Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/7nnF2MGQm-UrwsL8e1pm58PiPFg.roa
File:                     7nnF2MGQm-UrwsL8e1pm58PiPFg.roa (raw, json)
Hash identifier:          meO7ktkQF8kCnJ7XnJHUOwqKX1lcXIkbtOlqtihKo5s=
Subject key identifier:   EE:79:C5:D8:C1:90:9B:E5:2B:C2:C2:FC:7B:5A:66:E7:C3:E2:3C:58
Certificate issuer:       /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial:       01867CF8FA1CBFA0BCF94524E999E9733922
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/7nnF2MGQm-UrwsL8e1pm58PiPFg.roa
Signing time:             Thu 23 Feb 2023 06:32:17 +0000
ROA not before:           Thu 23 Feb 2023 06:32:17 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     21700
IP address blocks:        213.176.72.0/22 maxlen: 24
                          213.176.92.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:33:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:7c:f8:fa:1c:bf:a0:bc:f9:45:24:e9:99:e9:73:39:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
        Validity
            Not Before: Feb 23 06:32:17 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ee79c5d8c1909be52bc2c2fc7b5a66e7c3e23c58
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:f2:bc:1b:74:98:94:03:36:fb:53:5b:9d:b3:
                    d5:2c:72:d0:ec:7c:77:cd:d0:03:b2:b2:9f:36:b4:
                    d4:71:f3:9d:b5:1d:7c:b1:ae:aa:6f:3c:20:ca:63:
                    91:09:a2:d3:8b:40:bd:88:49:50:51:ff:c2:1e:0a:
                    2d:55:e2:43:90:b0:f9:12:1a:0d:67:7e:b9:c9:de:
                    3c:34:c9:99:8f:91:91:88:55:6c:e2:d0:73:0a:39:
                    eb:6e:44:49:1a:61:e3:0f:23:cf:9e:d0:b4:b4:aa:
                    ba:ff:68:2f:fc:fb:6a:de:43:64:3c:19:7c:68:47:
                    b5:ed:f2:20:88:05:55:40:fd:8b:2f:26:3b:91:56:
                    82:ba:15:37:cc:b2:c8:bd:1e:11:51:47:70:cd:22:
                    05:96:0c:9c:0f:7f:dd:51:ce:5d:b2:a0:9c:22:e5:
                    64:b0:50:98:31:04:27:9f:46:cf:a8:25:ec:9d:d2:
                    10:5c:73:de:31:bb:fb:c7:9d:05:b8:2f:15:d5:c1:
                    79:d2:ef:e8:58:90:5d:88:09:3d:bb:51:c7:e8:f2:
                    1a:9f:e9:72:c5:3b:a4:1d:6f:3b:e2:d1:77:f0:52:
                    da:d9:2f:3c:d3:bb:f2:fa:04:a5:8c:e0:8a:a2:00:
                    e2:01:10:63:fc:4b:b9:38:6d:12:a3:25:1a:8e:af:
                    c4:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:79:C5:D8:C1:90:9B:E5:2B:C2:C2:FC:7B:5A:66:E7:C3:E2:3C:58
            X509v3 Authority Key Identifier:
                keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/7nnF2MGQm-UrwsL8e1pm58PiPFg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.176.72.0/22
                  213.176.92.0/22

    Signature Algorithm: sha256WithRSAEncryption
         61:ea:f2:b2:16:be:db:7b:15:75:95:59:d0:cb:e6:4a:d8:db:
         dc:94:cb:42:00:35:69:12:f4:96:6e:08:02:2c:f5:32:a7:88:
         b3:c9:5d:12:a5:a2:a7:48:31:fd:93:e5:8a:42:b3:a1:ba:1e:
         a2:dc:53:0e:83:81:f4:a4:92:0d:d4:07:16:48:f8:6e:8e:fd:
         b2:9d:49:7e:e4:fe:99:67:23:da:4b:10:d8:89:74:fa:b2:39:
         13:a7:91:62:64:af:4b:30:aa:2f:c7:0c:e0:86:41:ba:8a:8e:
         55:4e:05:81:aa:5c:d9:ac:9e:29:5c:2a:af:4a:cc:bd:90:4e:
         c7:c7:e5:73:04:96:6e:43:b9:2f:10:03:95:69:95:01:4b:75:
         68:98:a6:6a:bf:99:a1:1c:0b:81:33:84:9b:a4:8e:32:9d:05:
         f4:90:af:44:c2:4f:87:bb:07:fd:71:eb:e8:69:4b:ec:8a:63:
         d6:bd:28:4b:b9:f5:d5:eb:ae:68:71:9f:1d:82:a5:41:ad:84:
         31:19:82:2c:21:ba:42:98:b8:39:82:d9:a5:cb:e5:9a:6c:53:
         8c:a1:f6:3c:3e:09:c0:4e:67:bc:ef:91:d6:69:e4:e9:62:47:
         a7:85:98:94:e6:f6:29:47:a6:b3:29:61:1a:f8:ac:a3:a7:6a:
         7b:c2:30:1f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYZ8+Pocv6C8+UUk6ZnpczkiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjMwMjIzMDYzMjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTc5YzVkOGMxOTA5YmU1MmJjMmMyZmM3YjVhNjZlN2MzZTIzYzU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhfK8G3SYlAM2+1NbnbPVLHLQ7Hx3
zdADsrKfNrTUcfOdtR18sa6qbzwgymORCaLTi0C9iElQUf/CHgotVeJDkLD5EhoN
Z365yd48NMmZj5GRiFVs4tBzCjnrbkRJGmHjDyPPntC0tKq6/2gv/Ptq3kNkPBl8
aEe17fIgiAVVQP2LLyY7kVaCuhU3zLLIvR4RUUdwzSIFlgycD3/dUc5dsqCcIuVk
sFCYMQQnn0bPqCXsndIQXHPeMbv7x50FuC8V1cF50u/oWJBdiAk9u1HH6PIan+ly
xTukHW874tF38FLa2S8807vy+gSljOCKogDiARBj/Eu5OG0SoyUajq/EQQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFO55xdjBkJvlK8LC/HtaZufD4jxYMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvN25uRjJNR1FtLVVyd3NMOGUxcG01OFBpUEZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQC1bBIAwQC
1bBcMA0GCSqGSIb3DQEBCwUAA4IBAQBh6vKyFr7bexV1lVnQy+ZK2NvclMtCADVp
EvSWbggCLPUyp4izyV0SpaKnSDH9k+WKQrOhuh6i3FMOg4H0pJIN1AcWSPhujv2y
nUl+5P6ZZyPaSxDYiXT6sjkTp5FiZK9LMKovxwzghkG6io5VTgWBqlzZrJ4pXCqv
Ssy9kE7Hx+VzBJZuQ7kvEAOVaZUBS3VomKZqv5mhHAuBM4SbpI4ynQX0kK9Ewk+H
uwf9cevoaUvsimPWvShLufXV665ocZ8dgqVBrYQxGYIsIbpCmLg5gtmly+WabFOM
ofY8PgnATme875HWaeTpYkenhZiU5vYpR6azKWEa+Kyjp2p7wjAf
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:29 2024 by rpki-client on console-ams.rpki-client.org