Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/af3d81-0047-413c-91f4-0470b4bb30db/1/hwKjk5SEDtWsJ8vX6EEMNyWVtnA.roa
File:                     hwKjk5SEDtWsJ8vX6EEMNyWVtnA.roa (raw, json)
Hash identifier:          t+FCXTygm92E48wxuq1c1gmWiMH4FN2m8W8J/P1Tg4w=
Subject key identifier:   87:02:A3:93:94:84:0E:D5:AC:27:CB:D7:E8:41:0C:37:25:95:B6:70
Certificate issuer:       /CN=f879988e0f49971a326f419e5cfacbfddcc993e7
Certificate serial:       01856CAF0E833545BD3942B7D445AD577F28
Authority key identifier: F8:79:98:8E:0F:49:97:1A:32:6F:41:9E:5C:FA:CB:FD:DC:C9:93:E7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-HmYjg9Jlxoyb0GeXPrL_dzJk-c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/af3d81-0047-413c-91f4-0470b4bb30db/1/hwKjk5SEDtWsJ8vX6EEMNyWVtnA.roa
Signing time:             Sun 01 Jan 2023 09:34:49 +0000
ROA not before:           Sun 01 Jan 2023 09:34:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     1239
IP address blocks:        83.136.208.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Mon 10 Jul 2023 07:21:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:af:0e:83:35:45:bd:39:42:b7:d4:45:ad:57:7f:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f879988e0f49971a326f419e5cfacbfddcc993e7
        Validity
            Not Before: Jan  1 09:34:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8702a39394840ed5ac27cbd7e8410c372595b670
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:3a:8b:22:06:7a:be:76:10:a6:61:83:30:bf:
                    31:85:66:74:46:ce:e0:00:0b:1d:ae:71:24:06:b4:
                    30:f7:03:72:07:cb:db:95:58:24:08:e6:ce:9d:4c:
                    77:f4:90:71:88:26:6e:52:d8:aa:93:f1:b8:89:e3:
                    1f:a9:6d:df:e1:2b:0d:d4:1c:ae:97:e4:dc:30:ad:
                    35:26:11:ec:1f:4a:6d:8b:c0:c3:1c:08:ed:2f:28:
                    13:a3:b6:7c:fd:a4:d7:60:e1:1f:84:b7:89:83:14:
                    a7:f2:11:7b:6c:35:8b:2e:79:cc:ef:d6:52:90:1c:
                    fe:80:d8:9d:40:10:3b:1a:0d:df:d4:62:e3:9b:c9:
                    04:b1:57:78:de:8f:b4:c9:d9:c9:42:f7:3d:54:8c:
                    61:ad:14:cf:a6:c8:70:a5:5a:bd:72:db:a6:06:cc:
                    ae:ca:1d:6b:19:9c:aa:7d:2f:8c:57:25:95:1a:5d:
                    57:22:4f:2d:8b:84:ea:57:91:41:1b:cb:94:d6:1f:
                    a7:cc:a5:2a:2d:24:a4:01:f3:eb:0f:2a:da:de:39:
                    47:78:48:5f:a0:66:43:76:c5:c6:ce:11:d7:09:5f:
                    50:09:b5:18:61:f3:bb:77:c4:8a:24:97:c9:a8:ce:
                    47:da:96:64:5f:a5:6a:6a:26:2a:a9:d5:b2:ba:d2:
                    57:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:02:A3:93:94:84:0E:D5:AC:27:CB:D7:E8:41:0C:37:25:95:B6:70
            X509v3 Authority Key Identifier:
