Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/zHPOUyVWu_ZIbooeLWbG17qdOEE.roa
File:                     zHPOUyVWu_ZIbooeLWbG17qdOEE.roa (raw, json)
Hash identifier:          Rur2CvG/hHFpiXGPIX1aqgn21dRxKPnEmHQIEWT4dB8=
Subject key identifier:   CC:73:CE:53:25:56:BB:F6:48:6E:8A:1E:2D:66:C6:D7:BA:9D:38:41
Certificate issuer:       /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial:       018DB0A5F26A67C7945CED3CCAF05A0614AF
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/zHPOUyVWu_ZIbooeLWbG17qdOEE.roa
Signing time:             Fri 16 Feb 2024 06:41:21 +0000
ROA not before:           Fri 16 Feb 2024 06:41:21 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     62240
IP address blocks:        188.209.140.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Sun 18 Feb 2024 20:11:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:b0:a5:f2:6a:67:c7:94:5c:ed:3c:ca:f0:5a:06:14:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
        Validity
            Not Before: Feb 16 06:41:21 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=cc73ce532556bbf6486e8a1e2d66c6d7ba9d3841
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:18:8e:26:e5:cb:21:77:8d:8e:9f:0f:38:51:
                    0c:fb:77:29:2e:2c:7c:cd:e9:ed:da:4b:82:e7:78:
                    7c:eb:c3:69:02:0f:bc:58:ff:10:ea:0c:32:50:df:
                    0f:9d:5b:c3:7f:be:6c:82:6e:cb:58:1c:39:32:1b:
                    b7:a5:bb:d8:cb:9a:c2:72:fb:e1:bc:7a:c9:0e:05:
                    f2:a8:15:b3:e2:7b:55:b6:87:1e:be:5d:0c:33:c4:
                    15:93:f3:af:51:32:24:c9:0b:29:c2:46:ce:7f:54:
                    e1:e0:0d:e6:2e:cb:dd:0d:71:a7:54:5b:ec:8b:b6:
                    ac:60:c5:36:22:35:6d:ea:e2:3b:67:a7:d7:31:10:
                    19:a6:23:46:d2:38:0d:3d:bc:15:54:19:e7:97:51:
                    9f:98:e9:2a:53:5d:0e:b0:58:e1:2d:7b:80:02:7d:
                    ff:ab:de:e8:a7:48:12:3b:19:d2:fe:fb:46:c9:f0:
                    a5:10:e8:8c:0c:8f:d0:f8:2b:3d:06:d8:e6:89:fc:
                    43:49:a0:c0:b7:b7:08:7e:44:60:d3:d0:4c:2c:f5:
                    df:eb:8d:fc:46:42:31:60:02:d6:7f:b1:78:bc:31:
                    31:d2:09:a7:e4:a8:c9:90:1a:2f:eb:72:82:1c:04:
                    f0:44:a5:a7:1a:0d:8c:d3:8f:16:10:13:6a:e9:1d:
                    91:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:73:CE:53:25:56:BB:F6:48:6E:8A:1E:2D:66:C6:D7:BA:9D:38:41
            X509v3 Authority Key Identifier:
                keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/zHPOUyVWu_ZIbooeLWbG17qdOEE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.209.140.0/22

    Signature Algorithm: sha256WithRSAEncryption
         b4:52:68:3e:80:ee:a5:43:68:d6:19:f2:0e:c3:e4:2e:9d:a6:
         5e:9b:3c:73:98:23:7a:13:51:47:35:46:57:0d:17:b2:0e:40:
         44:bc:74:bd:ff:e5:ea:aa:db:08:63:93:1b:1c:fe:eb:0f:e9:
         cd:0b:78:56:10:d7:27:c5:cb:77:2a:7e:53:d0:9f:d8:ce:24:
         ce:8f:06:42:a2:26:b0:1b:97:bd:3c:a7:40:25:1f:da:5b:e0:
         7d:10:85:da:72:1a:6f:d7:39:79:38:98:6f:df:51:2c:4d:f5:
         53:e1:20:7e:be:9f:9d:d2:ee:15:52:23:7a:ea:83:8c:cd:dd:
         84:01:a7:36:34:10:25:71:0d:2a:1a:f2:08:c8:c8:60:50:2c:
         c6:f6:05:b1:4c:c8:c0:ae:02:40:c8:20:a3:ef:d2:58:d4:2e:
         a3:f1:12:5a:25:38:c3:a8:ea:1e:3d:18:6b:b8:46:e9:96:99:
         10:74:4f:0a:8f:e6:cf:5c:fe:0a:10:aa:05:ce:2d:c5:7c:09:
         bd:e9:df:02:b9:5e:cd:b3:63:82:45:a4:04:68:31:7b:bd:97:
         cf:f3:c5:d3:4b:31:03:31:e5:6a:34:6d:0d:be:f8:e0:4e:b3:
         05:da:ad:d5:8d:c0:b1:9d:26:10:b5:c1:46:06:3b:7a:2b:93:
         72:b7:da:5e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY2wpfJqZ8eUXO08yvBaBhSvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjQwMjE2MDY0MTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzczY2U1MzI1NTZiYmY2NDg2ZThhMWUyZDY2YzZkN2JhOWQzODQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAixiOJuXLIXeNjp8POFEM+3cpLix8
zent2kuC53h868NpAg+8WP8Q6gwyUN8PnVvDf75sgm7LWBw5Mhu3pbvYy5rCcvvh
vHrJDgXyqBWz4ntVtocevl0MM8QVk/OvUTIkyQspwkbOf1Th4A3mLsvdDXGnVFvs
i7asYMU2IjVt6uI7Z6fXMRAZpiNG0jgNPbwVVBnnl1GfmOkqU10OsFjhLXuAAn3/
q97op0gSOxnS/vtGyfClEOiMDI/Q+Cs9BtjmifxDSaDAt7cIfkRg09BMLPXf6438
RkIxYALWf7F4vDEx0gmn5KjJkBov63KCHATwRKWnGg2M048WEBNq6R2RsQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMxzzlMlVrv2SG6KHi1mxte6nThBMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvekhQT1V5Vld1X1pJYm9vZUxXYkcxN3FkT0VFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCvNGMMA0G
CSqGSIb3DQEBCwUAA4IBAQC0Umg+gO6lQ2jWGfIOw+QunaZemzxzmCN6E1FHNUZX
DReyDkBEvHS9/+XqqtsIY5MbHP7rD+nNC3hWENcnxct3Kn5T0J/YziTOjwZCoiaw
G5e9PKdAJR/aW+B9EIXachpv1zl5OJhv31EsTfVT4SB+vp+d0u4VUiN66oOMzd2E
Aac2NBAlcQ0qGvIIyMhgUCzG9gWxTMjArgJAyCCj79JY1C6j8RJaJTjDqOoePRhr
uEbplpkQdE8Kj+bPXP4KEKoFzi3FfAm96d8CuV7Ns2OCRaQEaDF7vZfP88XTSzED
MeVqNG0NvvjgTrMF2q3VjcCxnSYQtcFGBjt6K5Nyt9pe
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:41 2024 by rpki-client on console-fra.rpki-client.org