Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/pC2eIuui1KH8prL6nxjb_q8HVos.roa
File:                     pC2eIuui1KH8prL6nxjb_q8HVos.roa (raw, json)
Hash identifier:          UMzH/lx2FR8csMh9YTtUjZ0KJqAnhPhA0m6ITHK2sHA=
Subject key identifier:   A4:2D:9E:22:EB:A2:D4:A1:FC:A6:B2:FA:9F:18:DB:FE:AF:07:56:8B
Certificate issuer:       /CN=d0299cf12b38ff12d95ffc0d13ac12c69fe2c1ca
Certificate serial:       018EA801A9CDA4C7C702F46DE9D86A5460C3
Authority key identifier: D0:29:9C:F1:2B:38:FF:12:D9:5F:FC:0D:13:AC:12:C6:9F:E2:C1:CA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0Cmc8Ss4_xLZX_wNE6wSxp_iwco.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/pC2eIuui1KH8prL6nxjb_q8HVos.roa
Signing time:             Thu 04 Apr 2024 07:27:44 +0000
ROA not before:           Thu 04 Apr 2024 07:27:44 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     43260
IP address blocks:        176.117.88.0/22 maxlen: 24
                          176.117.92.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 29 Apr 2024 08:28:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:a8:01:a9:cd:a4:c7:c7:02:f4:6d:e9:d8:6a:54:60:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d0299cf12b38ff12d95ffc0d13ac12c69fe2c1ca
        Validity
            Not Before: Apr  4 07:27:44 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=a42d9e22eba2d4a1fca6b2fa9f18dbfeaf07568b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:d2:65:3c:43:37:79:4f:ef:8b:c4:c6:d7:f5:
                    27:f4:b3:2b:e4:1c:f1:cd:d4:bf:7d:5a:5f:ad:ed:
                    6c:57:e5:44:ab:f7:25:32:a7:29:14:f0:f2:9a:82:
                    00:d9:53:f9:33:0a:a4:63:c3:68:3c:51:cc:6d:68:
                    03:05:fd:e4:0e:b7:8b:1d:b0:ef:3b:38:2a:aa:4f:
                    17:41:fe:bc:f3:11:a4:b3:b5:a5:a7:fe:51:49:f8:
                    53:67:4b:31:bb:b4:ac:cb:f6:aa:e9:04:1d:e9:e5:
                    6c:7b:b9:fe:44:64:41:7d:9e:f8:ea:10:4a:7b:36:
                    8b:59:db:1b:52:e0:8c:18:6e:a9:e6:44:ca:96:50:
                    3e:44:e2:68:e0:52:67:72:de:49:51:9e:6f:6a:a2:
                    e9:0a:62:74:3a:4d:da:d5:7f:0d:57:ba:62:45:b7:
                    21:fa:a9:87:c0:d0:e5:7e:be:c4:03:08:b0:18:59:
                    8a:60:d2:9f:93:10:9b:f2:66:11:6c:38:c3:63:82:
                    f3:d6:84:ba:fc:75:64:4a:ca:14:5c:25:3f:7e:d0:
                    79:14:e9:00:b8:a9:00:e0:43:dc:7e:50:76:d2:97:
                    58:9c:6d:d4:5b:f0:e1:63:72:71:41:cb:bd:87:f8:
                    d4:ed:65:92:4b:08:9e:78:11:37:6e:da:75:25:80:
                    3d:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:2D:9E:22:EB:A2:D4:A1:FC:A6:B2:FA:9F:18:DB:FE:AF:07:56:8B
            X509v3 Authority Key Identifier:
                keyid:D0:29:9C:F1:2B:38:FF:12:D9:5F:FC:0D:13:AC:12:C6:9F:E2:C1:CA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Cmc8Ss4_xLZX_wNE6wSxp_iwco.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/pC2eIuui1KH8prL6nxjb_q8HVos.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/0Cmc8Ss4_xLZX_wNE6wSxp_iwco.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.117.88.0-176.117.92.255

