Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/d8cizOgyQH5A9MqTjKXkUDv9sho.roa
File:                     d8cizOgyQH5A9MqTjKXkUDv9sho.roa (raw, json)
Hash identifier:          w462Q4EkXeFskqIhPF0kgJuIbpZVg/cmR/HxkZ7bdbM=
Subject key identifier:   77:C7:22:CC:E8:32:40:7E:40:F4:CA:93:8C:A5:E4:50:3B:FD:B2:1A
Certificate issuer:       /CN=098f7ba34bc6567bd3616d574f7285dd7556dbfd
Certificate serial:       0191510D6AD908F89B1ABFABD5EE8D390844
Authority key identifier: 09:8F:7B:A3:4B:C6:56:7B:D3:61:6D:57:4F:72:85:DD:75:56:DB:FD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CY97o0vGVnvTYW1XT3KF3XVW2_0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/d8cizOgyQH5A9MqTjKXkUDv9sho.roa
Signing time:             Wed 14 Aug 2024 13:21:59 +0000
ROA not before:           Wed 14 Aug 2024 13:21:59 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        80.93.192.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 20 Aug 2024 09:30:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:91:51:0d:6a:d9:08:f8:9b:1a:bf:ab:d5:ee:8d:39:08:44
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=098f7ba34bc6567bd3616d574f7285dd7556dbfd
        Validity
            Not Before: Aug 14 13:21:59 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=77c722cce832407e40f4ca938ca5e4503bfdb21a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:c1:c1:e8:6a:8e:e0:9b:a0:f6:11:61:d4:22:
                    59:d2:3c:75:12:cb:29:a4:02:54:ed:c5:4f:94:7b:
                    88:d7:04:37:04:75:48:0d:8e:63:ad:0b:32:05:fa:
                    ec:e3:88:ba:09:77:ea:76:9a:34:4a:47:58:18:18:
                    ba:d7:5a:41:ee:7e:89:fb:48:ec:57:a0:8e:00:06:
                    64:22:38:e8:41:0b:87:a1:b9:91:b0:85:9e:76:47:
                    58:68:03:27:3b:8c:fd:4e:f2:e2:e1:a8:b1:99:ce:
                    54:d2:54:72:73:4e:5c:46:38:51:5c:2e:d2:ad:6f:
                    70:b2:08:e2:0c:04:a3:08:92:6c:9d:47:98:88:02:
                    44:16:2c:80:bd:50:cd:c7:60:26:a7:f2:ed:76:37:
                    66:9f:75:15:33:dc:e1:17:59:9e:33:e9:ab:f1:00:
                    47:f6:57:a3:81:bc:58:8b:2e:ac:1d:4c:f0:90:c0:
                    23:b9:16:15:c6:2a:b6:d0:c2:2d:c4:02:dc:bc:4a:
                    ba:74:dc:10:bc:db:18:2c:39:03:d7:a7:98:5e:38:
                    c7:28:f9:f7:91:bc:1f:c3:35:10:02:a1:66:a1:33:
                    34:ac:a3:43:34:ae:ad:f0:03:03:fe:3d:eb:ff:21:
                    65:f8:32:53:4e:bd:3c:88:dd:cf:27:2d:4a:67:41:
                    72:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:C7:22:CC:E8:32:40:7E:40:F4:CA:93:8C:A5:E4:50:3B:FD:B2:1A
            X509v3 Authority Key Identifier:
