Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/840757-8149-40fe-a49b-ae5e74ed5ba0/1/OKMCWPmHeU7s_aLwcodic_GnYK0.roa
File:                     OKMCWPmHeU7s_aLwcodic_GnYK0.roa (raw, json)
Hash identifier:          buS56SKd+iqRsmoBXCfSOfKbwxHIJoaX9GXSkSpsilQ=
Subject key identifier:   38:A3:02:58:F9:87:79:4E:EC:FD:A2:F0:72:87:62:73:F1:A7:60:AD
Certificate issuer:       /CN=f9a3520fd9c299a2874df5e47b6302a4252a726b
Certificate serial:       01857039866DEB5BFB6F095B114977D61E3D
Authority key identifier: F9:A3:52:0F:D9:C2:99:A2:87:4D:F5:E4:7B:63:02:A4:25:2A:72:6B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-aNSD9nCmaKHTfXke2MCpCUqcms.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/840757-8149-40fe-a49b-ae5e74ed5ba0/1/OKMCWPmHeU7s_aLwcodic_GnYK0.roa
Signing time:             Mon 02 Jan 2023 02:04:56 +0000
ROA not before:           Mon 02 Jan 2023 02:04:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     202253
IP address blocks:        62.182.44.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:29:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:39:86:6d:eb:5b:fb:6f:09:5b:11:49:77:d6:1e:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f9a3520fd9c299a2874df5e47b6302a4252a726b
        Validity
            Not Before: Jan  2 02:04:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=38a30258f987794eecfda2f072876273f1a760ad
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:d2:dd:03:64:ca:2f:1f:12:9e:c7:69:9b:34:
                    13:88:1d:01:d4:3a:94:ec:29:6a:fa:e6:4a:2e:5e:
                    c1:7e:e5:eb:a8:bc:25:f4:d8:6c:38:47:f0:80:4d:
                    dc:ac:b9:c1:bb:73:28:b9:e0:b9:3c:f7:dc:ea:b2:
                    74:c4:2b:19:be:f1:e1:be:02:69:24:e2:09:a5:1c:
                    ff:0d:e8:b4:d8:2f:14:67:e0:f4:bf:15:1b:55:1b:
                    71:0d:9b:23:54:35:1b:38:b8:80:3a:a6:42:92:32:
                    0b:8d:aa:a0:64:53:c5:1f:5d:09:1c:77:76:c8:a5:
                    fa:43:ad:af:5d:5f:50:9a:68:5f:ea:8f:05:ca:a0:
                    51:e1:ac:73:7d:32:d5:9c:01:84:36:e3:6a:b3:38:
                    62:4e:c2:9c:b3:a9:08:6b:e5:11:f4:f9:c5:54:97:
                    65:26:52:b8:4a:84:da:96:c1:78:50:f9:2c:d5:41:
                    6b:80:16:fc:69:1c:63:cb:c0:73:86:bb:82:c8:3d:
                    89:19:4c:40:e0:96:9b:a9:18:54:d1:d9:f2:7f:a6:
                    4c:a0:49:a2:ba:7d:4a:5b:47:46:f6:9d:65:70:de:
                    5f:87:ae:9b:e4:dd:3b:92:f5:ba:31:53:d9:45:b7:
                    f1:f7:49:27:be:1b:00:03:a8:48:1d:69:61:84:c2:
                    63:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:A3:02:58:F9:87:79:4E:EC:FD:A2:F0:72:87:62:73:F1:A7:60:AD
            X509v3 Authority Key Identifier:
                keyid:F9:A3:52:0F:D9:C2:99:A2:87:4D:F5:E4:7B:63:02:A4:25:2A:72:6B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-aNSD9nCmaKHTfXke2MCpCUqcms.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/840757-8149-40fe-a49b-ae5e74ed5ba0/1/OKMCWPmHeU7s_aLwcodic_GnYK0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/840757-8149-40fe-a49b-ae5e74ed5ba0/1/1-aNSD9nCmaKHTfXke2MCpCUqcms.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.182.44.0/22

