Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/Io4783MjsmCU8up_N23YUsEKzdw.roa
File:                     Io4783MjsmCU8up_N23YUsEKzdw.roa (raw, json)
Hash identifier:          pPC6/gTS/R8c4GSYR4vtB67QkPOEVafXj6yifFQfJVA=
Subject key identifier:   22:8E:3B:F3:73:23:B2:60:94:F2:EA:7F:37:6D:D8:52:C1:0A:CD:DC
Certificate issuer:       /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial:       01884E9541CD736F391192D4843EE61E8918
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/Io4783MjsmCU8up_N23YUsEKzdw.roa
Signing time:             Wed 24 May 2023 16:26:24 +0000
ROA not before:           Wed 24 May 2023 16:26:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        188.209.128.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Sat 03 Jun 2023 04:07:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:4e:95:41:cd:73:6f:39:11:92:d4:84:3e:e6:1e:89:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
        Validity
            Not Before: May 24 16:26:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=228e3bf37323b26094f2ea7f376dd852c10acddc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:4b:86:5c:8c:48:57:01:00:af:39:32:f1:92:
                    f7:95:c2:99:94:c6:b9:5a:80:0c:f8:d1:d5:5d:a3:
                    b7:b0:ce:29:93:b8:1a:b2:f8:05:71:88:d4:1f:93:
                    d9:21:b2:79:3d:fa:72:89:39:9c:05:ab:92:be:79:
                    65:21:99:85:af:b7:a3:1b:9c:32:56:1d:a8:f7:f9:
                    42:57:4d:bb:a2:a0:13:9d:37:75:9f:65:00:a8:0c:
                    d0:56:6b:c5:10:61:1d:cf:dd:f8:3d:da:f2:3e:4c:
                    11:9e:1b:63:77:ce:08:77:f7:fa:35:6d:66:58:a3:
                    56:59:b0:7d:81:44:9e:25:54:4b:00:29:f9:2f:ab:
                    46:f1:13:71:ff:86:54:d3:10:aa:d3:a5:fa:da:69:
                    28:fb:62:cb:74:46:93:1b:41:5f:1e:7f:2e:61:ab:
                    c4:16:a1:14:37:bf:43:8f:fb:0c:80:34:e1:5e:60:
                    56:74:62:e5:df:48:a0:98:46:5c:08:d6:89:8d:45:
                    97:d9:2e:3b:c1:11:07:e0:d9:41:6e:30:d1:e7:fd:
                    cd:40:4b:ac:c3:79:30:0b:0f:5a:fe:77:ba:15:ba:
                    70:bf:b8:5d:5c:47:71:6b:16:30:a7:0e:8d:81:ef:
                    8a:09:6e:48:3d:18:d9:71:11:29:de:dd:d9:4c:c6:
                    2e:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:8E:3B:F3:73:23:B2:60:94:F2:EA:7F:37:6D:D8:52:C1:0A:CD:DC
            X509v3 Authority Key Identifier:
                keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/Io4783MjsmCU8up_N23YUsEKzdw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.209.128.0/22

    Signature Algorithm: sha256WithRSAEncryption
         4d:36:24:13:9a:ab:cb:1b:c7:a3:17:51:a9:f2:1c:f3:86:26:
         90:5d:77:97:72:01:46:3c:ff:2f:fa:de:80:5b:1b:3f:50:d3:
         20:1a:18:57:e3:7c:f4:a0:bb:48:b5:3f:b4:ee:22:e8:8e:4f:
         00:bc:a6:be:ba:50:97:be:60:0e:87:8e:c7:bd:81:ee:4e:20:
         26:ec:87:4f:3f:ca:e1:7f:a6:a2:75:e7:dc:4b:9d:29:8d:0b:
         b6:2a:6a:12:32:38:69:a6:89:8d:90:08:0a:ad:65:11:0a:a2:
         12:6b:6e:25:c4:e6:9d:25:6b:00:71:e9:ec:9c:eb:56:7d:b9:
         b2:5e:7f:39:f4:ad:24:a2:2e:e9:37:d4:22:fb:31:a8:07:37:
         c7:3b:06:02:b0:0d:d2:69:36:79:6b:74:81:7d:b4:2c:a0:d4:
         61:7c:e9:73:31:c3:80:17:ff:fc:66:f7:9e:7e:61:cf:44:dd:
         ae:ae:ac:9e:e2:76:2b:4b:35:fa:74:68:b9:46:75:2a:1d:70:
         e0:2b:69:4d:67:dd:ff:bb:ae:97:e9:85:14:c1:d3:32:d1:ad:
         27:cc:cd:f7:3d:12:90:b6:9e:b7:21:b9:bf:f4:3e:90:8b:f6:
         62:98:e6:1c:02:e9:32:58:07:2b:dc:d2:6e:32:d9:7c:af:e4:
         f9:13:b0:ba
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYhOlUHNc285EZLUhD7mHokYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjMwNTI0MTYyNjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjhlM2JmMzczMjNiMjYwOTRmMmVhN2YzNzZkZDg1MmMxMGFjZGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiUuGXIxIVwEArzky8ZL3lcKZlMa5
WoAM+NHVXaO3sM4pk7gasvgFcYjUH5PZIbJ5PfpyiTmcBauSvnllIZmFr7ejG5wy
Vh2o9/lCV027oqATnTd1n2UAqAzQVmvFEGEdz934PdryPkwRnhtjd84Id/f6NW1m
WKNWWbB9gUSeJVRLACn5L6tG8RNx/4ZU0xCq06X62mko+2LLdEaTG0FfHn8uYavE
FqEUN79Dj/sMgDThXmBWdGLl30igmEZcCNaJjUWX2S47wREH4NlBbjDR5/3NQEus
w3kwCw9a/ne6Fbpwv7hdXEdxaxYwpw6Nge+KCW5IPRjZcREp3t3ZTMYu7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCKOO/NzI7JglPLqfzdt2FLBCs3cMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvSW80NzgzTWpzbUNVOHVwX04yM1lVc0VLemR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCvNGAMA0G
CSqGSIb3DQEBCwUAA4IBAQBNNiQTmqvLG8ejF1Gp8hzzhiaQXXeXcgFGPP8v+t6A
Wxs/UNMgGhhX43z0oLtItT+07iLojk8AvKa+ulCXvmAOh47HvYHuTiAm7IdPP8rh
f6aidefcS50pjQu2KmoSMjhppomNkAgKrWURCqISa24lxOadJWsAcensnOtWfbmy
Xn859K0koi7pN9Qi+zGoBzfHOwYCsA3SaTZ5a3SBfbQsoNRhfOlzMcOAF//8Zvee
fmHPRN2urqye4nYrSzX6dGi5RnUqHXDgK2lNZ93/u66X6YUUwdMy0a0nzM33PRKQ
tp63Ibm/9D6Qi/ZimOYcAukyWAcr3NJuMtl8r+T5E7C6
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:54 2024 by rpki-client on console-ams.rpki-client.org