Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/iHR4OezKO_2z01ZwLdst-Nm3pOE.roa
File:                     iHR4OezKO_2z01ZwLdst-Nm3pOE.roa (raw, json)
Hash identifier:          jdvuLDcCT93rtOxeSaXhRTg6RdL78xM6CFUT/IPuzkM=
Subject key identifier:   88:74:78:39:EC:CA:3B:FD:B3:D3:56:70:2D:DB:2D:F8:D9:B7:A4:E1
Certificate issuer:       /CN=d0299cf12b38ff12d95ffc0d13ac12c69fe2c1ca
Certificate serial:       018A94660BFEDC91F8291ACFE94A9021DBA3
Authority key identifier: D0:29:9C:F1:2B:38:FF:12:D9:5F:FC:0D:13:AC:12:C6:9F:E2:C1:CA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0Cmc8Ss4_xLZX_wNE6wSxp_iwco.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/iHR4OezKO_2z01ZwLdst-Nm3pOE.roa
Signing time:             Thu 14 Sep 2023 15:53:50 +0000
ROA not before:           Thu 14 Sep 2023 15:53:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     6830
IP address blocks:        176.117.80.0/22 maxlen: 22
                          176.117.84.0/22 maxlen: 22
                          176.117.64.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:30:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:94:66:0b:fe:dc:91:f8:29:1a:cf:e9:4a:90:21:db:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d0299cf12b38ff12d95ffc0d13ac12c69fe2c1ca
        Validity
            Not Before: Sep 14 15:53:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=88747839ecca3bfdb3d356702ddb2df8d9b7a4e1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:d5:28:e4:c6:28:48:80:94:cf:1e:0a:f8:36:
                    3a:cf:d4:63:30:67:72:16:52:f6:9d:50:57:6a:04:
                    69:d6:12:34:33:5e:42:38:48:cc:cc:12:b7:9a:c6:
                    c0:20:59:bb:f9:59:19:29:02:e8:36:73:8b:0a:2c:
                    03:cc:4b:eb:03:92:2c:11:af:5d:10:15:e3:d2:6d:
                    2b:75:2b:d5:68:e3:83:10:f7:f3:d2:16:9c:b2:96:
                    ee:b2:e1:b2:46:5f:06:90:96:a4:99:94:1d:72:43:
                    bd:9b:54:0a:12:4c:29:27:fc:03:56:fb:c6:e7:6f:
                    41:ae:98:b8:c3:3b:a1:58:20:13:9d:fb:01:dc:11:
                    4f:eb:d2:88:0b:c5:f2:04:f0:02:a7:86:32:e3:03:
                    03:e5:6b:50:03:d9:e9:ea:64:72:79:5a:1f:97:94:
                    0b:e3:e7:27:32:da:46:42:3b:85:35:1c:aa:ba:9e:
                    5d:3c:88:9e:a0:1b:55:d2:e9:e4:89:f2:d7:2a:e6:
                    d3:9f:f2:2c:16:52:b0:02:f8:b6:52:18:4a:f1:d6:
                    b9:93:7c:92:7c:2e:57:a2:f9:ad:5a:37:9a:8d:70:
                    85:25:10:70:48:06:9c:2f:92:8f:68:4f:48:b2:03:
                    9e:66:f1:45:32:4e:6f:6f:0f:d2:fb:04:81:e0:54:
                    55:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:74:78:39:EC:CA:3B:FD:B3:D3:56:70:2D:DB:2D:F8:D9:B7:A4:E1
            X509v3 Authority Key Identifier:
                keyid:D0:29:9C:F1:2B:38:FF:12:D9:5F:FC:0D:13:AC:12:C6:9F:E2:C1:CA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Cmc8Ss4_xLZX_wNE6wSxp_iwco.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/iHR4OezKO_2z01ZwLdst-Nm3pOE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/0Cmc8Ss4_xLZX_wNE6wSxp_iwco.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.117.64.0/22
