Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/3eecf8-eb04-41ce-a9f6-3a91a613a407/1/mu0mIfjicNTxrNhijl3EpRdeAh4.roa
File:                     mu0mIfjicNTxrNhijl3EpRdeAh4.roa (raw, json)
Hash identifier:          vsCIg6fGfYFP3ynY0ZErCid9w3NPbgZgOVJToL0i/ps=
Subject key identifier:   9A:ED:26:21:F8:E2:70:D4:F1:AC:D8:62:8E:5D:C4:A5:17:5E:02:1E
Certificate issuer:       /CN=004718e7a263ebe45e7706739241ec6d6ae58e74
Certificate serial:       018CB6B277AF96309D3D82BA1B77915EAFD7
Authority key identifier: 00:47:18:E7:A2:63:EB:E4:5E:77:06:73:92:41:EC:6D:6A:E5:8E:74
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AEcY56Jj6-RedwZzkkHsbWrljnQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/3eecf8-eb04-41ce-a9f6-3a91a613a407/1/mu0mIfjicNTxrNhijl3EpRdeAh4.roa
Signing time:             Fri 29 Dec 2023 17:49:58 +0000
ROA not before:           Fri 29 Dec 2023 17:49:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     196860
IP address blocks:        193.107.200.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:31:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:b6:b2:77:af:96:30:9d:3d:82:ba:1b:77:91:5e:af:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=004718e7a263ebe45e7706739241ec6d6ae58e74
        Validity
            Not Before: Dec 29 17:49:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9aed2621f8e270d4f1acd8628e5dc4a5175e021e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:31:f4:6e:57:bc:24:a5:bf:a2:17:8b:b6:f5:
                    c2:6e:a5:2a:8d:dd:59:cb:cf:30:22:75:08:61:dd:
                    f4:e3:3d:3b:3a:99:71:5b:c3:ec:38:6c:0c:0c:cd:
                    67:17:3a:e3:ad:b9:0e:43:f0:14:5a:f1:8b:49:a4:
                    a8:9c:00:73:44:ce:da:16:b6:cd:8a:10:6d:6e:c6:
                    83:76:24:c8:fc:f5:b7:8b:f7:98:db:81:56:e1:04:
                    2f:39:b5:7a:59:56:78:88:d5:52:bc:f8:bc:54:5c:
                    81:c8:b1:b7:f9:05:1d:ad:e0:70:32:78:f6:85:e5:
                    47:a7:a4:66:05:83:8e:c4:cd:c1:95:4c:d8:7a:a8:
                    5b:fd:b0:55:6e:c0:5a:b1:f9:0f:82:a7:1e:e4:30:
                    b6:de:37:c0:e6:bc:e6:f8:8b:ec:47:7e:bd:5a:1a:
                    0f:3f:19:50:82:71:79:94:49:b4:7b:c1:44:88:42:
                    cf:eb:ed:2a:cb:d5:ad:e0:36:45:af:7b:81:ee:d0:
                    70:66:e7:80:a2:44:13:f9:e1:9e:57:86:13:d8:08:
                    15:72:fb:34:ed:65:46:38:9a:54:19:3d:91:19:74:
                    51:ed:b1:4f:9a:82:43:c7:54:71:df:d3:e4:38:aa:
                    a1:ba:fd:6b:e8:11:fd:fa:3b:9a:b0:07:6a:fd:37:
                    08:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:ED:26:21:F8:E2:70:D4:F1:AC:D8:62:8E:5D:C4:A5:17:5E:02:1E
            X509v3 Authority Key Identifier:
                keyid:00:47:18:E7:A2:63:EB:E4:5E:77:06:73:92:41:EC:6D:6A:E5:8E:74

