Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/0ac44d-b3be-4277-80f8-58cf89888e2a/1/iEk8rABzQWs8GYmUQJZM_cEVxMo.roa
File:                     iEk8rABzQWs8GYmUQJZM_cEVxMo.roa (raw, json)
Hash identifier:          zBPigoljBjtFSzfmKdwN9JUkYYX3J2dYctCHPQ+Oj8o=
Subject key identifier:   88:49:3C:AC:00:73:41:6B:3C:19:89:94:40:96:4C:FD:C1:15:C4:CA
Certificate issuer:       /CN=e56076f27e13d1800e77d16e4b60b23b6f58c820
Certificate serial:       018C10E439DDB78C524AFA6CBED992F774F7
Authority key identifier: E5:60:76:F2:7E:13:D1:80:0E:77:D1:6E:4B:60:B2:3B:6F:58:C8:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5WB28n4T0YAOd9FuS2CyO29YyCA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e0/0ac44d-b3be-4277-80f8-58cf89888e2a/1/iEk8rABzQWs8GYmUQJZM_cEVxMo.roa
Signing time:             Mon 27 Nov 2023 13:07:21 +0000
ROA not before:           Mon 27 Nov 2023 13:07:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209854
IP address blocks:        194.26.131.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:35:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:10:e4:39:dd:b7:8c:52:4a:fa:6c:be:d9:92:f7:74:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e56076f27e13d1800e77d16e4b60b23b6f58c820
        Validity
            Not Before: Nov 27 13:07:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=88493cac0073416b3c19899440964cfdc115c4ca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:57:5a:63:d4:72:5a:80:db:48:af:b5:2d:28:
                    57:bb:8a:29:9a:a5:05:e2:d9:0e:d1:04:cc:3d:0a:
                    22:b9:f4:7f:36:98:e3:a1:a8:e6:47:a3:4a:d2:36:
                    06:df:c6:18:a6:00:6a:38:5f:88:5b:be:08:81:2f:
                    b1:4a:cf:2c:cb:0e:ed:39:36:98:a9:b5:a8:29:e8:
                    1c:72:ab:fe:61:0d:0e:b9:81:89:09:0a:c7:78:ce:
                    c5:09:b6:32:93:ed:c9:9c:76:a8:1e:4e:ff:42:a4:
                    0a:53:8b:b1:6b:ac:06:97:62:38:a4:9d:2d:05:cf:
                    eb:f0:e4:b2:57:98:83:39:88:7a:1b:84:d6:90:31:
                    18:d6:88:95:bc:98:8e:e0:36:e2:8c:94:36:a3:1a:
                    90:51:cb:44:b5:17:66:2b:a4:6f:d1:8e:61:93:58:
                    db:dc:33:c0:9e:19:46:ed:aa:e7:03:6c:9f:93:b0:
                    3d:eb:c0:ae:d6:2c:1a:5a:c6:58:cb:4a:8b:d5:b4:
                    4f:ff:67:e8:64:4e:3c:3e:cb:30:ce:3a:99:b4:64:
                    92:90:46:53:21:6c:51:d1:ec:53:13:d1:92:7d:86:
                    e1:41:a8:c5:75:cb:d1:89:6c:69:78:f4:b5:07:f4:
                    16:a1:07:63:8f:e8:bb:75:31:fa:7f:2e:b3:5b:ba:
                    00:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:49:3C:AC:00:73:41:6B:3C:19:89:94:40:96:4C:FD:C1:15:C4:CA
            X509v3 Authority Key Identifier:
                keyid:E5:60:76:F2:7E:13:D1:80:0E:77:D1:6E:4B:60:B2:3B:6F:58:C8:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5WB28n4T0YAOd9FuS2CyO29YyCA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/0ac44d-b3be-4277-80f8-58cf89888e2a/1/iEk8rABzQWs8GYmUQJZM_cEVxMo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/0ac44d-b3be-4277-80f8-58cf89888e2a/1/5WB28n4T0YAOd9FuS2CyO29YyCA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.26.131.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a0:c7:be:c1:d3:6b:b7:1f:68:56:ef:93:bc:02:fd:72:75:12:
         7d:e3:2b:ad:4a:28:1f:0c:6a:de:16:17:c6:99:6f:16:6c:19:
         a5:a0:6a:87:f8:d9:f3:f4:a6:2f:51:20:9e:9e:d7:7e:cb:b8:
         61:54:3b:5a:53:a6:dc:5f:83:06:bd:28:fb:f6:52:14:e2:17:
         9b:34:1b:8c:f2:99:89:17:1b:2a:36:c8:4b:9f:87:4d:11:c6:
         49:99:e3:96:dd:fc:ea:c5:1a:14:a6:e1:3a:f5:63:75:a0:a1:
         25:c1:2c:e9:f6:d4:cc:90:89:65:bb:c4:62:87:13:15:3f:59:
         e3:67:ed:bb:6c:f9:11:2c:8e:eb:e4:4e:69:86:5c:dc:41:11:
         34:fa:2a:d0:03:6f:e2:84:19:62:a9:37:eb:ff:e5:3b:0b:e9:
         1c:03:3e:7f:0a:de:c1:e3:6e:18:96:6f:90:e8:6b:43:b4:a7:
         ec:e9:4b:ee:10:4b:3d:a5:b5:11:dd:54:df:c3:79:49:c4:67:
         98:f6:ca:21:8f:d7:6c:80:98:f7:30:c4:eb:fd:e0:01:e0:de:
         82:ff:65:6e:ba:dc:4e:e4:28:5f:cc:93:2d:29:c2:20:25:b0:
         86:a8:ee:ba:25:77:d0:d8:b7:c7:cd:ee:53:c4:1f:6e:ad:9f:
         bb:73:e3:fe
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYwQ5Dndt4xSSvpsvtmS93T3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1NjA3NmYyN2UxM2QxODAwZTc3ZDE2ZTRiNjBiMjNiNmY1
OGM4MjAwHhcNMjMxMTI3MTMwNzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODQ5M2NhYzAwNzM0MTZiM2MxOTg5OTQ0MDk2NGNmZGMxMTVjNGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn1daY9RyWoDbSK+1LShXu4opmqUF
4tkO0QTMPQoiufR/NpjjoajmR6NK0jYG38YYpgBqOF+IW74IgS+xSs8syw7tOTaY
qbWoKegccqv+YQ0OuYGJCQrHeM7FCbYyk+3JnHaoHk7/QqQKU4uxa6wGl2I4pJ0t
Bc/r8OSyV5iDOYh6G4TWkDEY1oiVvJiO4DbijJQ2oxqQUctEtRdmK6Rv0Y5hk1jb
3DPAnhlG7arnA2yfk7A968Cu1iwaWsZYy0qL1bRP/2foZE48PsswzjqZtGSSkEZT
IWxR0exTE9GSfYbhQajFdcvRiWxpePS1B/QWoQdjj+i7dTH6fy6zW7oA1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIhJPKwAc0FrPBmJlECWTP3BFcTKMB8GA1UdIwQY
MBaAFOVgdvJ+E9GADnfRbktgsjtvWMggMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVdCMjhuNFQwWUFPZDlGdVMyQ3lPMjlZeUNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC8wYWM0NGQtYjNiZS00Mjc3LTgwZjgt
NThjZjg5ODg4ZTJhLzEvaUVrOHJBQnpRV3M4R1ltVVFKWk1fY0VWeE1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC8wYWM0NGQtYjNiZS00Mjc3LTgwZjgtNThjZjg5ODg4ZTJh
LzEvNVdCMjhuNFQwWUFPZDlGdVMyQ3lPMjlZeUNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwhqDMA0G
CSqGSIb3DQEBCwUAA4IBAQCgx77B02u3H2hW75O8Av1ydRJ94yutSigfDGreFhfG
mW8WbBmloGqH+Nnz9KYvUSCentd+y7hhVDtaU6bcX4MGvSj79lIU4hebNBuM8pmJ
FxsqNshLn4dNEcZJmeOW3fzqxRoUpuE69WN1oKElwSzp9tTMkIllu8RihxMVP1nj
Z+27bPkRLI7r5E5phlzcQRE0+irQA2/ihBliqTfr/+U7C+kcAz5/Ct7B424Ylm+Q
6GtDtKfs6UvuEEs9pbUR3VTfw3lJxGeY9sohj9dsgJj3MMTr/eAB4N6C/2VuutxO
5ChfzJMtKcIgJbCGqO66JXfQ2LfHze5TxB9urZ+7c+P+
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:35 2024 by rpki-client on console-ams.rpki-client.org