Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/1BkIn_gDS6lDx7bWJcxUW4CwAow.roa
File:                     1BkIn_gDS6lDx7bWJcxUW4CwAow.roa (raw, json)
Hash identifier:          gnD9WZBH3A/vuxWAC8dM+AmrWdw2Fj+TkkxkSb9f0oM=
Subject key identifier:   D4:19:08:9F:F8:03:4B:A9:43:C7:B6:D6:25:CC:54:5B:80:B0:02:8C
Certificate issuer:       /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial:       018683CD99CC9051B5924E0D7D8DB1D5107A
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/1BkIn_gDS6lDx7bWJcxUW4CwAow.roa
Signing time:             Fri 24 Feb 2023 14:22:14 +0000
ROA not before:           Fri 24 Feb 2023 14:22:14 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     0
IP address blocks:        212.87.192.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Wed 31 May 2023 12:23:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:83:cd:99:cc:90:51:b5:92:4e:0d:7d:8d:b1:d5:10:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
        Validity
            Not Before: Feb 24 14:22:14 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d419089ff8034ba943c7b6d625cc545b80b0028c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:32:86:e1:ba:c4:f5:a9:40:56:5f:df:4b:2c:
                    9d:67:aa:fa:88:18:88:29:55:0a:6c:e6:79:6e:29:
                    1a:1c:b5:f4:cc:ed:15:2d:04:a5:31:0f:5c:0f:c9:
                    8b:d7:26:a4:fa:26:05:cb:4f:3a:68:78:7c:40:6e:
                    f1:24:32:ac:3d:10:19:f2:32:cf:83:7d:8f:a3:30:
                    de:f2:e1:a0:49:cd:7c:2e:83:bf:f2:45:32:36:70:
                    c7:4c:47:58:b7:41:1d:3c:e6:f2:ec:a9:82:a8:e8:
                    28:ef:8e:52:ee:7c:c8:6e:b3:53:26:7e:4e:56:3b:
                    74:db:96:ce:0a:1f:c5:42:af:4a:75:64:ea:4e:05:
                    8e:8e:a2:46:af:51:9c:c9:bf:7a:65:99:66:c2:74:
                    a7:2d:46:45:bc:07:cf:7c:cc:c0:1a:81:7e:98:a0:
                    69:28:b5:9c:f3:e0:cc:32:63:8a:07:8f:20:9e:cb:
                    fa:e7:14:46:77:da:b1:0d:18:3f:24:0a:d0:6d:86:
                    da:4f:23:12:86:25:34:0d:37:99:c3:ce:50:9c:69:
                    8d:e1:32:b6:2a:e6:c3:7f:6e:e8:a2:a3:13:c0:da:
                    8a:e6:6c:8d:9f:8e:8f:7f:95:5e:da:7b:90:c8:3b:
                    72:e9:ab:be:f1:55:31:65:39:e2:3f:ff:a2:d7:3c:
                    28:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:19:08:9F:F8:03:4B:A9:43:C7:B6:D6:25:CC:54:5B:80:B0:02:8C
            X509v3 Authority Key Identifier:
                keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/1BkIn_gDS6lDx7bWJcxUW4CwAow.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.87.192.0/22

    Signature Algorithm: sha256WithRSAEncryption
         7d:97:7b:18:3c:25:58:e6:31:ac:76:5c:78:15:7d:39:58:fe:
         d4:74:21:69:91:02:18:55:54:af:2f:58:1d:85:64:7d:01:ef:
         83:b4:61:8f:c3:f7:8d:78:40:50:2d:13:7a:74:54:97:ca:a7:
         97:0d:f8:d5:e9:ae:a3:ed:d3:16:b4:11:ab:b7:ad:e5:90:15:
         17:62:64:c7:67:64:05:dc:77:7a:b5:39:de:ab:b4:bd:87:29:
         d6:1e:77:1b:20:93:a8:4a:75:4e:59:79:21:43:e6:1c:5a:cc:
         6a:f0:59:3b:a7:1e:39:01:8d:1c:07:9e:fc:83:57:93:58:ab:
         cf:01:20:6f:63:71:50:6e:fe:59:81:47:bb:ce:a5:d5:c4:39:
         c1:6d:db:28:1e:c9:79:80:a5:62:12:3d:d1:8c:5b:5a:c4:6d:
         8b:ba:7b:4f:63:d8:8c:30:07:cb:49:e3:01:a9:51:e1:93:10:
         36:f6:60:4e:1c:df:f9:37:f9:52:91:21:72:99:70:bd:7a:0a:
         f9:b3:df:82:ee:e7:ee:d4:4b:ad:63:e0:bd:91:37:ce:8f:b4:
         84:a9:a3:e0:49:c3:5f:26:2a:24:cc:1a:45:64:ec:fa:c5:21:
         8d:b0:bf:83:bf:63:81:4f:6f:39:20:89:6a:4d:06:3f:28:24:
         be:b9:49:15
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYaDzZnMkFG1kk4NfY2x1RB6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjMwMjI0MTQyMjE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDE5MDg5ZmY4MDM0YmE5NDNjN2I2ZDYyNWNjNTQ1YjgwYjAwMjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoTKG4brE9alAVl/fSyydZ6r6iBiI
KVUKbOZ5bikaHLX0zO0VLQSlMQ9cD8mL1yak+iYFy086aHh8QG7xJDKsPRAZ8jLP
g32PozDe8uGgSc18LoO/8kUyNnDHTEdYt0EdPOby7KmCqOgo745S7nzIbrNTJn5O
Vjt025bOCh/FQq9KdWTqTgWOjqJGr1Gcyb96ZZlmwnSnLUZFvAfPfMzAGoF+mKBp
KLWc8+DMMmOKB48gnsv65xRGd9qxDRg/JArQbYbaTyMShiU0DTeZw85QnGmN4TK2
KubDf27ooqMTwNqK5myNn46Pf5Ve2nuQyDty6au+8VUxZTniP/+i1zwotwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNQZCJ/4A0upQ8e21iXMVFuAsAKMMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvMUJrSW5fZ0RTNmxEeDdiV0pjeFVXNEN3QW93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC1FfAMA0G
CSqGSIb3DQEBCwUAA4IBAQB9l3sYPCVY5jGsdlx4FX05WP7UdCFpkQIYVVSvL1gd
hWR9Ae+DtGGPw/eNeEBQLRN6dFSXyqeXDfjV6a6j7dMWtBGrt63lkBUXYmTHZ2QF
3Hd6tTneq7S9hynWHncbIJOoSnVOWXkhQ+YcWsxq8Fk7px45AY0cB578g1eTWKvP
ASBvY3FQbv5ZgUe7zqXVxDnBbdsoHsl5gKViEj3RjFtaxG2LuntPY9iMMAfLSeMB
qVHhkxA29mBOHN/5N/lSkSFymXC9egr5s9+C7ufu1EutY+C9kTfOj7SEqaPgScNf
JiokzBpFZOz6xSGNsL+Dv2OBT285IIlqTQY/KCS+uUkV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:34 2024 by rpki-client on console-fra.rpki-client.org