Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/oXuVLCynrJStKBL_wbFl6zekxXw.roa
File:                     oXuVLCynrJStKBL_wbFl6zekxXw.roa (raw, json)
Hash identifier:          ZO7jvwAzFu1P96HlA688EXdg8cB4lguyONz4vCVhy7o=
Subject key identifier:   A1:7B:95:2C:2C:A7:AC:94:AD:28:12:FF:C1:B1:65:EB:37:A4:C5:7C
Certificate issuer:       /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial:       018AA171E4097CDA96669B6B573E1708BB5C
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/oXuVLCynrJStKBL_wbFl6zekxXw.roa
Signing time:             Sun 17 Sep 2023 04:41:50 +0000
ROA not before:           Sun 17 Sep 2023 04:41:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        188.209.140.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Fri 22 Sep 2023 22:49:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:a1:71:e4:09:7c:da:96:66:9b:6b:57:3e:17:08:bb:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
        Validity
            Not Before: Sep 17 04:41:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a17b952c2ca7ac94ad2812ffc1b165eb37a4c57c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:dc:6d:c1:09:f9:1b:e9:79:e3:ae:29:3a:91:
                    48:1b:83:4e:09:ce:d4:22:51:b1:a5:0b:50:d2:66:
                    14:4f:e3:04:2f:ec:dc:ea:b0:6f:7a:f0:de:f8:b8:
                    4f:84:b8:e7:68:a9:41:c5:7f:9d:51:19:05:aa:cc:
                    16:0f:7b:5b:6b:e7:35:b7:9e:e8:71:a2:8a:ed:d4:
                    f8:a2:31:26:78:98:fa:57:c6:12:bb:e7:ac:2d:ba:
                    65:3d:ed:fb:75:b5:0e:b8:75:c8:10:c8:c5:60:cb:
                    a8:96:35:4d:9b:31:b1:ab:97:47:93:0d:66:53:d5:
                    a7:ce:f5:dd:e9:63:b7:a0:52:6f:fb:e1:a0:12:c9:
                    cd:a8:d1:57:2c:de:56:b6:99:5a:5b:c6:ec:45:f4:
                    17:a0:0b:f1:b8:20:60:7c:10:29:b8:10:e7:b9:66:
                    95:63:db:25:79:db:13:06:a0:c6:91:53:cc:f0:02:
                    94:99:c8:5b:20:be:a8:a8:e4:37:25:35:fb:8d:bb:
                    42:32:dd:72:65:90:ad:08:01:b8:6c:ac:f0:eb:e5:
                    d6:f4:c3:9a:bc:de:a7:d9:8d:38:ab:61:5d:b7:98:
                    c5:cb:3d:96:41:27:ef:4c:40:fc:fb:89:68:7e:38:
                    97:b7:8d:06:1b:d5:a0:b0:88:82:b8:ec:ff:af:a5:
                    5b:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:7B:95:2C:2C:A7:AC:94:AD:28:12:FF:C1:B1:65:EB:37:A4:C5:7C
            X509v3 Authority Key Identifier:
                keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/oXuVLCynrJStKBL_wbFl6zekxXw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.209.140.0/22

    Signature Algorithm: sha256WithRSAEncryption
         79:ac:07:fe:dc:4b:b1:d9:6e:ad:76:ee:d9:e9:9c:a6:98:6d:
         5e:a7:12:f5:28:47:1c:ed:04:f1:b2:0f:31:77:64:53:ab:73:
         6c:e0:13:3a:49:25:bb:83:ba:6a:1e:8e:36:ef:38:78:7c:be:
         48:77:b3:85:02:8e:f9:6d:87:36:10:30:e7:5e:4f:e5:22:6b:
         9b:22:d1:d5:87:32:ab:ef:24:be:69:80:c0:3c:c7:37:06:7f:
         4f:80:e6:5d:80:75:c4:32:09:cf:27:83:2e:61:b2:ac:5f:6d:
         61:ee:d3:58:83:bd:f4:01:3a:41:c1:00:ff:96:28:5f:76:56:
         d9:3a:e7:c3:56:61:8a:24:b4:12:cd:f7:be:fb:28:4d:99:64:
         43:dd:5f:bc:d1:ce:bf:72:79:bf:e2:34:44:4e:db:a3:72:06:
         b0:2f:ea:8f:d7:69:51:a3:02:0b:e3:25:58:b3:ce:59:4f:30:
         94:11:b3:e2:74:8e:27:72:6a:e6:14:80:a2:83:04:e5:57:d5:
         89:6a:72:fd:cf:3e:db:1e:05:54:13:bc:d1:84:6d:7a:3e:5f:
         cc:33:8c:a5:2a:72:22:6e:81:1a:2f:98:df:52:1d:fb:94:e0:
         3c:0e:49:0f:60:b3:b7:46:ad:1c:b8:7a:95:8f:bf:df:24:47:
         7c:79:75:71
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYqhceQJfNqWZptrVz4XCLtcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjMwOTE3MDQ0MTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTdiOTUyYzJjYTdhYzk0YWQyODEyZmZjMWIxNjVlYjM3YTRjNTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsNxtwQn5G+l5464pOpFIG4NOCc7U
IlGxpQtQ0mYUT+MEL+zc6rBvevDe+LhPhLjnaKlBxX+dURkFqswWD3tba+c1t57o
caKK7dT4ojEmeJj6V8YSu+esLbplPe37dbUOuHXIEMjFYMuoljVNmzGxq5dHkw1m
U9WnzvXd6WO3oFJv++GgEsnNqNFXLN5WtplaW8bsRfQXoAvxuCBgfBApuBDnuWaV
Y9sledsTBqDGkVPM8AKUmchbIL6oqOQ3JTX7jbtCMt1yZZCtCAG4bKzw6+XW9MOa
vN6n2Y04q2Fdt5jFyz2WQSfvTED8+4lofjiXt40GG9WgsIiCuOz/r6Vb3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKF7lSwsp6yUrSgS/8GxZes3pMV8MB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvb1h1VkxDeW5ySlN0S0JMX3diRmw2emVreFh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCvNGMMA0G
CSqGSIb3DQEBCwUAA4IBAQB5rAf+3Eux2W6tdu7Z6ZymmG1epxL1KEcc7QTxsg8x
d2RTq3Ns4BM6SSW7g7pqHo427zh4fL5Id7OFAo75bYc2EDDnXk/lImubItHVhzKr
7yS+aYDAPMc3Bn9PgOZdgHXEMgnPJ4MuYbKsX21h7tNYg730ATpBwQD/lihfdlbZ
OufDVmGKJLQSzfe++yhNmWRD3V+80c6/cnm/4jRETtujcgawL+qP12lRowIL4yVY
s85ZTzCUEbPidI4ncmrmFICigwTlV9WJanL9zz7bHgVUE7zRhG16Pl/MM4ylKnIi
boEaL5jfUh37lOA8DkkPYLO3Rq0cuHqVj7/fJEd8eXVx
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:41 2024 by rpki-client on console-fra.rpki-client.org