Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/cZWB6uJF6g6zrci-S5OnlB4bsh8.roa
File:                     cZWB6uJF6g6zrci-S5OnlB4bsh8.roa (raw, json)
Hash identifier:          oU6jisqKUGzvMclt1xljJRmlihrBQYF5YAk4c7SIUg8=
Subject key identifier:   71:95:81:EA:E2:45:EA:0E:B3:AD:C8:BE:4B:93:A7:94:1E:1B:B2:1F
Certificate issuer:       /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial:       018C56D8ACA910759D6423F2DE17FDB62B7C
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/cZWB6uJF6g6zrci-S5OnlB4bsh8.roa
Signing time:             Mon 11 Dec 2023 03:08:09 +0000
ROA not before:           Mon 11 Dec 2023 03:08:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     19437
IP address blocks:        188.253.8.0/22 maxlen: 24
                          213.173.32.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:33:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:56:d8:ac:a9:10:75:9d:64:23:f2:de:17:fd:b6:2b:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
        Validity
            Not Before: Dec 11 03:08:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=719581eae245ea0eb3adc8be4b93a7941e1bb21f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:14:e8:0a:9d:c7:1e:29:ce:c0:99:99:f4:44:
                    07:e4:46:cb:4e:81:d9:4f:f4:f6:61:9a:7d:ff:06:
                    b3:8f:39:87:16:24:cb:18:c4:94:95:f0:31:02:11:
                    df:dd:0a:39:f0:b7:0e:0a:95:62:18:df:3f:c3:14:
                    29:aa:c7:76:a0:38:90:81:26:cc:3d:63:9e:e4:4e:
                    a3:93:db:6c:4e:d9:15:d7:70:47:e5:b1:7b:41:84:
                    d1:db:5b:c4:75:da:4b:09:bf:fb:be:0e:4e:3c:e0:
                    bf:f6:52:28:c0:bb:e4:45:79:e8:77:ae:04:a5:b4:
                    8c:0a:aa:ea:23:c3:d1:b8:83:10:bf:68:56:5a:63:
                    7b:83:e5:79:24:54:18:ee:36:0a:7a:d3:10:c3:cf:
                    b6:15:6d:56:e7:8e:90:82:d4:58:2f:ab:6e:38:2b:
                    9c:90:c7:0c:15:84:22:1f:f0:a4:3e:66:70:99:be:
                    be:62:d9:34:9f:91:b3:5d:6a:b6:97:44:08:de:88:
                    7e:1c:d8:68:9b:26:76:d2:18:b3:a5:93:8b:ed:92:
                    c1:da:4a:70:a1:68:65:be:13:d2:4d:93:4f:bb:64:
                    3e:f2:75:fd:7c:d6:32:ca:cc:3d:bf:d3:31:bc:fe:
                    75:02:f4:79:c0:10:57:7d:dd:49:3e:e0:8c:1e:8f:
                    51:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:95:81:EA:E2:45:EA:0E:B3:AD:C8:BE:4B:93:A7:94:1E:1B:B2:1F
            X509v3 Authority Key Identifier:
                keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/cZWB6uJF6g6zrci-S5OnlB4bsh8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.253.8.0/22
                  213.173.32.0/22

    Signature Algorithm: sha256WithRSAEncryption
         27:aa:91:69:d5:98:26:2b:8b:3a:9d:a1:f4:eb:11:db:42:5e:
         78:31:9d:dc:d8:5e:a7:85:76:22:51:6d:ff:65:57:b4:9c:87:
         9a:68:0b:52:32:3b:ab:62:1f:95:89:33:b0:66:64:89:95:c7:
         ee:36:3d:64:db:bc:c3:5a:b6:3f:63:5d:ec:08:c8:b2:a7:ca:
         a2:6d:00:df:3d:dd:d5:39:5e:41:93:ab:d4:31:a6:ba:9e:7b:
         aa:26:17:ba:4b:f9:f0:16:20:1d:48:47:cc:d6:e9:dd:3a:d8:
         74:8b:d8:75:f5:d4:12:69:ee:fa:f4:80:79:59:25:d8:88:08:
         ba:bb:a5:fb:fa:67:8a:c0:f0:d9:fa:be:78:be:7a:73:e2:22:
         17:5f:d0:af:48:3e:14:73:0d:77:90:a8:8b:c7:22:8b:83:21:
         bd:6a:e4:e2:b3:9d:40:e0:66:93:33:f4:b5:1c:fd:54:5c:55:
         b8:ed:32:4d:c5:1c:dd:1e:5f:e1:9d:d0:bd:d0:55:df:30:1b:
         41:7c:10:87:b3:18:99:27:02:0b:d1:10:46:71:f6:be:7a:d2:
         0e:27:4c:c7:d6:73:bf:6d:06:c4:e4:63:f1:87:02:46:f0:cf:
         30:ab:85:0a:ae:15:1e:d9:be:ab:2e:23:d6:81:78:8d:91:5e:
         7a:e4:ed:af
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYxW2KypEHWdZCPy3hf9tit8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjMxMjExMDMwODA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTk1ODFlYWUyNDVlYTBlYjNhZGM4YmU0YjkzYTc5NDFlMWJiMjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqxToCp3HHinOwJmZ9EQH5EbLToHZ
T/T2YZp9/wazjzmHFiTLGMSUlfAxAhHf3Qo58LcOCpViGN8/wxQpqsd2oDiQgSbM
PWOe5E6jk9tsTtkV13BH5bF7QYTR21vEddpLCb/7vg5OPOC/9lIowLvkRXnod64E
pbSMCqrqI8PRuIMQv2hWWmN7g+V5JFQY7jYKetMQw8+2FW1W546QgtRYL6tuOCuc
kMcMFYQiH/CkPmZwmb6+Ytk0n5GzXWq2l0QI3oh+HNhomyZ20hizpZOL7ZLB2kpw
oWhlvhPSTZNPu2Q+8nX9fNYyysw9v9MxvP51AvR5wBBXfd1JPuCMHo9RuwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHGVgeriReoOs63IvkuTp5QeG7IfMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvY1pXQjZ1SkY2ZzZ6cmNpLVM1T25sQjRic2g4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCvP0IAwQC
1a0gMA0GCSqGSIb3DQEBCwUAA4IBAQAnqpFp1ZgmK4s6naH06xHbQl54MZ3c2F6n
hXYiUW3/ZVe0nIeaaAtSMjurYh+ViTOwZmSJlcfuNj1k27zDWrY/Y13sCMiyp8qi
bQDfPd3VOV5Bk6vUMaa6nnuqJhe6S/nwFiAdSEfM1undOth0i9h19dQSae769IB5
WSXYiAi6u6X7+meKwPDZ+r54vnpz4iIXX9CvSD4Ucw13kKiLxyKLgyG9auTis51A
4GaTM/S1HP1UXFW47TJNxRzdHl/hndC90FXfMBtBfBCHsxiZJwIL0RBGcfa+etIO
J0zH1nO/bQbE5GPxhwJG8M8wq4UKrhUe2b6rLiPWgXiNkV565O2v
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:16 2024 by rpki-client on console-ams.rpki-client.org