    Signature Algorithm: sha256WithRSAEncryption
         5f:77:f5:bc:0a:b7:70:4a:2c:7e:65:c2:12:9e:2c:93:03:4a:
         a7:6c:b7:f2:51:84:c4:92:f0:bd:41:e5:c2:c5:bf:9a:a2:72:
         18:09:f8:fd:7c:43:16:57:4d:9d:cd:bf:fb:ea:fd:ae:da:35:
         66:bd:85:61:d1:05:97:9e:4c:af:c5:ad:91:b1:c8:67:4d:c8:
         40:12:ba:58:d3:86:f5:ea:8c:a0:52:1d:07:c7:ed:9d:02:49:
         52:89:10:5c:38:60:e7:39:3b:a5:42:88:2e:df:cc:b6:07:47:
         5b:49:66:03:66:1f:73:71:2e:4a:1b:28:4b:fd:c2:56:cc:f7:
         ec:f2:88:9d:03:f4:ee:f7:1a:a7:2e:84:01:0a:34:7a:07:3f:
         a3:af:8d:e0:d5:b6:8d:69:bb:31:96:40:4b:9d:e5:1e:03:0d:
         55:ae:51:61:ff:39:98:21:7a:53:be:db:32:f8:ce:9f:12:c0:
         00:ea:13:56:8d:03:6c:f0:fd:72:4c:66:d9:eb:98:62:dd:c4:
         d7:f9:69:f6:8a:5e:ba:0b:f1:1a:a2:79:72:4a:1b:e0:a3:53:
         01:6f:ad:33:53:a3:73:75:76:8b:a5:9b:2a:4b:82:c5:99:4f:
         c4:8d:42:6b:62:74:a7:71:03:e5:f9:06:ca:8f:c6:a5:8d:83:
         7b:74:47:e9
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVwOYZt61v7bwlbEUl31h49MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5YTM1MjBmZDljMjk5YTI4NzRkZjVlNDdiNjMwMmE0MjUy
YTcyNmIwHhcNMjMwMTAyMDIwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGEzMDI1OGY5ODc3OTRlZWNmZGEyZjA3Mjg3NjI3M2YxYTc2MGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk9LdA2TKLx8SnsdpmzQTiB0B1DqU
7Clq+uZKLl7BfuXrqLwl9NhsOEfwgE3crLnBu3MoueC5PPfc6rJ0xCsZvvHhvgJp
JOIJpRz/Dei02C8UZ+D0vxUbVRtxDZsjVDUbOLiAOqZCkjILjaqgZFPFH10JHHd2
yKX6Q62vXV9Qmmhf6o8FyqBR4axzfTLVnAGENuNqszhiTsKcs6kIa+UR9PnFVJdl
JlK4SoTalsF4UPks1UFrgBb8aRxjy8BzhruCyD2JGUxA4JabqRhU0dnyf6ZMoEmi
un1KW0dG9p1lcN5fh66b5N07kvW6MVPZRbfx90knvhsAA6hIHWlhhMJjKwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFDijAlj5h3lO7P2i8HKHYnPxp2CtMB8GA1UdIwQY
MBaAFPmjUg/Zwpmih0315HtjAqQlKnJrMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1hTlNEOW5DbWFLSFRmWGtlMk1DcENVcWNtcy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjUvODQwNzU3LTgxNDktNDBmZS1hNDli
LWFlNWU3NGVkNWJhMC8xL09LTUNXUG1IZVU3c19hTHdjb2RpY19HbllLMC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMjUvODQwNzU3LTgxNDktNDBmZS1hNDliLWFlNWU3NGVkNWJh
MC8xLzEtYU5TRDluQ21hS0hUZlhrZTJNQ3BDVXFjbXMuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAI+tiww
DQYJKoZIhvcNAQELBQADggEBAF939bwKt3BKLH5lwhKeLJMDSqdst/JRhMSS8L1B
5cLFv5qichgJ+P18QxZXTZ3Nv/vq/a7aNWa9hWHRBZeeTK/FrZGxyGdNyEASuljT
hvXqjKBSHQfH7Z0CSVKJEFw4YOc5O6VCiC7fzLYHR1tJZgNmH3NxLkobKEv9wlbM
9+zyiJ0D9O73GqcuhAEKNHoHP6OvjeDVto1puzGWQEud5R4DDVWuUWH/OZghelO+
2zL4zp8SwADqE1aNA2zw/XJMZtnrmGLdxNf5afaKXroL8RqieXJKG+CjUwFvrTNT
o3N1doulmypLgsWZT8SNQmtidKdxA+X5BsqPxqWNg3t0R+k=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:43 2024 by rpki-client on console-fra.rpki-client.org