Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/tmGDoDutVaT8V70Aq3CQCaGBMUU.roa
File:                     tmGDoDutVaT8V70Aq3CQCaGBMUU.roa (raw, json)
Hash identifier:          2MCn7DPIDzAdxQhUOExRJgDqkX65s1BYmrtRK1UrTyM=
Subject key identifier:   B6:61:83:A0:3B:AD:55:A4:FC:57:BD:00:AB:70:90:09:A1:81:31:45
Certificate issuer:       /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial:       018972961D637B0A5C9A9BAA913DB9045C64
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/tmGDoDutVaT8V70Aq3CQCaGBMUU.roa
Signing time:             Thu 20 Jul 2023 09:16:27 +0000
ROA not before:           Thu 20 Jul 2023 09:16:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     31732
IP address blocks:        188.209.155.0/24 maxlen: 24
                          188.253.8.0/21 maxlen: 24
                          82.115.8.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Sat 22 Jul 2023 21:10:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:72:96:1d:63:7b:0a:5c:9a:9b:aa:91:3d:b9:04:5c:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
        Validity
            Not Before: Jul 20 09:16:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b66183a03bad55a4fc57bd00ab709009a1813145
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:72:b3:2c:49:44:ec:d8:81:38:bf:eb:ee:00:
                    ad:90:60:18:99:b0:9f:ea:93:3e:28:29:d8:2b:66:
                    0d:a8:93:cd:ff:7d:fc:8f:1a:71:42:2e:08:00:77:
                    55:ac:ba:fb:4b:7f:7d:79:f1:ca:0e:f9:a5:f2:51:
                    80:f8:c3:9a:1c:40:32:a9:df:d5:a3:60:d0:7b:7a:
                    01:0a:e6:66:bf:5b:e5:65:1f:e0:26:b3:57:2e:fb:
                    32:f4:e2:75:85:1e:fb:79:80:33:4f:4f:d4:47:38:
                    2c:6e:81:17:f3:dc:9f:19:ff:93:0a:eb:96:64:19:
                    91:59:02:e8:00:4a:7f:bd:a5:44:a6:b7:11:ac:e0:
                    a6:4b:38:92:9a:d3:87:c3:ec:23:22:62:97:18:d9:
                    77:e7:90:00:31:c0:d2:de:a5:84:5f:c5:6b:a5:9b:
                    12:d2:4a:75:96:73:e1:94:93:18:fb:85:33:eb:60:
                    8c:ad:aa:d6:59:fd:41:d8:73:24:98:49:59:d8:dd:
                    64:c0:4d:38:4b:2b:18:b6:9a:14:2b:51:44:91:2a:
                    92:73:c8:90:d6:24:3e:1e:2e:08:04:2a:fb:24:a4:
                    21:3e:f0:76:96:b5:88:a9:8f:42:ef:c7:c6:43:cc:
                    88:6d:86:0d:9d:c4:cf:40:6a:ec:1e:20:aa:a6:2b:
                    b8:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:61:83:A0:3B:AD:55:A4:FC:57:BD:00:AB:70:90:09:A1:81:31:45
            X509v3 Authority Key Identifier:
                keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/tmGDoDutVaT8V70Aq3CQCaGBMUU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.115.8.0/22
                  188.209.155.0/24
                  188.253.8.0/21

    Signature Algorithm: sha256WithRSAEncryption
         bb:17:07:96:4f:79:34:73:75:2c:8c:03:8b:3f:97:0d:57:ad:
         04:0e:df:69:9c:ec:a0:01:59:73:c3:29:d2:41:9d:90:0b:7c:
         03:cc:70:de:b0:a5:cb:99:b6:8a:a0:46:41:92:e8:64:88:73:
         26:19:94:78:23:e6:a0:b0:f1:c1:72:8b:1c:28:0c:6b:f5:fe:
         f2:5a:86:1b:94:af:d3:88:64:0e:76:17:1a:72:7c:64:2a:65:
         bf:b3:41:57:11:1c:e6:f2:c4:fa:c2:dd:b5:0b:dc:7a:c8:a2:
         f5:fd:7e:5d:5a:77:d7:3f:95:09:17:db:93:47:bd:58:92:6c:
         15:8c:62:c3:fa:b3:38:35:83:95:66:e1:3a:01:2b:97:c9:8a:
         76:61:0e:6e:a1:d6:94:fd:d1:0f:da:a1:c5:cd:b2:4e:5a:12:
         6a:1e:35:59:21:d8:53:84:19:98:cb:e4:6d:dc:e7:ba:12:f8:
         bd:42:70:f0:c8:8f:29:d9:93:9c:e7:d5:98:18:34:16:36:01:
         78:32:93:e6:09:81:2a:eb:5e:77:41:10:04:27:f2:75:81:0d:
         e1:89:c7:ec:b0:8c:5d:65:f3:d6:50:82:41:65:aa:b3:a9:95:
         73:29:06:3f:80:a8:02:ba:17:67:8a:7d:8f:bb:08:8b:d2:9a:
         2e:1c:81:c9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYlylh1jewpcmpuqkT25BFxkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjMwNzIwMDkxNjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjYxODNhMDNiYWQ1NWE0ZmM1N2JkMDBhYjcwOTAwOWExODEzMTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmXKzLElE7NiBOL/r7gCtkGAYmbCf
6pM+KCnYK2YNqJPN/338jxpxQi4IAHdVrLr7S399efHKDvml8lGA+MOaHEAyqd/V
o2DQe3oBCuZmv1vlZR/gJrNXLvsy9OJ1hR77eYAzT0/URzgsboEX89yfGf+TCuuW
ZBmRWQLoAEp/vaVEprcRrOCmSziSmtOHw+wjImKXGNl355AAMcDS3qWEX8VrpZsS
0kp1lnPhlJMY+4Uz62CMrarWWf1B2HMkmElZ2N1kwE04SysYtpoUK1FEkSqSc8iQ
1iQ+Hi4IBCr7JKQhPvB2lrWIqY9C78fGQ8yIbYYNncTPQGrsHiCqpiu4UwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLZhg6A7rVWk/Fe9AKtwkAmhgTFFMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvdG1HRG9EdXRWYVQ4VjcwQXEzQ1FDYUdCTVVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCUnMIAwQA
vNGbAwQDvP0IMA0GCSqGSIb3DQEBCwUAA4IBAQC7FweWT3k0c3UsjAOLP5cNV60E
Dt9pnOygAVlzwynSQZ2QC3wDzHDesKXLmbaKoEZBkuhkiHMmGZR4I+agsPHBcosc
KAxr9f7yWoYblK/TiGQOdhcacnxkKmW/s0FXERzm8sT6wt21C9x6yKL1/X5dWnfX
P5UJF9uTR71YkmwVjGLD+rM4NYOVZuE6ASuXyYp2YQ5uodaU/dEP2qHFzbJOWhJq
HjVZIdhThBmYy+Rt3Oe6Evi9QnDwyI8p2ZOc59WYGDQWNgF4MpPmCYEq6153QRAE
J/J1gQ3hicfssIxdZfPWUIJBZaqzqZVzKQY/gKgCuhdnin2PuwiL0pouHIHJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:16 2024 by rpki-client on console-ams.rpki-client.org