Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/13a735-3b1c-4d9c-8cfa-a8ca8e4c7e77/1/2yNXfBBN1F_nC7gO9jlY8P86kd4.roa
File:                     2yNXfBBN1F_nC7gO9jlY8P86kd4.roa (raw, json)
Hash identifier:          Xk0BSZFwqyJUWVfX4Em5D0onjGgnME9tDwbTLBO8OnM=
Subject key identifier:   DB:23:57:7C:10:4D:D4:5F:E7:0B:B8:0E:F6:39:58:F0:FF:3A:91:DE
Certificate issuer:       /CN=86ee201c65d655ee9cfe251f951ea91bba154567
Certificate serial:       018C45332A5C451E8FA98AE1142229AA39AD
Authority key identifier: 86:EE:20:1C:65:D6:55:EE:9C:FE:25:1F:95:1E:A9:1B:BA:15:45:67
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hu4gHGXWVe6c_iUflR6pG7oVRWc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f9/13a735-3b1c-4d9c-8cfa-a8ca8e4c7e77/1/2yNXfBBN1F_nC7gO9jlY8P86kd4.roa
Signing time:             Thu 07 Dec 2023 16:53:50 +0000
ROA not before:           Thu 07 Dec 2023 16:53:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43054
IP address blocks:        193.41.32.0/24 maxlen: 24
                          193.200.214.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 12 Dec 2023 17:39:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:45:33:2a:5c:45:1e:8f:a9:8a:e1:14:22:29:aa:39:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86ee201c65d655ee9cfe251f951ea91bba154567
        Validity
            Not Before: Dec  7 16:53:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=db23577c104dd45fe70bb80ef63958f0ff3a91de
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:fa:24:22:e1:4e:0b:c1:9d:2c:7f:ce:ca:e2:
                    e4:91:09:92:7f:c7:1b:77:7b:76:25:7b:f0:64:b7:
                    05:26:d2:d0:a5:01:12:d1:53:78:ad:5b:5d:a8:54:
                    fa:df:dd:e3:56:15:81:e8:5f:72:e5:9e:c4:94:ac:
                    d3:c8:57:03:e1:b1:70:66:4a:3c:07:39:e7:8e:98:
                    1e:7e:21:5b:62:e5:c9:b0:08:cc:61:c2:54:f2:7d:
                    07:4a:f4:6c:5f:b3:be:71:e7:32:66:8b:25:87:c9:
                    de:ea:e6:47:76:7f:7e:26:c4:2a:cf:06:5b:f8:69:
                    1f:5e:78:26:b8:9c:16:29:5a:ff:27:72:1d:73:75:
                    e8:21:34:1e:8e:4a:d4:2e:f6:ed:83:36:2c:64:95:
                    06:80:26:19:ea:82:83:c1:b5:39:fe:1b:1d:4e:2a:
                    bc:b1:7c:24:33:2e:f9:d6:f7:86:90:88:27:c3:57:
                    78:3a:e2:44:d0:88:27:8c:dc:89:9c:4f:fe:dc:02:
                    44:8f:c1:45:e3:35:5c:37:b4:15:bc:cd:bd:43:17:
                    95:98:7d:10:06:18:78:83:fd:83:dd:dc:ac:5f:35:
                    84:7b:5f:63:62:a3:64:ee:25:71:dc:64:2e:ef:d1:
                    27:55:74:0c:88:e5:be:7a:85:0b:ac:e1:39:e5:6c:
                    29:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:23:57:7C:10:4D:D4:5F:E7:0B:B8:0E:F6:39:58:F0:FF:3A:91:DE
            X509v3 Authority Key Identifier:
                keyid:86:EE:20:1C:65:D6:55:EE:9C:FE:25:1F:95:1E:A9:1B:BA:15:45:67

