Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/cn3mEe7RRXDVxm6HEVAdqcPrLbE.roa
File:                     cn3mEe7RRXDVxm6HEVAdqcPrLbE.roa (raw, json)
Hash identifier:          h472R3fxnQaldjKht2qyons8141AnMHWs20RGECl6rk=
Subject key identifier:   72:7D:E6:11:EE:D1:45:70:D5:C6:6E:87:11:50:1D:A9:C3:EB:2D:B1
Certificate issuer:       /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial:       01892569B077E51857668026CEE7DB1C7DD7
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/cn3mEe7RRXDVxm6HEVAdqcPrLbE.roa
Signing time:             Wed 05 Jul 2023 09:37:10 +0000
ROA not before:           Wed 05 Jul 2023 09:37:10 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     29802
IP address blocks:        188.209.140.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Mon 24 Jul 2023 14:41:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:25:69:b0:77:e5:18:57:66:80:26:ce:e7:db:1c:7d:d7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
        Validity
            Not Before: Jul  5 09:37:10 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=727de611eed14570d5c66e8711501da9c3eb2db1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:12:b2:fc:0f:c8:42:d1:3a:f4:ae:1e:51:9f:
                    8c:b4:b1:a2:21:ad:a1:08:98:cc:47:34:4f:86:fe:
                    84:76:7a:56:46:40:39:02:38:06:5c:92:66:57:73:
                    92:a9:b6:ef:ad:05:04:fb:7b:0d:3a:67:6d:93:49:
                    b1:46:e5:61:ef:6e:a5:1b:37:87:4f:75:e1:00:da:
                    31:b1:70:29:1e:9b:bf:27:c9:89:1d:83:44:4d:51:
                    a4:a3:f0:82:a7:48:50:68:f0:0b:a9:80:e3:cf:5d:
                    c1:45:13:29:05:22:06:2a:44:b8:20:32:b7:11:47:
                    f8:9b:db:76:21:e1:53:8c:9d:59:dd:5a:be:df:23:
                    a1:04:67:f2:c3:15:70:79:6f:63:a1:c9:82:a0:c9:
                    0d:94:2a:5f:df:71:ff:77:f9:fb:5c:fc:a5:23:79:
                    d8:a7:45:1d:1f:e4:d4:02:ab:05:cf:99:52:fd:c4:
                    1e:93:af:aa:93:5e:71:37:17:70:b7:0d:5e:67:dd:
                    18:11:bb:b2:e6:30:b8:1b:07:22:18:69:20:55:02:
                    69:50:ab:c8:ab:c3:66:0b:90:9b:8c:f6:da:8e:1b:
                    3c:ab:a2:12:66:43:a5:d4:09:3d:af:11:82:56:68:
                    55:64:56:13:d1:ee:f7:6a:90:0a:d0:bb:09:f4:84:
                    d7:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:7D:E6:11:EE:D1:45:70:D5:C6:6E:87:11:50:1D:A9:C3:EB:2D:B1
            X509v3 Authority Key Identifier:
                keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/cn3mEe7RRXDVxm6HEVAdqcPrLbE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.209.140.0/22

    Signature Algorithm: sha256WithRSAEncryption
         7a:70:e5:dd:b7:6c:d1:5a:ec:da:c1:13:03:3a:c7:64:d3:c8:
         52:a8:45:40:10:01:cc:8d:a3:8b:c0:be:68:d0:59:95:b5:16:
         87:a6:7f:eb:14:ae:7b:c8:50:36:a4:c9:34:18:09:ea:a0:61:
         67:0e:a4:04:80:75:c1:33:a2:cc:70:93:df:81:c4:98:ae:fd:
         bb:0c:49:99:02:80:e8:0c:9a:73:cd:cd:20:80:bf:ca:cf:40:
         08:8f:99:7e:22:72:91:ae:fd:59:f1:61:fd:52:50:0c:62:30:
         84:24:f4:8c:6d:8d:f4:0a:b5:67:3b:e2:c2:b7:4d:c2:b9:9e:
         71:d5:34:97:58:21:23:50:b1:e1:50:96:0e:11:16:61:b5:14:
         6e:5a:55:51:3e:aa:30:e4:20:9f:19:bd:b2:89:8f:8e:97:8f:
         c5:f0:db:3b:fc:af:2d:31:c9:04:5f:e6:06:e9:b4:07:b6:a2:
         7f:54:02:5e:ad:7f:d4:57:f5:f2:20:fb:30:21:74:dd:66:1e:
         7a:c4:69:8b:07:9b:b6:64:2f:d4:1c:cf:d5:e4:d0:be:2a:75:
         c5:56:63:7f:85:94:14:d8:86:25:d9:b5:50:39:24:77:f5:8e:
         1f:09:3b:c8:a3:21:bc:99:81:20:14:fa:cb:63:f4:ca:01:b2:
         e1:d4:f8:1f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYklabB35RhXZoAmzufbHH3XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjMwNzA1MDkzNzEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjdkZTYxMWVlZDE0NTcwZDVjNjZlODcxMTUwMWRhOWMzZWIyZGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5xKy/A/IQtE69K4eUZ+MtLGiIa2h
CJjMRzRPhv6EdnpWRkA5AjgGXJJmV3OSqbbvrQUE+3sNOmdtk0mxRuVh726lGzeH
T3XhANoxsXApHpu/J8mJHYNETVGko/CCp0hQaPALqYDjz13BRRMpBSIGKkS4IDK3
EUf4m9t2IeFTjJ1Z3Vq+3yOhBGfywxVweW9jocmCoMkNlCpf33H/d/n7XPylI3nY
p0UdH+TUAqsFz5lS/cQek6+qk15xNxdwtw1eZ90YEbuy5jC4GwciGGkgVQJpUKvI
q8NmC5CbjPbajhs8q6ISZkOl1Ak9rxGCVmhVZFYT0e73apAK0LsJ9ITX1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHJ95hHu0UVw1cZuhxFQHanD6y2xMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvY24zbUVlN1JSWERWeG02SEVWQWRxY1ByTGJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCvNGMMA0G
CSqGSIb3DQEBCwUAA4IBAQB6cOXdt2zRWuzawRMDOsdk08hSqEVAEAHMjaOLwL5o
0FmVtRaHpn/rFK57yFA2pMk0GAnqoGFnDqQEgHXBM6LMcJPfgcSYrv27DEmZAoDo
DJpzzc0ggL/Kz0AIj5l+InKRrv1Z8WH9UlAMYjCEJPSMbY30CrVnO+LCt03CuZ5x
1TSXWCEjULHhUJYOERZhtRRuWlVRPqow5CCfGb2yiY+Ol4/F8Ns7/K8tMckEX+YG
6bQHtqJ/VAJerX/UV/XyIPswIXTdZh56xGmLB5u2ZC/UHM/V5NC+KnXFVmN/hZQU
2IYl2bVQOSR39Y4fCTvIoyG8mYEgFPrLY/TKAbLh1Pgf
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:54 2024 by rpki-client on console-ams.rpki-client.org