Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/wiGhjbVJ5_bV9ZZpunxxhIUVymM.roa
File:                     wiGhjbVJ5_bV9ZZpunxxhIUVymM.roa (raw, json)
Hash identifier:          Qc6e56nTRMzXZlDqT/G8bGi/StMGx5mjeFRdi61jwxs=
Subject key identifier:   C2:21:A1:8D:B5:49:E7:F6:D5:F5:96:69:BA:7C:71:84:85:15:CA:63
Certificate issuer:       /CN=283624007f44dcaf568c370e7f71f950cb1940ef
Certificate serial:       0189F245A59FCA0A78DD8F0C7F06ABDD21F5
Authority key identifier: 28:36:24:00:7F:44:DC:AF:56:8C:37:0E:7F:71:F9:50:CB:19:40:EF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KDYkAH9E3K9WjDcOf3H5UMsZQO8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/wiGhjbVJ5_bV9ZZpunxxhIUVymM.roa
Signing time:             Mon 14 Aug 2023 04:19:57 +0000
ROA not before:           Mon 14 Aug 2023 04:19:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     198118
IP address blocks:        92.42.7.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:29:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:f2:45:a5:9f:ca:0a:78:dd:8f:0c:7f:06:ab:dd:21:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=283624007f44dcaf568c370e7f71f950cb1940ef
        Validity
            Not Before: Aug 14 04:19:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c221a18db549e7f6d5f59669ba7c71848515ca63
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:83:ba:a8:aa:8e:90:9c:2c:59:94:f4:5c:b3:
                    ee:32:a9:bf:d8:d9:23:b5:17:c5:35:b4:81:e6:d4:
                    cb:64:e1:ae:7d:d5:85:03:4b:c3:1a:30:c8:b8:17:
                    67:10:fa:2e:fb:3a:fa:0d:69:9f:e1:fd:2b:93:20:
                    d0:7e:71:b0:e1:a6:e3:0a:cc:6b:60:0b:71:bf:7b:
                    83:bc:5a:9e:55:40:fa:3a:4f:26:a0:ef:79:ea:e2:
                    01:a4:36:82:ca:78:bb:20:d7:c4:d1:48:4b:b9:58:
                    d0:bf:c0:42:e6:91:0b:67:b1:e0:41:8b:f1:a9:51:
                    49:2d:d9:1e:37:d5:c9:a7:a1:48:85:47:46:c2:64:
                    e3:be:65:39:df:aa:e9:24:1b:b9:5c:14:db:8e:1a:
                    b1:50:d7:5a:b2:d0:07:03:61:d7:83:b3:3a:34:03:
                    3c:e5:cb:e6:ec:21:8c:ad:58:ba:cc:7d:51:a8:59:
                    d9:4c:7b:f9:8e:a1:3e:65:ea:13:95:93:9e:2f:6f:
                    49:7c:95:a9:c8:98:27:7d:de:6e:5c:59:c5:4e:1b:
                    28:86:9a:77:e5:1b:46:28:8c:c2:fc:99:cb:a6:70:
                    e4:da:ef:a4:34:63:26:dd:56:e1:59:f6:77:ad:b3:
                    86:f5:b2:f1:d7:23:79:97:74:29:dd:2a:28:4b:7b:
                    83:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:21:A1:8D:B5:49:E7:F6:D5:F5:96:69:BA:7C:71:84:85:15:CA:63
            X509v3 Authority Key Identifier:
