Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/73195c-e663-498c-97db-af64f3fa2459/1/9eP4uUHbv2viwx8K5gQeFwyME8c.roa
File:                     9eP4uUHbv2viwx8K5gQeFwyME8c.roa (raw, json)
Hash identifier:          ndAo/6/LMj2Qfvg6MVzXy878gVrja9xnwwNTuSukAxI=
Subject key identifier:   F5:E3:F8:B9:41:DB:BF:6B:E2:C3:1F:0A:E6:04:1E:17:0C:8C:13:C7
Certificate issuer:       /CN=83f36b0adee6cb5518763b5bc8eaa3d41f23e938
Certificate serial:       018B147D92EFEE9DACA341B609CE7977AC4D
Authority key identifier: 83:F3:6B:0A:DE:E6:CB:55:18:76:3B:5B:C8:EA:A3:D4:1F:23:E9:38
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/g_NrCt7my1UYdjtbyOqj1B8j6Tg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/73195c-e663-498c-97db-af64f3fa2459/1/9eP4uUHbv2viwx8K5gQeFwyME8c.roa
Signing time:             Mon 09 Oct 2023 12:50:55 +0000
ROA not before:           Mon 09 Oct 2023 12:50:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209372
IP address blocks:        176.100.150.0/24 maxlen: 24
                          176.100.147.0/24 maxlen: 24
                          176.100.156.0/24 maxlen: 24
                          176.100.157.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:30:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:14:7d:92:ef:ee:9d:ac:a3:41:b6:09:ce:79:77:ac:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=83f36b0adee6cb5518763b5bc8eaa3d41f23e938
        Validity
            Not Before: Oct  9 12:50:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f5e3f8b941dbbf6be2c31f0ae6041e170c8c13c7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:51:7c:28:0d:ee:b0:82:d2:db:fb:75:fd:d9:
                    4c:2d:45:2d:4b:4e:6f:28:5e:a6:f6:c9:fa:4e:86:
                    8d:dc:f4:f7:7a:56:55:9d:73:6a:69:06:dd:40:97:
                    a7:94:c9:d5:30:b2:9f:f0:45:bb:b0:76:51:80:ef:
                    42:01:19:59:76:71:3c:8b:ab:ba:22:c5:59:1c:4a:
                    0c:d9:41:a9:03:40:e9:eb:3b:0c:7f:dd:6e:96:f4:
                    9e:5e:8e:82:9e:1f:64:4a:10:ab:63:47:c5:51:cb:
                    3a:03:80:77:bf:69:c3:4e:a1:9b:b8:d6:6b:9c:cc:
                    d9:fe:8a:08:b4:d6:5b:34:de:75:82:5d:e7:01:99:
                    f3:c0:9c:9d:04:e3:71:59:f6:2d:9d:d6:4c:71:c7:
                    2a:ea:c0:1b:fa:ba:4f:99:b1:94:57:e8:59:fe:57:
                    1e:a7:41:5b:23:65:05:48:db:9e:43:ea:5f:c7:90:
                    59:8a:5c:4f:54:57:85:a7:6d:aa:aa:18:72:49:3d:
                    4d:8d:06:5f:2e:d0:f9:ad:c5:de:91:fe:f9:0d:c5:
                    8d:9f:08:11:19:01:51:9a:40:81:81:5c:07:82:d3:
                    f5:b9:d2:f7:03:d4:d1:6f:35:9b:43:e6:54:8a:58:
                    01:83:05:29:b1:17:a1:6f:b3:1c:86:45:9a:cd:64:
                    80:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:E3:F8:B9:41:DB:BF:6B:E2:C3:1F:0A:E6:04:1E:17:0C:8C:13:C7
            X509v3 Authority Key Identifier:
                keyid:83:F3:6B:0A:DE:E6:CB:55:18:76:3B:5B:C8:EA:A3:D4:1F:23:E9:38

