Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/0oO_8ukaqQtsN3FM_dHfEpGeOi0.roa
File:                     0oO_8ukaqQtsN3FM_dHfEpGeOi0.roa (raw, json)
Hash identifier:          ccNyd7U815A+rQW87IX507WzvHKSZl296KWuNMsTWJ0=
Subject key identifier:   D2:83:BF:F2:E9:1A:A9:0B:6C:37:71:4C:FD:D1:DF:12:91:9E:3A:2D
Certificate issuer:       /CN=d0299cf12b38ff12d95ffc0d13ac12c69fe2c1ca
Certificate serial:       0187183C220E2D5D33B0631704F8CFC9BC3B
Authority key identifier: D0:29:9C:F1:2B:38:FF:12:D9:5F:FC:0D:13:AC:12:C6:9F:E2:C1:CA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0Cmc8Ss4_xLZX_wNE6wSxp_iwco.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/0oO_8ukaqQtsN3FM_dHfEpGeOi0.roa
Signing time:             Sat 25 Mar 2023 10:06:46 +0000
ROA not before:           Sat 25 Mar 2023 10:06:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     7018
IP address blocks:        176.117.80.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Fri 21 Apr 2023 10:50:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:18:3c:22:0e:2d:5d:33:b0:63:17:04:f8:cf:c9:bc:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d0299cf12b38ff12d95ffc0d13ac12c69fe2c1ca
        Validity
            Not Before: Mar 25 10:06:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d283bff2e91aa90b6c37714cfdd1df12919e3a2d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:02:ec:5d:7e:92:cb:14:88:f4:e0:8f:fc:05:
                    d1:45:c8:f0:33:93:ef:30:b8:d9:69:ef:3f:65:b0:
                    a8:6f:70:41:c1:a4:cd:b7:d6:9f:46:f2:48:d7:88:
                    6a:71:1b:21:1f:b4:45:e0:1c:53:92:5f:99:a5:ba:
                    57:81:2d:fe:09:c9:8b:25:3a:ff:cd:ab:4e:55:49:
                    fb:35:d5:87:da:f8:95:bc:1c:2a:0f:b6:5b:76:da:
                    82:90:b1:8d:f6:62:b5:07:a5:f2:b9:a8:ab:53:60:
                    3a:6b:49:ea:d9:9c:04:1f:84:ff:29:22:68:f5:17:
                    d9:73:9c:58:e2:b0:35:d6:81:3d:2f:2d:2d:3d:f8:
                    c0:7c:53:b4:38:2c:90:4e:5e:a6:db:57:81:4d:99:
                    12:19:56:43:af:5a:8e:ca:05:f5:a2:05:e9:ac:21:
                    5f:cd:35:05:72:39:c4:7f:67:73:dd:4f:9a:5a:5c:
                    38:43:74:82:5e:e9:da:e4:38:81:04:b9:da:ab:ab:
                    1c:96:bd:16:2d:93:69:47:da:e6:f4:92:b5:f7:39:
                    fa:86:45:77:d3:bc:29:f6:c4:ac:c5:03:5b:07:a3:
                    8c:b2:77:52:8e:b4:71:b8:b0:7b:a2:45:cc:38:26:
                    67:72:23:3f:b9:b7:6a:84:5d:55:f2:5a:ff:5c:37:
                    55:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:83:BF:F2:E9:1A:A9:0B:6C:37:71:4C:FD:D1:DF:12:91:9E:3A:2D
            X509v3 Authority Key Identifier:
                keyid:D0:29:9C:F1:2B:38:FF:12:D9:5F:FC:0D:13:AC:12:C6:9F:E2:C1:CA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Cmc8Ss4_xLZX_wNE6wSxp_iwco.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/0oO_8ukaqQtsN3FM_dHfEpGeOi0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/0Cmc8Ss4_xLZX_wNE6wSxp_iwco.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.117.80.0/22

