Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/73195c-e663-498c-97db-af64f3fa2459/1/XKrXTlZMqd27il_2mLCMyCCzQeQ.roa
File:                     XKrXTlZMqd27il_2mLCMyCCzQeQ.roa (raw, json)
Hash identifier:          eEMJGR2sTbi6Dmw4KEXkZLIKN38fbRit0cTZzVf0afM=
Subject key identifier:   5C:AA:D7:4E:56:4C:A9:DD:BB:8A:5F:F6:98:B0:8C:C8:20:B3:41:E4
Certificate issuer:       /CN=83f36b0adee6cb5518763b5bc8eaa3d41f23e938
Certificate serial:       018697FFBFDAAB225AEA4A99BA174A6F9AE7
Authority key identifier: 83:F3:6B:0A:DE:E6:CB:55:18:76:3B:5B:C8:EA:A3:D4:1F:23:E9:38
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/g_NrCt7my1UYdjtbyOqj1B8j6Tg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/73195c-e663-498c-97db-af64f3fa2459/1/XKrXTlZMqd27il_2mLCMyCCzQeQ.roa
Signing time:             Tue 28 Feb 2023 12:29:25 +0000
ROA not before:           Tue 28 Feb 2023 12:29:25 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209372
IP address blocks:        176.100.150.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 08 Apr 2023 09:08:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:97:ff:bf:da:ab:22:5a:ea:4a:99:ba:17:4a:6f:9a:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=83f36b0adee6cb5518763b5bc8eaa3d41f23e938
        Validity
            Not Before: Feb 28 12:29:25 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5caad74e564ca9ddbb8a5ff698b08cc820b341e4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:18:27:f9:4c:1e:61:24:5d:7d:63:b8:38:ee:
                    4c:7e:9a:88:c5:97:fb:e8:be:6d:a8:3c:17:1b:52:
                    73:b2:0f:09:71:18:23:6d:c2:ed:a0:b2:56:03:3d:
                    c1:da:fd:12:8a:08:f0:f1:2e:5f:31:ac:c0:09:51:
                    5c:34:7b:29:b3:f7:26:3f:e2:22:e0:e4:e8:d3:ca:
                    db:6e:09:72:3a:7f:46:cd:97:6f:30:fe:4d:41:d4:
                    31:48:4e:ee:d1:f9:81:7a:5d:0e:50:fc:02:3b:fd:
                    d8:60:a6:31:45:cb:06:e4:b4:a5:54:d7:9f:fe:39:
                    e6:05:90:46:c3:ab:cf:50:64:ee:59:22:e3:fe:77:
                    e9:0a:49:82:74:30:67:8c:dd:eb:10:b5:22:76:e5:
                    2d:f5:46:aa:99:25:70:ad:0e:dd:9a:a5:15:df:c4:
                    21:29:7b:6c:06:95:f5:68:65:23:bf:b2:3c:99:30:
                    89:17:b3:10:1f:28:4b:29:3d:75:fc:6d:7b:1e:21:
                    46:9c:20:0b:63:9b:84:7f:87:27:54:98:bc:90:2f:
                    a4:87:0a:fc:2b:d2:65:b5:6f:2c:18:8c:0f:d5:0a:
                    ef:d9:b9:5b:76:43:ce:ed:a9:df:3d:31:d1:87:70:
                    20:6b:11:cc:3f:3d:e4:49:19:bd:16:f0:81:17:17:
                    75:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:AA:D7:4E:56:4C:A9:DD:BB:8A:5F:F6:98:B0:8C:C8:20:B3:41:E4
            X509v3 Authority Key Identifier:
                keyid:83:F3:6B:0A:DE:E6:CB:55:18:76:3B:5B:C8:EA:A3:D4:1F:23:E9:38

