Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/2CAGplPdZaOvz7DEZgSGQP5MBUM.roa
File:                     2CAGplPdZaOvz7DEZgSGQP5MBUM.roa (raw, json)
Hash identifier:          PGKvs2o5hz0MUDZsj5PhYrFmKlD0CQ9DXAfI/3n3Ppk=
Subject key identifier:   D8:20:06:A6:53:DD:65:A3:AF:CF:B0:C4:66:04:86:40:FE:4C:05:43
Certificate issuer:       /CN=347b487848fff63533d87c324ecc51c2c3ea2adb
Certificate serial:       01856C53D2DE60A2F3DCE80284B77DF9D322
Authority key identifier: 34:7B:48:78:48:FF:F6:35:33:D8:7C:32:4E:CC:51:C2:C3:EA:2A:DB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NHtIeEj_9jUz2HwyTsxRwsPqKts.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/2CAGplPdZaOvz7DEZgSGQP5MBUM.roa
Signing time:             Sun 01 Jan 2023 07:55:10 +0000
ROA not before:           Sun 01 Jan 2023 07:55:10 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     42960
IP address blocks:        91.238.203.0/24 maxlen: 24
                          193.200.130.0/24 maxlen: 24
                          193.200.134.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:31:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:53:d2:de:60:a2:f3:dc:e8:02:84:b7:7d:f9:d3:22
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=347b487848fff63533d87c324ecc51c2c3ea2adb
        Validity
            Not Before: Jan  1 07:55:10 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d82006a653dd65a3afcfb0c466048640fe4c0543
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:df:6f:f8:83:4e:02:75:10:7d:f8:64:35:b1:
                    77:0d:43:81:6f:b8:15:5a:db:a3:b2:2d:0e:36:d0:
                    4a:06:64:ec:ec:e6:0a:4e:ff:f2:c8:5b:92:a8:6d:
                    97:05:e2:ae:f7:3e:19:5c:24:e0:2b:45:aa:27:de:
                    d6:42:f2:d0:8b:da:99:6d:7d:1a:57:d2:42:56:e8:
                    43:ac:50:b5:18:5e:a9:9e:20:fa:22:f5:c4:fd:f9:
                    65:e9:c0:47:83:c2:75:1b:3f:45:42:99:2b:26:80:
                    93:c1:d8:3f:4b:97:20:d2:ee:33:64:af:56:c3:90:
                    01:37:c1:69:0b:8d:55:4c:82:7f:14:95:4f:94:ca:
                    8e:6c:2f:6d:81:2c:45:70:18:aa:28:53:93:93:b1:
                    9b:99:18:63:db:58:a3:73:03:8c:a2:87:ac:c8:f6:
                    14:e8:55:02:d4:05:1a:00:26:9a:a0:09:07:56:31:
                    4a:5e:d5:f7:fe:1f:f2:a8:dc:97:82:6e:8a:6e:6e:
                    2f:a1:0c:24:5a:a9:a8:2d:14:32:8b:01:a6:24:2e:
                    40:fe:34:48:c8:b3:6d:df:7f:ec:23:aa:b6:53:03:
                    b6:ce:3e:9a:c9:f3:0b:0f:36:c2:75:27:71:c9:2c:
                    31:c2:f7:1e:02:81:5d:39:e8:f3:15:60:ce:ea:23:
                    ca:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:20:06:A6:53:DD:65:A3:AF:CF:B0:C4:66:04:86:40:FE:4C:05:43
            X509v3 Authority Key Identifier:
                keyid:34:7B:48:78:48:FF:F6:35:33:D8:7C:32:4E:CC:51:C2:C3:EA:2A:DB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NHtIeEj_9jUz2HwyTsxRwsPqKts.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/2CAGplPdZaOvz7DEZgSGQP5MBUM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/NHtIeEj_9jUz2HwyTsxRwsPqKts.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.238.203.0/24