    Signature Algorithm: sha256WithRSAEncryption
         76:d2:e1:81:75:3d:5a:4b:ec:ba:54:16:ec:43:2d:83:c4:f7:
         81:10:4f:17:0c:d1:c6:a8:f0:30:54:cb:68:89:48:8c:c4:64:
         11:4a:18:59:a7:b0:cc:03:bf:87:87:f0:47:6a:b8:72:12:14:
         d2:58:9d:a9:d7:7f:3e:3b:f1:76:f1:b4:e0:98:bb:98:39:6a:
         41:d3:4b:0a:aa:a3:de:64:cb:ed:f9:4a:87:b6:2d:a7:b6:8f:
         ca:2f:64:e0:63:12:3b:08:50:e9:72:a0:e7:c1:f1:f1:00:9a:
         3e:7c:f3:14:3d:3c:2d:c1:38:ef:4f:55:54:89:b0:f3:7b:5d:
         65:eb:30:27:18:7c:ff:2d:1c:3e:cb:9d:0e:b4:27:59:07:36:
         ee:75:45:c1:ce:4e:a9:bd:7a:99:4d:c7:c7:70:46:ee:d7:40:
         4b:ea:21:77:c0:01:2b:86:7d:c8:89:de:ae:12:1f:9d:2b:b8:
         1f:e3:55:fc:9e:e0:02:20:ac:a4:a4:30:25:64:cb:7c:2a:56:
         b5:c7:8e:32:d1:2a:91:34:ba:93:e8:5a:f4:96:98:90:c2:ee:
         d1:8a:64:82:da:15:35:90:2c:a0:63:01:29:6f:85:42:61:1c:
         6f:f6:5a:3a:7d:f6:1a:ba:44:11:2f:5a:20:e3:cd:5b:d7:4e:
         24:83:0c:01
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYcYPCIOLV0zsGMXBPjPybw7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMjk5Y2YxMmIzOGZmMTJkOTVmZmMwZDEzYWMxMmM2OWZl
MmMxY2EwHhcNMjMwMzI1MTAwNjQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjgzYmZmMmU5MWFhOTBiNmMzNzcxNGNmZGQxZGYxMjkxOWUzYTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqwLsXX6SyxSI9OCP/AXRRcjwM5Pv
MLjZae8/ZbCob3BBwaTNt9afRvJI14hqcRshH7RF4BxTkl+ZpbpXgS3+CcmLJTr/
zatOVUn7NdWH2viVvBwqD7ZbdtqCkLGN9mK1B6XyuairU2A6a0nq2ZwEH4T/KSJo
9RfZc5xY4rA11oE9Ly0tPfjAfFO0OCyQTl6m21eBTZkSGVZDr1qOygX1ogXprCFf
zTUFcjnEf2dz3U+aWlw4Q3SCXuna5DiBBLnaq6sclr0WLZNpR9rm9JK19zn6hkV3
07wp9sSsxQNbB6OMsndSjrRxuLB7okXMOCZnciM/ubdqhF1V8lr/XDdV9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNKDv/LpGqkLbDdxTP3R3xKRnjotMB8GA1UdIwQY
MBaAFNApnPErOP8S2V/8DROsEsaf4sHKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMENtYzhTczRfeExaWF93TkU2d1N4cF9pd2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9kNTgyYzQtMzZlMy00YTU3LTg3NTIt
ZTY0MWU3MTNkMWZhLzEvMG9PXzh1a2FxUXRzTjNGTV9kSGZFcEdlT2kwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9kNTgyYzQtMzZlMy00YTU3LTg3NTItZTY0MWU3MTNkMWZh
LzEvMENtYzhTczRfeExaWF93TkU2d1N4cF9pd2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCsHVQMA0G
CSqGSIb3DQEBCwUAA4IBAQB20uGBdT1aS+y6VBbsQy2DxPeBEE8XDNHGqPAwVMto
iUiMxGQRShhZp7DMA7+Hh/BHarhyEhTSWJ2p138+O/F28bTgmLuYOWpB00sKqqPe
ZMvt+UqHti2nto/KL2TgYxI7CFDpcqDnwfHxAJo+fPMUPTwtwTjvT1VUibDze11l
6zAnGHz/LRw+y50OtCdZBzbudUXBzk6pvXqZTcfHcEbu10BL6iF3wAErhn3Iid6u
Eh+dK7gf41X8nuACIKykpDAlZMt8Kla1x44y0SqRNLqT6Fr0lpiQwu7RimSC2hU1
kCygYwEpb4VCYRxv9lo6ffYaukQRL1og481b104kgwwB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:06 2024 by rpki-client on console-fra.rpki-client.org