                  176.117.80.0/21

    Signature Algorithm: sha256WithRSAEncryption
         51:7f:e6:07:d4:f0:ba:e3:ba:05:0a:cb:36:d9:56:51:28:64:
         66:ac:f0:09:59:d3:88:eb:c4:8b:2a:c9:df:23:2e:4c:7d:5e:
         2f:84:93:95:f4:5a:30:fc:12:63:72:f9:16:d2:3b:6a:67:92:
         88:19:a6:49:a4:10:d8:29:05:df:5b:56:a2:c6:97:0e:3b:46:
         74:c2:04:33:d4:20:6e:83:1f:47:6c:7d:3c:0f:39:77:ff:7e:
         3e:5a:c6:7a:cd:c1:50:db:15:55:2b:2f:d2:c3:38:1f:db:d2:
         d5:8d:36:69:06:cf:f4:6f:37:5e:87:9d:d4:4a:0b:63:6a:83:
         0b:8e:5a:59:b4:f0:70:44:31:d7:bd:fe:6b:b8:69:80:f3:cb:
         10:f8:c4:a7:7c:66:f0:bf:7b:7a:c2:75:a9:ef:ae:55:90:92:
         89:a7:f2:e9:7e:cf:ba:eb:67:3e:08:5b:81:86:d8:3e:3d:54:
         8d:6d:a0:7a:05:9a:6b:dd:e9:41:d2:87:af:96:41:aa:46:88:
         fb:83:bc:60:64:b0:8b:3a:1b:c1:6c:18:6c:18:98:4e:9e:52:
         98:be:b2:b5:c1:63:03:be:90:e9:ca:84:c5:48:8b:28:87:81:
         a0:e9:b4:90:3b:7c:b1:ae:9d:36:68:95:28:72:bc:a5:27:42:
         54:26:9a:f8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYqUZgv+3JH4KRrP6UqQIdujMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMjk5Y2YxMmIzOGZmMTJkOTVmZmMwZDEzYWMxMmM2OWZl
MmMxY2EwHhcNMjMwOTE0MTU1MzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODc0NzgzOWVjY2EzYmZkYjNkMzU2NzAyZGRiMmRmOGQ5YjdhNGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwtUo5MYoSICUzx4K+DY6z9RjMGdy
FlL2nVBXagRp1hI0M15COEjMzBK3msbAIFm7+VkZKQLoNnOLCiwDzEvrA5IsEa9d
EBXj0m0rdSvVaOODEPfz0hacspbusuGyRl8GkJakmZQdckO9m1QKEkwpJ/wDVvvG
529Brpi4wzuhWCATnfsB3BFP69KIC8XyBPACp4Yy4wMD5WtQA9np6mRyeVofl5QL
4+cnMtpGQjuFNRyqup5dPIieoBtV0unkifLXKubTn/IsFlKwAvi2UhhK8da5k3yS
fC5XovmtWjeajXCFJRBwSAacL5KPaE9IsgOeZvFFMk5vbw/S+wSB4FRVnwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIh0eDnsyjv9s9NWcC3bLfjZt6ThMB8GA1UdIwQY
MBaAFNApnPErOP8S2V/8DROsEsaf4sHKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMENtYzhTczRfeExaWF93TkU2d1N4cF9pd2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9kNTgyYzQtMzZlMy00YTU3LTg3NTIt
ZTY0MWU3MTNkMWZhLzEvaUhSNE9lektPXzJ6MDFad0xkc3QtTm0zcE9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9kNTgyYzQtMzZlMy00YTU3LTg3NTItZTY0MWU3MTNkMWZh
LzEvMENtYzhTczRfeExaWF93TkU2d1N4cF9pd2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCsHVAAwQD
sHVQMA0GCSqGSIb3DQEBCwUAA4IBAQBRf+YH1PC647oFCss22VZRKGRmrPAJWdOI
68SLKsnfIy5MfV4vhJOV9Fow/BJjcvkW0jtqZ5KIGaZJpBDYKQXfW1aixpcOO0Z0
wgQz1CBugx9HbH08Dzl3/34+WsZ6zcFQ2xVVKy/Swzgf29LVjTZpBs/0bzdeh53U
SgtjaoMLjlpZtPBwRDHXvf5ruGmA88sQ+MSnfGbwv3t6wnWp765VkJKJp/Lpfs+6
62c+CFuBhtg+PVSNbaB6BZpr3elB0oevlkGqRoj7g7xgZLCLOhvBbBhsGJhOnlKY
vrK1wWMDvpDpyoTFSIsoh4Gg6bSQO3yxrp02aJUocrylJ0JUJpr4
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:21 2024 by rpki-client on console-ams.rpki-client.org