Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/0KSwLYPtsECB8DKe6Slw1NW91mE.roa
File:                     0KSwLYPtsECB8DKe6Slw1NW91mE.roa (raw, json)
Hash identifier:          446xPb+4+Z9rJt+ohQpCwJt2L+j/PzZYCAqlnisZw5o=
Subject key identifier:   D0:A4:B0:2D:83:ED:B0:40:81:F0:32:9E:E9:29:70:D4:D5:BD:D6:61
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       0189E32B616D44D30491F952EE30D558B7BF
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/0KSwLYPtsECB8DKe6Slw1NW91mE.roa
Signing time:             Fri 11 Aug 2023 05:56:58 +0000
ROA not before:           Fri 11 Aug 2023 05:56:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43260
IP address blocks:        37.221.120.0/22 maxlen: 24
                          82.115.209.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 14 Aug 2023 05:02:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:e3:2b:61:6d:44:d3:04:91:f9:52:ee:30:d5:58:b7:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Aug 11 05:56:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d0a4b02d83edb04081f0329ee92970d4d5bdd661
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:3a:b9:82:5e:18:8d:79:e5:ea:82:f9:e9:4a:
                    47:aa:e2:52:78:51:ad:fe:ed:47:55:2e:e5:cb:40:
                    d4:d0:0a:7b:3d:df:ac:12:27:be:6b:97:e6:c1:e2:
                    5e:e7:b0:c0:3e:62:bc:94:3c:5c:5c:a8:f9:e3:1c:
                    f9:99:63:6c:89:db:90:60:d4:40:d2:12:32:ff:48:
                    84:2f:ae:db:de:6e:fc:c6:68:80:f8:f3:cc:2f:7b:
                    c3:e1:34:83:f5:f4:65:55:49:fd:a6:15:b0:33:90:
                    ab:eb:3c:1b:ce:fe:b3:7f:35:60:b9:97:32:49:fb:
                    87:66:e7:50:e2:ff:42:4a:5b:d0:0a:f1:a7:6c:ad:
                    dc:1e:6e:53:cb:18:eb:61:a8:ee:90:65:4d:66:b1:
                    21:a5:23:99:f3:2b:ac:b1:a1:e0:b4:a8:2c:15:37:
                    fe:3b:fc:ed:62:d7:c2:6c:8e:66:5f:be:87:46:09:
                    ed:0d:09:17:41:ed:de:ed:12:87:7d:80:62:66:45:
                    7c:5d:77:20:6a:5a:f6:1b:e5:42:4d:c4:70:61:a1:
                    3e:21:c6:b3:e1:e8:3c:d4:89:2d:c9:02:f6:67:ec:
                    b9:93:5a:ff:72:58:e2:f5:ed:31:2b:ec:3a:c7:fe:
                    54:f0:40:6f:ca:2a:61:3a:a2:3d:ac:f8:b2:56:a5:
                    4d:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:A4:B0:2D:83:ED:B0:40:81:F0:32:9E:E9:29:70:D4:D5:BD:D6:61
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/0KSwLYPtsECB8DKe6Slw1NW91mE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.221.120.0/22
                  82.115.209.0/24

    Signature Algorithm: sha256WithRSAEncryption
         41:de:28:db:e1:1b:15:be:f9:1f:6b:d4:83:63:91:b5:dd:82:
         1a:e8:31:a7:2f:6c:96:72:98:0d:10:91:82:f7:c8:9d:9c:42:
         9e:ac:40:5b:fd:05:bf:d1:3a:bf:5b:cb:69:0f:f3:b4:47:7c:
         e0:d4:5d:c6:25:6a:2e:9d:67:6e:80:cf:90:7d:8a:f0:88:a0:
         d6:85:21:48:08:2c:e1:ae:2b:73:96:c0:a9:16:3a:ac:a5:d1:
         a9:b8:57:44:8e:5c:41:6b:02:57:d4:c2:b7:3b:1f:52:d0:ea:
         fd:c1:28:e0:ec:5c:e2:64:c6:1f:ad:4b:ae:83:cb:db:78:fb:
         8d:83:99:c2:e7:1f:c4:c7:9b:1c:75:bd:70:12:01:fa:48:b7:
         e5:0a:8e:90:70:a4:28:10:23:cb:22:fc:d0:f2:f4:dd:33:80:
         2e:14:69:69:a5:de:de:9b:0a:22:c0:23:63:9e:86:ce:0e:27:
         f0:93:99:32:0e:c0:8e:87:9e:34:96:a3:b6:08:f2:59:df:a8:
         b7:8b:56:50:04:a7:fc:7f:93:06:02:17:e7:e0:e5:62:07:7b:
         2b:16:2b:18:9b:a4:44:25:00:f8:3d:bd:92:c8:99:e7:63:0b:
         37:1c:f4:d2:78:19:1d:f3:e8:fc:83:10:c1:00:94:3a:3a:97:
         67:0e:e9:dc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYnjK2FtRNMEkflS7jDVWLe/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwODExMDU1NjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGE0YjAyZDgzZWRiMDQwODFmMDMyOWVlOTI5NzBkNGQ1YmRkNjYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwzq5gl4YjXnl6oL56UpHquJSeFGt
/u1HVS7ly0DU0Ap7Pd+sEie+a5fmweJe57DAPmK8lDxcXKj54xz5mWNsiduQYNRA
0hIy/0iEL67b3m78xmiA+PPML3vD4TSD9fRlVUn9phWwM5Cr6zwbzv6zfzVguZcy
SfuHZudQ4v9CSlvQCvGnbK3cHm5TyxjrYajukGVNZrEhpSOZ8yussaHgtKgsFTf+
O/ztYtfCbI5mX76HRgntDQkXQe3e7RKHfYBiZkV8XXcgalr2G+VCTcRwYaE+Icaz
4eg81IktyQL2Z+y5k1r/clji9e0xK+w6x/5U8EBvyiphOqI9rPiyVqVNsQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNCksC2D7bBAgfAynukpcNTVvdZhMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMEtTd0xZUHRzRUNCOERLZTZTbHcxTlc5MW1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCJd14AwQA
UnPRMA0GCSqGSIb3DQEBCwUAA4IBAQBB3ijb4RsVvvkfa9SDY5G13YIa6DGnL2yW
cpgNEJGC98idnEKerEBb/QW/0Tq/W8tpD/O0R3zg1F3GJWounWdugM+QfYrwiKDW
hSFICCzhritzlsCpFjqspdGpuFdEjlxBawJX1MK3Ox9S0Or9wSjg7FziZMYfrUuu
g8vbePuNg5nC5x/Ex5scdb1wEgH6SLflCo6QcKQoECPLIvzQ8vTdM4AuFGlppd7e
mwoiwCNjnobODifwk5kyDsCOh540lqO2CPJZ36i3i1ZQBKf8f5MGAhfn4OViB3sr
FisYm6REJQD4Pb2SyJnnYws3HPTSeBkd8+j8gxDBAJQ6OpdnDunc
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:21 2024 by rpki-client on console-ams.rpki-client.org