Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/BKBfUIjevga5T17ygqyCWAJ7Ecc.roa
File:                     BKBfUIjevga5T17ygqyCWAJ7Ecc.roa (raw, json)
Hash identifier:          2peP9LrwrPDUUaaxk9TJmBIJtg+p2ur3z0VvqVIaetY=
Subject key identifier:   04:A0:5F:50:88:DE:BE:06:B9:4F:5E:F2:82:AC:82:58:02:7B:11:C7
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       01878022B5776ACA54AF995CD87059A82F11
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/BKBfUIjevga5T17ygqyCWAJ7Ecc.roa
Signing time:             Fri 14 Apr 2023 14:19:30 +0000
ROA not before:           Fri 14 Apr 2023 14:19:30 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     39521
IP address blocks:        194.31.223.0/24 maxlen: 24
                          164.40.189.0/24 maxlen: 24
                          164.40.190.0/24 maxlen: 24
                          164.40.191.0/24 maxlen: 24
                          164.40.188.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:80:22:b5:77:6a:ca:54:af:99:5c:d8:70:59:a8:2f:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: Apr 14 14:19:30 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=04a05f5088debe06b94f5ef282ac8258027b11c7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:5e:40:74:95:24:ae:4e:04:b5:dc:9b:25:11:
                    fa:f8:ce:ba:d6:7d:79:60:d7:73:96:1b:10:73:96:
                    91:30:de:eb:c0:e2:e3:55:65:e3:58:aa:62:3c:5c:
                    86:1b:dd:68:07:fb:29:27:e1:3d:4c:a5:a4:13:2a:
                    ec:c6:6f:fc:42:08:c3:ce:b7:64:f4:ba:e0:9b:3f:
                    c9:3c:56:97:18:21:bf:5f:a6:59:98:f7:f4:85:db:
                    e5:6a:21:20:9e:e3:d4:f4:03:fa:31:13:30:59:58:
                    c6:4c:3e:e6:b6:a2:e8:db:73:bc:c8:4b:ef:60:d6:
                    20:a1:06:a9:e8:cc:5a:94:dc:31:e8:fe:40:08:b4:
                    40:18:a8:a9:73:42:25:0f:ee:c5:24:56:90:0a:bc:
                    ec:89:c1:7d:1a:71:2e:ea:cf:c8:b4:2a:5f:9a:62:
                    1f:08:db:0a:da:01:cd:da:e6:39:2e:d7:23:93:22:
                    a8:15:04:c2:25:4f:f7:d6:76:6d:a4:22:7f:e2:64:
                    1b:38:c3:e5:ef:73:cc:91:85:10:a9:c0:34:e8:f8:
                    14:9e:14:3f:de:d8:78:0b:ff:dc:5e:a0:71:19:f8:
                    45:f5:ff:a6:2c:ea:39:10:b4:6d:09:a5:7e:f3:7b:
                    5c:45:b8:e8:0a:8b:22:e0:18:07:b7:ed:28:7a:2a:
                    77:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:A0:5F:50:88:DE:BE:06:B9:4F:5E:F2:82:AC:82:58:02:7B:11:C7
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/BKBfUIjevga5T17ygqyCWAJ7Ecc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  164.40.188.0/22
                  194.31.223.0/24

    Signature Algorithm: sha256WithRSAEncryption
         95:68:3f:9a:6f:f2:e2:c3:68:6a:2d:60:d2:ac:2b:bd:8e:1e:
         b2:0d:77:63:6a:d6:3e:02:d8:2f:41:6d:6c:91:f0:ef:49:54:
         ce:40:70:11:1c:0a:05:18:7a:7d:16:35:3a:7a:c0:3c:1f:97:
         36:4a:dd:ba:19:95:ff:98:5e:e4:72:67:15:cf:f8:4a:dd:0f:
         38:3a:8b:ea:c4:e1:e6:2f:ba:93:0a:f6:4f:e9:19:15:bf:e2:
         21:bd:15:20:8e:94:38:b2:7d:7b:33:ba:72:34:a3:7f:a6:70:
         70:2d:4a:ae:ec:e4:33:5b:d8:7d:a0:be:8b:33:65:65:27:c1:
         77:c3:3b:1d:51:25:bb:69:c3:31:e5:79:fc:68:30:87:d8:c7:
         18:b2:10:da:6a:27:fb:f6:6d:be:6f:94:b5:bf:01:d9:bc:df:
         19:15:ed:3b:3b:60:d5:9c:c6:f0:b9:5e:85:f3:03:c4:88:08:
         56:d8:7e:0f:b1:fe:9d:5a:b5:d4:6c:98:65:2a:7e:2c:20:d9:
         11:d9:60:de:30:45:fe:09:d7:25:53:4f:bb:bc:d6:d9:b4:b7:
         de:9f:e7:e4:5b:0a:f0:6b:a6:04:39:9c:44:e9:29:dc:64:36:
         c6:2a:42:cd:45:90:ab:df:57:5e:87:23:64:f8:26:b9:ae:d0:
         7f:a8:54:2f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYeAIrV3aspUr5lc2HBZqC8RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNDE0MTQxOTMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGEwNWY1MDg4ZGViZTA2Yjk0ZjVlZjI4MmFjODI1ODAyN2IxMWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkl5AdJUkrk4EtdybJRH6+M661n15
YNdzlhsQc5aRMN7rwOLjVWXjWKpiPFyGG91oB/spJ+E9TKWkEyrsxm/8QgjDzrdk
9Lrgmz/JPFaXGCG/X6ZZmPf0hdvlaiEgnuPU9AP6MRMwWVjGTD7mtqLo23O8yEvv
YNYgoQap6MxalNwx6P5ACLRAGKipc0IlD+7FJFaQCrzsicF9GnEu6s/ItCpfmmIf
CNsK2gHN2uY5LtcjkyKoFQTCJU/31nZtpCJ/4mQbOMPl73PMkYUQqcA06PgUnhQ/
3th4C//cXqBxGfhF9f+mLOo5ELRtCaV+83tcRbjoCosi4BgHt+0oeip3+QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFASgX1CI3r4GuU9e8oKsglgCexHHMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvQktCZlVJamV2Z2E1VDE3eWdxeUNXQUo3RWNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCpCi8AwQA
wh/fMA0GCSqGSIb3DQEBCwUAA4IBAQCVaD+ab/Liw2hqLWDSrCu9jh6yDXdjatY+
AtgvQW1skfDvSVTOQHARHAoFGHp9FjU6esA8H5c2St26GZX/mF7kcmcVz/hK3Q84
OovqxOHmL7qTCvZP6RkVv+IhvRUgjpQ4sn17M7pyNKN/pnBwLUqu7OQzW9h9oL6L
M2VlJ8F3wzsdUSW7acMx5Xn8aDCH2McYshDaaif79m2+b5S1vwHZvN8ZFe07O2DV
nMbwuV6F8wPEiAhW2H4Psf6dWrXUbJhlKn4sINkR2WDeMEX+CdclU0+7vNbZtLfe
n+fkWwrwa6YEOZxE6SncZDbGKkLNRZCr31dehyNk+Ca5rtB/qFQv
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:18:47 2024 by rpki-client on console-fra.rpki-client.org