                keyid:28:36:24:00:7F:44:DC:AF:56:8C:37:0E:7F:71:F9:50:CB:19:40:EF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KDYkAH9E3K9WjDcOf3H5UMsZQO8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/wiGhjbVJ5_bV9ZZpunxxhIUVymM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  92.42.7.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b4:1b:2a:b7:39:ed:29:95:2b:9f:28:12:a7:6f:b5:01:3f:48:
         b8:72:22:a7:a1:88:a3:a4:70:fe:73:d4:21:20:da:27:98:37:
         0f:ba:15:92:ab:f4:6b:e8:c3:eb:ed:c9:7a:35:16:14:78:25:
         a4:6b:c6:8a:42:86:43:87:bc:db:e7:46:8f:6d:fa:e3:d9:12:
         f3:27:7f:78:f1:32:ce:d8:da:bb:69:e4:74:12:2b:7c:2c:e2:
         19:c1:50:7f:54:a7:88:00:29:5d:52:67:0c:a9:ab:e3:43:92:
         0d:ef:66:52:da:d8:99:19:ea:8e:38:72:2d:36:c5:b3:de:b8:
         8f:96:e2:e0:91:75:b1:5f:56:2a:33:35:8b:81:af:2c:7e:e7:
         58:e5:1e:80:02:8c:49:ca:c9:8a:69:f1:c0:ac:cd:25:28:5b:
         e2:87:a9:42:4e:3e:a0:12:c4:9f:2a:7d:83:8a:a2:66:93:b1:
         45:92:76:52:73:54:09:58:a5:aa:f3:cb:34:74:39:ac:d1:7f:
         41:8a:d6:d7:12:f5:a3:79:27:9a:5c:9e:61:3a:92:e2:f7:0d:
         1d:1a:8f:1c:8d:76:35:a3:37:70:d0:fa:6a:f7:47:16:17:1c:
         12:a3:6c:96:31:e8:4e:9a:d1:72:0d:22:34:c0:67:ef:39:ef:
         16:48:e4:bf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYnyRaWfygp43Y8Mfwar3SH1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MzYyNDAwN2Y0NGRjYWY1NjhjMzcwZTdmNzFmOTUwY2Ix
OTQwZWYwHhcNMjMwODE0MDQxOTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjIxYTE4ZGI1NDllN2Y2ZDVmNTk2NjliYTdjNzE4NDg1MTVjYTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvIO6qKqOkJwsWZT0XLPuMqm/2Nkj
tRfFNbSB5tTLZOGufdWFA0vDGjDIuBdnEPou+zr6DWmf4f0rkyDQfnGw4abjCsxr
YAtxv3uDvFqeVUD6Ok8moO956uIBpDaCyni7INfE0UhLuVjQv8BC5pELZ7HgQYvx
qVFJLdkeN9XJp6FIhUdGwmTjvmU536rpJBu5XBTbjhqxUNdastAHA2HXg7M6NAM8
5cvm7CGMrVi6zH1RqFnZTHv5jqE+ZeoTlZOeL29JfJWpyJgnfd5uXFnFThsohpp3
5RtGKIzC/JnLpnDk2u+kNGMm3VbhWfZ3rbOG9bLx1yN5l3Qp3SooS3uDzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMIhoY21Sef21fWWabp8cYSFFcpjMB8GA1UdIwQY
MBaAFCg2JAB/RNyvVow3Dn9x+VDLGUDvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0RZa0FIOUUzSzlXakRjT2YzSDVVTXNaUU84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS82MGM3MjQtYTAwNS00NmQ3LTg0NTIt
MTZjZTMzOTAxNmEwLzEvd2lHaGpiVko1X2JWOVpacHVueHhoSVVWeW1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS82MGM3MjQtYTAwNS00NmQ3LTg0NTItMTZjZTMzOTAxNmEw
LzEvS0RZa0FIOUUzSzlXakRjT2YzSDVVTXNaUU84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXCoHMA0G
CSqGSIb3DQEBCwUAA4IBAQC0Gyq3Oe0plSufKBKnb7UBP0i4ciKnoYijpHD+c9Qh
INonmDcPuhWSq/Rr6MPr7cl6NRYUeCWka8aKQoZDh7zb50aPbfrj2RLzJ3948TLO
2Nq7aeR0Eit8LOIZwVB/VKeIACldUmcMqavjQ5IN72ZS2tiZGeqOOHItNsWz3riP
luLgkXWxX1YqMzWLga8sfudY5R6AAoxJysmKafHArM0lKFvih6lCTj6gEsSfKn2D
iqJmk7FFknZSc1QJWKWq88s0dDms0X9BitbXEvWjeSeaXJ5hOpLi9w0dGo8cjXY1
ozdw0Ppq90cWFxwSo2yWMehOmtFyDSI0wGfvOe8WSOS/
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:51 2024 by rpki-client on console-ams.rpki-client.org