Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/0G3AEsWNtjoq4moiZI01Xj0ulDs.roa
File:                     0G3AEsWNtjoq4moiZI01Xj0ulDs.roa (raw, json)
Hash identifier:          w/NiRgmvq85gHyGEn5gthoFmBrqu6WkUNmzGOzpP3kM=
Subject key identifier:   D0:6D:C0:12:C5:8D:B6:3A:2A:E2:6A:22:64:8D:35:5E:3D:2E:94:3B
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       01857C4747C150DF8B488D181635EF2A3CCC
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/0G3AEsWNtjoq4moiZI01Xj0ulDs.roa
Signing time:             Wed 04 Jan 2023 10:15:24 +0000
ROA not before:           Wed 04 Jan 2023 10:15:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     1239
IP address blocks:        193.168.196.0/22 maxlen: 24
                          88.218.76.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Wed 12 Apr 2023 13:55:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:7c:47:47:c1:50:df:8b:48:8d:18:16:35:ef:2a:3c:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Jan  4 10:15:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d06dc012c58db63a2ae26a22648d355e3d2e943b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:44:8b:50:0c:63:9c:39:cb:86:5e:a8:58:19:
                    91:f3:ca:e1:6b:84:2d:47:1f:7a:01:b2:b6:a1:ca:
                    7c:ee:63:1a:96:3c:c7:26:55:e0:83:b7:b1:e6:9b:
                    ca:23:f5:c8:63:c2:ca:97:10:46:5b:fc:ba:86:e5:
                    78:91:2f:64:c0:1f:81:45:57:5f:ed:95:61:8d:ba:
                    64:c2:21:c4:9d:fe:78:9a:5d:8f:98:90:17:a0:c6:
                    6f:01:d3:1f:c8:28:9a:97:bc:46:de:f9:1f:7f:d4:
                    a5:ff:9f:69:d0:da:40:c8:7b:8c:0d:38:04:11:07:
                    36:08:4f:e9:f3:2c:b0:f3:b9:62:0c:48:f8:8c:d3:
                    2b:ea:8d:97:d4:76:17:c7:1c:7d:92:e3:c3:a6:3f:
                    ff:61:39:50:27:d4:33:91:3e:7f:e4:1c:87:de:2b:
                    aa:7f:88:54:18:56:21:e6:9e:5b:c6:9a:ee:d6:a7:
                    b8:1f:7a:36:3e:4b:94:34:b1:6c:06:01:d5:cf:24:
                    fc:42:d8:d3:38:51:ec:9e:01:44:17:90:0c:11:71:
                    ef:d6:75:91:02:c4:72:55:46:0b:d5:88:2b:ea:31:
                    bc:7c:2b:b5:b4:1a:42:5a:ed:77:64:42:5c:e6:46:
                    ef:4e:9e:3f:0d:d0:87:d8:ed:0d:e0:dc:f9:b9:3f:
                    b1:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:6D:C0:12:C5:8D:B6:3A:2A:E2:6A:22:64:8D:35:5E:3D:2E:94:3B
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/0G3AEsWNtjoq4moiZI01Xj0ulDs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  88.218.76.0/22
                  193.168.196.0/22

    Signature Algorithm: sha256WithRSAEncryption
         7f:5c:b2:a6:d4:97:fd:b7:56:75:c7:26:cc:ad:f2:d2:ef:03:
         18:bb:10:2a:ac:8b:9d:69:9d:0d:46:fe:dc:b0:9f:7d:b3:e1:
         86:d5:d8:10:c8:3c:e3:3a:82:59:ec:6b:db:8b:90:a5:e1:d2:
         f9:83:43:53:76:92:90:f2:dc:7b:7f:df:75:e3:ec:30:5e:72:
         03:df:93:f1:6a:1d:79:64:92:99:8f:68:5a:b0:d5:9e:85:28:
         38:3e:27:08:5f:21:41:b4:4d:8b:db:82:2d:3c:63:63:60:fd:
         2a:f4:0d:5d:9d:fd:28:97:42:d9:67:b1:7a:1b:f9:f3:19:3a:
         05:83:8f:d3:d9:52:f2:40:52:0c:98:7e:53:00:3f:6b:d6:ab:
         d0:7c:39:e1:47:c6:35:0f:c4:44:31:ca:db:55:8d:8e:62:7a:
         54:78:08:94:d3:5d:b9:1a:5b:40:d6:6a:44:17:0a:7f:fa:a5:
         07:6b:e2:60:a2:8e:f1:be:9a:ae:21:1b:7f:f6:ed:6a:65:99:
         5c:ca:4d:2a:e0:f0:6e:9c:fe:ca:e5:4f:f8:ef:03:40:81:61:
         11:b0:31:a1:21:94:2f:47:78:9f:89:81:8d:45:5d:3a:f4:6f:
         ce:6d:1d:06:4e:af:b5:e3:3b:d0:fc:6a:ae:60:64:70:0c:41:
         a0:3f:dc:b4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYV8R0fBUN+LSI0YFjXvKjzMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMTA0MTAxNTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDZkYzAxMmM1OGRiNjNhMmFlMjZhMjI2NDhkMzU1ZTNkMmU5NDNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo0SLUAxjnDnLhl6oWBmR88rha4Qt
Rx96AbK2ocp87mMaljzHJlXgg7ex5pvKI/XIY8LKlxBGW/y6huV4kS9kwB+BRVdf
7ZVhjbpkwiHEnf54ml2PmJAXoMZvAdMfyCial7xG3vkff9Sl/59p0NpAyHuMDTgE
EQc2CE/p8yyw87liDEj4jNMr6o2X1HYXxxx9kuPDpj//YTlQJ9QzkT5/5ByH3iuq
f4hUGFYh5p5bxpru1qe4H3o2PkuUNLFsBgHVzyT8QtjTOFHsngFEF5AMEXHv1nWR
AsRyVUYL1Ygr6jG8fCu1tBpCWu13ZEJc5kbvTp4/DdCH2O0N4Nz5uT+xzQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNBtwBLFjbY6KuJqImSNNV49LpQ7MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMEczQUVzV050am9xNG1vaVpJMDFYajB1bERzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCWNpMAwQC
wajEMA0GCSqGSIb3DQEBCwUAA4IBAQB/XLKm1Jf9t1Z1xybMrfLS7wMYuxAqrIud
aZ0NRv7csJ99s+GG1dgQyDzjOoJZ7Gvbi5Cl4dL5g0NTdpKQ8tx7f9914+wwXnID
35Pxah15ZJKZj2hasNWehSg4PicIXyFBtE2L24ItPGNjYP0q9A1dnf0ol0LZZ7F6
G/nzGToFg4/T2VLyQFIMmH5TAD9r1qvQfDnhR8Y1D8REMcrbVY2OYnpUeAiU0125
GltA1mpEFwp/+qUHa+Jgoo7xvpquIRt/9u1qZZlcyk0q4PBunP7K5U/47wNAgWER
sDGhIZQvR3ifiYGNRV069G/ObR0GTq+14zvQ/GquYGRwDEGgP9y0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:55 2024 by rpki-client on console-fra.rpki-client.org