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g_NrCt7my1UYdjtbyOqj1B8j6Tg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/73195c-e663-498c-97db-af64f3fa2459/1/XKrXTlZMqd27il_2mLCMyCCzQeQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/73195c-e663-498c-97db-af64f3fa2459/1/g_NrCt7my1UYdjtbyOqj1B8j6Tg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.100.150.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5b:b8:a9:3b:45:02:8e:d0:9f:a2:26:83:fd:ea:08:cc:d2:f5:
         6d:64:e4:89:a5:6b:82:0b:32:8b:2f:c6:94:5f:27:b5:1b:52:
         b5:e0:96:6f:9b:f1:4a:13:69:57:5c:17:ad:01:ff:ba:5f:a6:
         3c:49:7a:72:9a:8a:6b:0a:cb:b6:63:46:32:c7:97:44:20:7a:
         9d:21:a3:07:95:e7:09:4d:7e:dc:37:cb:aa:86:cb:02:b2:af:
         c0:ab:70:ed:84:93:c0:85:3b:7c:17:61:c2:09:a1:30:5c:82:
         16:44:c7:75:3e:e9:0b:db:8a:0f:87:f2:a7:68:4d:ef:8f:e2:
         14:e6:b0:00:30:d4:72:f3:ce:cd:0c:9e:a7:a0:0d:58:8b:70:
         13:7d:a7:7d:f4:b7:a8:b0:a9:7c:7a:54:b0:86:1f:46:d0:f3:
         9a:e5:8f:49:0f:f6:5f:c3:7a:b9:ea:88:40:47:a8:3a:05:24:
         b1:6a:d4:e4:a9:c9:18:c9:3f:08:ff:d7:f5:96:39:90:47:3f:
         e7:92:fc:8b:17:12:ef:7e:18:cd:f4:6d:60:63:6e:cb:3c:ed:
         38:76:ee:7c:3e:d6:74:2f:fd:b2:46:48:a8:ff:f4:57:da:88:
         ff:6a:dc:f7:cd:ac:ea:55:0c:42:81:47:8a:c2:ab:67:64:be:
         04:50:be:c4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYaX/7/aqyJa6kqZuhdKb5rnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzZjM2YjBhZGVlNmNiNTUxODc2M2I1YmM4ZWFhM2Q0MWYy
M2U5MzgwHhcNMjMwMjI4MTIyOTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2FhZDc0ZTU2NGNhOWRkYmI4YTVmZjY5OGIwOGNjODIwYjM0MWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArRgn+UweYSRdfWO4OO5MfpqIxZf7
6L5tqDwXG1Jzsg8JcRgjbcLtoLJWAz3B2v0Sigjw8S5fMazACVFcNHsps/cmP+Ii
4OTo08rbbglyOn9GzZdvMP5NQdQxSE7u0fmBel0OUPwCO/3YYKYxRcsG5LSlVNef
/jnmBZBGw6vPUGTuWSLj/nfpCkmCdDBnjN3rELUiduUt9UaqmSVwrQ7dmqUV38Qh
KXtsBpX1aGUjv7I8mTCJF7MQHyhLKT11/G17HiFGnCALY5uEf4cnVJi8kC+khwr8
K9JltW8sGIwP1Qrv2blbdkPO7anfPTHRh3AgaxHMPz3kSRm9FvCBFxd1awIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFyq105WTKndu4pf9piwjMggs0HkMB8GA1UdIwQY
MBaAFIPzawre5stVGHY7W8jqo9QfI+k4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ19OckN0N215MVVZZGp0YnlPcWoxQjhqNlRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC83MzE5NWMtZTY2My00OThjLTk3ZGIt
YWY2NGYzZmEyNDU5LzEvWEtyWFRsWk1xZDI3aWxfMm1MQ015Q0N6UWVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC83MzE5NWMtZTY2My00OThjLTk3ZGItYWY2NGYzZmEyNDU5
LzEvZ19OckN0N215MVVZZGp0YnlPcWoxQjhqNlRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsGSWMA0G
CSqGSIb3DQEBCwUAA4IBAQBbuKk7RQKO0J+iJoP96gjM0vVtZOSJpWuCCzKLL8aU
Xye1G1K14JZvm/FKE2lXXBetAf+6X6Y8SXpymoprCsu2Y0Yyx5dEIHqdIaMHlecJ
TX7cN8uqhssCsq/Aq3DthJPAhTt8F2HCCaEwXIIWRMd1PukL24oPh/KnaE3vj+IU
5rAAMNRy887NDJ6noA1Yi3ATfad99LeosKl8elSwhh9G0POa5Y9JD/Zfw3q56ohA
R6g6BSSxatTkqckYyT8I/9f1ljmQRz/nkvyLFxLvfhjN9G1gY27LPO04du58PtZ0
L/2yRkio//RX2oj/atz3zazqVQxCgUeKwqtnZL4EUL7E
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:59 2024 by rpki-client on console-fra.rpki-client.org