Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/iWRTClqpuT-bf_M6hESaWYPtoZQ.roa
File:                     iWRTClqpuT-bf_M6hESaWYPtoZQ.roa (raw, json)
Hash identifier:          WWCKlcsnlIW7zccd1ljxxSpo//tksVYLkCGXuhVHvgs=
Subject key identifier:   89:64:53:0A:5A:A9:B9:3F:9B:7F:F3:3A:84:44:9A:59:83:ED:A1:94
Certificate issuer:       /CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Certificate serial:       018C0FCED18AC07F31CD94BE9F34B3D63E92
Authority key identifier: 52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/iWRTClqpuT-bf_M6hESaWYPtoZQ.roa
Signing time:             Mon 27 Nov 2023 08:04:21 +0000
ROA not before:           Mon 27 Nov 2023 08:04:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     216180
IP address blocks:        192.250.233.0/24 maxlen: 24
                          192.250.232.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:33:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:0f:ce:d1:8a:c0:7f:31:cd:94:be:9f:34:b3:d6:3e:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
        Validity
            Not Before: Nov 27 08:04:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8964530a5aa9b93f9b7ff33a84449a5983eda194
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:ac:ac:af:3d:6f:80:13:d7:d6:61:22:94:67:
                    ef:d1:1f:32:19:6d:ba:13:fe:9b:fe:e9:2c:51:0f:
                    4a:5d:4d:66:87:dd:de:ee:a0:32:31:e8:41:38:74:
                    4b:8a:a4:a0:83:34:2f:36:61:81:50:3e:fe:75:39:
                    a8:d4:ee:99:12:7f:c1:23:16:ce:14:7f:4a:21:d2:
                    f3:bb:3a:c7:a3:06:66:fb:f2:e5:5f:ec:46:2b:6d:
                    1f:d7:83:ce:af:f3:68:3b:69:bc:3c:e9:8f:69:1e:
                    78:49:bf:d0:95:ae:c3:4f:c4:32:ef:fa:ab:d9:e8:
                    1a:d6:f4:0e:a5:1e:8e:9b:b0:a7:73:e6:f3:5c:8f:
                    11:aa:2a:da:8f:bc:b2:ba:53:b5:da:45:12:0a:31:
                    c3:59:e9:01:4b:c9:0d:06:0e:96:66:cc:b6:08:63:
                    26:f5:67:9c:08:0c:c4:d7:a7:e1:c7:32:22:e5:c9:
                    ff:b0:fc:9c:18:f5:64:ad:cd:a7:07:c9:bc:7c:99:
                    39:95:72:1e:82:47:af:22:62:a7:35:50:c3:b8:eb:
                    66:20:25:e8:93:d0:03:71:f9:d1:3f:7e:87:6b:d3:
                    4e:dd:c0:ba:96:5b:94:97:f5:e9:59:e9:07:db:61:
                    e4:86:fb:c8:6c:57:04:eb:e8:40:20:74:63:91:2c:
                    f5:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:64:53:0A:5A:A9:B9:3F:9B:7F:F3:3A:84:44:9A:59:83:ED:A1:94
            X509v3 Authority Key Identifier:
                keyid:52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/iWRTClqpuT-bf_M6hESaWYPtoZQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.250.232.0/23

    Signature Algorithm: sha256WithRSAEncryption
         8c:2c:da:77:8e:7d:f6:7c:64:08:9a:fc:73:75:58:84:11:0e:
         27:48:cd:2b:12:b7:9c:79:61:5b:d6:68:3e:14:84:37:27:cb:
         b2:97:57:bc:3d:92:c4:6f:52:a5:70:e9:be:68:77:72:c4:30:
         d5:46:f7:eb:26:63:d8:5b:d9:eb:8c:b0:03:60:39:1f:d7:d1:
         26:1b:d3:70:7a:a0:24:af:ca:73:61:8a:ee:64:1c:17:f5:bf:
         36:0f:06:19:7c:aa:bc:7a:a2:6d:3d:1e:e5:a1:b4:17:74:b6:
         bc:45:21:f6:83:1b:ff:57:1c:7a:e3:b1:d2:a8:64:4e:8c:c8:
         23:1d:ae:c3:d9:5e:07:5e:eb:0c:8e:1d:4d:17:2a:2c:fb:04:
         8d:66:1f:68:1e:12:93:57:0b:3c:08:f7:94:07:f4:82:2c:6c:
         ce:87:ad:98:30:09:2b:f0:c3:d4:74:9f:fa:48:fe:6b:b2:57:
         ed:32:97:10:ec:fb:1c:78:3f:23:98:7f:ab:dd:b5:7d:2a:ae:
         58:73:c3:39:89:69:25:93:8c:67:e8:f5:42:ef:5d:e8:e9:76:
         74:83:82:2a:ab:f3:fa:15:39:b7:a8:cd:b5:ae:53:75:88:b0:
         05:7d:e1:a0:b4:6e:16:9f:27:29:ef:f6:eb:de:4c:24:9a:5a:
         61:c8:d1:85
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYwPztGKwH8xzZS+nzSz1j6SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyY2Q5YTY1MTJkYmYyNWE1ZjE5YjgyN2Q3YTJjN2UyMmEy
ZWU4ZGQwHhcNMjMxMTI3MDgwNDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTY0NTMwYTVhYTliOTNmOWI3ZmYzM2E4NDQ0OWE1OTgzZWRhMTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApKysrz1vgBPX1mEilGfv0R8yGW26
E/6b/uksUQ9KXU1mh93e7qAyMehBOHRLiqSggzQvNmGBUD7+dTmo1O6ZEn/BIxbO
FH9KIdLzuzrHowZm+/LlX+xGK20f14POr/NoO2m8POmPaR54Sb/Qla7DT8Qy7/qr
2ega1vQOpR6Om7Cnc+bzXI8Rqiraj7yyulO12kUSCjHDWekBS8kNBg6WZsy2CGMm
9WecCAzE16fhxzIi5cn/sPycGPVkrc2nB8m8fJk5lXIegkevImKnNVDDuOtmICXo
k9ADcfnRP36Ha9NO3cC6lluUl/XpWekH22HkhvvIbFcE6+hAIHRjkSz1YQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIlkUwpaqbk/m3/zOoREmlmD7aGUMB8GA1UdIwQY
MBaAFFLNmmUS2/JaXxm4J9eix+IqLujdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUt
Y2NhMzc2MDZiZjE4LzEvaVdSVENscXB1VC1iZl9NNmhFU2FXWVB0b1pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUtY2NhMzc2MDZiZjE4
LzEvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwProMA0G
CSqGSIb3DQEBCwUAA4IBAQCMLNp3jn32fGQImvxzdViEEQ4nSM0rEreceWFb1mg+
FIQ3J8uyl1e8PZLEb1KlcOm+aHdyxDDVRvfrJmPYW9nrjLADYDkf19EmG9NweqAk
r8pzYYruZBwX9b82DwYZfKq8eqJtPR7lobQXdLa8RSH2gxv/Vxx647HSqGROjMgj
Ha7D2V4HXusMjh1NFyos+wSNZh9oHhKTVws8CPeUB/SCLGzOh62YMAkr8MPUdJ/6
SP5rslftMpcQ7PsceD8jmH+r3bV9Kq5Yc8M5iWklk4xn6PVC713o6XZ0g4Iqq/P6
FTm3qM21rlN1iLAFfeGgtG4Wnycp7/br3kwkmlphyNGF
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:27 2024 by rpki-client on console-ams.rpki-client.org