                keyid:09:8F:7B:A3:4B:C6:56:7B:D3:61:6D:57:4F:72:85:DD:75:56:DB:FD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CY97o0vGVnvTYW1XT3KF3XVW2_0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/d8cizOgyQH5A9MqTjKXkUDv9sho.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.93.192.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4a:29:05:83:39:36:58:fb:45:84:89:af:5d:01:0c:1e:c2:c7:
         93:71:a4:27:e5:7e:b7:2c:dc:66:da:21:c4:fb:6f:26:92:69:
         b8:4d:81:84:3b:41:a5:50:82:b6:58:71:15:6e:16:c3:40:e0:
         85:15:d0:9b:dc:e9:83:f1:f7:14:c3:5e:39:64:0a:6c:23:0a:
         36:bd:d0:ca:1b:a4:19:97:0b:13:97:90:45:dc:3f:b4:d3:27:
         6a:77:eb:b5:f2:fd:96:e9:34:70:8e:cd:e8:ed:39:41:8e:2c:
         a7:87:03:3a:46:dc:08:f4:e0:a5:ee:1b:26:4e:5a:0e:4a:b3:
         36:7c:03:31:f4:18:d7:de:76:bb:73:44:a2:f6:87:08:cd:74:
         16:25:7d:c1:d9:fa:af:42:c2:75:ad:0e:76:90:36:60:59:4f:
         84:2c:9c:8c:72:b3:df:df:3d:39:10:6b:c0:6a:de:33:8f:5a:
         eb:83:1b:6c:18:24:d5:a4:a3:e2:bc:e2:1d:e8:b3:dd:d2:51:
         3f:f3:13:01:e9:76:66:d4:62:d7:c8:75:da:bf:90:dc:41:97:
         7d:74:80:24:fe:46:33:ec:6b:1c:4e:27:90:64:f0:e2:98:5b:
         3b:2c:72:5c:4d:74:93:c3:70:52:98:5e:91:62:f0:0f:6d:b3:
         6a:e6:61:db
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZFRDWrZCPibGr+r1e6NOQhEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5OGY3YmEzNGJjNjU2N2JkMzYxNmQ1NzRmNzI4NWRkNzU1
NmRiZmQwHhcNMjQwODE0MTMyMTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2M3MjJjY2U4MzI0MDdlNDBmNGNhOTM4Y2E1ZTQ1MDNiZmRiMjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAosHB6GqO4Jug9hFh1CJZ0jx1Essp
pAJU7cVPlHuI1wQ3BHVIDY5jrQsyBfrs44i6CXfqdpo0SkdYGBi611pB7n6J+0js
V6COAAZkIjjoQQuHobmRsIWedkdYaAMnO4z9TvLi4aixmc5U0lRyc05cRjhRXC7S
rW9wsgjiDASjCJJsnUeYiAJEFiyAvVDNx2Amp/Ltdjdmn3UVM9zhF1meM+mr8QBH
9lejgbxYiy6sHUzwkMAjuRYVxiq20MItxALcvEq6dNwQvNsYLDkD16eYXjjHKPn3
kbwfwzUQAqFmoTM0rKNDNK6t8AMD/j3r/yFl+DJTTr08iN3PJy1KZ0FyBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHfHIszoMkB+QPTKk4yl5FA7/bIaMB8GA1UdIwQY
MBaAFAmPe6NLxlZ702FtV09yhd11Vtv9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1k5N28wdkdWbnZUWVcxWFQzS0YzWFZXMl8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC8zOGM1YWMtYjdlNy00MGRkLTk4ZDMt
ZTIxNjZhZDc0ZTNmLzEvZDhjaXpPZ3lRSDVBOU1xVGpLWGtVRHY5c2hvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC8zOGM1YWMtYjdlNy00MGRkLTk4ZDMtZTIxNjZhZDc0ZTNm
LzEvQ1k5N28wdkdWbnZUWVcxWFQzS0YzWFZXMl8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUF3AMA0G
CSqGSIb3DQEBCwUAA4IBAQBKKQWDOTZY+0WEia9dAQwewseTcaQn5X63LNxm2iHE
+28mkmm4TYGEO0GlUIK2WHEVbhbDQOCFFdCb3OmD8fcUw145ZApsIwo2vdDKG6QZ
lwsTl5BF3D+00ydqd+u18v2W6TRwjs3o7TlBjiynhwM6RtwI9OCl7hsmTloOSrM2
fAMx9BjX3na7c0Si9ocIzXQWJX3B2fqvQsJ1rQ52kDZgWU+ELJyMcrPf3z05EGvA
at4zj1rrgxtsGCTVpKPivOId6LPd0lE/8xMB6XZm1GLXyHXav5DcQZd9dIAk/kYz
7GscTieQZPDimFs7LHJcTXSTw3BSmF6RYvAPbbNq5mHb
-----END CERTIFICATE-----
Generated at Tue Aug 20 12:44:32 2024 by rpki-client on console-fra.rpki-client.org