Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/3eecf8-eb04-41ce-a9f6-3a91a613a407/1/eZW_NbZohgj9iL5T81FQ4FOn0NY.roa
File:                     eZW_NbZohgj9iL5T81FQ4FOn0NY.roa (raw, json)
Hash identifier:          dDVkuNOWb96RjyWRk0ntu+BOy7PPzIu3vtRFUdpDzVc=
Subject key identifier:   79:95:BF:35:B6:68:86:08:FD:88:BE:53:F3:51:50:E0:53:A7:D0:D6
Certificate issuer:       /CN=004718e7a263ebe45e7706739241ec6d6ae58e74
Certificate serial:       01857070866A288A1FBE709FAC2622D8BFD1
Authority key identifier: 00:47:18:E7:A2:63:EB:E4:5E:77:06:73:92:41:EC:6D:6A:E5:8E:74
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AEcY56Jj6-RedwZzkkHsbWrljnQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/3eecf8-eb04-41ce-a9f6-3a91a613a407/1/eZW_NbZohgj9iL5T81FQ4FOn0NY.roa
Signing time:             Mon 02 Jan 2023 03:05:00 +0000
ROA not before:           Mon 02 Jan 2023 03:05:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     196860
IP address blocks:        193.107.203.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 29 Dec 2023 17:49:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:70:86:6a:28:8a:1f:be:70:9f:ac:26:22:d8:bf:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=004718e7a263ebe45e7706739241ec6d6ae58e74
        Validity
            Not Before: Jan  2 03:05:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7995bf35b6688608fd88be53f35150e053a7d0d6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:43:d1:b8:1e:e3:77:7e:fc:6f:2f:b3:77:dc:
                    c2:4e:4c:41:8b:88:49:14:fe:90:52:c7:f9:9e:cf:
                    20:b5:03:c2:b1:5c:2c:03:cf:88:f5:aa:05:c5:67:
                    b0:f8:7d:6e:4c:9a:77:f2:02:fe:0e:d8:a3:10:06:
                    50:54:e1:c1:4b:54:d6:1c:9a:a7:8a:85:d3:8c:b3:
                    2d:db:c5:48:ab:13:db:69:be:49:cf:d6:d5:5d:35:
                    32:df:31:af:f4:6a:d6:6a:b5:24:d4:6a:d0:54:c2:
                    be:7b:14:a4:bd:08:7b:17:61:7a:7e:22:b3:1f:c7:
                    4a:b7:c8:ef:3f:d5:dc:c8:2b:27:c7:d5:19:08:f8:
                    ac:5e:33:bd:8c:0c:2a:da:42:72:66:d8:4a:57:75:
                    db:5d:99:1c:7c:ff:97:fd:5f:9f:77:e8:76:1a:4b:
                    4a:de:af:bb:27:8a:36:52:a5:c1:ee:c1:ed:92:3c:
                    0b:29:1d:98:bf:b6:be:db:6c:c0:b6:c9:4a:e4:9d:
                    69:73:b8:2f:c8:0f:10:e5:29:47:12:a5:6c:29:cc:
                    3a:33:a0:90:3d:22:91:f2:cd:e2:aa:ef:0f:ef:ac:
                    bf:7f:b2:81:99:eb:87:6b:ca:56:5f:51:a4:1c:67:
                    5f:45:06:a5:7b:61:d2:01:98:a9:27:d2:80:58:5a:
                    d0:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:95:BF:35:B6:68:86:08:FD:88:BE:53:F3:51:50:E0:53:A7:D0:D6
            X509v3 Authority Key Identifier:
                keyid:00:47:18:E7:A2:63:EB:E4:5E:77:06:73:92:41:EC:6D:6A:E5:8E:74

