Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/9cbe88-3e75-42ef-b871-5ee76f0f64e2/1/M2fnjHWQaOfCvI_cebBogYQ4AZQ.roa
File:                     M2fnjHWQaOfCvI_cebBogYQ4AZQ.roa (raw, json)
Hash identifier:          E+B71PNe0cBn/gBqW2yJ/7SrfY68bssMvqV/09ogrDs=
Subject key identifier:   33:67:E7:8C:75:90:68:E7:C2:BC:8F:DC:79:B0:68:81:84:38:01:94
Certificate issuer:       /CN=2283711bd7ab13da3d11f25bb57a4f483c1f99ac
Certificate serial:       0185737AB15B010B404FDC797B7F0F6B933A
Authority key identifier: 22:83:71:1B:D7:AB:13:DA:3D:11:F2:5B:B5:7A:4F:48:3C:1F:99:AC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IoNxG9erE9o9EfJbtXpPSDwfmaw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/25/9cbe88-3e75-42ef-b871-5ee76f0f64e2/1/M2fnjHWQaOfCvI_cebBogYQ4AZQ.roa
Signing time:             Mon 02 Jan 2023 17:14:58 +0000
ROA not before:           Mon 02 Jan 2023 17:14:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     47947
IP address blocks:        185.139.244.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:31:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:7a:b1:5b:01:0b:40:4f:dc:79:7b:7f:0f:6b:93:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2283711bd7ab13da3d11f25bb57a4f483c1f99ac
        Validity
            Not Before: Jan  2 17:14:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3367e78c759068e7c2bc8fdc79b0688184380194
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:31:6b:15:db:b5:ae:ce:a6:2a:97:9b:78:81:
                    c1:5e:5c:6d:5a:c1:8f:0d:6a:af:51:d5:66:f5:98:
                    3d:97:54:9c:01:39:be:68:b0:96:53:05:e7:e7:de:
                    94:52:b6:47:8a:97:93:00:3e:76:54:d4:cb:e8:49:
                    d4:a5:08:ef:c6:63:ff:96:9d:c7:9b:99:ac:60:23:
                    dd:56:f1:f7:ae:e0:66:0e:09:6c:37:73:b7:62:01:
                    09:53:0f:20:7b:c2:cd:02:c6:c3:20:84:b9:2d:89:
                    cd:99:b4:22:25:8e:25:32:ef:7d:99:0f:f2:1f:12:
                    35:9d:78:9b:5b:0c:10:07:4c:49:46:fa:fb:ee:ac:
                    49:6d:cc:03:7d:c5:4a:4d:18:65:1f:73:bc:24:87:
                    3c:af:86:37:7e:ce:11:d0:86:ed:28:00:54:67:0b:
                    84:6d:b2:61:94:0e:54:1f:4f:3c:0e:45:95:72:8e:
                    27:d6:0b:a4:1e:07:29:4f:2e:e4:ed:60:58:8c:69:
                    92:99:81:d9:52:d7:03:bd:aa:ac:e4:dd:7e:74:54:
                    f9:ce:94:6c:2c:3a:36:df:68:60:04:2b:0e:c9:7e:
                    be:d6:ff:84:0a:c7:5b:9c:25:e3:24:40:91:ab:65:
                    2f:e6:b2:54:e5:3c:b1:a6:00:27:43:98:55:bd:58:
                    d6:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:67:E7:8C:75:90:68:E7:C2:BC:8F:DC:79:B0:68:81:84:38:01:94
            X509v3 Authority Key Identifier:
