Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/0df1c2-9ad3-41ca-a12e-9f79143e9c60/1/kSwaNAVAAKtvVf8OlJWG1T0G7iE.roa
File:                     kSwaNAVAAKtvVf8OlJWG1T0G7iE.roa (raw, json)
Hash identifier:          4Xd0rSBHfP4DASaXUhRo+AMsHrMoquZbiMNj59m8NAk=
Subject key identifier:   91:2C:1A:34:05:40:00:AB:6F:55:FF:0E:94:95:86:D5:3D:06:EE:21
Certificate issuer:       /CN=26f55db66c509a9c0a6dfeb023770d5b2ac860b9
Certificate serial:       018CC26CFE680F24F560F23691F917E2B40F
Authority key identifier: 26:F5:5D:B6:6C:50:9A:9C:0A:6D:FE:B0:23:77:0D:5B:2A:C8:60:B9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JvVdtmxQmpwKbf6wI3cNWyrIYLk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/0df1c2-9ad3-41ca-a12e-9f79143e9c60/1/kSwaNAVAAKtvVf8OlJWG1T0G7iE.roa
Signing time:             Mon 01 Jan 2024 00:29:32 +0000
ROA not before:           Mon 01 Jan 2024 00:29:32 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     207713
IP address blocks:        193.84.71.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 06 Jun 2024 07:48:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c2:6c:fe:68:0f:24:f5:60:f2:36:91:f9:17:e2:b4:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=26f55db66c509a9c0a6dfeb023770d5b2ac860b9
        Validity
            Not Before: Jan  1 00:29:32 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=912c1a34054000ab6f55ff0e949586d53d06ee21
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:aa:fa:91:fc:29:27:24:db:a1:5a:80:9a:7d:
                    b8:d0:bd:de:ef:2e:60:77:a6:01:ce:70:69:9b:c9:
                    95:6f:19:d1:db:19:6f:e3:ad:60:b4:2a:e2:5f:76:
                    f0:9d:f3:98:32:06:de:0c:1c:2b:92:03:4c:de:e1:
                    23:bb:fc:1c:2c:ad:17:48:ce:7b:dd:f6:a5:12:99:
                    a6:90:98:46:9b:36:c5:8f:f7:dd:97:96:74:6b:91:
                    4a:2d:b6:2e:87:5f:b7:0a:2e:15:39:a5:8e:a2:05:
                    07:f1:31:47:3c:4f:77:ca:64:c9:dc:f8:ad:cc:ce:
                    73:7a:d2:9a:ba:a9:51:7e:d3:ca:a1:b8:17:c7:b0:
                    82:36:15:c8:fb:e7:7f:f1:6c:60:36:d5:3b:e0:e5:
                    eb:77:3c:4b:a6:74:2d:5c:fd:81:0d:5f:b5:a6:97:
                    71:a4:df:72:ab:2e:ee:44:81:d0:2e:e7:d5:89:84:
                    da:3c:e4:bb:f8:40:81:d2:2a:45:ab:59:11:1f:47:
                    6b:33:79:c0:f6:4b:3a:18:2e:5d:e3:5a:89:8c:73:
                    4e:04:36:0e:58:64:4c:16:d3:6f:57:d6:b7:2c:b8:
                    34:43:a2:32:e8:bd:2b:da:90:8b:35:99:c8:8c:48:
                    ef:ee:06:55:0b:2f:05:31:0f:d7:a6:ce:ce:3d:bf:
                    57:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:2C:1A:34:05:40:00:AB:6F:55:FF:0E:94:95:86:D5:3D:06:EE:21
            X509v3 Authority Key Identifier:
                keyid:26:F5:5D:B6:6C:50:9A:9C:0A:6D:FE:B0:23:77:0D:5B:2A:C8:60:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JvVdtmxQmpwKbf6wI3cNWyrIYLk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/0df1c2-9ad3-41ca-a12e-9f79143e9c60/1/kSwaNAVAAKtvVf8OlJWG1T0G7iE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/0df1c2-9ad3-41ca-a12e-9f79143e9c60/1/JvVdtmxQmpwKbf6wI3cNWyrIYLk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.84.71.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8f:fd:22:d5:55:fc:d6:90:46:8b:4c:57:ac:56:15:78:67:4d:
         0e:5a:97:69:4a:10:16:80:61:95:ab:7d:63:49:de:75:1f:b6:
         6d:54:b4:30:ad:26:b5:aa:15:7c:d5:e4:c6:a4:fb:90:11:e5:
         1d:f9:76:f3:6c:ad:d6:b4:2b:67:f8:83:89:35:c1:82:f7:30:
         96:97:6b:59:d7:53:e7:78:41:7c:66:06:3a:84:9b:9a:7f:c0:
         fc:b0:0c:fb:8a:06:63:d6:45:10:d1:39:c1:23:d9:c9:c1:be:
         f8:10:32:04:28:48:7d:50:5d:bf:37:4a:3c:b3:d3:95:b9:97:
         3c:c7:dd:16:4c:ed:ec:3a:54:3f:32:69:3c:ea:f3:2a:f7:6a:
         55:df:6d:c4:ff:42:b7:a1:dd:2c:c7:84:ac:b3:9c:be:45:58:
         a7:30:e6:86:0a:20:12:6e:95:93:e4:1b:69:51:a8:57:c2:63:
         e9:4d:55:b7:c1:c7:cf:8b:31:63:08:ad:c6:b8:32:e4:6d:39:
         ee:15:bf:40:d5:37:2e:40:bb:d3:d5:2f:54:18:d6:00:4d:b2:
         cf:1c:da:87:ef:da:9d:5b:0d:72:0f:b1:42:27:d0:c9:c4:54:
         c0:4e:57:74:6b:77:8f:71:b4:91:c4:d7:b5:a3:87:eb:a5:31:
         8e:ee:c3:d5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbP5oDyT1YPI2kfkX4rQPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2ZjU1ZGI2NmM1MDlhOWMwYTZkZmViMDIzNzcwZDViMmFj
ODYwYjkwHhcNMjQwMTAxMDAyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTJjMWEzNDA1NDAwMGFiNmY1NWZmMGU5NDk1ODZkNTNkMDZlZTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApar6kfwpJyTboVqAmn240L3e7y5g
d6YBznBpm8mVbxnR2xlv461gtCriX3bwnfOYMgbeDBwrkgNM3uEju/wcLK0XSM57
3falEpmmkJhGmzbFj/fdl5Z0a5FKLbYuh1+3Ci4VOaWOogUH8TFHPE93ymTJ3Pit
zM5zetKauqlRftPKobgXx7CCNhXI++d/8WxgNtU74OXrdzxLpnQtXP2BDV+1ppdx
pN9yqy7uRIHQLufViYTaPOS7+ECB0ipFq1kRH0drM3nA9ks6GC5d41qJjHNOBDYO
WGRMFtNvV9a3LLg0Q6Iy6L0r2pCLNZnIjEjv7gZVCy8FMQ/Xps7OPb9XWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJEsGjQFQACrb1X/DpSVhtU9Bu4hMB8GA1UdIwQY
MBaAFCb1XbZsUJqcCm3+sCN3DVsqyGC5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnZWZHRteFFtcHdLYmY2d0kzY05XeXJJWUxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi8wZGYxYzItOWFkMy00MWNhLWExMmUt
OWY3OTE0M2U5YzYwLzEva1N3YU5BVkFBS3R2VmY4T2xKV0cxVDBHN2lFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi8wZGYxYzItOWFkMy00MWNhLWExMmUtOWY3OTE0M2U5YzYw
LzEvSnZWZHRteFFtcHdLYmY2d0kzY05XeXJJWUxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwVRHMA0G
CSqGSIb3DQEBCwUAA4IBAQCP/SLVVfzWkEaLTFesVhV4Z00OWpdpShAWgGGVq31j
Sd51H7ZtVLQwrSa1qhV81eTGpPuQEeUd+XbzbK3WtCtn+IOJNcGC9zCWl2tZ11Pn
eEF8ZgY6hJuaf8D8sAz7igZj1kUQ0TnBI9nJwb74EDIEKEh9UF2/N0o8s9OVuZc8
x90WTO3sOlQ/Mmk86vMq92pV323E/0K3od0sx4Sss5y+RVinMOaGCiASbpWT5Btp
UahXwmPpTVW3wcfPizFjCK3GuDLkbTnuFb9A1TcuQLvT1S9UGNYATbLPHNqH79qd
Ww1yD7FCJ9DJxFTATld0a3ePcbSRxNe1o4frpTGO7sPV
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:56 2024 by rpki-client on console-ams.rpki-client.org