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hu4gHGXWVe6c_iUflR6pG7oVRWc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/13a735-3b1c-4d9c-8cfa-a8ca8e4c7e77/1/2yNXfBBN1F_nC7gO9jlY8P86kd4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/13a735-3b1c-4d9c-8cfa-a8ca8e4c7e77/1/hu4gHGXWVe6c_iUflR6pG7oVRWc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.41.32.0/24
                  193.200.214.0/24

    Signature Algorithm: sha256WithRSAEncryption
         68:5c:5f:c5:99:a8:7f:4c:c1:cb:b5:7f:00:b2:2f:8d:c8:69:
         79:d5:5a:83:3e:33:5a:6e:dd:71:f5:cc:69:7c:2d:11:86:b7:
         e0:4c:54:17:25:95:fa:ec:73:41:f7:7f:37:30:ab:d7:ac:95:
         9c:56:e7:8f:c4:ec:45:10:5b:63:fc:63:1d:21:a8:41:49:fb:
         3e:61:de:74:7a:54:fa:2e:09:b7:21:af:2a:a2:a7:a4:4b:65:
         22:79:9a:63:88:0f:cc:ef:df:dc:d3:6b:db:c3:e4:a0:63:31:
         68:a7:7a:9e:09:55:a2:96:18:7d:8c:28:4b:ac:12:26:fc:b4:
         b5:e1:13:53:2b:98:5d:bf:fd:c2:4f:57:18:68:ea:dd:12:75:
         3e:34:4d:74:c5:c3:7f:7e:a2:d1:ca:36:53:39:18:a5:58:32:
         07:fe:ed:57:03:de:c3:f1:b3:7b:92:b8:4a:78:96:57:a5:59:
         bf:ca:ab:36:86:43:70:75:d6:ce:78:bc:79:e5:62:0a:c7:7e:
         95:af:3e:ad:de:e8:61:0e:a7:ed:87:c2:dd:a0:87:a5:c7:c0:
         f4:3b:8b:7d:d8:9a:3d:7d:11:b0:f6:26:0e:2a:cc:70:d0:18:
         e5:97:bc:f6:83:30:d9:18:9a:56:4f:45:67:13:06:40:6d:b5:
         b1:f1:85:15
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYxFMypcRR6PqYrhFCIpqjmtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZWUyMDFjNjVkNjU1ZWU5Y2ZlMjUxZjk1MWVhOTFiYmEx
NTQ1NjcwHhcNMjMxMjA3MTY1MzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjIzNTc3YzEwNGRkNDVmZTcwYmI4MGVmNjM5NThmMGZmM2E5MWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsfokIuFOC8GdLH/OyuLkkQmSf8cb
d3t2JXvwZLcFJtLQpQES0VN4rVtdqFT6393jVhWB6F9y5Z7ElKzTyFcD4bFwZko8
BznnjpgefiFbYuXJsAjMYcJU8n0HSvRsX7O+cecyZoslh8ne6uZHdn9+JsQqzwZb
+GkfXngmuJwWKVr/J3Idc3XoITQejkrULvbtgzYsZJUGgCYZ6oKDwbU5/hsdTiq8
sXwkMy751veGkIgnw1d4OuJE0IgnjNyJnE/+3AJEj8FF4zVcN7QVvM29QxeVmH0Q
Bhh4g/2D3dysXzWEe19jYqNk7iVx3GQu79EnVXQMiOW+eoULrOE55WwpkQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNsjV3wQTdRf5wu4DvY5WPD/OpHeMB8GA1UdIwQY
MBaAFIbuIBxl1lXunP4lH5UeqRu6FUVnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHU0Z0hHWFdWZTZjX2lVZmxSNnBHN29WUldjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS8xM2E3MzUtM2IxYy00ZDljLThjZmEt
YThjYThlNGM3ZTc3LzEvMnlOWGZCQk4xRl9uQzdnTzlqbFk4UDg2a2Q0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS8xM2E3MzUtM2IxYy00ZDljLThjZmEtYThjYThlNGM3ZTc3
LzEvaHU0Z0hHWFdWZTZjX2lVZmxSNnBHN29WUldjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwSkgAwQA
wcjWMA0GCSqGSIb3DQEBCwUAA4IBAQBoXF/Fmah/TMHLtX8Asi+NyGl51VqDPjNa
bt1x9cxpfC0RhrfgTFQXJZX67HNB9383MKvXrJWcVuePxOxFEFtj/GMdIahBSfs+
Yd50elT6Lgm3Ia8qoqekS2UieZpjiA/M79/c02vbw+SgYzFop3qeCVWilhh9jChL
rBIm/LS14RNTK5hdv/3CT1cYaOrdEnU+NE10xcN/fqLRyjZTORilWDIH/u1XA97D
8bN7krhKeJZXpVm/yqs2hkNwddbOeLx55WIKx36Vrz6t3uhhDqfth8LdoIelx8D0
O4t92Jo9fRGw9iYOKsxw0Bjll7z2gzDZGJpWT0VnEwZAbbWx8YUV
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:18 2024 by rpki-client on console-fra.rpki-client.org