                keyid:F8:79:98:8E:0F:49:97:1A:32:6F:41:9E:5C:FA:CB:FD:DC:C9:93:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-HmYjg9Jlxoyb0GeXPrL_dzJk-c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/af3d81-0047-413c-91f4-0470b4bb30db/1/hwKjk5SEDtWsJ8vX6EEMNyWVtnA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/af3d81-0047-413c-91f4-0470b4bb30db/1/1-HmYjg9Jlxoyb0GeXPrL_dzJk-c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  83.136.208.0/22

    Signature Algorithm: sha256WithRSAEncryption
         1c:0c:1b:35:a1:53:02:00:d3:6c:53:1b:24:bd:b5:1e:bf:f3:
         8f:9c:0e:9d:ad:26:55:b1:e6:e5:0c:62:c7:0b:7d:2e:26:9d:
         d6:da:b2:4f:ee:6f:5b:a6:b4:6a:56:a1:17:48:a4:cc:eb:2b:
         9e:6f:de:80:6e:8e:37:f0:59:f4:c9:c0:e2:28:fb:32:9f:1a:
         16:37:ba:23:69:e7:62:3b:e7:c6:0f:fa:63:6b:b6:79:57:83:
         d7:0f:a9:2e:e7:29:d6:a9:44:3b:f8:40:3a:65:16:b8:5a:a8:
         d9:cb:6b:c1:d8:db:c6:bd:14:4b:e0:44:00:69:46:01:5c:39:
         2f:c9:79:58:75:81:06:45:61:c9:4c:dd:55:2a:b6:d0:ab:44:
         f4:2a:43:e0:4d:62:7d:24:d8:1a:dc:7a:67:4b:77:7a:c5:81:
         37:42:7c:bc:7b:e3:f5:12:f9:9d:ad:99:cd:c4:cf:dc:4f:e1:
         03:12:e5:8f:e2:4b:ba:29:40:af:cb:25:4a:15:ac:c1:0a:35:
         99:5e:21:f7:61:f4:d1:d0:19:ab:17:f1:a2:22:2f:20:c1:be:
         88:26:cf:ea:b9:c1:43:5e:a9:a0:ee:e6:72:54:a7:8f:f2:91:
         df:f0:cb:a1:7e:b9:5b:9e:94:96:5e:f4:2a:f5:8d:b5:69:53:
         84:8d:35:07
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVsrw6DNUW9OUK31EWtV38oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4Nzk5ODhlMGY0OTk3MWEzMjZmNDE5ZTVjZmFjYmZkZGNj
OTkzZTcwHhcNMjMwMTAxMDkzNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzAyYTM5Mzk0ODQwZWQ1YWMyN2NiZDdlODQxMGMzNzI1OTViNjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhzqLIgZ6vnYQpmGDML8xhWZ0Rs7g
AAsdrnEkBrQw9wNyB8vblVgkCObOnUx39JBxiCZuUtiqk/G4ieMfqW3f4SsN1Byu
l+TcMK01JhHsH0pti8DDHAjtLygTo7Z8/aTXYOEfhLeJgxSn8hF7bDWLLnnM79ZS
kBz+gNidQBA7Gg3f1GLjm8kEsVd43o+0ydnJQvc9VIxhrRTPpshwpVq9ctumBsyu
yh1rGZyqfS+MVyWVGl1XIk8ti4TqV5FBG8uU1h+nzKUqLSSkAfPrDyra3jlHeEhf
oGZDdsXGzhHXCV9QCbUYYfO7d8SKJJfJqM5H2pZkX6VqaiYqqdWyutJX0QIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFIcCo5OUhA7VrCfL1+hBDDcllbZwMB8GA1UdIwQY
MBaAFPh5mI4PSZcaMm9Bnlz6y/3cyZPnMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1IbVlqZzlKbHhveWIwR2VYUHJMX2R6SmstYy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDUvYWYzZDgxLTAwNDctNDEzYy05MWY0
LTA0NzBiNGJiMzBkYi8xL2h3S2prNVNFRHRXc0o4dlg2RUVNTnlXVnRuQS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDUvYWYzZDgxLTAwNDctNDEzYy05MWY0LTA0NzBiNGJiMzBk
Yi8xLzEtSG1Zamc5Smx4b3liMEdlWFByTF9kekprLWMuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJTiNAw
DQYJKoZIhvcNAQELBQADggEBABwMGzWhUwIA02xTGyS9tR6/84+cDp2tJlWx5uUM
YscLfS4mndbask/ub1umtGpWoRdIpMzrK55v3oBujjfwWfTJwOIo+zKfGhY3uiNp
52I758YP+mNrtnlXg9cPqS7nKdapRDv4QDplFrhaqNnLa8HY28a9FEvgRABpRgFc
OS/JeVh1gQZFYclM3VUqttCrRPQqQ+BNYn0k2BrcemdLd3rFgTdCfLx74/US+Z2t
mc3Ez9xP4QMS5Y/iS7opQK/LJUoVrMEKNZleIfdh9NHQGasX8aIiLyDBvogmz+q5
wUNeqaDu5nJUp4/ykd/wy6F+uVuelJZe9Cr1jbVpU4SNNQc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:38 2024 by rpki-client on console-fra.rpki-client.org