:03:0d:e2:13:29:35:21:53:5f:40:9c:
                    69:f0:c6:a5:36:dd:7a:cf:bf:61:29:be:99:23:77:
                    95:7e:8b:bf:a3:2f:be:5a:82:b7:5d:3a:2a:a6:40:
                    c1:ed:99:32:7c:44:ba:59:8a:a5:82:d0:dd:b4:67:
                    24:bc:b3:ac:83:97:7c:b3:63:3a:8a:d0:19:bc:40:
                    3c:ec:59:bf:4e:bd:a8:db:ca:85:df:d1:45:09:05:
                    a8:b1:5d:b1:54:a4:31:db:2c:b4:b8:2d:85:6e:00:
                    fe:1f:7c:8d:26:ba:64:3b:9d:78:28:a0:72:11:11:
                    b3:8a:28:c0:cf:4b:0a:c4:c3:27:09:04:37:70:f5:
                    e8:78:7d:ed:ee:0b:63:8a:db:c7:fb:4e:ef:27:0f:
                    84:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:BB:EE:7A:E3:50:2E:FF:DB:9B:1B:45:5B:EE:53:7B:69:9E:ED:8C
            X509v3 Authority Key Identifier:
                keyid:00:47:18:E7:A2:63:EB:E4:5E:77:06:73:92:41:EC:6D:6A:E5:8E:74

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AEcY56Jj6-RedwZzkkHsbWrljnQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/3eecf8-eb04-41ce-a9f6-3a91a613a407/1/WbvueuNQLv_bmxtFW-5Te2me7Yw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/3eecf8-eb04-41ce-a9f6-3a91a613a407/1/AEcY56Jj6-RedwZzkkHsbWrljnQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.107.203.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9c:b5:76:61:c5:68:3e:df:16:4e:50:0c:ab:b1:0c:01:3f:f6:
         e9:f2:a2:bd:4e:3f:45:a7:90:78:d5:4e:b8:58:e1:24:7f:16:
         d5:61:73:c4:58:ba:d8:a7:47:e1:db:2c:20:a2:2f:e3:e8:6a:
         0f:dd:c7:2e:61:e7:4a:ce:19:7b:79:de:cd:00:cb:f3:75:67:
         69:9b:1b:e9:03:49:70:7a:a8:3a:75:75:5c:16:78:22:46:d3:
         0d:15:67:f4:f4:d4:a6:04:70:2f:78:28:69:1f:d0:73:e8:e6:
         c8:57:bf:75:68:2a:1e:d2:f8:0b:ae:f5:34:b6:78:42:1f:5b:
         c1:46:eb:d0:08:5c:3f:75:eb:d7:4e:83:d6:e9:81:d0:86:2b:
         fb:4e:ab:29:30:15:d2:21:4a:1c:b2:56:0d:3b:77:68:67:a8:
         07:43:0e:aa:54:38:57:91:72:32:b9:7a:b2:0d:76:28:06:8d:
         2f:a5:87:b5:e9:08:4a:06:84:e2:d7:ec:b6:8b:16:23:73:5b:
         64:9d:b9:29:9f:1f:7d:31:0b:6f:6a:24:bf:42:1e:b5:1f:6b:
         2c:de:c1:5b:e3:9f:08:4a:7f:44:91:92:d2:2d:74:ff:68:99:
         3d:f4:6e:77:45:ea:91:6e:dc:07:5e:a7:e8:dc:cc:1c:cf:98:
         30:43:36:33
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIcPV4JAt/Raywbnxa4fgyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNDcxOGU3YTI2M2ViZTQ1ZTc3MDY3MzkyNDFlYzZkNmFl
NThlNzQwHhcNMjQwMTAyMDQzMTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWJiZWU3YWUzNTAyZWZmZGI5YjFiNDU1YmVlNTM3YjY5OWVlZDhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlre/fidDiLSJji1JzIDbTRmkeALs
yELQGyUUcqABAtv0FVIySlUdr4iQ+2A4USP60eRVTyMi5xckz5uiHhbg0/Mork1N
5TdcSIvEY8pziojXBk1fARSidHD5Ix96dADoIQp8FVh1iY3Z89Z6Aw3iEyk1IVNf
QJxp8MalNt16z79hKb6ZI3eVfou/oy++WoK3XToqpkDB7ZkyfES6WYqlgtDdtGck
vLOsg5d8s2M6itAZvEA87Fm/Tr2o28qF39FFCQWosV2xVKQx2yy0uC2FbgD+H3yN
JrpkO514KKByERGziijAz0sKxMMnCQQ3cPXoeH3t7gtjitvH+07vJw+EPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFm77nrjUC7/25sbRVvuU3tpnu2MMB8GA1UdIwQY
MBaAFABHGOeiY+vkXncGc5JB7G1q5Y50MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUVjWTU2Smo2LVJlZHdaemtrSHNiV3Jsam5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC8zZWVjZjgtZWIwNC00MWNlLWE5ZjYt
M2E5MWE2MTNhNDA3LzEvV2J2dWV1TlFMdl9ibXh0RlctNVRlMm1lN1l3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC8zZWVjZjgtZWIwNC00MWNlLWE5ZjYtM2E5MWE2MTNhNDA3
LzEvQUVjWTU2Smo2LVJlZHdaemtrSHNiV3Jsam5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwWvLMA0G
CSqGSIb3DQEBCwUAA4IBAQCctXZhxWg+3xZOUAyrsQwBP/bp8qK9Tj9Fp5B41U64
WOEkfxbVYXPEWLrYp0fh2ywgoi/j6GoP3ccuYedKzhl7ed7NAMvzdWdpmxvpA0lw
eqg6dXVcFngiRtMNFWf09NSmBHAveChpH9Bz6ObIV791aCoe0vgLrvU0tnhCH1vB
RuvQCFw/devXToPW6YHQhiv7TqspMBXSIUocslYNO3doZ6gHQw6qVDhXkXIyuXqy
DXYoBo0vpYe16QhKBoTi1+y2ixYjc1tknbkpnx99MQtvaiS/Qh61H2ss3sFb458I
Sn9EkZLSLXT/aJk99G53ReqRbtwHXqfo3Mwcz5gwQzYz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:18 2024 by rpki-client on console-fra.rpki-client.org