Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/SR8maDmbtH3CL8jHLzQqwTn1QEU.roa
File:                     SR8maDmbtH3CL8jHLzQqwTn1QEU.roa (raw, json)
Hash identifier:          Gcrwp9B+JTFa0jPoS/s7KXL5lKeMKki2L6oEXR7isF8=
Subject key identifier:   49:1F:26:68:39:9B:B4:7D:C2:2F:C8:C7:2F:34:2A:C1:39:F5:40:45
Certificate issuer:       /CN=7ce68daf5f089456c0e1d02245393531ac5b8fcb
Certificate serial:       018B8B6297CB6A605885CA4599139075FFF0
Authority key identifier: 7C:E6:8D:AF:5F:08:94:56:C0:E1:D0:22:45:39:35:31:AC:5B:8F:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fOaNr18IlFbA4dAiRTk1Maxbj8s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/SR8maDmbtH3CL8jHLzQqwTn1QEU.roa
Signing time:             Wed 01 Nov 2023 14:56:16 +0000
ROA not before:           Wed 01 Nov 2023 14:56:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     5761
IP address blocks:        193.46.249.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:31:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:8b:62:97:cb:6a:60:58:85:ca:45:99:13:90:75:ff:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7ce68daf5f089456c0e1d02245393531ac5b8fcb
        Validity
            Not Before: Nov  1 14:56:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=491f2668399bb47dc22fc8c72f342ac139f54045
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:5e:8d:1c:70:48:a5:a8:cb:38:70:15:92:68:
                    61:96:88:4a:f7:67:3d:14:af:61:86:45:fb:d1:6f:
                    eb:1b:6a:10:74:b4:0a:44:35:99:8c:a0:15:6b:e6:
                    0a:77:ac:4f:63:2f:19:cb:e1:eb:44:29:cc:88:cc:
                    69:22:de:50:07:53:ff:7b:2b:2d:ab:1a:6e:52:06:
                    f8:06:18:08:20:ac:fc:51:35:56:18:50:95:9a:9a:
                    88:b3:2e:b8:fa:21:d6:09:d5:04:5b:17:3e:cf:c9:
                    e2:2c:67:d8:ce:b2:27:f8:32:58:08:32:09:4c:f4:
                    9e:d2:65:1a:75:f7:49:33:fa:c8:8f:2d:97:08:33:
                    fb:74:78:19:4f:da:4a:43:81:a5:76:08:c1:58:b2:
                    9d:e7:93:5f:dc:3d:44:ea:b2:51:41:6f:d8:b6:1c:
                    ac:30:2a:dc:e5:04:a9:1f:0b:2f:5e:d8:ab:cc:13:
                    01:b3:8e:78:c6:3b:3e:3c:61:7e:b0:14:b1:4b:d4:
                    6b:fd:79:e3:97:ff:fa:14:ce:fb:37:71:f4:de:56:
                    5b:df:c9:fd:8b:17:1e:e4:84:f7:e2:d5:5e:f8:c9:
                    e1:c8:0c:cd:37:fa:a9:04:a7:dd:c7:0a:38:7a:c8:
                    4e:13:06:f8:ec:85:c5:4f:d9:dc:33:c0:60:8c:a1:
                    dc:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                49:1F:26:68:39:9B:B4:7D:C2:2F:C8:C7:2F:34:2A:C1:39:F5:40:45
            X509v3 Authority Key Identifier:
                keyid:7C:E6:8D:AF:5F:08:94:56:C0:E1:D0:22:45:39:35:31:AC:5B:8F:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fOaNr18IlFbA4dAiRTk1Maxbj8s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/SR8maDmbtH3CL8jHLzQqwTn1QEU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/fOaNr18IlFbA4dAiRTk1Maxbj8s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.46.249.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b7:56:30:7a:e3:e5:5d:22:a3:f7:3e:d2:e7:de:6e:b7:af:ba:
         76:b0:6c:a3:78:64:04:d6:27:8c:75:27:34:49:74:e7:71:cf:
         ff:6a:24:06:94:82:7a:36:16:17:e1:51:4e:ad:86:60:7f:c8:
         6e:d9:ff:35:f5:2d:7a:fa:e5:b4:08:a3:17:4a:74:a6:98:d2:
         2d:c3:ac:6f:53:61:99:16:35:59:8d:27:16:37:b6:7c:73:bb:
         e4:da:d3:30:25:eb:6e:ba:92:79:14:f6:f7:b8:c3:12:b2:a0:
         21:f2:6f:8c:0e:4c:52:2d:91:b1:71:2f:ef:df:e8:1f:e2:23:
         58:c0:62:6d:8a:07:cb:48:41:b4:23:b6:ac:6e:b0:21:25:c3:
         01:dd:5d:59:b2:63:ab:45:25:59:91:59:20:08:12:fa:63:ec:
         49:82:a7:90:af:94:ab:10:16:0a:92:15:8b:04:b2:88:7e:ab:
         c1:3e:4e:f9:28:99:d8:0c:33:01:d3:73:c3:cc:03:0a:de:17:
         22:80:df:c8:a2:7a:da:0c:f8:9e:c5:a3:8a:e3:23:49:14:61:
         89:97:c5:fa:d6:e5:8b:24:b5:8e:c8:89:4b:94:ee:42:d8:f8:
         33:be:c2:53:e9:4c:f5:36:0a:68:58:f4:03:71:22:5e:93:ef:
         be:86:b5:5d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYuLYpfLamBYhcpFmROQdf/wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjZTY4ZGFmNWYwODk0NTZjMGUxZDAyMjQ1MzkzNTMxYWM1
YjhmY2IwHhcNMjMxMTAxMTQ1NjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTFmMjY2ODM5OWJiNDdkYzIyZmM4YzcyZjM0MmFjMTM5ZjU0MDQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi16NHHBIpajLOHAVkmhhlohK92c9
FK9hhkX70W/rG2oQdLQKRDWZjKAVa+YKd6xPYy8Zy+HrRCnMiMxpIt5QB1P/eyst
qxpuUgb4BhgIIKz8UTVWGFCVmpqIsy64+iHWCdUEWxc+z8niLGfYzrIn+DJYCDIJ
TPSe0mUadfdJM/rIjy2XCDP7dHgZT9pKQ4GldgjBWLKd55Nf3D1E6rJRQW/Ythys
MCrc5QSpHwsvXtirzBMBs454xjs+PGF+sBSxS9Rr/Xnjl//6FM77N3H03lZb38n9
ixce5IT34tVe+MnhyAzNN/qpBKfdxwo4eshOEwb47IXFT9ncM8BgjKHcLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEkfJmg5m7R9wi/Ixy80KsE59UBFMB8GA1UdIwQY
MBaAFHzmja9fCJRWwOHQIkU5NTGsW4/LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZk9hTnIxOElsRmJBNGRBaVJUazFNYXhiajhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9lYzBiODktMWU2OC00NWEwLThiOTMt
MTNhMDZhMjY5YWE4LzEvU1I4bWFEbWJ0SDNDTDhqSEx6UXF3VG4xUUVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9lYzBiODktMWU2OC00NWEwLThiOTMtMTNhMDZhMjY5YWE4
LzEvZk9hTnIxOElsRmJBNGRBaVJUazFNYXhiajhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwS75MA0G
CSqGSIb3DQEBCwUAA4IBAQC3VjB64+VdIqP3PtLn3m63r7p2sGyjeGQE1ieMdSc0
SXTncc//aiQGlIJ6NhYX4VFOrYZgf8hu2f819S16+uW0CKMXSnSmmNItw6xvU2GZ
FjVZjScWN7Z8c7vk2tMwJetuupJ5FPb3uMMSsqAh8m+MDkxSLZGxcS/v3+gf4iNY
wGJtigfLSEG0I7asbrAhJcMB3V1ZsmOrRSVZkVkgCBL6Y+xJgqeQr5SrEBYKkhWL
BLKIfqvBPk75KJnYDDMB03PDzAMK3hcigN/IonraDPiexaOK4yNJFGGJl8X61uWL
JLWOyIlLlO5C2PgzvsJT6Uz1NgpoWPQDcSJek+++hrVd
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:32 2024 by rpki-client on console-fra.rpki-client.org