Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/414ef4-4c1f-4256-88c9-f4d5e84ac1dd/1/pZ9kMZ-PiRIPitxqZh3iV9aFVrk.roa
File:                     pZ9kMZ-PiRIPitxqZh3iV9aFVrk.roa (raw, json)
Hash identifier:          J20F2cnBR0D+J7im54RqIGsl03fkBe2uBvq7c2BkyUk=
Subject key identifier:   A5:9F:64:31:9F:8F:89:12:0F:8A:DC:6A:66:1D:E2:57:D6:85:56:B9
Certificate issuer:       /CN=dbcc2bbaf3e0d4342a014f8b70f873cee9a8cac5
Certificate serial:       01857155292694F46B8F5A7FCD272847918F
Authority key identifier: DB:CC:2B:BA:F3:E0:D4:34:2A:01:4F:8B:70:F8:73:CE:E9:A8:CA:C5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/28wruvPg1DQqAU-LcPhzzumoysU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f8/414ef4-4c1f-4256-88c9-f4d5e84ac1dd/1/pZ9kMZ-PiRIPitxqZh3iV9aFVrk.roa
Signing time:             Mon 02 Jan 2023 07:14:44 +0000
ROA not before:           Mon 02 Jan 2023 07:14:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207346
IP address blocks:        193.16.234.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:31:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:55:29:26:94:f4:6b:8f:5a:7f:cd:27:28:47:91:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dbcc2bbaf3e0d4342a014f8b70f873cee9a8cac5
        Validity
            Not Before: Jan  2 07:14:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a59f64319f8f89120f8adc6a661de257d68556b9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:d4:e8:4b:40:80:a9:95:a2:a4:ac:e5:21:c9:
                    95:9d:21:f9:c9:ef:30:9b:47:8f:71:06:ff:cb:d6:
                    14:1a:29:66:5d:b5:23:c6:7f:6f:73:df:01:60:55:
                    79:f6:c0:4f:52:bc:78:c1:1e:c0:3d:59:2f:e6:c4:
                    f5:ee:bc:79:41:1a:36:fe:00:cc:c6:f9:25:5d:ec:
                    7f:f0:09:e7:5e:18:94:35:7f:81:af:48:ce:06:9c:
                    b4:3b:f3:a5:6e:87:35:ce:7b:75:a5:38:7f:eb:7e:
                    6f:82:55:81:0f:6c:d2:1e:c1:2e:f8:65:cf:9b:e5:
                    b6:de:b5:5e:72:66:f5:a6:cb:1f:fd:e5:f1:eb:1e:
                    ea:4a:56:b9:04:93:29:4a:1a:a7:d9:cb:96:e4:38:
                    24:04:f7:b4:86:44:bb:60:4c:ac:a1:f6:39:e9:b4:
                    31:fd:6f:76:c2:e9:0e:d3:c4:f7:00:d2:94:e7:21:
                    67:8a:f5:bf:88:53:0f:9e:4e:51:19:c4:60:f0:f8:
                    c6:8a:6c:ba:4b:3a:3e:de:15:b8:05:f7:73:a1:bd:
                    09:87:51:04:a4:38:3e:30:57:b0:62:0c:72:29:0f:
                    62:ec:c4:c2:60:f2:13:72:c4:13:12:df:a0:e5:64:
                    87:a2:88:ab:76:e1:6e:f4:fa:f7:e3:e1:3d:3d:f5:
                    fd:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:9F:64:31:9F:8F:89:12:0F:8A:DC:6A:66:1D:E2:57:D6:85:56:B9
            X509v3 Authority Key Identifier:
                keyid:DB:CC:2B:BA:F3:E0:D4:34:2A:01:4F:8B:70:F8:73:CE:E9:A8:CA:C5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/28wruvPg1DQqAU-LcPhzzumoysU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/414ef4-4c1f-4256-88c9-f4d5e84ac1dd/1/pZ9kMZ-PiRIPitxqZh3iV9aFVrk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/414ef4-4c1f-4256-88c9-f4d5e84ac1dd/1/28wruvPg1DQqAU-LcPhzzumoysU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.16.234.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a6:1e:30:5f:5d:bb:fb:c6:c3:b7:1c:6b:7a:2d:01:ad:33:db:
         d7:59:b9:56:a8:9c:09:48:06:b4:d5:ae:50:2b:cc:03:37:68:
         c9:5e:85:fc:0c:3c:b8:eb:05:3f:99:f0:a6:37:50:4b:64:ed:
         01:1c:81:a4:58:11:3c:af:35:43:c2:b8:81:b4:8a:54:71:61:
         ed:09:8f:a2:9d:48:62:25:05:a5:55:da:18:53:0e:38:11:28:
         e7:08:68:c9:ef:d4:cf:8c:2d:53:08:77:1d:55:3e:44:56:c9:
         06:3e:e5:3f:07:ba:8f:88:22:1f:a3:05:11:67:05:dd:45:ce:
         f6:71:17:68:7d:f9:c8:35:5b:0a:1e:9c:2f:ba:e7:f3:4a:31:
         8d:64:25:86:ee:0e:e6:ea:90:ec:fb:b8:8f:2c:37:a0:62:2d:
         41:0b:32:b2:48:00:da:b7:80:87:fa:19:fc:56:17:0e:b1:af:
         d1:06:28:5f:04:6a:d6:c5:6c:f4:f0:32:32:97:bb:7b:af:c3:
         29:0e:4a:df:b2:54:e7:52:f5:04:74:8b:93:90:d2:76:42:03:
         20:94:99:94:0f:db:1f:66:ef:dc:ab:89:79:70:71:d7:96:7e:
         f6:fb:da:76:12:53:43:56:3c:3b:d0:a1:2a:5f:0b:2e:ec:dc:
         6c:85:74:ae
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxVSkmlPRrj1p/zScoR5GPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiY2MyYmJhZjNlMGQ0MzQyYTAxNGY4YjcwZjg3M2NlZTlh
OGNhYzUwHhcNMjMwMTAyMDcxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTlmNjQzMTlmOGY4OTEyMGY4YWRjNmE2NjFkZTI1N2Q2ODU1NmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwNToS0CAqZWipKzlIcmVnSH5ye8w
m0ePcQb/y9YUGilmXbUjxn9vc98BYFV59sBPUrx4wR7APVkv5sT17rx5QRo2/gDM
xvklXex/8AnnXhiUNX+Br0jOBpy0O/Olboc1znt1pTh/635vglWBD2zSHsEu+GXP
m+W23rVecmb1pssf/eXx6x7qSla5BJMpShqn2cuW5DgkBPe0hkS7YEysofY56bQx
/W92wukO08T3ANKU5yFnivW/iFMPnk5RGcRg8PjGimy6Szo+3hW4Bfdzob0Jh1EE
pDg+MFewYgxyKQ9i7MTCYPITcsQTEt+g5WSHooirduFu9Pr34+E9PfX9MQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKWfZDGfj4kSD4rcamYd4lfWhVa5MB8GA1UdIwQY
MBaAFNvMK7rz4NQ0KgFPi3D4c87pqMrFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjh3cnV2UGcxRFFxQVUtTGNQaHp6dW1veXNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC80MTRlZjQtNGMxZi00MjU2LTg4Yzkt
ZjRkNWU4NGFjMWRkLzEvcFo5a01aLVBpUklQaXR4cVpoM2lWOWFGVnJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC80MTRlZjQtNGMxZi00MjU2LTg4YzktZjRkNWU4NGFjMWRk
LzEvMjh3cnV2UGcxRFFxQVUtTGNQaHp6dW1veXNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwRDqMA0G
CSqGSIb3DQEBCwUAA4IBAQCmHjBfXbv7xsO3HGt6LQGtM9vXWblWqJwJSAa01a5Q
K8wDN2jJXoX8DDy46wU/mfCmN1BLZO0BHIGkWBE8rzVDwriBtIpUcWHtCY+inUhi
JQWlVdoYUw44ESjnCGjJ79TPjC1TCHcdVT5EVskGPuU/B7qPiCIfowURZwXdRc72
cRdoffnINVsKHpwvuufzSjGNZCWG7g7m6pDs+7iPLDegYi1BCzKySADat4CH+hn8
VhcOsa/RBihfBGrWxWz08DIyl7t7r8MpDkrfslTnUvUEdIuTkNJ2QgMglJmUD9sf
Zu/cq4l5cHHXln72+9p2ElNDVjw70KEqXwsu7NxshXSu
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:12 2024 by rpki-client on console-fra.rpki-client.org