Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/496773-5018-48dc-a240-f60d6f7182a1/1/INr99VpCibtgrZokQrqHqXxKnaA.roa
File:                     INr99VpCibtgrZokQrqHqXxKnaA.roa (raw, json)
Hash identifier:          Fby5+EeGcoX6Gem8hIrYjy2z1hELwls4tORsWDQKfXU=
Subject key identifier:   20:DA:FD:F5:5A:42:89:BB:60:AD:9A:24:42:BA:87:A9:7C:4A:9D:A0
Certificate issuer:       /CN=8821a39aed9da4ee3ab6639d244508fa1e8d20f6
Certificate serial:       0185A6C6CC3CF7AFE7D87AFEE39F75BF4418
Authority key identifier: 88:21:A3:9A:ED:9D:A4:EE:3A:B6:63:9D:24:45:08:FA:1E:8D:20:F6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iCGjmu2dpO46tmOdJEUI-h6NIPY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/04/496773-5018-48dc-a240-f60d6f7182a1/1/INr99VpCibtgrZokQrqHqXxKnaA.roa
Signing time:             Thu 12 Jan 2023 16:18:44 +0000
ROA not before:           Thu 12 Jan 2023 16:18:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     1239
IP address blocks:        193.39.188.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Fri 22 Dec 2023 10:06:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:a6:c6:cc:3c:f7:af:e7:d8:7a:fe:e3:9f:75:bf:44:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8821a39aed9da4ee3ab6639d244508fa1e8d20f6
        Validity
            Not Before: Jan 12 16:18:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=20dafdf55a4289bb60ad9a2442ba87a97c4a9da0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:11:6c:13:5d:68:0c:7b:50:ed:83:d0:8c:ac:
                    65:79:25:0b:8a:02:e4:9d:47:2b:0a:a3:c6:2c:97:
                    9d:99:51:a3:05:8e:80:1b:b3:1b:ee:91:6b:5f:f3:
                    5d:2a:ff:9d:ca:a7:5c:62:24:14:4f:9c:e1:13:cb:
                    a5:05:d4:20:b2:da:f3:46:c9:52:d0:5f:7f:79:1a:
                    0c:15:63:48:8b:89:02:36:d3:4d:43:b8:5e:a8:e9:
                    b0:79:5a:66:21:b2:3f:df:a0:0b:2f:fc:1c:08:80:
                    c4:8f:5d:b8:88:01:3d:31:25:0a:d0:4a:b4:80:81:
                    16:4f:f6:39:0f:dc:c7:f2:ff:a3:66:05:26:55:a3:
                    c9:1a:6d:67:d9:98:ae:d1:a9:09:7d:ba:de:5b:94:
                    7b:aa:ff:7c:fd:04:9c:79:7c:d8:28:3a:cb:20:83:
                    e8:d1:c2:07:66:57:73:69:b7:7e:ca:5d:cc:8a:61:
                    55:33:fd:f9:64:ad:a5:78:b9:f8:46:c8:4c:7c:f7:
                    1a:94:5a:09:3e:cc:7a:dd:ee:e6:65:86:6a:4b:a2:
                    91:84:d0:be:50:a3:62:07:31:0b:0f:f5:55:b9:68:
                    5b:1b:b7:45:29:81:b3:fe:60:d0:15:7b:a6:f3:1f:
                    7e:e9:3d:d9:41:fa:7a:fd:9d:ed:79:24:81:70:d3:
                    a5:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:DA:FD:F5:5A:42:89:BB:60:AD:9A:24:42:BA:87:A9:7C:4A:9D:A0
            X509v3 Authority Key Identifier:
