Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/7c55d2-381c-4e87-8ca5-2307bb59225f/1/AA62Vb9HNxFlc9Bab13YJLvJGy0.roa
File:                     AA62Vb9HNxFlc9Bab13YJLvJGy0.roa (raw, json)
Hash identifier:          Ij8P/HpA1qyOq/NtZblid766JuUnl9cuap8UiD+iX7w=
Subject key identifier:   00:0E:B6:55:BF:47:37:11:65:73:D0:5A:6F:5D:D8:24:BB:C9:1B:2D
Certificate issuer:       /CN=787e31ce5d501d1a94afdabbd4e024cc2a788ef5
Certificate serial:       01856B2E95AB3F30270CA247C4C0FB882A52
Authority key identifier: 78:7E:31:CE:5D:50:1D:1A:94:AF:DA:BB:D4:E0:24:CC:2A:78:8E:F5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eH4xzl1QHRqUr9q71OAkzCp4jvU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ff/7c55d2-381c-4e87-8ca5-2307bb59225f/1/AA62Vb9HNxFlc9Bab13YJLvJGy0.roa
Signing time:             Sun 01 Jan 2023 02:34:53 +0000
ROA not before:           Sun 01 Jan 2023 02:34:53 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     197595
IP address blocks:        193.189.101.254/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 28 Mar 2023 12:12:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:2e:95:ab:3f:30:27:0c:a2:47:c4:c0:fb:88:2a:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=787e31ce5d501d1a94afdabbd4e024cc2a788ef5
        Validity
            Not Before: Jan  1 02:34:53 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=000eb655bf4737116573d05a6f5dd824bbc91b2d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:f2:78:10:07:42:b1:21:7b:9f:8d:e5:7f:f4:
                    14:2b:a8:ce:b6:e1:1e:67:3d:6f:0e:29:cc:1d:2c:
                    9e:76:2c:47:2e:5d:5e:85:f2:7d:80:ce:5a:e8:07:
                    2b:f4:b7:33:4b:15:da:15:d3:72:ec:09:12:0a:df:
                    8e:05:f7:09:fc:d1:0a:26:52:a4:1d:c0:1c:a9:8b:
                    ac:eb:f6:fc:27:3a:dc:88:67:79:fd:87:8a:01:2f:
                    8a:cc:56:27:26:a3:2c:a7:9c:82:67:cf:00:48:4b:
                    65:c5:ec:84:77:04:aa:a4:b9:85:23:76:61:77:cb:
                    9d:a2:bc:30:64:92:82:4d:e6:49:58:20:0c:4c:4a:
                    2b:4b:ca:b8:1f:6b:11:5f:19:42:08:91:1c:09:0d:
                    fb:92:bd:d8:e0:ea:51:1e:da:35:22:ee:e4:7e:cd:
                    4e:a5:fd:4c:aa:b3:bf:ee:db:e5:b8:0f:0c:ea:8a:
                    70:0e:a4:df:6c:f1:c9:28:5e:97:a2:3c:0e:41:29:
                    7b:83:b3:d1:2a:0f:07:1a:a8:74:f9:a4:1b:d3:44:
                    85:9c:5d:f5:18:5f:89:d9:f9:0b:4c:41:13:f1:48:
                    34:7c:05:cc:01:f6:9f:a2:b0:7c:74:65:54:e6:98:
                    78:95:7f:26:d3:3c:0e:3d:4b:2f:46:f6:f8:31:5e:
                    9e:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:0E:B6:55:BF:47:37:11:65:73:D0:5A:6F:5D:D8:24:BB:C9:1B:2D
            X509v3 Authority Key Identifier:
                keyid:78:7E:31:CE:5D:50:1D:1A:94:AF:DA:BB:D4:E0:24:CC:2A:78:8E:F5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eH4xzl1QHRqUr9q71OAkzCp4jvU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/7c55d2-381c-4e87-8ca5-2307bb59225f/1/AA62Vb9HNxFlc9Bab13YJLvJGy0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/7c55d2-381c-4e87-8ca5-2307bb59225f/1/eH4xzl1QHRqUr9q71OAkzCp4jvU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.189.101.254/32

    Signature Algorithm: sha256WithRSAEncryption
         b7:ff:1b:ca:76:00:57:b9:01:52:71:46:0c:6e:98:f3:66:e1:
         eb:e2:4b:72:d7:d1:a6:68:a5:0e:bb:6e:7a:37:69:da:60:c3:
         35:f1:8e:da:96:92:56:b4:ff:0a:07:a2:29:ba:13:94:19:d7:
         9e:82:6c:06:66:0a:43:b2:db:b9:b5:a5:a6:65:2c:6e:5d:8e:
         7d:f3:df:4c:a3:9d:4e:47:2a:bd:78:7e:24:b1:54:c8:f9:69:
         90:4d:a6:68:55:6b:2e:2e:c1:65:a4:3a:ef:59:80:4d:b9:ea:
         24:fe:91:89:9d:83:11:ec:e5:f3:64:50:83:ec:57:99:d8:f1:
         70:7c:5e:16:8d:3a:c2:37:75:6b:8b:b9:22:62:cf:a3:50:48:
         12:c7:ba:29:05:e2:75:f8:92:c4:82:05:46:f5:69:7e:9f:87:
         6c:18:b1:95:51:35:2c:bb:17:28:8c:aa:da:05:c1:ae:9e:25:
         0e:77:9c:93:40:2c:c9:bb:96:83:03:a0:1d:ed:3e:27:2a:9f:
         d2:f8:17:95:a9:a3:1d:30:32:e0:55:90:20:21:01:90:c4:46:
         0b:1b:14:de:88:2d:b4:fc:d1:73:5f:7d:e2:69:15:4b:f9:b0:
         c6:7e:64:00:47:08:50:dc:9f:25:a5:9a:ad:dc:3a:0b:ce:29:
         07:3e:09:2e
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVrLpWrPzAnDKJHxMD7iCpSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4N2UzMWNlNWQ1MDFkMWE5NGFmZGFiYmQ0ZTAyNGNjMmE3
ODhlZjUwHhcNMjMwMTAxMDIzNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDBlYjY1NWJmNDczNzExNjU3M2QwNWE2ZjVkZDgyNGJiYzkxYjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiPJ4EAdCsSF7n43lf/QUK6jOtuEe
Zz1vDinMHSyedixHLl1ehfJ9gM5a6Acr9LczSxXaFdNy7AkSCt+OBfcJ/NEKJlKk
HcAcqYus6/b8JzrciGd5/YeKAS+KzFYnJqMsp5yCZ88ASEtlxeyEdwSqpLmFI3Zh
d8udorwwZJKCTeZJWCAMTEorS8q4H2sRXxlCCJEcCQ37kr3Y4OpRHto1Iu7kfs1O
pf1MqrO/7tvluA8M6opwDqTfbPHJKF6XojwOQSl7g7PRKg8HGqh0+aQb00SFnF31
GF+J2fkLTEET8Ug0fAXMAfaforB8dGVU5ph4lX8m0zwOPUsvRvb4MV6eVwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFAAOtlW/RzcRZXPQWm9d2CS7yRstMB8GA1UdIwQY
MBaAFHh+Mc5dUB0alK/au9TgJMwqeI71MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUg0eHpsMVFIUnFVcjlxNzFPQWt6Q3A0anZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi83YzU1ZDItMzgxYy00ZTg3LThjYTUt
MjMwN2JiNTkyMjVmLzEvQUE2MlZiOUhOeEZsYzlCYWIxM1lKTHZKR3kwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi83YzU1ZDItMzgxYy00ZTg3LThjYTUtMjMwN2JiNTkyMjVm
LzEvZUg0eHpsMVFIUnFVcjlxNzFPQWt6Q3A0anZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAATAHAwUAwb1l/jAN
BgkqhkiG9w0BAQsFAAOCAQEAt/8bynYAV7kBUnFGDG6Y82bh6+JLctfRpmilDrtu
ejdp2mDDNfGO2paSVrT/CgeiKboTlBnXnoJsBmYKQ7LbubWlpmUsbl2OffPfTKOd
TkcqvXh+JLFUyPlpkE2maFVrLi7BZaQ671mATbnqJP6RiZ2DEezl82RQg+xXmdjx
cHxeFo06wjd1a4u5ImLPo1BIEse6KQXidfiSxIIFRvVpfp+HbBixlVE1LLsXKIyq
2gXBrp4lDneck0AsybuWgwOgHe0+Jyqf0vgXlamjHTAy4FWQICEBkMRGCxsU3ogt
tPzRc1994mkVS/mwxn5kAEcIUNyfJaWardw6C84pBz4JLg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:48 2024 by rpki-client on console-ams.rpki-client.org