Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/8a5353-14f1-40f6-a482-aee5927b4dd2/1/prynVOnW45GQHefdbembrQ2eJko.roa
File:                     prynVOnW45GQHefdbembrQ2eJko.roa (raw, json)
Hash identifier:          r0HPk7stnB0/b2o0E7GNcROmLmewedsef1LFUkI6s9s=
Subject key identifier:   A6:BC:A7:54:E9:D6:E3:91:90:1D:E7:DD:6D:E9:9B:AD:0D:9E:26:4A
Certificate issuer:       /CN=2d5894923bb002a434128810607dfb526722004f
Certificate serial:       0185730CC459F3FBBF418D54201926068741
Authority key identifier: 2D:58:94:92:3B:B0:02:A4:34:12:88:10:60:7D:FB:52:67:22:00:4F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LViUkjuwAqQ0EogQYH37UmciAE8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d9/8a5353-14f1-40f6-a482-aee5927b4dd2/1/prynVOnW45GQHefdbembrQ2eJko.roa
Signing time:             Mon 02 Jan 2023 15:14:54 +0000
ROA not before:           Mon 02 Jan 2023 15:14:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     41863
IP address blocks:        193.34.16.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Thu 23 Mar 2023 11:05:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:0c:c4:59:f3:fb:bf:41:8d:54:20:19:26:06:87:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2d5894923bb002a434128810607dfb526722004f
        Validity
            Not Before: Jan  2 15:14:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a6bca754e9d6e391901de7dd6de99bad0d9e264a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:72:6b:70:64:02:46:a9:c1:40:06:b0:c8:57:
                    0a:62:be:0f:05:ec:61:5f:88:a3:6d:cc:49:58:f6:
                    3c:df:1e:cc:a6:2d:f0:5f:21:f8:a8:53:ff:2b:3d:
                    17:6b:81:c5:f2:a3:75:ca:1d:19:fb:7b:5d:25:01:
                    46:53:9d:0f:47:bf:2f:c1:cf:21:16:94:e5:3d:52:
                    20:e2:38:63:33:22:06:aa:9b:82:ca:68:8f:47:7d:
                    b1:28:67:f9:78:60:e7:17:43:78:15:75:1e:85:21:
                    17:5a:eb:92:4b:4a:0f:f7:d0:7c:e7:bc:2f:5c:b5:
                    9d:35:23:13:77:8f:fe:f3:9f:82:fb:eb:b2:7c:56:
                    8d:35:af:ab:9d:2a:64:e2:c5:66:c0:2e:af:b3:fe:
                    2c:ca:27:f8:b0:33:17:2e:80:c4:2b:78:df:77:a3:
                    0d:56:f1:9a:60:d0:cf:e7:ee:0b:8c:64:1a:64:ec:
                    9d:3f:fb:b3:f0:34:3d:2c:3c:d8:a3:62:be:08:d5:
                    68:8d:c2:14:aa:36:f8:e5:aa:3a:8b:2b:c6:ba:ad:
                    d8:ba:8b:ec:56:c3:3a:5b:70:e5:1d:bd:b8:cd:c0:
                    c8:b0:f9:8b:a2:75:6b:0e:b8:5f:95:e2:85:f3:b9:
                    c3:4e:90:16:09:eb:60:97:17:f7:67:a7:1b:51:cf:
                    ac:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:BC:A7:54:E9:D6:E3:91:90:1D:E7:DD:6D:E9:9B:AD:0D:9E:26:4A
            X509v3 Authority Key Identifier:
                keyid:2D:58:94:92:3B:B0:02:A4:34:12:88:10:60:7D:FB:52:67:22:00:4F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LViUkjuwAqQ0EogQYH37UmciAE8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/8a5353-14f1-40f6-a482-aee5927b4dd2/1/prynVOnW45GQHefdbembrQ2eJko.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/8a5353-14f1-40f6-a482-aee5927b4dd2/1/LViUkjuwAqQ0EogQYH37UmciAE8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.34.16.0/22

    Signature Algorithm: sha256WithRSAEncryption
         a3:81:fe:a2:28:e7:bb:02:fb:e8:ab:53:f5:d5:69:79:13:d2:
         f4:32:fc:a9:47:19:a7:00:40:ff:6e:c2:f7:2b:4b:20:6b:63:
         03:6e:0d:0f:72:fa:9d:79:5b:26:d7:6c:60:55:f0:3f:0c:23:
         79:60:ef:dc:ad:74:8e:70:f9:2d:7d:06:4b:24:ce:33:be:70:
         fc:1a:f8:78:0f:5a:96:23:39:b7:64:cf:37:77:26:ef:91:73:
         4f:54:51:32:b3:b1:37:0b:ff:ea:f7:90:46:bf:51:e1:7f:45:
         82:f3:eb:ac:ba:87:b4:1c:06:97:88:0f:d4:a5:d6:d9:fe:f0:
         70:ed:1a:38:20:2c:30:4e:b1:9d:bc:cf:bf:2c:e2:1e:ee:76:
         82:c6:32:57:bd:11:ff:64:64:14:a7:65:af:8e:f2:fe:f3:d1:
         d7:ac:eb:61:d7:97:7f:5b:ab:21:68:14:18:97:3a:df:80:39:
         78:55:a9:12:e7:ae:1c:fa:8e:0b:50:8f:17:ce:b7:2f:7c:0c:
         2e:2b:bd:ce:b9:09:96:f9:b3:ad:a9:a9:9c:6d:6d:d7:d8:fc:
         05:fa:6b:ce:fd:39:c8:f6:5f:4e:8f:5d:75:f5:26:37:0c:40:
         c3:98:07:e7:60:b8:2e:aa:e3:98:4c:e2:e3:99:2c:ac:11:39:
         eb:c9:9c:0c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzDMRZ8/u/QY1UIBkmBodBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkNTg5NDkyM2JiMDAyYTQzNDEyODgxMDYwN2RmYjUyNjcy
MjAwNGYwHhcNMjMwMTAyMTUxNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmJjYTc1NGU5ZDZlMzkxOTAxZGU3ZGQ2ZGU5OWJhZDBkOWUyNjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvnJrcGQCRqnBQAawyFcKYr4PBexh
X4ijbcxJWPY83x7Mpi3wXyH4qFP/Kz0Xa4HF8qN1yh0Z+3tdJQFGU50PR78vwc8h
FpTlPVIg4jhjMyIGqpuCymiPR32xKGf5eGDnF0N4FXUehSEXWuuSS0oP99B857wv
XLWdNSMTd4/+85+C++uyfFaNNa+rnSpk4sVmwC6vs/4syif4sDMXLoDEK3jfd6MN
VvGaYNDP5+4LjGQaZOydP/uz8DQ9LDzYo2K+CNVojcIUqjb45ao6iyvGuq3Yuovs
VsM6W3DlHb24zcDIsPmLonVrDrhfleKF87nDTpAWCetglxf3Z6cbUc+sLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKa8p1Tp1uORkB3n3W3pm60NniZKMB8GA1UdIwQY
MBaAFC1YlJI7sAKkNBKIEGB9+1JnIgBPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFZpVWtqdXdBcVEwRW9nUVlIMzdVbWNpQUU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS84YTUzNTMtMTRmMS00MGY2LWE0ODIt
YWVlNTkyN2I0ZGQyLzEvcHJ5blZPblc0NUdRSGVmZGJlbWJyUTJlSmtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS84YTUzNTMtMTRmMS00MGY2LWE0ODItYWVlNTkyN2I0ZGQy
LzEvTFZpVWtqdXdBcVEwRW9nUVlIMzdVbWNpQUU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwSIQMA0G
CSqGSIb3DQEBCwUAA4IBAQCjgf6iKOe7Avvoq1P11Wl5E9L0MvypRxmnAED/bsL3
K0sga2MDbg0PcvqdeVsm12xgVfA/DCN5YO/crXSOcPktfQZLJM4zvnD8Gvh4D1qW
Izm3ZM83dybvkXNPVFEys7E3C//q95BGv1Hhf0WC8+usuoe0HAaXiA/UpdbZ/vBw
7Ro4ICwwTrGdvM+/LOIe7naCxjJXvRH/ZGQUp2WvjvL+89HXrOth15d/W6shaBQY
lzrfgDl4VakS564c+o4LUI8XzrcvfAwuK73OuQmW+bOtqamcbW3X2PwF+mvO/TnI
9l9Oj1119SY3DEDDmAfnYLguquOYTOLjmSysETnryZwM
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:11 2024 by rpki-client on console-ams.rpki-client.org