Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/dSaJqVxUqeLCGULhflva2pGbJ5M.roa
File:                     dSaJqVxUqeLCGULhflva2pGbJ5M.roa (raw, json)
Hash identifier:          Bh/+LpfMAW/Lrwm3g6yeCFCHxfLSPNrtTCZ3sQwNR9E=
Subject key identifier:   75:26:89:A9:5C:54:A9:E2:C2:19:42:E1:7E:5B:DA:DA:91:9B:27:93
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       01886637FB6C0E47B57915A460AC1E5A1EBF
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/dSaJqVxUqeLCGULhflva2pGbJ5M.roa
Signing time:             Mon 29 May 2023 06:35:24 +0000
ROA not before:           Mon 29 May 2023 06:35:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     213200
IP address blocks:        84.21.173.0/24 maxlen: 24
                          93.123.85.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 01 Jun 2023 07:25:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:66:37:fb:6c:0e:47:b5:79:15:a4:60:ac:1e:5a:1e:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: May 29 06:35:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=752689a95c54a9e2c21942e17e5bdada919b2793
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:0f:ae:07:ff:6c:c3:5b:0c:77:a0:7c:a5:10:
                    9e:55:d4:1f:0e:0f:51:6c:bf:46:26:e9:12:d4:cf:
                    33:87:ca:22:db:8e:c8:9c:bb:8e:1a:0b:b6:7a:f9:
                    ac:7c:7e:9a:e5:07:0f:24:78:f5:f7:4a:72:6b:25:
                    be:0b:2d:a6:47:85:bc:2a:10:4e:f3:27:86:ca:8b:
                    6f:f7:e2:d5:42:73:27:44:a5:f9:42:e6:20:65:19:
                    b6:95:28:c2:02:8b:69:2c:bb:5f:aa:08:a0:35:83:
                    2a:4f:0e:c3:88:e0:81:e9:94:82:53:41:38:a7:46:
                    53:0e:c3:ed:18:dc:40:ad:7d:e4:ad:fd:4f:ec:4d:
                    73:a0:90:0d:6c:00:c8:fd:47:6f:8e:8b:09:50:f6:
                    d9:87:d9:a4:28:4e:8d:e1:cb:26:7d:83:52:c5:e7:
                    71:b3:a7:71:41:3b:61:1c:0f:74:2c:71:81:15:33:
                    38:35:41:4a:79:0e:df:4e:25:00:58:61:d0:11:5a:
                    f2:27:59:b0:4a:76:28:c1:fa:a8:01:ec:06:16:7a:
                    b7:83:05:7f:c8:78:30:6a:99:90:33:8d:0d:8e:83:
                    6a:ec:fd:08:e2:cd:f5:82:80:00:49:dd:89:b5:ae:
                    3e:fe:a6:f0:b7:58:a7:75:39:f5:67:07:20:a5:d4:
                    87:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:26:89:A9:5C:54:A9:E2:C2:19:42:E1:7E:5B:DA:DA:91:9B:27:93
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/dSaJqVxUqeLCGULhflva2pGbJ5M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.21.173.0/24
                  93.123.85.0/24

    Signature Algorithm: sha256WithRSAEncryption
         08:78:d5:dd:c2:73:58:95:fb:6e:21:6e:7b:f8:5c:a1:4f:1d:
         fd:54:6c:69:47:a1:41:96:80:f7:70:f1:55:c4:1e:d5:0d:18:
         0d:ca:c2:a9:39:b5:64:2d:8b:27:fa:d7:82:ad:f0:e9:87:65:
         b3:41:8b:8a:c2:5f:7a:a5:4a:79:5d:be:37:dc:57:8c:83:5e:
         79:e3:32:64:17:af:93:b7:ec:00:c8:21:b5:40:69:4c:f4:fa:
         d6:1f:2f:d3:4f:78:17:c8:d4:ae:0f:c0:03:df:3d:c2:d8:dc:
         d9:c7:4e:12:43:c6:da:ee:70:34:56:33:f1:6f:70:3b:25:ed:
         b3:c9:f7:f2:9b:38:74:42:8c:b4:ef:8a:24:94:50:bb:9b:9b:
         2b:20:f5:7c:da:cd:9a:79:e1:a3:a2:9c:33:bf:d8:01:4c:ee:
         2b:14:7c:ed:e1:16:9a:63:92:96:3e:a6:71:87:d1:4c:0b:f2:
         ae:4c:61:3a:ef:6e:36:8c:3d:f9:72:77:53:ac:84:9c:46:a7:
         34:fe:3f:ce:2d:20:6b:90:fe:fa:6f:b2:0f:5c:ef:da:cc:e4:
         42:9f:2c:fe:99:f8:d4:df:9a:00:45:35:7b:1a:dd:81:b8:e9:
         39:cd:44:aa:94:cf:7d:5e:9d:48:e4:ad:ab:c4:fb:49:f7:71:
         ef:de:94:2d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYhmN/tsDke1eRWkYKweWh6/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNTI5MDYzNTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTI2ODlhOTVjNTRhOWUyYzIxOTQyZTE3ZTViZGFkYTkxOWIyNzkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlQ+uB/9sw1sMd6B8pRCeVdQfDg9R
bL9GJukS1M8zh8oi247InLuOGgu2evmsfH6a5QcPJHj190pyayW+Cy2mR4W8KhBO
8yeGyotv9+LVQnMnRKX5QuYgZRm2lSjCAotpLLtfqgigNYMqTw7DiOCB6ZSCU0E4
p0ZTDsPtGNxArX3krf1P7E1zoJANbADI/UdvjosJUPbZh9mkKE6N4csmfYNSxedx
s6dxQTthHA90LHGBFTM4NUFKeQ7fTiUAWGHQEVryJ1mwSnYowfqoAewGFnq3gwV/
yHgwapmQM40NjoNq7P0I4s31goAASd2Jta4+/qbwt1indTn1ZwcgpdSHoQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHUmialcVKniwhlC4X5b2tqRmyeTMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvZFNhSnFWeFVxZUxDR1VMaGZsdmEycEdiSjVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVBWtAwQA
XXtVMA0GCSqGSIb3DQEBCwUAA4IBAQAIeNXdwnNYlftuIW57+FyhTx39VGxpR6FB
loD3cPFVxB7VDRgNysKpObVkLYsn+teCrfDph2WzQYuKwl96pUp5Xb433FeMg155
4zJkF6+Tt+wAyCG1QGlM9PrWHy/TT3gXyNSuD8AD3z3C2NzZx04SQ8ba7nA0VjPx
b3A7Je2zyffymzh0Qoy074oklFC7m5srIPV82s2aeeGjopwzv9gBTO4rFHzt4Raa
Y5KWPqZxh9FMC/KuTGE67242jD35cndTrIScRqc0/j/OLSBrkP76b7IPXO/azORC
nyz+mfjU35oARTV7Gt2BuOk5zUSqlM99Xp1I5K2rxPtJ93Hv3pQt
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:38 2024 by rpki-client on console-ams.rpki-client.org