Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/d8275e-c479-4ed8-beea-da89ed2eb55e/1/vpbw63cGZyJXBWtPU5qDNsJSZzE.roa
File:                     vpbw63cGZyJXBWtPU5qDNsJSZzE.roa (raw, json)
Hash identifier:          RL6lgNy+8+52wnCSc/eiUjBlBSDgOPyYxNhh3+pjBoQ=
Subject key identifier:   BE:96:F0:EB:77:06:67:22:57:05:6B:4F:53:9A:83:36:C2:52:67:31
Certificate issuer:       /CN=af46fb8d41a47242ae3ee8ce1f0fa8ef811698b5
Certificate serial:       01856FF018CB229184E1723EB23472DBB48E
Authority key identifier: AF:46:FB:8D:41:A4:72:42:AE:3E:E8:CE:1F:0F:A8:EF:81:16:98:B5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/r0b7jUGkckKuPujOHw-o74EWmLU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/38/d8275e-c479-4ed8-beea-da89ed2eb55e/1/vpbw63cGZyJXBWtPU5qDNsJSZzE.roa
Signing time:             Mon 02 Jan 2023 00:44:43 +0000
ROA not before:           Mon 02 Jan 2023 00:44:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209535
IP address blocks:        147.78.24.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:31:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:f0:18:cb:22:91:84:e1:72:3e:b2:34:72:db:b4:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=af46fb8d41a47242ae3ee8ce1f0fa8ef811698b5
        Validity
            Not Before: Jan  2 00:44:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=be96f0eb7706672257056b4f539a8336c2526731
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:45:ac:98:ee:c1:7d:f9:bb:1c:f5:ba:9b:b5:
                    e9:3f:f8:5f:5b:d5:aa:7f:2f:70:df:03:ec:a6:0a:
                    55:47:9f:f1:9c:e2:8c:1b:81:77:72:14:c0:fe:42:
                    9b:7d:58:33:9f:3b:fc:8b:89:8e:ce:9f:92:83:ba:
                    93:2e:ed:5c:68:7d:d2:ad:8e:6f:e9:f8:cd:98:59:
                    ae:c5:3c:1c:6c:7d:87:c4:cf:ea:4f:aa:a4:bc:71:
                    0c:4a:f9:63:5a:30:8a:a9:bf:8f:7a:e8:ff:9d:c8:
                    5b:98:4a:4c:4d:1a:6d:46:83:b6:4b:fc:81:98:15:
                    e5:f6:81:8c:e5:f6:7f:a0:8a:bd:9a:0c:7d:1a:94:
                    a4:07:39:24:d3:d5:46:fb:af:42:68:63:ff:ff:89:
                    56:3c:ca:d6:08:26:a1:ae:ce:4a:8d:23:97:1f:3d:
                    3a:8c:83:01:0b:25:86:26:1c:33:a0:91:a4:23:aa:
                    cd:d0:de:2b:f3:57:16:55:98:fc:69:f8:f3:f7:25:
                    6c:6e:aa:36:bf:3d:a1:14:04:9c:59:89:19:1b:d8:
                    86:73:72:f2:b9:a6:8d:ed:5d:b5:ba:c3:0f:81:31:
                    ea:73:94:b0:e4:0e:6e:cf:af:3c:c8:fd:62:b4:15:
                    fa:4e:e0:d5:1e:f0:6d:18:19:06:dc:00:14:52:4b:
                    a1:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:96:F0:EB:77:06:67:22:57:05:6B:4F:53:9A:83:36:C2:52:67:31
            X509v3 Authority Key Identifier:
                keyid:AF:46:FB:8D:41:A4:72:42:AE:3E:E8:CE:1F:0F:A8:EF:81:16:98:B5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r0b7jUGkckKuPujOHw-o74EWmLU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/d8275e-c479-4ed8-beea-da89ed2eb55e/1/vpbw63cGZyJXBWtPU5qDNsJSZzE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/38/d8275e-c479-4ed8-beea-da89ed2eb55e/1/r0b7jUGkckKuPujOHw-o74EWmLU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  147.78.24.0/22

    Signature Algorithm: sha256WithRSAEncryption
         9c:b7:49:b2:2d:17:23:36:e5:bc:dd:a1:ae:1e:99:67:08:cf:
         aa:db:77:79:ed:51:40:61:36:59:c4:f7:6d:e5:7a:a6:a3:63:
         70:77:9e:73:22:32:06:5f:90:48:e7:ac:a4:6b:96:52:e8:9e:
         0a:12:4e:42:6f:85:b4:60:b2:59:57:92:1e:4d:a5:07:db:03:
         c3:60:46:8f:1e:19:16:dc:10:5d:94:ec:85:ad:75:85:fc:11:
         88:fa:30:3b:31:e5:65:5e:6f:b0:04:e7:94:02:eb:54:79:ed:
         63:05:f5:13:e1:47:d3:f4:07:f9:40:dd:6c:2b:36:f8:df:27:
         30:c1:7f:74:50:a0:96:0e:e4:a3:fa:68:87:2d:ab:9e:08:41:
         d6:83:cc:86:56:fe:be:27:4f:79:e6:af:7d:4a:3b:0d:48:20:
         8b:7f:12:d1:4c:ec:aa:33:f0:bc:84:30:31:bf:d2:ad:60:ec:
         3f:18:ff:de:43:c3:c2:fb:88:3d:0a:0b:5d:cf:bb:85:94:5a:
         d1:35:40:1e:42:2f:6a:29:94:e8:c2:eb:e9:a8:16:e1:d2:2d:
         35:42:62:d8:7b:bf:62:57:31:fe:e9:85:44:8d:d8:09:ff:22:
         8a:65:4a:b3:d3:9e:15:52:56:14:67:ea:6e:f7:f0:3c:66:c3:
         83:fa:85:fc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv8BjLIpGE4XI+sjRy27SOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNDZmYjhkNDFhNDcyNDJhZTNlZThjZTFmMGZhOGVmODEx
Njk4YjUwHhcNMjMwMTAyMDA0NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTk2ZjBlYjc3MDY2NzIyNTcwNTZiNGY1MzlhODMzNmMyNTI2NzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw0WsmO7Bffm7HPW6m7XpP/hfW9Wq
fy9w3wPspgpVR5/xnOKMG4F3chTA/kKbfVgznzv8i4mOzp+Sg7qTLu1caH3SrY5v
6fjNmFmuxTwcbH2HxM/qT6qkvHEMSvljWjCKqb+Peuj/nchbmEpMTRptRoO2S/yB
mBXl9oGM5fZ/oIq9mgx9GpSkBzkk09VG+69CaGP//4lWPMrWCCahrs5KjSOXHz06
jIMBCyWGJhwzoJGkI6rN0N4r81cWVZj8afjz9yVsbqo2vz2hFAScWYkZG9iGc3Ly
uaaN7V21usMPgTHqc5Sw5A5uz688yP1itBX6TuDVHvBtGBkG3AAUUkuhuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL6W8Ot3BmciVwVrT1OagzbCUmcxMB8GA1UdIwQY
MBaAFK9G+41BpHJCrj7ozh8PqO+BFpi1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjBiN2pVR2tja0t1UHVqT0h3LW83NEVXbUxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC9kODI3NWUtYzQ3OS00ZWQ4LWJlZWEt
ZGE4OWVkMmViNTVlLzEvdnBidzYzY0daeUpYQld0UFU1cUROc0pTWnpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC9kODI3NWUtYzQ3OS00ZWQ4LWJlZWEtZGE4OWVkMmViNTVl
LzEvcjBiN2pVR2tja0t1UHVqT0h3LW83NEVXbUxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCk04YMA0G
CSqGSIb3DQEBCwUAA4IBAQCct0myLRcjNuW83aGuHplnCM+q23d57VFAYTZZxPdt
5Xqmo2Nwd55zIjIGX5BI56yka5ZS6J4KEk5Cb4W0YLJZV5IeTaUH2wPDYEaPHhkW
3BBdlOyFrXWF/BGI+jA7MeVlXm+wBOeUAutUee1jBfUT4UfT9Af5QN1sKzb43ycw
wX90UKCWDuSj+miHLaueCEHWg8yGVv6+J0955q99SjsNSCCLfxLRTOyqM/C8hDAx
v9KtYOw/GP/eQ8PC+4g9Cgtdz7uFlFrRNUAeQi9qKZTowuvpqBbh0i01QmLYe79i
VzH+6YVEjdgJ/yKKZUqz054VUlYUZ+pu9/A8ZsOD+oX8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:42 2024 by rpki-client on console-fra.rpki-client.org