                  193.200.130.0/24
                  193.200.134.0/24

    Signature Algorithm: sha256WithRSAEncryption
         31:e1:3c:88:21:38:95:0d:e6:16:e3:43:d9:cf:6c:9f:a2:38:
         6a:08:71:bd:a3:5b:fa:12:26:08:0e:65:4f:ed:a5:72:ee:cd:
         c4:29:d1:47:f3:41:01:01:81:48:09:90:b9:06:fb:3a:30:45:
         42:c6:e5:d3:b6:dd:2f:dc:94:d4:95:09:a4:7b:51:00:c2:30:
         8a:e5:09:e2:a7:7c:5d:74:5d:df:18:2b:7b:4d:08:aa:9a:8e:
         89:f7:85:ed:bb:45:71:f9:77:99:b0:ee:03:c6:e5:4c:c1:2f:
         34:25:3d:6a:8f:78:95:ce:25:14:97:5f:96:df:f6:34:4f:81:
         37:00:98:76:48:5c:c7:df:35:25:1e:5b:6d:47:01:29:42:37:
         ea:7e:d0:57:78:44:40:79:af:49:e0:c1:03:a0:eb:ad:64:25:
         e4:9f:e6:b0:fc:d9:25:19:08:b3:bc:a9:d9:3b:83:24:c0:da:
         77:b7:2e:e5:ef:9a:b3:1f:aa:69:92:fb:1f:00:1e:5d:76:23:
         ef:58:0d:29:3f:53:90:0e:bf:d9:f6:52:08:28:1a:ba:ca:00:
         ff:df:f0:cf:a1:f9:72:47:a8:44:3e:76:9e:a1:c4:96:64:b0:
         8a:08:6f:0e:d3:b6:39:ce:b8:f3:d8:cb:61:c0:6b:dd:5d:06:
         b7:a9:70:eb
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVsU9LeYKLz3OgChLd9+dMiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0N2I0ODc4NDhmZmY2MzUzM2Q4N2MzMjRlY2M1MWMyYzNl
YTJhZGIwHhcNMjMwMTAxMDc1NTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODIwMDZhNjUzZGQ2NWEzYWZjZmIwYzQ2NjA0ODY0MGZlNGMwNTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAod9v+INOAnUQffhkNbF3DUOBb7gV
Wtujsi0ONtBKBmTs7OYKTv/yyFuSqG2XBeKu9z4ZXCTgK0WqJ97WQvLQi9qZbX0a
V9JCVuhDrFC1GF6pniD6IvXE/fll6cBHg8J1Gz9FQpkrJoCTwdg/S5cg0u4zZK9W
w5ABN8FpC41VTIJ/FJVPlMqObC9tgSxFcBiqKFOTk7GbmRhj21ijcwOMooesyPYU
6FUC1AUaACaaoAkHVjFKXtX3/h/yqNyXgm6Kbm4voQwkWqmoLRQyiwGmJC5A/jRI
yLNt33/sI6q2UwO2zj6ayfMLDzbCdSdxySwxwvceAoFdOejzFWDO6iPKtQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNggBqZT3WWjr8+wxGYEhkD+TAVDMB8GA1UdIwQY
MBaAFDR7SHhI//Y1M9h8Mk7MUcLD6irbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkh0SWVFal85alV6Mkh3eVRzeFJ3c1BxS3RzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9iYzcxMjItNGQxYi00NmE3LWFlY2It
MjMwYjNiNzJhMTc1LzEvMkNBR3BsUGRaYU92ejdERVpnU0dRUDVNQlVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9iYzcxMjItNGQxYi00NmE3LWFlY2ItMjMwYjNiNzJhMTc1
LzEvTkh0SWVFal85alV6Mkh3eVRzeFJ3c1BxS3RzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW+7LAwQA
wciCAwQAwciGMA0GCSqGSIb3DQEBCwUAA4IBAQAx4TyIITiVDeYW40PZz2yfojhq
CHG9o1v6EiYIDmVP7aVy7s3EKdFH80EBAYFICZC5Bvs6MEVCxuXTtt0v3JTUlQmk
e1EAwjCK5Qnip3xddF3fGCt7TQiqmo6J94Xtu0Vx+XeZsO4DxuVMwS80JT1qj3iV
ziUUl1+W3/Y0T4E3AJh2SFzH3zUlHlttRwEpQjfqftBXeERAea9J4MEDoOutZCXk
n+aw/NklGQizvKnZO4MkwNp3ty7l75qzH6ppkvsfAB5ddiPvWA0pP1OQDr/Z9lII
KBq6ygD/3/DPoflyR6hEPnaeocSWZLCKCG8O07Y5zrjz2MthwGvdXQa3qXDr
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:11 2024 by rpki-client on console-ams.rpki-client.org