Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/wq96C3lJSjKy4utj5OsBqO2yjLc.roa
File:                     wq96C3lJSjKy4utj5OsBqO2yjLc.roa (raw, json)
Hash identifier:          CalxnY2ckBunbCi/3LBbcXVRQf4k74xsObl1n1TDnkA=
Subject key identifier:   C2:AF:7A:0B:79:49:4A:32:B2:E2:EB:63:E4:EB:01:A8:ED:B2:8C:B7
Certificate issuer:       /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial:       018A3119F6283645B2FAC4B51A0534E2C2BF
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/wq96C3lJSjKy4utj5OsBqO2yjLc.roa
Signing time:             Sat 26 Aug 2023 09:08:19 +0000
ROA not before:           Sat 26 Aug 2023 09:08:19 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     22773
IP address blocks:        159.255.32.0/21 maxlen: 24
                          188.253.8.0/22 maxlen: 24
                          188.253.12.0/22 maxlen: 22
                          103.25.84.0/22 maxlen: 24
                          82.115.8.0/22 maxlen: 24
                          188.214.236.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Fri 15 Sep 2023 15:49:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:31:19:f6:28:36:45:b2:fa:c4:b5:1a:05:34:e2:c2:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
        Validity
            Not Before: Aug 26 09:08:19 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c2af7a0b79494a32b2e2eb63e4eb01a8edb28cb7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:00:55:4c:4d:9b:f6:eb:3f:a5:15:76:92:13:
                    b3:6d:73:30:5a:78:bd:24:ec:90:fb:89:aa:17:30:
                    07:89:81:32:fd:6d:ee:25:93:cd:a2:59:4c:8a:37:
                    f2:23:29:36:b3:03:21:ef:47:39:f3:39:62:e5:4f:
                    72:7f:f5:1e:b1:cb:c0:58:99:98:0a:6d:d6:6a:4f:
                    35:c9:db:2b:60:6d:21:4b:b1:25:22:90:d9:de:00:
                    64:08:f1:db:11:4a:b8:89:71:48:e4:b9:a1:ba:f7:
                    ad:99:d4:c5:1e:8d:01:50:56:81:69:64:03:5c:24:
                    e7:5e:d6:79:3f:a4:90:ec:d0:2c:1c:4e:6e:92:c5:
                    b9:08:3a:7e:2c:5a:5e:ee:90:ad:ce:1c:74:2d:e3:
                    36:75:ba:26:79:25:24:6f:bb:69:2c:d3:6f:39:dd:
                    a2:63:0e:96:a7:1d:84:c3:e1:c7:91:f5:a1:eb:32:
                    82:28:52:4c:83:d0:eb:46:c8:aa:af:55:e9:5e:b2:
                    c7:b9:1e:6f:eb:ca:34:7a:f2:5a:39:e3:3b:4a:31:
                    ad:d5:58:d2:5d:87:66:c4:17:db:72:2a:11:ac:dc:
                    00:0b:02:25:98:c3:b9:3e:ad:4f:9b:67:fa:f9:2e:
                    00:d1:7a:81:47:4f:ab:a6:0d:35:c9:a4:28:6f:88:
                    50:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:AF:7A:0B:79:49:4A:32:B2:E2:EB:63:E4:EB:01:A8:ED:B2:8C:B7
            X509v3 Authority Key Identifier:
                keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/wq96C3lJSjKy4utj5OsBqO2yjLc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.115.8.0/22
                  103.25.84.0/22
                  159.255.32.0/21
                  188.214.236.0/22
                  188.253.8.0/21

    Signature Algorithm: sha256WithRSAEncryption
         37:aa:f8:7e:a8:3b:f6:9f:89:ff:db:b7:3b:18:3b:65:c9:3b:
         21:4d:bb:eb:10:d6:f8:25:7b:8c:9a:63:62:3a:7e:41:5e:11:
         e2:28:44:2e:aa:7d:0d:7d:eb:40:21:e2:b5:ed:13:67:29:9d:
         29:d8:90:b8:f8:a1:83:90:7f:2c:66:1a:75:f0:8c:b2:01:8b:
         25:6f:f1:26:b2:11:f6:3d:93:33:d1:5f:ba:ac:f5:df:cf:7b:
         b1:3c:a0:38:2f:47:fe:ba:50:c6:9a:6e:4f:a4:ce:44:a4:da:
         93:07:0e:a4:54:54:b5:53:eb:9a:7a:97:05:eb:34:4d:90:c3:
         b7:85:c0:89:bc:1c:94:77:a6:ad:d7:8e:53:84:f0:d9:09:15:
         c3:8e:e4:5b:fc:7b:68:e4:d0:dc:64:0c:85:3b:e2:a9:d2:2b:
         ea:41:2f:b8:c1:7a:74:9f:c1:54:36:98:9c:7a:d2:71:68:8a:
         75:86:e4:12:91:8b:cc:ee:b8:ab:0b:5a:9a:87:7c:62:7d:06:
         ea:23:77:7a:1d:29:af:ce:59:7f:ed:da:80:8d:2b:2c:90:4c:
         2d:f6:1c:8a:6d:dc:12:df:bd:9a:fc:ca:58:35:d2:8d:db:c6:
         13:ba:ad:1f:87:fc:d2:e3:eb:83:ad:1e:ff:76:9c:57:c0:f1:
         c0:b9:9b:02
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYoxGfYoNkWy+sS1GgU04sK/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjMwODI2MDkwODE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmFmN2EwYjc5NDk0YTMyYjJlMmViNjNlNGViMDFhOGVkYjI4Y2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgwBVTE2b9us/pRV2khOzbXMwWni9
JOyQ+4mqFzAHiYEy/W3uJZPNollMijfyIyk2swMh70c58zli5U9yf/UescvAWJmY
Cm3Wak81ydsrYG0hS7ElIpDZ3gBkCPHbEUq4iXFI5LmhuvetmdTFHo0BUFaBaWQD
XCTnXtZ5P6SQ7NAsHE5uksW5CDp+LFpe7pCtzhx0LeM2dbomeSUkb7tpLNNvOd2i
Yw6Wpx2Ew+HHkfWh6zKCKFJMg9DrRsiqr1XpXrLHuR5v68o0evJaOeM7SjGt1VjS
XYdmxBfbcioRrNwACwIlmMO5Pq1Pm2f6+S4A0XqBR0+rpg01yaQob4hQ1wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMKvegt5SUoysuLrY+TrAajtsoy3MB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvd3E5NkMzbEpTakt5NHV0ajVPc0JxTzJ5akxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCUnMIAwQC
ZxlUAwQDn/8gAwQCvNbsAwQDvP0IMA0GCSqGSIb3DQEBCwUAA4IBAQA3qvh+qDv2
n4n/27c7GDtlyTshTbvrENb4JXuMmmNiOn5BXhHiKEQuqn0NfetAIeK17RNnKZ0p
2JC4+KGDkH8sZhp18IyyAYslb/EmshH2PZMz0V+6rPXfz3uxPKA4L0f+ulDGmm5P
pM5EpNqTBw6kVFS1U+uaepcF6zRNkMO3hcCJvByUd6at145ThPDZCRXDjuRb/Hto
5NDcZAyFO+Kp0ivqQS+4wXp0n8FUNpicetJxaIp1huQSkYvM7rirC1qah3xifQbq
I3d6HSmvzll/7dqAjSsskEwt9hyKbdwS372a/MpYNdKN28YTuq0fh/zS4+uDrR7/
dpxXwPHAuZsC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:35 2024 by rpki-client on console-fra.rpki-client.org