    Signature Algorithm: sha256WithRSAEncryption
         0c:81:c6:35:84:4c:b5:74:ac:32:a2:67:fd:a1:50:f5:aa:fb:
         3c:b1:39:e2:2f:28:00:ea:be:9a:16:7b:89:d2:64:ac:33:74:
         2f:12:e5:3c:57:72:81:68:70:fb:50:cc:2d:e7:09:8c:d3:f5:
         1c:e7:af:cc:a7:f7:7d:49:6a:09:97:a3:de:09:9e:49:ec:44:
         fb:f6:95:0a:2f:ca:24:84:b5:d1:ea:6d:c7:a9:42:6a:f5:8b:
         3f:cb:3c:72:f0:5f:28:20:e0:90:a6:33:e6:0a:c2:2c:d7:49:
         ab:74:c9:a7:11:cc:a7:6c:1a:a8:3c:01:66:36:57:2b:84:0e:
         21:7a:3d:b0:75:36:7b:6c:0c:52:99:0e:0f:2f:60:5a:15:03:
         f1:f5:43:60:49:9a:9a:7c:cc:91:36:1a:b5:55:b3:9f:48:e0:
         0f:99:c8:3e:13:5b:72:db:e5:49:fc:7a:c0:13:2f:14:42:19:
         17:d9:e8:e3:39:48:6f:ea:78:1f:14:87:09:9d:aa:0f:87:4f:
         4d:37:26:63:0b:31:80:d6:4b:c9:47:e7:1b:c9:c4:d9:2f:81:
         fb:52:ec:95:56:03:e0:44:22:cd:5d:47:50:61:13:c4:13:9d:
         62:82:55:79:7f:a9:15:08:a0:c2:f4:a0:d2:00:c5:e6:08:36:
         b7:0c:ac:44
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY6oAanNpMfHAvRt6dhqVGDDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMjk5Y2YxMmIzOGZmMTJkOTVmZmMwZDEzYWMxMmM2OWZl
MmMxY2EwHhcNMjQwNDA0MDcyNzQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDJkOWUyMmViYTJkNGExZmNhNmIyZmE5ZjE4ZGJmZWFmMDc1NjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArtJlPEM3eU/vi8TG1/Un9LMr5Bzx
zdS/fVpfre1sV+VEq/clMqcpFPDymoIA2VP5MwqkY8NoPFHMbWgDBf3kDreLHbDv
Ozgqqk8XQf688xGks7Wlp/5RSfhTZ0sxu7Ssy/aq6QQd6eVse7n+RGRBfZ746hBK
ezaLWdsbUuCMGG6p5kTKllA+ROJo4FJnct5JUZ5vaqLpCmJ0Ok3a1X8NV7piRbch
+qmHwNDlfr7EAwiwGFmKYNKfkxCb8mYRbDjDY4Lz1oS6/HVkSsoUXCU/ftB5FOkA
uKkA4EPcflB20pdYnG3UW/DhY3JxQcu9h/jU7WWSSwieeBE3btp1JYA9VQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFKQtniLrotSh/Kay+p8Y2/6vB1aLMB8GA1UdIwQY
MBaAFNApnPErOP8S2V/8DROsEsaf4sHKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMENtYzhTczRfeExaWF93TkU2d1N4cF9pd2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9kNTgyYzQtMzZlMy00YTU3LTg3NTIt
ZTY0MWU3MTNkMWZhLzEvcEMyZUl1dWkxS0g4cHJMNm54amJfcThIVm9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9kNTgyYzQtMzZlMy00YTU3LTg3NTItZTY0MWU3MTNkMWZh
LzEvMENtYzhTczRfeExaWF93TkU2d1N4cF9pd2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAOwdVgD
BACwdVwwDQYJKoZIhvcNAQELBQADggEBAAyBxjWETLV0rDKiZ/2hUPWq+zyxOeIv
KADqvpoWe4nSZKwzdC8S5TxXcoFocPtQzC3nCYzT9Rznr8yn931JagmXo94Jnkns
RPv2lQovyiSEtdHqbcepQmr1iz/LPHLwXygg4JCmM+YKwizXSat0yacRzKdsGqg8
AWY2VyuEDiF6PbB1NntsDFKZDg8vYFoVA/H1Q2BJmpp8zJE2GrVVs59I4A+ZyD4T
W3Lb5Un8esATLxRCGRfZ6OM5SG/qeB8Uhwmdqg+HT003JmMLMYDWS8lH5xvJxNkv
gftS7JVWA+BEIs1dR1BhE8QTnWKCVXl/qRUIoML0oNIAxeYINrcMrEQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:21 2024 by rpki-client on console-ams.rpki-client.org