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g_NrCt7my1UYdjtbyOqj1B8j6Tg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/73195c-e663-498c-97db-af64f3fa2459/1/9eP4uUHbv2viwx8K5gQeFwyME8c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/73195c-e663-498c-97db-af64f3fa2459/1/g_NrCt7my1UYdjtbyOqj1B8j6Tg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.100.147.0/24
                  176.100.150.0/24
                  176.100.156.0/23

    Signature Algorithm: sha256WithRSAEncryption
         85:e7:54:1f:b8:93:95:0d:5e:92:fd:c5:57:2a:56:d1:2f:79:
         a6:1d:60:2c:7e:d5:16:ac:ad:ec:1a:89:53:6b:f5:8a:ef:3b:
         18:bd:ac:4b:59:60:7d:60:2e:22:9a:f6:f8:b4:bf:64:a1:eb:
         cf:1e:30:c2:ff:16:90:3b:d9:a9:aa:be:e5:a2:41:59:11:5b:
         c5:c8:b0:6e:92:91:d3:3d:44:48:32:61:ba:64:88:93:b0:ee:
         d4:7e:3b:46:90:2d:7b:1d:ba:97:0e:c5:32:88:fe:c3:4e:04:
         b8:e3:c7:84:96:ec:ee:1f:e6:7a:5a:e9:8a:fd:5a:17:d3:2b:
         d6:d2:4b:4e:de:d1:c7:ac:f2:40:da:5a:0b:ec:25:30:ce:20:
         ba:04:e7:f3:40:ee:af:a6:e0:ae:6c:c8:3f:aa:e6:ca:66:2b:
         fa:76:a1:b4:4c:88:94:db:a6:61:33:35:9c:19:39:52:24:88:
         7b:50:2f:7a:ef:fb:db:bb:84:d8:2f:83:49:1a:29:99:48:80:
         05:07:53:fe:d1:91:d7:da:c8:a5:90:47:c6:d3:67:8d:e6:c7:
         52:a3:18:db:f0:47:78:5b:8e:2c:27:75:a9:6e:9f:0a:bc:48:
         8f:bb:9e:1d:94:db:d9:ea:96:99:85:80:de:6b:00:e8:87:07:
         f3:26:fe:b6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYsUfZLv7p2so0G2Cc55d6xNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzZjM2YjBhZGVlNmNiNTUxODc2M2I1YmM4ZWFhM2Q0MWYy
M2U5MzgwHhcNMjMxMDA5MTI1MDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWUzZjhiOTQxZGJiZjZiZTJjMzFmMGFlNjA0MWUxNzBjOGMxM2M3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzlF8KA3usILS2/t1/dlMLUUtS05v
KF6m9sn6ToaN3PT3elZVnXNqaQbdQJenlMnVMLKf8EW7sHZRgO9CARlZdnE8i6u6
IsVZHEoM2UGpA0Dp6zsMf91ulvSeXo6Cnh9kShCrY0fFUcs6A4B3v2nDTqGbuNZr
nMzZ/ooItNZbNN51gl3nAZnzwJydBONxWfYtndZMcccq6sAb+rpPmbGUV+hZ/lce
p0FbI2UFSNueQ+pfx5BZilxPVFeFp22qqhhyST1NjQZfLtD5rcXekf75DcWNnwgR
GQFRmkCBgVwHgtP1udL3A9TRbzWbQ+ZUilgBgwUpsRehb7MchkWazWSAXwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPXj+LlB279r4sMfCuYEHhcMjBPHMB8GA1UdIwQY
MBaAFIPzawre5stVGHY7W8jqo9QfI+k4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ19OckN0N215MVVZZGp0YnlPcWoxQjhqNlRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC83MzE5NWMtZTY2My00OThjLTk3ZGIt
YWY2NGYzZmEyNDU5LzEvOWVQNHVVSGJ2MnZpd3g4SzVnUWVGd3lNRThjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC83MzE5NWMtZTY2My00OThjLTk3ZGItYWY2NGYzZmEyNDU5
LzEvZ19OckN0N215MVVZZGp0YnlPcWoxQjhqNlRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAsGSTAwQA
sGSWAwQBsGScMA0GCSqGSIb3DQEBCwUAA4IBAQCF51QfuJOVDV6S/cVXKlbRL3mm
HWAsftUWrK3sGolTa/WK7zsYvaxLWWB9YC4imvb4tL9koevPHjDC/xaQO9mpqr7l
okFZEVvFyLBukpHTPURIMmG6ZIiTsO7UfjtGkC17HbqXDsUyiP7DTgS448eEluzu
H+Z6WumK/VoX0yvW0ktO3tHHrPJA2loL7CUwziC6BOfzQO6vpuCubMg/qubKZiv6
dqG0TIiU26ZhMzWcGTlSJIh7UC967/vbu4TYL4NJGimZSIAFB1P+0ZHX2silkEfG
02eN5sdSoxjb8Ed4W44sJ3Wpbp8KvEiPu54dlNvZ6paZhYDeawDohwfzJv62
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:59 2024 by rpki-client on console-fra.rpki-client.org