Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/BMgjqv4uk1mujlLpj8R9SPkJGq4.roa
File:                     BMgjqv4uk1mujlLpj8R9SPkJGq4.roa (raw, json)
Hash identifier:          wNFvEZ0vDGclluBECEC0blsd9ovMq+nRvLprVi7NWRM=
Subject key identifier:   04:C8:23:AA:FE:2E:93:59:AE:8E:52:E9:8F:C4:7D:48:F9:09:1A:AE
Certificate issuer:       /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial:       0185787C2E4C1F1C4251FC153F933A238DA1
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/BMgjqv4uk1mujlLpj8R9SPkJGq4.roa
Signing time:             Tue 03 Jan 2023 16:34:42 +0000
ROA not before:           Tue 03 Jan 2023 16:34:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     20473
IP address blocks:        2a0b:3c40:22::/48 maxlen: 48
                          2a0b:3c40:26::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 24 Apr 2023 09:02:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:78:7c:2e:4c:1f:1c:42:51:fc:15:3f:93:3a:23:8d:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
        Validity
            Not Before: Jan  3 16:34:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=04c823aafe2e9359ae8e52e98fc47d48f9091aae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:9b:2f:6c:8b:19:ca:57:b8:e2:85:33:8b:37:
                    8a:23:d6:eb:67:5a:46:d9:94:a3:90:d1:02:ef:40:
                    d2:e6:82:a2:f9:2f:86:13:99:90:e0:70:da:2d:03:
                    ac:ec:fc:1f:4e:85:aa:c1:4c:f5:14:62:d8:0f:e6:
                    bb:3f:09:01:69:ce:91:21:e1:0c:c0:eb:bb:44:35:
                    1c:1c:d9:cb:5c:03:1c:61:26:4f:45:49:65:37:d8:
                    6c:3b:9f:06:94:d4:05:69:4a:7a:7b:59:8f:ed:d7:
                    4a:9b:30:80:9b:01:43:5d:4d:d4:0e:90:bf:36:2c:
                    92:e9:0a:6e:a8:e8:5b:52:d3:ed:5b:96:9b:ab:28:
                    d4:a2:31:ba:43:7b:3f:3f:1a:a6:c5:64:80:4e:f0:
                    d6:0d:05:c8:b1:f6:7f:01:03:a4:49:7d:b2:27:1e:
                    9b:32:ba:e7:c0:90:87:6e:ea:55:ac:0f:4a:04:e8:
                    ab:d6:78:d1:98:00:35:f2:c9:bd:ce:9b:b3:3a:6e:
                    d8:69:66:0c:14:99:5d:d2:1e:61:1c:7a:67:2c:23:
                    f3:d6:5a:53:18:ec:8b:31:a3:9a:d2:31:5a:99:58:
                    e7:35:9c:d4:e0:0f:fb:35:7e:c2:20:82:d8:bc:d7:
                    c1:8b:ea:8d:10:03:26:75:36:3d:de:c6:41:50:97:
                    af:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:C8:23:AA:FE:2E:93:59:AE:8E:52:E9:8F:C4:7D:48:F9:09:1A:AE
            X509v3 Authority Key Identifier:
                keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/BMgjqv4uk1mujlLpj8R9SPkJGq4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0b:3c40:22::/48
                  2a0b:3c40:26::/48

    Signature Algorithm: sha256WithRSAEncryption
         40:80:6f:67:3a:4b:1d:b8:3a:af:97:36:fd:9d:cb:6c:89:89:
         85:9b:8c:f1:99:6b:cc:2d:8e:71:ec:90:52:fb:e4:9e:40:07:
         07:13:93:44:00:2a:95:60:99:3f:bc:c5:be:f0:ab:f6:e2:a6:
         94:7f:bc:12:6e:d0:60:c7:93:29:f5:ba:af:3f:ab:87:1c:a5:
         a7:43:80:ea:86:1d:d5:63:73:b2:3b:b6:b8:b4:bd:88:ef:fb:
         35:c7:ba:da:e2:bc:95:4d:b3:d1:8f:63:b6:7b:ed:3c:bb:e4:
         8b:fa:18:d7:06:70:bc:b3:1d:c2:42:22:3e:d0:4f:ed:80:d5:
         f5:c6:f7:8f:10:a3:c8:6d:24:e6:16:17:5f:69:e0:d5:52:74:
         d1:8f:0b:21:82:d2:a5:75:fd:03:ea:8e:0c:31:35:64:e7:c1:
         32:0a:14:46:1b:28:04:d0:0b:89:7f:8b:56:f1:70:6e:b6:10:
         bf:7a:75:8b:98:9d:52:bf:cd:36:57:a7:e4:f0:4a:a9:4f:40:
         30:15:11:8d:22:7f:a7:c7:0e:90:b4:0e:bc:b7:09:65:fa:88:
         c8:d2:cc:64:49:fe:91:c3:bc:74:1f:3c:83:f1:cf:7f:c1:2f:
         29:36:9f:39:4c:b9:45:6b:b9:a7:a8:e9:4b:75:25:25:6f:05:
         1e:95:60:4b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYV4fC5MHxxCUfwVP5M6I42hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjMwMTAzMTYzNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGM4MjNhYWZlMmU5MzU5YWU4ZTUyZTk4ZmM0N2Q0OGY5MDkxYWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvpsvbIsZyle44oUzizeKI9brZ1pG
2ZSjkNEC70DS5oKi+S+GE5mQ4HDaLQOs7PwfToWqwUz1FGLYD+a7PwkBac6RIeEM
wOu7RDUcHNnLXAMcYSZPRUllN9hsO58GlNQFaUp6e1mP7ddKmzCAmwFDXU3UDpC/
NiyS6QpuqOhbUtPtW5abqyjUojG6Q3s/PxqmxWSATvDWDQXIsfZ/AQOkSX2yJx6b
MrrnwJCHbupVrA9KBOir1njRmAA18sm9zpuzOm7YaWYMFJld0h5hHHpnLCPz1lpT
GOyLMaOa0jFamVjnNZzU4A/7NX7CIILYvNfBi+qNEAMmdTY93sZBUJevkwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFATII6r+LpNZro5S6Y/EfUj5CRquMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvQk1nanF2NHVrMW11amxMcGo4UjlTUGtKR3E0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgs8QAAi
AwcAKgs8QAAmMA0GCSqGSIb3DQEBCwUAA4IBAQBAgG9nOksduDqvlzb9nctsiYmF
m4zxmWvMLY5x7JBS++SeQAcHE5NEACqVYJk/vMW+8Kv24qaUf7wSbtBgx5Mp9bqv
P6uHHKWnQ4Dqhh3VY3OyO7a4tL2I7/s1x7ra4ryVTbPRj2O2e+08u+SL+hjXBnC8
sx3CQiI+0E/tgNX1xvePEKPIbSTmFhdfaeDVUnTRjwshgtKldf0D6o4MMTVk58Ey
ChRGGygE0AuJf4tW8XButhC/enWLmJ1Sv802V6fk8EqpT0AwFRGNIn+nxw6QtA68
twll+ojI0sxkSf6Rw7x0HzyD8c9/wS8pNp85TLlFa7mnqOlLdSUlbwUelWBL
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:25 2024 by rpki-client on console-fra.rpki-client.org