Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/b33a78-a51e-46e4-8648-0066f541faea/1/z76hkvwS2e-gMWmMyLAX4yIaBaQ.roa
File:                     z76hkvwS2e-gMWmMyLAX4yIaBaQ.roa (raw, json)
Hash identifier:          7pB9IaraamyVE8NhIc2M0JpLCX/jS45v4Yo2evyKNQo=
Subject key identifier:   CF:BE:A1:92:FC:12:D9:EF:A0:31:69:8C:C8:B0:17:E3:22:1A:05:A4
Certificate issuer:       /CN=71949b47df313cbab9452da98fcc637608a909bd
Certificate serial:       018BBA0984AD73F7B8E50FD5F7A60A48912B
Authority key identifier: 71:94:9B:47:DF:31:3C:BA:B9:45:2D:A9:8F:CC:63:76:08:A9:09:BD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/cZSbR98xPLq5RS2pj8xjdgipCb0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fe/b33a78-a51e-46e4-8648-0066f541faea/1/z76hkvwS2e-gMWmMyLAX4yIaBaQ.roa
Signing time:             Fri 10 Nov 2023 16:21:07 +0000
ROA not before:           Fri 10 Nov 2023 16:21:07 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     34549
IP address blocks:        93.93.18.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:32:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:ba:09:84:ad:73:f7:b8:e5:0f:d5:f7:a6:0a:48:91:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=71949b47df313cbab9452da98fcc637608a909bd
        Validity
            Not Before: Nov 10 16:21:07 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=cfbea192fc12d9efa031698cc8b017e3221a05a4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f1:51:c0:3e:0b:8d:3e:96:98:cc:00:72:df:ac:
                    fc:9b:eb:c7:69:d2:cc:58:d1:a9:2a:c1:ed:48:56:
                    13:f1:c9:19:f6:3e:15:25:37:3d:85:8d:ff:d6:82:
                    d8:7b:d1:5c:3f:04:94:34:26:97:f6:2c:de:91:54:
                    60:d6:ca:3a:c9:0c:1c:c2:a6:ea:71:fe:ce:72:d7:
                    29:0d:bf:6a:79:0a:54:67:cd:94:df:6f:95:b4:25:
                    af:a6:44:6b:3f:65:17:43:4f:7f:87:b4:56:c4:e9:
                    61:f5:f2:62:06:a2:40:9f:7b:32:9c:5d:06:93:a8:
                    71:69:5e:0e:c8:91:30:5a:12:ed:40:1d:ca:d0:43:
                    85:ff:61:df:c7:c8:33:42:53:90:f5:10:d9:2f:69:
                    dd:25:e4:55:33:0b:9d:fa:d5:13:03:68:27:f1:7f:
                    d2:45:c3:dd:ad:4c:34:4f:d3:75:f4:f5:b6:e2:00:
                    16:1c:07:bd:fd:60:95:36:e8:1b:80:af:c6:e8:ae:
                    5b:af:4d:14:79:eb:1f:90:4f:54:d0:3c:fd:90:57:
                    17:f2:52:fc:eb:45:d0:e7:b8:af:1d:16:6b:2b:4f:
                    d2:1e:aa:3e:de:bb:f0:89:3c:4f:c1:37:67:12:9b:
                    89:6a:ae:91:22:d7:7a:87:f2:26:6a:10:91:65:66:
                    6d:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:BE:A1:92:FC:12:D9:EF:A0:31:69:8C:C8:B0:17:E3:22:1A:05:A4
            X509v3 Authority Key Identifier:
                keyid:71:94:9B:47:DF:31:3C:BA:B9:45:2D:A9:8F:CC:63:76:08:A9:09:BD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cZSbR98xPLq5RS2pj8xjdgipCb0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/b33a78-a51e-46e4-8648-0066f541faea/1/z76hkvwS2e-gMWmMyLAX4yIaBaQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/b33a78-a51e-46e4-8648-0066f541faea/1/cZSbR98xPLq5RS2pj8xjdgipCb0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  93.93.18.0/23

    Signature Algorithm: sha256WithRSAEncryption
         2c:23:b5:f2:cb:b0:8a:1a:18:ab:d2:83:e5:b1:47:56:c1:06:
         95:75:d8:72:8d:f3:9f:ab:80:28:5f:87:e6:d9:59:ee:16:1e:
         df:10:56:d8:60:68:d5:ee:a5:b7:a2:f9:ed:0d:e6:ce:72:37:
         22:30:00:ba:f8:db:03:db:d9:e8:4a:0b:2d:37:5f:9e:11:70:
         65:02:0b:eb:ae:93:47:4a:46:2d:86:91:b8:92:83:92:48:fc:
         c1:7a:f2:a4:48:e4:22:f9:ff:65:a2:a5:a6:3d:f1:66:03:ec:
         1f:f4:8c:8c:cd:b2:cc:e5:fb:d5:d3:a0:d0:70:98:7e:88:6f:
         81:56:74:f9:4f:d4:14:36:57:e8:f3:96:ba:ec:e4:5b:fb:08:
         42:9a:2a:e9:42:2f:08:a0:8e:f8:30:79:4f:bc:b0:40:3e:34:
         44:8d:f7:bc:ba:fe:d8:bb:d8:3e:74:e3:65:e4:4c:8e:9b:71:
         1b:e1:ff:8c:d8:f0:73:af:16:a9:b8:8c:e5:7c:03:7b:c2:f3:
         f6:cd:1c:07:d6:ed:c3:c0:42:c2:df:14:a3:f4:9d:ed:bc:84:
         0d:03:83:f6:62:d0:63:de:f0:25:41:c0:d9:a7:6f:fb:2e:c3:
         1f:65:a3:ef:24:8d:ff:43:0e:95:cd:e3:5f:40:e1:2a:61:e6:
         8d:8d:74:4d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYu6CYStc/e45Q/V96YKSJErMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxOTQ5YjQ3ZGYzMTNjYmFiOTQ1MmRhOThmY2M2Mzc2MDhh
OTA5YmQwHhcNMjMxMTEwMTYyMTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmJlYTE5MmZjMTJkOWVmYTAzMTY5OGNjOGIwMTdlMzIyMWEwNWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8VHAPguNPpaYzABy36z8m+vHadLM
WNGpKsHtSFYT8ckZ9j4VJTc9hY3/1oLYe9FcPwSUNCaX9izekVRg1so6yQwcwqbq
cf7OctcpDb9qeQpUZ82U32+VtCWvpkRrP2UXQ09/h7RWxOlh9fJiBqJAn3synF0G
k6hxaV4OyJEwWhLtQB3K0EOF/2Hfx8gzQlOQ9RDZL2ndJeRVMwud+tUTA2gn8X/S
RcPdrUw0T9N19PW24gAWHAe9/WCVNugbgK/G6K5br00UeesfkE9U0Dz9kFcX8lL8
60XQ57ivHRZrK0/SHqo+3rvwiTxPwTdnEpuJaq6RItd6h/ImahCRZWZtbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM++oZL8EtnvoDFpjMiwF+MiGgWkMB8GA1UdIwQY
MBaAFHGUm0ffMTy6uUUtqY/MY3YIqQm9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1pTYlI5OHhQTHE1UlMycGo4eGpkZ2lwQ2IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9iMzNhNzgtYTUxZS00NmU0LTg2NDgt
MDA2NmY1NDFmYWVhLzEvejc2aGt2d1MyZS1nTVdtTXlMQVg0eUlhQmFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9iMzNhNzgtYTUxZS00NmU0LTg2NDgtMDA2NmY1NDFmYWVh
LzEvY1pTYlI5OHhQTHE1UlMycGo4eGpkZ2lwQ2IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBXV0SMA0G
CSqGSIb3DQEBCwUAA4IBAQAsI7Xyy7CKGhir0oPlsUdWwQaVddhyjfOfq4AoX4fm
2VnuFh7fEFbYYGjV7qW3ovntDebOcjciMAC6+NsD29noSgstN1+eEXBlAgvrrpNH
SkYthpG4koOSSPzBevKkSOQi+f9loqWmPfFmA+wf9IyMzbLM5fvV06DQcJh+iG+B
VnT5T9QUNlfo85a67ORb+whCmirpQi8IoI74MHlPvLBAPjREjfe8uv7Yu9g+dONl
5EyOm3Eb4f+M2PBzrxapuIzlfAN7wvP2zRwH1u3DwELC3xSj9J3tvIQNA4P2YtBj
3vAlQcDZp2/7LsMfZaPvJI3/Qw6VzeNfQOEqYeaNjXRN
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:06 2024 by rpki-client on console-fra.rpki-client.org