Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/1a7be5-3cf2-40c5-ba67-854182f09ef5/1/g738gMUi3WVLkxiL8XqmUOjgZPA.roa
File:                     g738gMUi3WVLkxiL8XqmUOjgZPA.roa (raw, json)
Hash identifier:          mU2VJ4jQE3x3XART+gfmHgX1SoWsAW3hZqmH0nZX70o=
Subject key identifier:   83:BD:FC:80:C5:22:DD:65:4B:93:18:8B:F1:7A:A6:50:E8:E0:64:F0
Certificate issuer:       /CN=cbbf23ff986768362549462fe092c6315eacca40
Certificate serial:       01856C9CC01968A0F7ADCBE2154E5DDC0303
Authority key identifier: CB:BF:23:FF:98:67:68:36:25:49:46:2F:E0:92:C6:31:5E:AC:CA:40
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/y78j_5hnaDYlSUYv4JLGMV6sykA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/1a7be5-3cf2-40c5-ba67-854182f09ef5/1/g738gMUi3WVLkxiL8XqmUOjgZPA.roa
Signing time:             Sun 01 Jan 2023 09:14:50 +0000
ROA not before:           Sun 01 Jan 2023 09:14:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     199788
IP address blocks:        185.57.40.0/22 maxlen: 22
                          2a01:5ba0::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:9c:c0:19:68:a0:f7:ad:cb:e2:15:4e:5d:dc:03:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cbbf23ff986768362549462fe092c6315eacca40
        Validity
            Not Before: Jan  1 09:14:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=83bdfc80c522dd654b93188bf17aa650e8e064f0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:48:06:b1:d4:00:59:79:c5:2e:72:44:89:5d:
                    bd:fb:4e:d8:5f:ea:91:c9:5d:71:5a:af:1f:42:16:
                    d5:23:27:93:3e:0c:88:ef:cf:45:6d:e0:a5:88:0a:
                    61:47:32:0a:50:63:56:63:e1:f0:96:ba:84:06:24:
                    19:6d:59:a1:57:b2:ce:93:9c:72:fd:48:ed:bd:55:
                    d7:58:55:62:27:78:fb:de:fa:20:fd:9d:6b:d3:32:
                    a1:e2:b1:1d:3c:0e:17:df:ad:0c:5c:6f:81:e8:3d:
                    93:96:7a:63:cf:41:e4:98:0f:69:ce:3b:43:fe:19:
                    98:a5:9a:c3:b6:ef:35:01:8c:5b:26:e6:6b:b0:ca:
                    06:d7:7c:01:6e:c1:6f:72:de:d4:a4:de:8b:fe:06:
                    e9:65:fd:e0:50:95:35:1f:0d:a4:e8:4d:a0:6f:c9:
                    9c:cb:c9:36:af:ba:7e:33:ad:70:9e:e6:7f:92:7d:
                    77:c7:28:21:7b:31:fb:88:aa:e5:6f:3a:ab:f7:dd:
                    0b:31:b1:5b:73:f8:44:28:8f:62:ae:c5:20:5a:70:
                    31:e3:94:e6:60:1b:c4:99:56:0c:d9:de:8f:6d:a1:
                    2a:1a:0c:44:2e:14:53:7f:d3:10:02:57:b7:91:05:
                    74:85:36:35:08:b5:be:ea:3f:9f:11:17:92:d6:7f:
                    48:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:BD:FC:80:C5:22:DD:65:4B:93:18:8B:F1:7A:A6:50:E8:E0:64:F0
            X509v3 Authority Key Identifier:
                keyid:CB:BF:23:FF:98:67:68:36:25:49:46:2F:E0:92:C6:31:5E:AC:CA:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y78j_5hnaDYlSUYv4JLGMV6sykA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/1a7be5-3cf2-40c5-ba67-854182f09ef5/1/g738gMUi3WVLkxiL8XqmUOjgZPA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/1a7be5-3cf2-40c5-ba67-854182f09ef5/1/y78j_5hnaDYlSUYv4JLGMV6sykA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.57.40.0/22
