Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/038560-26d6-455d-a8f4-9bfdf2251267/1/dIIIDBeR81q3Tq-ByMfi-1zxrcw.roa
File:                     dIIIDBeR81q3Tq-ByMfi-1zxrcw.roa (raw, json)
Hash identifier:          HnCpQlDW2EGSKervPOpiGKNYouPQcqRa18Rig42twDs=
Subject key identifier:   74:82:08:0C:17:91:F3:5A:B7:4E:AF:81:C8:C7:E2:FB:5C:F1:AD:CC
Certificate issuer:       /CN=a823fe6dad8ad4fdaee6dd6983c1e55cde8482a2
Certificate serial:       0185704BA25BC3789AC36EEAB821C90DF295
Authority key identifier: A8:23:FE:6D:AD:8A:D4:FD:AE:E6:DD:69:83:C1:E5:5C:DE:84:82:A2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/qCP-ba2K1P2u5t1pg8HlXN6EgqI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/038560-26d6-455d-a8f4-9bfdf2251267/1/dIIIDBeR81q3Tq-ByMfi-1zxrcw.roa
Signing time:             Mon 02 Jan 2023 02:24:42 +0000
ROA not before:           Mon 02 Jan 2023 02:24:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     21032
IP address blocks:        193.58.88.0/22 maxlen: 24
                          2a0c:94c0::/29 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:29:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:4b:a2:5b:c3:78:9a:c3:6e:ea:b8:21:c9:0d:f2:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a823fe6dad8ad4fdaee6dd6983c1e55cde8482a2
        Validity
            Not Before: Jan  2 02:24:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7482080c1791f35ab74eaf81c8c7e2fb5cf1adcc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:f9:a0:e8:05:53:8d:13:59:25:c8:ea:6f:9d:
                    20:dc:b3:97:96:e4:20:9e:8b:24:87:ba:05:7e:88:
                    ea:ff:a9:4b:8a:6b:5c:b4:e4:00:3f:b0:6c:de:20:
                    d5:7a:92:35:9e:c8:df:0c:1c:5f:84:c8:29:a1:f9:
                    b6:79:b4:fd:a9:5c:27:af:ce:71:8f:b5:45:d3:06:
                    26:56:f8:56:1e:5c:40:a3:e5:32:17:68:ed:1d:f8:
                    c7:ec:f9:28:98:96:29:d3:fd:f5:93:47:50:b2:81:
                    02:33:e3:b7:e3:55:01:0f:81:2b:92:82:fe:ff:aa:
                    cc:05:a3:f3:2e:ad:9b:ea:f1:2f:12:b6:3f:55:f6:
                    9d:05:d8:57:97:07:ed:42:3e:61:75:ae:4b:76:ab:
                    cc:9d:89:5a:06:be:47:3f:81:92:9d:64:ef:d0:fb:
                    64:e8:74:60:2c:fe:28:5f:02:bd:b6:9f:aa:54:0f:
                    c2:89:35:79:74:56:59:68:e8:b4:e5:6e:99:2c:1b:
                    e8:30:3c:fb:c4:08:81:d3:86:b0:a9:86:72:da:7c:
                    3d:fb:65:b9:56:a8:aa:07:c5:22:de:ad:f8:45:81:
                    cf:38:ba:0f:3e:cc:20:20:b1:f5:f2:3a:5c:9b:c0:
                    14:82:8f:92:a0:8c:7f:43:b7:b5:a1:b0:55:56:f7:
                    04:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:82:08:0C:17:91:F3:5A:B7:4E:AF:81:C8:C7:E2:FB:5C:F1:AD:CC
            X509v3 Authority Key Identifier:
                keyid:A8:23:FE:6D:AD:8A:D4:FD:AE:E6:DD:69:83:C1:E5:5C:DE:84:82:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qCP-ba2K1P2u5t1pg8HlXN6EgqI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/038560-26d6-455d-a8f4-9bfdf2251267/1/dIIIDBeR81q3Tq-ByMfi-1zxrcw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/038560-26d6-455d-a8f4-9bfdf2251267/1/qCP-ba2K1P2u5t1pg8HlXN6EgqI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.58.88.0/22