                keyid:88:21:A3:9A:ED:9D:A4:EE:3A:B6:63:9D:24:45:08:FA:1E:8D:20:F6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iCGjmu2dpO46tmOdJEUI-h6NIPY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/496773-5018-48dc-a240-f60d6f7182a1/1/INr99VpCibtgrZokQrqHqXxKnaA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/04/496773-5018-48dc-a240-f60d6f7182a1/1/iCGjmu2dpO46tmOdJEUI-h6NIPY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.39.188.0/22

    Signature Algorithm: sha256WithRSAEncryption
         45:77:7f:83:80:3d:2c:51:1a:2a:36:59:aa:f0:52:2d:a5:c8:
         61:19:a5:e8:b0:f4:76:cc:3f:80:d0:a8:60:7f:0b:9a:7b:58:
         9f:ca:c3:ab:9a:84:b0:a7:e9:c2:d4:3b:22:70:45:c0:52:9c:
         e5:d4:f5:30:21:ac:72:a3:c9:c9:52:c7:fb:a3:26:b3:0b:24:
         64:9b:46:0e:56:30:47:58:85:7c:cd:c4:3f:73:24:63:d6:27:
         27:46:a6:c1:d8:69:2c:d5:c9:34:3e:0c:06:97:e9:62:4e:34:
         27:82:7b:02:e9:38:ff:3a:6a:1e:be:4a:f1:a5:10:47:df:09:
         c5:58:8a:c3:9a:21:84:61:a0:ee:d2:8c:f8:57:42:eb:00:17:
         83:76:34:01:90:77:9e:6e:ca:b0:df:0a:0b:0a:f8:27:77:4e:
         e5:dd:88:2a:01:b9:8e:b4:14:f8:3f:ff:0a:8c:b8:f7:1d:65:
         c9:e3:1b:20:b4:d3:dc:11:d2:17:38:4f:4d:5a:f7:bd:8c:0c:
         a5:89:08:26:71:f3:1b:37:71:dc:ff:28:03:cd:16:a4:b2:af:
         fa:26:5b:2b:e2:ca:97:41:aa:f0:5c:1f:39:33:6f:9b:ec:44:
         37:0a:af:59:cb:29:5b:5e:72:d6:9a:a3:51:e4:d5:83:88:c2:
         f0:80:4e:1a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYWmxsw896/n2Hr+4591v0QYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4MjFhMzlhZWQ5ZGE0ZWUzYWI2NjM5ZDI0NDUwOGZhMWU4
ZDIwZjYwHhcNMjMwMTEyMTYxODQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGRhZmRmNTVhNDI4OWJiNjBhZDlhMjQ0MmJhODdhOTdjNGE5ZGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgRFsE11oDHtQ7YPQjKxleSULigLk
nUcrCqPGLJedmVGjBY6AG7Mb7pFrX/NdKv+dyqdcYiQUT5zhE8ulBdQgstrzRslS
0F9/eRoMFWNIi4kCNtNNQ7heqOmweVpmIbI/36ALL/wcCIDEj124iAE9MSUK0Eq0
gIEWT/Y5D9zH8v+jZgUmVaPJGm1n2Ziu0akJfbreW5R7qv98/QSceXzYKDrLIIPo
0cIHZldzabd+yl3MimFVM/35ZK2leLn4RshMfPcalFoJPsx63e7mZYZqS6KRhNC+
UKNiBzELD/VVuWhbG7dFKYGz/mDQFXum8x9+6T3ZQfp6/Z3teSSBcNOlTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCDa/fVaQom7YK2aJEK6h6l8Sp2gMB8GA1UdIwQY
MBaAFIgho5rtnaTuOrZjnSRFCPoejSD2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUNHam11MmRwTzQ2dG1PZEpFVUktaDZOSVBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC80OTY3NzMtNTAxOC00OGRjLWEyNDAt
ZjYwZDZmNzE4MmExLzEvSU5yOTlWcENpYnRnclpva1FycUhxWHhLbmFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC80OTY3NzMtNTAxOC00OGRjLWEyNDAtZjYwZDZmNzE4MmEx
LzEvaUNHam11MmRwTzQ2dG1PZEpFVUktaDZOSVBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwSe8MA0G
CSqGSIb3DQEBCwUAA4IBAQBFd3+DgD0sURoqNlmq8FItpchhGaXosPR2zD+A0Khg
fwuae1ifysOrmoSwp+nC1DsicEXAUpzl1PUwIaxyo8nJUsf7oyazCyRkm0YOVjBH
WIV8zcQ/cyRj1icnRqbB2Gks1ck0PgwGl+liTjQngnsC6Tj/OmoevkrxpRBH3wnF
WIrDmiGEYaDu0oz4V0LrABeDdjQBkHeebsqw3woLCvgnd07l3YgqAbmOtBT4P/8K
jLj3HWXJ4xsgtNPcEdIXOE9NWve9jAyliQgmcfMbN3Hc/ygDzRaksq/6Jlsr4sqX
QarwXB85M2+b7EQ3Cq9ZyylbXnLWmqNR5NWDiMLwgE4a
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:28 2024 by rpki-client on console-fra.rpki-client.org