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AEcY56Jj6-RedwZzkkHsbWrljnQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/3eecf8-eb04-41ce-a9f6-3a91a613a407/1/eZW_NbZohgj9iL5T81FQ4FOn0NY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/3eecf8-eb04-41ce-a9f6-3a91a613a407/1/AEcY56Jj6-RedwZzkkHsbWrljnQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.107.203.0/24

    Signature Algorithm: sha256WithRSAEncryption
         29:83:1e:9c:f3:f8:ef:0c:8c:03:20:76:06:d6:45:e8:67:81:
         3d:57:e0:a1:cf:e0:43:ac:63:86:6d:fb:33:ea:96:95:e4:f3:
         24:2f:d2:3d:6f:3c:ae:44:f7:b6:71:21:ac:08:d2:d5:15:e2:
         67:e2:60:ae:7e:17:e5:9d:25:55:b3:5c:45:85:56:30:b9:ec:
         11:a0:8b:83:2d:df:6c:17:93:ca:9a:b5:4c:0b:9e:73:6b:d7:
         a7:2f:3a:04:fc:bc:b9:90:dd:07:dd:0e:66:50:96:7a:e1:f5:
         38:e8:65:fe:3f:a4:94:e0:ac:68:20:7c:54:a8:c9:3f:d9:8f:
         a2:da:0b:7c:f0:86:a4:b3:40:af:ca:58:dc:b3:df:33:da:5d:
         23:1c:e3:c9:a6:61:5c:f0:74:20:bb:23:3f:43:6f:63:78:7d:
         26:cf:9b:4f:28:bc:9b:d9:5d:28:c0:70:89:46:c7:b0:0b:27:
         74:a0:7a:9e:68:5c:4c:8f:cc:81:9e:4b:46:d6:c9:05:aa:cf:
         65:9a:2e:ea:b5:41:96:a1:ff:24:48:21:4b:0e:8d:5a:e8:29:
         12:2a:bc:35:69:83:62:10:ad:38:3e:c9:61:1b:3e:d6:8e:58:
         09:92:7d:eb:e1:c9:5c:d1:32:73:90:17:ee:c3:04:56:89:d1:
         56:d6:16:4d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwcIZqKIofvnCfrCYi2L/RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNDcxOGU3YTI2M2ViZTQ1ZTc3MDY3MzkyNDFlYzZkNmFl
NThlNzQwHhcNMjMwMTAyMDMwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTk1YmYzNWI2Njg4NjA4ZmQ4OGJlNTNmMzUxNTBlMDUzYTdkMGQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgEPRuB7jd378by+zd9zCTkxBi4hJ
FP6QUsf5ns8gtQPCsVwsA8+I9aoFxWew+H1uTJp38gL+DtijEAZQVOHBS1TWHJqn
ioXTjLMt28VIqxPbab5Jz9bVXTUy3zGv9GrWarUk1GrQVMK+exSkvQh7F2F6fiKz
H8dKt8jvP9XcyCsnx9UZCPisXjO9jAwq2kJyZthKV3XbXZkcfP+X/V+fd+h2GktK
3q+7J4o2UqXB7sHtkjwLKR2Yv7a+22zAtslK5J1pc7gvyA8Q5SlHEqVsKcw6M6CQ
PSKR8s3iqu8P76y/f7KBmeuHa8pWX1GkHGdfRQale2HSAZipJ9KAWFrQpQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHmVvzW2aIYI/Yi+U/NRUOBTp9DWMB8GA1UdIwQY
MBaAFABHGOeiY+vkXncGc5JB7G1q5Y50MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUVjWTU2Smo2LVJlZHdaemtrSHNiV3Jsam5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC8zZWVjZjgtZWIwNC00MWNlLWE5ZjYt
M2E5MWE2MTNhNDA3LzEvZVpXX05iWm9oZ2o5aUw1VDgxRlE0Rk9uME5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC8zZWVjZjgtZWIwNC00MWNlLWE5ZjYtM2E5MWE2MTNhNDA3
LzEvQUVjWTU2Smo2LVJlZHdaemtrSHNiV3Jsam5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwWvLMA0G
CSqGSIb3DQEBCwUAA4IBAQApgx6c8/jvDIwDIHYG1kXoZ4E9V+Chz+BDrGOGbfsz
6paV5PMkL9I9bzyuRPe2cSGsCNLVFeJn4mCufhflnSVVs1xFhVYwuewRoIuDLd9s
F5PKmrVMC55za9enLzoE/Ly5kN0H3Q5mUJZ64fU46GX+P6SU4KxoIHxUqMk/2Y+i
2gt88Iaks0Cvyljcs98z2l0jHOPJpmFc8HQguyM/Q29jeH0mz5tPKLyb2V0owHCJ
RsewCyd0oHqeaFxMj8yBnktG1skFqs9lmi7qtUGWof8kSCFLDo1a6CkSKrw1aYNi
EK04PslhGz7WjlgJkn3r4clc0TJzkBfuwwRWidFW1hZN
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:18 2024 by rpki-client on console-fra.rpki-client.org