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AEcY56Jj6-RedwZzkkHsbWrljnQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/3eecf8-eb04-41ce-a9f6-3a91a613a407/1/mu0mIfjicNTxrNhijl3EpRdeAh4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/3eecf8-eb04-41ce-a9f6-3a91a613a407/1/AEcY56Jj6-RedwZzkkHsbWrljnQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.107.200.0/22

    Signature Algorithm: sha256WithRSAEncryption
         2a:27:71:85:1f:84:a9:c0:ca:46:a8:55:1f:32:da:fd:78:8a:
         c9:9e:bb:1d:9e:8e:ac:e1:b3:fc:06:69:d6:1b:1f:e2:95:1e:
         21:83:c0:f5:ee:85:90:50:35:88:21:9a:f9:74:e0:2d:0e:15:
         f0:d1:c9:26:d0:4f:2c:0e:3b:13:d6:48:fa:7b:48:4d:0f:3f:
         1e:91:93:b9:ca:42:b5:65:35:2b:ab:72:fc:ef:c6:ec:12:68:
         be:e5:ab:3b:08:f1:e1:ca:5e:73:38:ac:ee:48:63:3a:c3:ce:
         fb:fb:51:60:52:ed:aa:e5:9f:fd:80:23:4a:bd:d4:04:97:c9:
         d1:ab:cc:af:b1:0c:ad:16:fe:89:5e:b4:70:7d:eb:79:75:f8:
         29:a5:93:94:b7:9f:50:7e:5a:3a:a9:5b:c3:a6:64:ec:63:64:
         23:bd:b6:b6:ba:9f:98:5c:23:69:aa:f5:d2:d7:17:5e:e9:fa:
         cf:5f:01:c0:06:14:43:28:d5:26:13:d4:02:cd:70:23:aa:1c:
         f5:52:09:b7:ec:9d:1f:41:7c:b0:b1:83:bd:65:da:ff:0e:d9:
         a4:e8:01:6e:0d:2e:59:e0:95:29:c8:23:b5:52:99:41:1c:6f:
         06:e7:be:59:fd:a3:9a:eb:63:08:0a:81:48:b5:78:0e:33:b3:
         7a:14:bd:23
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYy2snevljCdPYK6G3eRXq/XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNDcxOGU3YTI2M2ViZTQ1ZTc3MDY3MzkyNDFlYzZkNmFl
NThlNzQwHhcNMjMxMjI5MTc0OTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWVkMjYyMWY4ZTI3MGQ0ZjFhY2Q4NjI4ZTVkYzRhNTE3NWUwMjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArjH0ble8JKW/oheLtvXCbqUqjd1Z
y88wInUIYd304z07OplxW8PsOGwMDM1nFzrjrbkOQ/AUWvGLSaSonABzRM7aFrbN
ihBtbsaDdiTI/PW3i/eY24FW4QQvObV6WVZ4iNVSvPi8VFyByLG3+QUdreBwMnj2
heVHp6RmBYOOxM3BlUzYeqhb/bBVbsBasfkPgqce5DC23jfA5rzm+IvsR369WhoP
PxlQgnF5lEm0e8FEiELP6+0qy9Wt4DZFr3uB7tBwZueAokQT+eGeV4YT2AgVcvs0
7WVGOJpUGT2RGXRR7bFPmoJDx1Rx39PkOKqhuv1r6BH9+juasAdq/TcIKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJrtJiH44nDU8azYYo5dxKUXXgIeMB8GA1UdIwQY
MBaAFABHGOeiY+vkXncGc5JB7G1q5Y50MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUVjWTU2Smo2LVJlZHdaemtrSHNiV3Jsam5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC8zZWVjZjgtZWIwNC00MWNlLWE5ZjYt
M2E5MWE2MTNhNDA3LzEvbXUwbUlmamljTlR4ck5oaWpsM0VwUmRlQWg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC8zZWVjZjgtZWIwNC00MWNlLWE5ZjYtM2E5MWE2MTNhNDA3
LzEvQUVjWTU2Smo2LVJlZHdaemtrSHNiV3Jsam5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwWvIMA0G
CSqGSIb3DQEBCwUAA4IBAQAqJ3GFH4SpwMpGqFUfMtr9eIrJnrsdno6s4bP8BmnW
Gx/ilR4hg8D17oWQUDWIIZr5dOAtDhXw0ckm0E8sDjsT1kj6e0hNDz8ekZO5ykK1
ZTUrq3L878bsEmi+5as7CPHhyl5zOKzuSGM6w877+1FgUu2q5Z/9gCNKvdQEl8nR
q8yvsQytFv6JXrRwfet5dfgppZOUt59Qflo6qVvDpmTsY2Qjvba2up+YXCNpqvXS
1xde6frPXwHABhRDKNUmE9QCzXAjqhz1Ugm37J0fQXywsYO9Zdr/Dtmk6AFuDS5Z
4JUpyCO1UplBHG8G575Z/aOa62MICoFItXgOM7N6FL0j
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:17 2024 by rpki-client on console-ams.rpki-client.org