Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/57e08c-ca3a-4099-ae74-e7daec194a69/1/FD01kYiofzEEcvIb3PqijHcvgic.roa
File:                     FD01kYiofzEEcvIb3PqijHcvgic.roa (raw, json)
Hash identifier:          ISPdgini90y+hJqZC5vg7h8//BrW58rghFSdOElYyfo=
Subject key identifier:   14:3D:35:91:88:A8:7F:31:04:72:F2:1B:DC:FA:A2:8C:77:2F:82:27
Certificate issuer:       /CN=25776c77f8ebe7094ca007ace1a9c0bfdc2b3aec
Certificate serial:       01856FD4F9C7A9EAE3C9C26B24CBD3BA9FBE
Authority key identifier: 25:77:6C:77:F8:EB:E7:09:4C:A0:07:AC:E1:A9:C0:BF:DC:2B:3A:EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JXdsd_jr5wlMoAes4anAv9wrOuw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fa/57e08c-ca3a-4099-ae74-e7daec194a69/1/FD01kYiofzEEcvIb3PqijHcvgic.roa
Signing time:             Mon 02 Jan 2023 00:15:06 +0000
ROA not before:           Mon 02 Jan 2023 00:15:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     133865
IP address blocks:        193.118.33.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:30:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:d4:f9:c7:a9:ea:e3:c9:c2:6b:24:cb:d3:ba:9f:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=25776c77f8ebe7094ca007ace1a9c0bfdc2b3aec
        Validity
            Not Before: Jan  2 00:15:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=143d359188a87f310472f21bdcfaa28c772f8227
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:69:a2:76:f7:bb:bd:df:28:4c:4a:5c:95:02:
                    2d:b1:ed:3d:38:54:0a:d4:02:47:94:ae:7d:28:73:
                    18:2f:89:20:18:eb:93:aa:0a:32:0d:8d:31:db:d9:
                    4b:c4:63:38:6d:6e:d0:5b:be:5f:56:8f:1b:a3:58:
                    17:89:04:70:f8:50:43:22:c1:f9:2a:d9:60:ed:e8:
                    63:2d:5b:e0:b4:8f:3e:d4:03:51:bb:9e:db:e7:22:
                    07:78:4f:ac:76:90:a1:f5:e9:cc:0b:f6:d2:64:17:
                    b6:dd:fb:d0:b0:41:df:77:13:cc:51:b4:2c:a5:54:
                    c5:c6:a4:88:d7:65:7b:f9:4d:9e:a1:96:fd:8b:2b:
                    5b:0e:1c:0e:be:65:63:c6:c5:e5:3e:bf:b9:98:f4:
                    d4:13:90:a8:7b:93:6f:2c:2c:b0:dc:7f:b1:58:40:
                    b2:32:b4:79:93:12:d8:9a:51:31:05:ce:82:d8:eb:
                    74:86:2c:b9:b1:89:00:39:0d:f5:c0:13:9e:4f:d9:
                    22:7d:5a:15:71:94:e9:2d:f6:4a:20:ce:36:89:7c:
                    61:4e:f4:2a:d9:cc:b4:93:4b:25:c0:ea:b9:00:a5:
                    8e:fd:82:0b:7d:b5:8e:58:ca:03:94:45:d3:b4:12:
                    ee:d4:07:de:8b:71:15:ae:70:9b:24:72:09:7d:66:
                    29:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:3D:35:91:88:A8:7F:31:04:72:F2:1B:DC:FA:A2:8C:77:2F:82:27
            X509v3 Authority Key Identifier:
                keyid:25:77:6C:77:F8:EB:E7:09:4C:A0:07:AC:E1:A9:C0:BF:DC:2B:3A:EC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JXdsd_jr5wlMoAes4anAv9wrOuw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/57e08c-ca3a-4099-ae74-e7daec194a69/1/FD01kYiofzEEcvIb3PqijHcvgic.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/57e08c-ca3a-4099-ae74-e7daec194a69/1/JXdsd_jr5wlMoAes4anAv9wrOuw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.118.33.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a0:fb:4f:3d:0c:9d:56:1d:c0:f3:ce:70:e3:5e:7f:61:06:b3:
         f1:c7:77:cc:fd:61:a8:6b:74:6f:45:ae:0f:0c:79:d9:3e:4f:
         57:c6:92:81:42:0f:5a:b8:50:db:8e:e9:4c:30:1f:8f:0e:bc:
         3c:de:75:cf:1c:62:b1:84:66:6b:9a:f9:00:69:44:df:00:57:
         af:81:54:1d:d9:db:5b:39:e5:54:4f:5e:95:d5:4c:43:54:ab:
         bd:36:e0:ca:fb:f3:ea:90:a7:99:ee:63:7d:73:b0:38:8d:f8:
         dd:d3:68:f4:ba:e5:54:03:8e:55:5b:4c:65:f0:3c:32:19:30:
         96:04:01:ea:73:56:d9:2f:0e:5d:93:4c:74:39:1f:e6:bb:ef:
         8c:e5:3a:62:d4:d6:57:94:58:bd:00:ef:a4:cc:88:09:f2:99:
         10:8e:a3:8c:f2:e0:c6:36:2e:f1:36:e6:2d:f0:da:eb:a8:df:
         b3:39:16:c2:da:3b:3a:a8:1a:d7:43:fe:1e:4b:5e:6f:8a:69:
         a8:10:6f:c5:55:2c:9e:3a:68:8c:cb:d9:01:15:6d:2f:58:76:
         de:0e:63:a0:ae:42:94:51:3f:7f:dc:f5:06:78:ec:54:70:34:
         a3:94:81:c1:42:1f:ac:0f:01:1b:5a:54:e2:a7:8e:fc:f2:61:
         7a:10:e2:0c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv1PnHqerjycJrJMvTup++MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1Nzc2Yzc3ZjhlYmU3MDk0Y2EwMDdhY2UxYTljMGJmZGMy
YjNhZWMwHhcNMjMwMTAyMDAxNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDNkMzU5MTg4YTg3ZjMxMDQ3MmYyMWJkY2ZhYTI4Yzc3MmY4MjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm2midve7vd8oTEpclQItse09OFQK
1AJHlK59KHMYL4kgGOuTqgoyDY0x29lLxGM4bW7QW75fVo8bo1gXiQRw+FBDIsH5
Ktlg7ehjLVvgtI8+1ANRu57b5yIHeE+sdpCh9enMC/bSZBe23fvQsEHfdxPMUbQs
pVTFxqSI12V7+U2eoZb9iytbDhwOvmVjxsXlPr+5mPTUE5Coe5NvLCyw3H+xWECy
MrR5kxLYmlExBc6C2Ot0hiy5sYkAOQ31wBOeT9kifVoVcZTpLfZKIM42iXxhTvQq
2cy0k0slwOq5AKWO/YILfbWOWMoDlEXTtBLu1Afei3EVrnCbJHIJfWYpZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBQ9NZGIqH8xBHLyG9z6oox3L4InMB8GA1UdIwQY
MBaAFCV3bHf46+cJTKAHrOGpwL/cKzrsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlhkc2RfanI1d2xNb0FlczRhbkF2OXdyT3V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS81N2UwOGMtY2EzYS00MDk5LWFlNzQt
ZTdkYWVjMTk0YTY5LzEvRkQwMWtZaW9mekVFY3ZJYjNQcWlqSGN2Z2ljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS81N2UwOGMtY2EzYS00MDk5LWFlNzQtZTdkYWVjMTk0YTY5
LzEvSlhkc2RfanI1d2xNb0FlczRhbkF2OXdyT3V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwXYhMA0G
CSqGSIb3DQEBCwUAA4IBAQCg+089DJ1WHcDzznDjXn9hBrPxx3fM/WGoa3RvRa4P
DHnZPk9XxpKBQg9auFDbjulMMB+PDrw83nXPHGKxhGZrmvkAaUTfAFevgVQd2dtb
OeVUT16V1UxDVKu9NuDK+/PqkKeZ7mN9c7A4jfjd02j0uuVUA45VW0xl8DwyGTCW
BAHqc1bZLw5dk0x0OR/mu++M5Tpi1NZXlFi9AO+kzIgJ8pkQjqOM8uDGNi7xNuYt
8NrrqN+zORbC2js6qBrXQ/4eS15vimmoEG/FVSyeOmiMy9kBFW0vWHbeDmOgrkKU
UT9/3PUGeOxUcDSjlIHBQh+sDwEbWlTip4788mF6EOIM
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:50 2024 by rpki-client on console-ams.rpki-client.org