                IPv6:
                  2a0c:94c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         6c:ad:8c:ea:81:52:33:2f:61:52:9d:60:0e:cc:d9:6c:58:3b:
         79:72:ee:0a:b1:d1:8e:dc:24:bb:79:4c:c9:92:ed:a8:aa:91:
         84:97:ad:92:11:e1:06:a6:7d:59:6e:e3:8c:0b:7f:f1:67:6e:
         20:f0:2a:12:d4:c7:04:f3:61:1b:71:00:85:5a:bc:0e:81:e3:
         e4:9b:b4:ad:68:c4:99:97:cc:cf:5c:18:8a:a1:2d:ab:bb:bb:
         a6:13:aa:0c:40:e6:e7:32:f8:70:63:97:aa:75:b0:2f:51:91:
         a4:03:0d:38:50:24:a8:68:ab:21:dd:e8:c7:2b:d9:93:59:19:
         2b:73:15:04:5d:e9:a5:8f:ae:1f:81:d1:f6:de:d7:be:91:dd:
         35:18:8b:08:ed:bc:c5:de:5f:65:32:e4:a5:7b:7c:c5:06:b1:
         c0:44:5d:c7:e8:0e:a6:0c:d0:f0:f7:e6:23:b8:5b:87:0e:cf:
         e0:2d:8b:c1:0d:81:11:13:fd:53:3e:6e:ab:87:05:10:f0:35:
         25:6f:42:31:c8:ef:f3:97:7b:5b:34:a3:0c:f7:85:e4:ed:04:
         a8:fa:a7:3a:53:19:9a:fa:da:9a:37:d7:83:58:dd:46:6f:19:
         e3:86:76:61:22:dc:bb:6f:8d:2a:82:29:ee:cf:00:60:47:0d:
         19:6f:52:73
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwS6Jbw3iaw27quCHJDfKVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4MjNmZTZkYWQ4YWQ0ZmRhZWU2ZGQ2OTgzYzFlNTVjZGU4
NDgyYTIwHhcNMjMwMTAyMDIyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDgyMDgwYzE3OTFmMzVhYjc0ZWFmODFjOGM3ZTJmYjVjZjFhZGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAufmg6AVTjRNZJcjqb50g3LOXluQg
noskh7oFfojq/6lLimtctOQAP7Bs3iDVepI1nsjfDBxfhMgpofm2ebT9qVwnr85x
j7VF0wYmVvhWHlxAo+UyF2jtHfjH7PkomJYp0/31k0dQsoECM+O341UBD4ErkoL+
/6rMBaPzLq2b6vEvErY/VfadBdhXlwftQj5hda5LdqvMnYlaBr5HP4GSnWTv0Ptk
6HRgLP4oXwK9tp+qVA/CiTV5dFZZaOi05W6ZLBvoMDz7xAiB04awqYZy2nw9+2W5
VqiqB8Ui3q34RYHPOLoPPswgILH18jpcm8AUgo+SoIx/Q7e1obBVVvcEjwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHSCCAwXkfNat06vgcjH4vtc8a3MMB8GA1UdIwQY
MBaAFKgj/m2titT9rubdaYPB5VzehIKiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUNQLWJhMksxUDJ1NXQxcGc4SGxYTjZFZ3FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8wMzg1NjAtMjZkNi00NTVkLWE4ZjQt
OWJmZGYyMjUxMjY3LzEvZElJSURCZVI4MXEzVHEtQnlNZmktMXp4cmN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8wMzg1NjAtMjZkNi00NTVkLWE4ZjQtOWJmZGYyMjUxMjY3
LzEvcUNQLWJhMksxUDJ1NXQxcGc4SGxYTjZFZ3FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwTpYMA0E
AgACMAcDBQMqDJTAMA0GCSqGSIb3DQEBCwUAA4IBAQBsrYzqgVIzL2FSnWAOzNls
WDt5cu4KsdGO3CS7eUzJku2oqpGEl62SEeEGpn1ZbuOMC3/xZ24g8CoS1McE82Eb
cQCFWrwOgePkm7StaMSZl8zPXBiKoS2ru7umE6oMQObnMvhwY5eqdbAvUZGkAw04
UCSoaKsh3ejHK9mTWRkrcxUEXemlj64fgdH23te+kd01GIsI7bzF3l9lMuSle3zF
BrHARF3H6A6mDNDw9+YjuFuHDs/gLYvBDYERE/1TPm6rhwUQ8DUlb0IxyO/zl3tb
NKMM94Xk7QSo+qc6Uxma+tqaN9eDWN1GbxnjhnZhIty7b40qginuzwBgRw0Zb1Jz
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:41 2024 by rpki-client on console-ams.rpki-client.org