Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/0W96dvEZMuc1tDynz6Z2f9xUkyw.roa
File:                     0W96dvEZMuc1tDynz6Z2f9xUkyw.roa (raw, json)
Hash identifier:          xYn+++WHuJ4F6P71/j7wzvvazr48M/OIDBaT8XhA7xg=
Subject key identifier:   D1:6F:7A:76:F1:19:32:E7:35:B4:3C:A7:CF:A6:76:7F:DC:54:93:2C
Certificate issuer:       /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial:       0188BDE3CE61D5397804A3281CA035868AF4
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/0W96dvEZMuc1tDynz6Z2f9xUkyw.roa
Signing time:             Thu 15 Jun 2023 07:10:03 +0000
ROA not before:           Thu 15 Jun 2023 07:10:03 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        188.209.140.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Mon 19 Jun 2023 16:22:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:bd:e3:ce:61:d5:39:78:04:a3:28:1c:a0:35:86:8a:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
        Validity
            Not Before: Jun 15 07:10:03 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d16f7a76f11932e735b43ca7cfa6767fdc54932c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:49:be:f5:4f:3b:af:a9:e0:12:c2:dc:1e:76:
                    1e:1e:b0:71:00:fb:a8:3b:fa:77:76:8d:7a:58:94:
                    cb:a1:6a:d0:98:e8:3c:75:27:d0:de:6c:6b:cc:da:
                    61:03:e7:c7:ae:8e:27:84:4d:ff:6b:f4:00:9f:9b:
                    6b:d9:59:21:5a:f9:2f:9b:90:77:06:93:2c:9f:e5:
                    1c:c9:89:68:3d:1d:8a:4c:6e:b6:7f:45:0e:9f:4e:
                    2d:c8:b7:b7:b2:a1:f7:21:01:24:d4:fd:92:ca:b0:
                    51:78:bf:3a:e0:0c:40:8b:e3:e2:fe:8a:a3:05:d5:
                    a5:b9:26:c8:b6:a1:57:02:e6:47:57:d2:a9:19:da:
                    33:f8:29:8c:f8:95:bc:19:d9:8d:aa:ec:f7:4b:b1:
                    10:55:df:15:81:db:5b:06:44:b9:b4:bb:45:e1:e3:
                    0c:85:98:e1:9e:f2:88:ca:41:5b:b2:41:3d:29:72:
                    03:c0:e4:a8:cc:a9:d6:4b:f4:22:cb:3d:d1:f2:88:
                    f5:63:94:1e:86:38:e6:31:02:e1:97:6e:56:1c:50:
                    c1:23:14:2d:6d:4a:05:cb:6c:46:d9:78:d8:f1:ea:
                    77:b7:6c:cf:ba:29:ab:4a:f5:29:c7:01:ea:94:22:
                    8f:0c:ab:29:bf:19:97:ae:ee:5d:75:93:03:4c:a8:
                    bf:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:6F:7A:76:F1:19:32:E7:35:B4:3C:A7:CF:A6:76:7F:DC:54:93:2C
            X509v3 Authority Key Identifier:
                keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/0W96dvEZMuc1tDynz6Z2f9xUkyw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.209.140.0/22

    Signature Algorithm: sha256WithRSAEncryption
         2c:c1:d0:e7:b0:3c:0a:58:1f:61:43:ed:ae:4b:1f:32:41:a8:
         6e:df:f6:32:5e:3c:75:89:77:e0:50:57:4e:f3:2d:c3:dc:ac:
         31:8a:94:c6:15:55:1b:79:1f:e9:ba:22:cb:a3:cf:d9:b1:58:
         30:31:67:1c:68:49:63:a2:a6:42:58:6d:df:c1:40:dd:69:ef:
         5a:13:56:71:61:d4:80:b5:df:aa:71:9a:46:13:4a:1a:c1:e7:
         7d:09:8a:d7:82:ac:9f:ba:53:15:5e:73:da:ce:c3:14:94:7e:
         b5:97:08:26:8e:65:91:24:57:7c:80:de:80:79:c0:d7:0c:48:
         6e:da:9f:08:ad:30:78:ee:23:ca:15:1e:bb:b5:7b:b1:c8:99:
         67:58:df:59:6a:dc:ed:a2:2c:9f:55:b6:e4:aa:ef:5a:4c:d3:
         db:b4:93:15:28:cf:f1:e1:de:94:0f:dc:9f:60:69:c9:49:e3:
         31:30:17:0d:73:d8:e7:a5:0e:1a:2d:6d:50:f6:0c:f7:23:d6:
         15:47:96:61:93:66:b2:e3:73:6f:bb:e5:6f:16:50:b3:6a:45:
         0b:31:db:61:f9:ff:14:1e:74:eb:25:a8:b0:c7:91:c5:81:3e:
         dd:e9:2b:ad:14:28:34:8d:d7:4d:02:78:8a:d4:46:46:ed:81:
         62:16:ee:9d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYi9485h1Tl4BKMoHKA1hor0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjMwNjE1MDcxMDAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTZmN2E3NmYxMTkzMmU3MzViNDNjYTdjZmE2NzY3ZmRjNTQ5MzJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlkm+9U87r6ngEsLcHnYeHrBxAPuo
O/p3do16WJTLoWrQmOg8dSfQ3mxrzNphA+fHro4nhE3/a/QAn5tr2VkhWvkvm5B3
BpMsn+UcyYloPR2KTG62f0UOn04tyLe3sqH3IQEk1P2SyrBReL864AxAi+Pi/oqj
BdWluSbItqFXAuZHV9KpGdoz+CmM+JW8GdmNquz3S7EQVd8VgdtbBkS5tLtF4eMM
hZjhnvKIykFbskE9KXIDwOSozKnWS/Qiyz3R8oj1Y5QehjjmMQLhl25WHFDBIxQt
bUoFy2xG2XjY8ep3t2zPuimrSvUpxwHqlCKPDKspvxmXru5ddZMDTKi/AQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNFvenbxGTLnNbQ8p8+mdn/cVJMsMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvMFc5NmR2RVpNdWMxdER5bno2WjJmOXhVa3l3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCvNGMMA0G
CSqGSIb3DQEBCwUAA4IBAQAswdDnsDwKWB9hQ+2uSx8yQahu3/YyXjx1iXfgUFdO
8y3D3KwxipTGFVUbeR/puiLLo8/ZsVgwMWccaEljoqZCWG3fwUDdae9aE1ZxYdSA
td+qcZpGE0oawed9CYrXgqyfulMVXnPazsMUlH61lwgmjmWRJFd8gN6AecDXDEhu
2p8IrTB47iPKFR67tXuxyJlnWN9ZatztoiyfVbbkqu9aTNPbtJMVKM/x4d6UD9yf
YGnJSeMxMBcNc9jnpQ4aLW1Q9gz3I9YVR5Zhk2ay43Nvu+VvFlCzakULMdth+f8U
HnTrJaiwx5HFgT7d6SutFCg0jddNAniK1EZG7YFiFu6d
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:54 2024 by rpki-client on console-ams.rpki-client.org