                IPv6:
                  2a01:5ba0::/32

    Signature Algorithm: sha256WithRSAEncryption
         b7:42:42:b9:93:6b:b1:7e:fc:60:cc:be:b4:4a:d6:e1:8a:4a:
         5b:f7:04:a4:e5:84:7b:11:b8:1c:b1:ad:93:4f:ab:f8:2e:08:
         fc:7c:b4:f0:9c:2b:45:bd:78:b8:30:33:12:6b:a9:ad:ee:70:
         a9:c2:f3:a6:6d:5a:f0:e5:b4:53:ae:62:a2:73:51:b3:ff:95:
         39:78:bb:d9:a5:5b:21:91:2e:45:40:b3:90:5a:ab:5e:44:47:
         71:1c:f3:67:7b:b2:a2:4f:1c:15:8b:2d:10:e9:9d:d8:1b:c6:
         fe:1b:c8:ee:14:72:3a:76:f7:0d:81:a0:03:08:5a:7d:1d:d6:
         b2:62:c6:13:95:4e:c1:66:ae:90:34:af:53:40:8b:a5:a8:0e:
         47:b2:19:5a:9d:b4:4d:af:da:98:40:c8:ec:95:f4:67:e1:4a:
         52:12:51:f2:a5:07:58:2a:db:d7:bb:6a:e3:07:9e:d2:f3:f4:
         b2:4e:df:d2:9a:32:97:55:ec:02:9d:e2:87:26:81:27:e8:66:
         4d:c0:27:92:da:60:73:87:05:7f:be:db:5e:99:28:56:64:a8:
         48:77:9a:67:44:f8:62:cd:f2:28:08:21:c5:5e:c4:4d:20:c1:
         d5:9d:d3:82:17:5f:dc:84:dd:6e:60:b1:e9:92:11:ae:f9:f9:
         d8:20:da:5c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVsnMAZaKD3rcviFU5d3AMDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiYmYyM2ZmOTg2NzY4MzYyNTQ5NDYyZmUwOTJjNjMxNWVh
Y2NhNDAwHhcNMjMwMTAxMDkxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2JkZmM4MGM1MjJkZDY1NGI5MzE4OGJmMTdhYTY1MGU4ZTA2NGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3UgGsdQAWXnFLnJEiV29+07YX+qR
yV1xWq8fQhbVIyeTPgyI789FbeCliAphRzIKUGNWY+HwlrqEBiQZbVmhV7LOk5xy
/UjtvVXXWFViJ3j73vog/Z1r0zKh4rEdPA4X360MXG+B6D2Tlnpjz0HkmA9pzjtD
/hmYpZrDtu81AYxbJuZrsMoG13wBbsFvct7UpN6L/gbpZf3gUJU1Hw2k6E2gb8mc
y8k2r7p+M61wnuZ/kn13xyghezH7iKrlbzqr990LMbFbc/hEKI9irsUgWnAx45Tm
YBvEmVYM2d6PbaEqGgxELhRTf9MQAle3kQV0hTY1CLW+6j+fEReS1n9IUQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIO9/IDFIt1lS5MYi/F6plDo4GTwMB8GA1UdIwQY
MBaAFMu/I/+YZ2g2JUlGL+CSxjFerMpAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTc4al81aG5hRFlsU1VZdjRKTEdNVjZzeWtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8xYTdiZTUtM2NmMi00MGM1LWJhNjct
ODU0MTgyZjA5ZWY1LzEvZzczOGdNVWkzV1ZMa3hpTDhYcW1VT2pnWlBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy8xYTdiZTUtM2NmMi00MGM1LWJhNjctODU0MTgyZjA5ZWY1
LzEveTc4al81aG5hRFlsU1VZdjRKTEdNVjZzeWtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTkoMA0E
AgACMAcDBQAqAVugMA0GCSqGSIb3DQEBCwUAA4IBAQC3QkK5k2uxfvxgzL60Stbh
ikpb9wSk5YR7Ebgcsa2TT6v4Lgj8fLTwnCtFvXi4MDMSa6mt7nCpwvOmbVrw5bRT
rmKic1Gz/5U5eLvZpVshkS5FQLOQWqteREdxHPNne7KiTxwViy0Q6Z3YG8b+G8ju
FHI6dvcNgaADCFp9HdayYsYTlU7BZq6QNK9TQIulqA5HshlanbRNr9qYQMjslfRn
4UpSElHypQdYKtvXu2rjB57S8/SyTt/SmjKXVewCneKHJoEn6GZNwCeS2mBzhwV/
vttemShWZKhId5pnRPhizfIoCCHFXsRNIMHVndOCF1/chN1uYLHpkhGu+fnYINpc
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:07 2024 by rpki-client on console-ams.rpki-client.org