                keyid:22:83:71:1B:D7:AB:13:DA:3D:11:F2:5B:B5:7A:4F:48:3C:1F:99:AC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IoNxG9erE9o9EfJbtXpPSDwfmaw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/9cbe88-3e75-42ef-b871-5ee76f0f64e2/1/M2fnjHWQaOfCvI_cebBogYQ4AZQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/25/9cbe88-3e75-42ef-b871-5ee76f0f64e2/1/IoNxG9erE9o9EfJbtXpPSDwfmaw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.139.244.0/22

    Signature Algorithm: sha256WithRSAEncryption
         0a:67:33:d0:e5:8a:10:34:c0:1c:5c:b5:ef:df:a3:b8:ed:b0:
         17:f7:13:96:f2:6b:0e:81:23:aa:80:58:a3:19:b3:fd:94:b3:
         9c:f2:6d:30:d7:21:89:f6:c3:0a:5e:68:80:cd:ba:00:02:f7:
         b4:8f:19:89:c7:57:eb:2d:68:f7:ea:ba:8b:e5:2d:77:95:11:
         16:c0:16:c4:c5:6d:bc:d1:39:d5:d7:85:6a:f7:d2:0d:28:9f:
         73:0f:fb:1a:57:6a:3e:2a:de:cb:a3:71:40:f8:69:37:50:c4:
         57:54:4f:48:1c:0c:01:d4:d0:97:51:ba:07:a6:aa:49:eb:0b:
         eb:50:d7:d0:81:3f:3c:78:65:9c:a5:e9:b5:9d:9f:55:0f:17:
         98:6c:d1:2b:52:67:71:d6:3f:42:db:cd:8e:2f:f2:11:d6:1c:
         2f:a7:2c:50:97:1c:af:2e:64:58:5a:3f:59:bc:86:5f:e4:58:
         df:80:19:0a:d9:a4:07:23:2f:be:8e:bb:fb:b5:39:06:5b:22:
         d6:77:8e:98:6e:2e:a9:15:cf:c4:de:8a:59:30:01:39:38:4f:
         0e:35:66:ae:8a:c5:0e:bb:00:81:11:93:c5:1b:4c:b3:83:b1:
         59:c9:63:4e:6d:27:4b:ec:9b:63:48:fa:f0:3f:47:aa:c4:fd:
         4b:41:cf:58
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzerFbAQtAT9x5e38Pa5M6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyODM3MTFiZDdhYjEzZGEzZDExZjI1YmI1N2E0ZjQ4M2Mx
Zjk5YWMwHhcNMjMwMTAyMTcxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzY3ZTc4Yzc1OTA2OGU3YzJiYzhmZGM3OWIwNjg4MTg0MzgwMTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApTFrFdu1rs6mKpebeIHBXlxtWsGP
DWqvUdVm9Zg9l1ScATm+aLCWUwXn596UUrZHipeTAD52VNTL6EnUpQjvxmP/lp3H
m5msYCPdVvH3ruBmDglsN3O3YgEJUw8ge8LNAsbDIIS5LYnNmbQiJY4lMu99mQ/y
HxI1nXibWwwQB0xJRvr77qxJbcwDfcVKTRhlH3O8JIc8r4Y3fs4R0IbtKABUZwuE
bbJhlA5UH088DkWVco4n1gukHgcpTy7k7WBYjGmSmYHZUtcDvaqs5N1+dFT5zpRs
LDo232hgBCsOyX6+1v+ECsdbnCXjJECRq2Uv5rJU5TyxpgAnQ5hVvVjWHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDNn54x1kGjnwryP3HmwaIGEOAGUMB8GA1UdIwQY
MBaAFCKDcRvXqxPaPRHyW7V6T0g8H5msMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSW9OeEc5ZXJFOW85RWZKYnRYcFBTRHdmbWF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS85Y2JlODgtM2U3NS00MmVmLWI4NzEt
NWVlNzZmMGY2NGUyLzEvTTJmbmpIV1FhT2ZDdklfY2ViQm9nWVE0QVpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS85Y2JlODgtM2U3NS00MmVmLWI4NzEtNWVlNzZmMGY2NGUy
LzEvSW9OeEc5ZXJFOW85RWZKYnRYcFBTRHdmbWF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYv0MA0G
CSqGSIb3DQEBCwUAA4IBAQAKZzPQ5YoQNMAcXLXv36O47bAX9xOW8msOgSOqgFij
GbP9lLOc8m0w1yGJ9sMKXmiAzboAAve0jxmJx1frLWj36rqL5S13lREWwBbExW28
0TnV14Vq99INKJ9zD/saV2o+Kt7Lo3FA+Gk3UMRXVE9IHAwB1NCXUboHpqpJ6wvr
UNfQgT88eGWcpem1nZ9VDxeYbNErUmdx1j9C282OL/IR1hwvpyxQlxyvLmRYWj9Z
vIZf5FjfgBkK2aQHIy++jrv7tTkGWyLWd46Ybi6pFc/E3opZMAE5OE8ONWauisUO
uwCBEZPFG0yzg7FZyWNObSdL7JtjSPrwP0eqxP1LQc9Y
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:38 2024 by rpki-client on console-ams.rpki-client.org