Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/pvW2VDmox_F8rKcbBUBS1EwW7oI.roa
File:                     pvW2VDmox_F8rKcbBUBS1EwW7oI.roa (raw, json)
Hash identifier:          rnoDvMC+iYBdgxSLlT7DGhNTMtrMe7zftFuk7wsUa0o=
Subject key identifier:   A6:F5:B6:54:39:A8:C7:F1:7C:AC:A7:1B:05:40:52:D4:4C:16:EE:82
Certificate issuer:       /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial:       018CF3F8D819C5CB933F018218A04538945A
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/pvW2VDmox_F8rKcbBUBS1EwW7oI.roa
Signing time:             Wed 10 Jan 2024 15:23:40 +0000
ROA not before:           Wed 10 Jan 2024 15:23:40 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        188.209.132.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Sat 20 Jan 2024 07:25:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:f3:f8:d8:19:c5:cb:93:3f:01:82:18:a0:45:38:94:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
        Validity
            Not Before: Jan 10 15:23:40 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=a6f5b65439a8c7f17caca71b054052d44c16ee82
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:ac:04:81:21:78:58:86:61:f9:93:d2:7e:a7:
                    d2:c8:61:9d:9b:e0:5f:c8:5d:30:9a:c9:bd:9d:69:
                    f2:3b:4b:47:47:f3:ac:d4:c4:a5:32:bd:f0:ba:75:
                    75:e8:42:0b:ac:9d:4c:a9:13:23:5b:11:13:e4:61:
                    c0:4b:51:8e:cc:d5:51:0f:0d:f4:65:f9:bf:81:49:
                    b4:e9:6a:61:4d:4b:0d:a1:e0:70:72:81:72:ef:c1:
                    97:1b:47:62:2a:d3:5d:fc:7c:24:de:c6:d9:18:02:
                    4c:f8:c5:7e:fc:4e:81:35:10:73:9f:0e:9a:43:f7:
                    73:bb:ed:6f:cd:9d:ef:1a:31:90:c8:d0:de:e9:e7:
                    58:8d:fe:29:0e:c5:56:29:23:56:35:8e:89:88:ac:
                    10:99:71:92:3d:e7:a9:ea:6d:f6:f8:c9:c8:69:4f:
                    43:63:3a:75:71:0c:00:79:af:73:55:78:ad:43:d8:
                    95:84:2d:fc:a8:b9:57:88:57:3d:27:1f:ad:ef:ee:
                    1d:95:f0:8e:64:52:b6:97:3e:1e:7f:d3:03:56:db:
                    d6:fc:13:e3:46:c7:aa:dd:5e:b3:62:ad:08:13:af:
                    a0:a2:3c:5e:1b:77:42:ef:96:87:7c:9e:2a:d6:9c:
                    3b:6b:30:5e:34:a3:1f:ba:32:22:e7:35:37:73:93:
                    02:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:F5:B6:54:39:A8:C7:F1:7C:AC:A7:1B:05:40:52:D4:4C:16:EE:82
            X509v3 Authority Key Identifier:
                keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/pvW2VDmox_F8rKcbBUBS1EwW7oI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.209.132.0/22

    Signature Algorithm: sha256WithRSAEncryption
         63:e4:b8:30:89:3b:6e:d4:3c:9a:48:6e:1a:d9:c2:8d:64:20:
         d6:28:e2:a5:e2:9a:80:07:45:b0:7a:d9:0a:f3:93:67:86:1a:
         0a:3a:44:e0:03:90:3d:98:67:fc:44:4e:3a:bc:f1:73:98:03:
         a7:90:b6:8b:6d:35:b8:8e:9a:6b:b1:88:30:48:42:3c:4a:c2:
         bb:be:dc:91:09:62:db:8d:53:01:5b:f4:84:cb:3a:31:a7:f8:
         b7:ef:c0:9f:a9:73:58:ac:7e:4a:9d:40:31:db:d2:39:f6:1d:
         97:4b:0e:7e:ae:5d:b2:fd:11:b6:b1:f9:0a:3a:6e:6f:2a:e3:
         1f:0c:54:7e:86:5e:ea:e2:f2:e9:2c:6a:9b:79:53:eb:6b:cd:
         74:da:2a:85:3c:5b:fd:f0:43:e1:1b:44:8d:e8:f6:00:37:ed:
         d9:1f:ce:e0:62:f3:15:aa:53:88:7e:4d:2c:b6:d2:bf:e6:01:
         8f:83:09:ec:79:8a:2c:7a:d0:7a:f0:59:6e:c6:db:f6:b4:9f:
         57:78:3b:6c:94:82:a3:45:bf:5a:b3:97:b6:df:8d:04:cb:95:
         c3:39:76:8c:e4:ae:ce:cb:42:d9:35:73:54:a8:62:12:44:25:
         a6:94:b8:8f:93:06:ec:bc:fc:2b:97:e7:50:35:2a:79:21:8a:
         15:72:bf:20
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzz+NgZxcuTPwGCGKBFOJRaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjQwMTEwMTUyMzQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmY1YjY1NDM5YThjN2YxN2NhY2E3MWIwNTQwNTJkNDRjMTZlZTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi6wEgSF4WIZh+ZPSfqfSyGGdm+Bf
yF0wmsm9nWnyO0tHR/Os1MSlMr3wunV16EILrJ1MqRMjWxET5GHAS1GOzNVRDw30
Zfm/gUm06WphTUsNoeBwcoFy78GXG0diKtNd/Hwk3sbZGAJM+MV+/E6BNRBznw6a
Q/dzu+1vzZ3vGjGQyNDe6edYjf4pDsVWKSNWNY6JiKwQmXGSPeep6m32+MnIaU9D
Yzp1cQwAea9zVXitQ9iVhC38qLlXiFc9Jx+t7+4dlfCOZFK2lz4ef9MDVtvW/BPj
Rseq3V6zYq0IE6+gojxeG3dC75aHfJ4q1pw7azBeNKMfujIi5zU3c5MCeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKb1tlQ5qMfxfKynGwVAUtRMFu6CMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvcHZXMlZEbW94X0Y4cktjYkJVQlMxRXdXN29JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCvNGEMA0G
CSqGSIb3DQEBCwUAA4IBAQBj5LgwiTtu1DyaSG4a2cKNZCDWKOKl4pqAB0WwetkK
85NnhhoKOkTgA5A9mGf8RE46vPFzmAOnkLaLbTW4jpprsYgwSEI8SsK7vtyRCWLb
jVMBW/SEyzoxp/i378CfqXNYrH5KnUAx29I59h2XSw5+rl2y/RG2sfkKOm5vKuMf
DFR+hl7q4vLpLGqbeVPra8102iqFPFv98EPhG0SN6PYAN+3ZH87gYvMVqlOIfk0s
ttK/5gGPgwnseYosetB68Fluxtv2tJ9XeDtslIKjRb9as5e2340Ey5XDOXaM5K7O
y0LZNXNUqGISRCWmlLiPkwbsvPwrl+dQNSp5IYoVcr8g
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:41 2024 by rpki-client on console-fra.rpki-client.org