Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/CADDeyG8MBXOzlMEuLlqiqSiFHI.roa
File:                     CADDeyG8MBXOzlMEuLlqiqSiFHI.roa (raw, json)
Hash identifier:          PsjDQS0XotPGCZbvpRJdiCzbzLuRHBRPPlBnOXpvAww=
Subject key identifier:   08:00:C3:7B:21:BC:30:15:CE:CE:53:04:B8:B9:6A:8A:A4:A2:14:72
Certificate issuer:       /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial:       01856ED4BCDC887964F9E2F9D0A0401BAC14
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/CADDeyG8MBXOzlMEuLlqiqSiFHI.roa
Signing time:             Sun 01 Jan 2023 19:35:13 +0000
ROA not before:           Sun 01 Jan 2023 19:35:13 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200019
IP address blocks:        188.209.128.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Wed 24 May 2023 16:24:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:d4:bc:dc:88:79:64:f9:e2:f9:d0:a0:40:1b:ac:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
        Validity
            Not Before: Jan  1 19:35:13 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0800c37b21bc3015cece5304b8b96a8aa4a21472
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:58:8c:bc:68:d9:be:4c:f0:4d:d9:1e:54:f2:
                    81:31:8b:9d:cc:80:e5:57:7b:12:27:96:e3:69:e2:
                    ea:dc:85:84:ec:3e:94:da:28:a1:56:b6:38:ec:d6:
                    19:ce:53:fd:46:73:c9:a7:07:69:f3:3e:99:35:85:
                    bf:a0:19:b3:2b:15:b5:b4:33:54:25:25:00:5f:9d:
                    c1:f6:85:b2:d0:09:5b:3f:39:dc:58:fd:fc:10:67:
                    64:6d:cd:ca:15:0b:82:d5:bf:5c:9d:d2:22:22:30:
                    56:c3:f0:b3:68:b6:d0:51:39:51:fb:31:80:17:c5:
                    20:64:51:5d:f5:65:e8:5a:26:b4:df:9a:40:0d:58:
                    73:d5:db:e8:5a:44:10:a8:dc:86:8f:fa:0a:67:1c:
                    37:e3:bd:89:7a:10:bf:24:e6:f6:d2:70:f9:a8:ae:
                    bb:2c:26:6a:f7:22:6e:ba:55:2f:22:a9:e6:e7:2c:
                    d6:14:e7:1d:9c:31:dd:41:24:4e:15:65:8d:a5:9b:
                    18:b4:5a:3c:72:8a:14:57:b7:de:0e:02:02:7e:99:
                    60:89:87:bf:b2:cb:b3:94:e7:29:bd:89:bf:94:87:
                    2c:65:55:52:c7:45:9b:f7:23:f8:76:b4:a4:7b:d0:
                    8d:fa:e7:9e:4f:77:31:c3:f3:0a:67:6e:a2:65:3d:
                    01:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:00:C3:7B:21:BC:30:15:CE:CE:53:04:B8:B9:6A:8A:A4:A2:14:72
            X509v3 Authority Key Identifier:
                keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/CADDeyG8MBXOzlMEuLlqiqSiFHI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.209.128.0/22

    Signature Algorithm: sha256WithRSAEncryption
         1a:1c:6c:4a:74:fe:e4:b7:8f:38:c3:a4:0c:66:b3:ef:96:7d:
         79:a6:fc:c2:65:44:6f:5a:43:d3:d9:ac:b0:4b:0b:97:8b:43:
         da:67:88:38:75:64:97:8a:0e:b7:ad:2b:2c:f5:87:a5:97:f5:
         c0:03:be:9e:a3:b3:85:cf:b5:f3:fe:86:f9:44:55:e7:c6:97:
         a9:7e:33:dc:40:af:68:c6:e2:4b:24:da:ae:f7:01:9d:98:bb:
         ff:40:74:5c:4b:25:ae:65:57:d2:48:54:c1:6a:56:4b:e6:06:
         5c:52:e4:7e:52:9e:ce:79:9f:b2:eb:79:49:6d:4a:74:4f:90:
         92:8d:c9:35:57:2b:98:61:14:4f:8b:53:0b:52:96:9b:7e:d5:
         67:d5:15:46:0e:96:f1:ed:23:9a:37:e9:c2:d7:ec:9b:8c:be:
         77:b6:fd:aa:1f:d7:fa:c9:2f:9f:d8:4c:92:25:f1:b4:d6:b0:
         85:00:dd:b8:70:1a:7e:5e:fb:c1:dd:6a:9e:a9:82:8e:4c:eb:
         80:55:58:49:f4:a4:d6:a7:32:1d:39:94:4e:ff:a3:f2:af:62:
         1f:18:5f:d9:b1:1e:58:41:ef:fc:a2:6d:32:9f:27:af:11:2b:
         81:66:ea:e0:0e:47:36:7c:84:23:87:9d:89:1c:e5:21:20:d0:
         12:c6:9c:06
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVu1LzciHlk+eL50KBAG6wUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjMwMTAxMTkzNTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODAwYzM3YjIxYmMzMDE1Y2VjZTUzMDRiOGI5NmE4YWE0YTIxNDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgFiMvGjZvkzwTdkeVPKBMYudzIDl
V3sSJ5bjaeLq3IWE7D6U2iihVrY47NYZzlP9RnPJpwdp8z6ZNYW/oBmzKxW1tDNU
JSUAX53B9oWy0AlbPzncWP38EGdkbc3KFQuC1b9cndIiIjBWw/CzaLbQUTlR+zGA
F8UgZFFd9WXoWia035pADVhz1dvoWkQQqNyGj/oKZxw3472JehC/JOb20nD5qK67
LCZq9yJuulUvIqnm5yzWFOcdnDHdQSROFWWNpZsYtFo8cooUV7feDgICfplgiYe/
ssuzlOcpvYm/lIcsZVVSx0Wb9yP4drSke9CN+ueeT3cxw/MKZ26iZT0BpQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAgAw3shvDAVzs5TBLi5aoqkohRyMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvQ0FERGV5RzhNQlhPemxNRXVMbHFpcVNpRkhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCvNGAMA0G
CSqGSIb3DQEBCwUAA4IBAQAaHGxKdP7kt484w6QMZrPvln15pvzCZURvWkPT2ayw
SwuXi0PaZ4g4dWSXig63rSss9Yell/XAA76eo7OFz7Xz/ob5RFXnxpepfjPcQK9o
xuJLJNqu9wGdmLv/QHRcSyWuZVfSSFTBalZL5gZcUuR+Up7OeZ+y63lJbUp0T5CS
jck1VyuYYRRPi1MLUpabftVn1RVGDpbx7SOaN+nC1+ybjL53tv2qH9f6yS+f2EyS
JfG01rCFAN24cBp+XvvB3WqeqYKOTOuAVVhJ9KTWpzIdOZRO/6Pyr2IfGF/ZsR5Y
Qe/8om0ynyevESuBZurgDkc2fIQjh52JHOUhINASxpwG
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:54 2024 by rpki-client on console-ams.rpki-client.org