Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/1d9dda-2adf-46bd-8af7-4d16be9ba132/1/oTWieH4VwHc8dB92rtMDnIEWNFQ.roa
File:                     oTWieH4VwHc8dB92rtMDnIEWNFQ.roa (raw, json)
Hash identifier:          ypF7gs0RDxroH+O24jFQ3HfzjMFBAYsBilRYnlSifMY=
Subject key identifier:   A1:35:A2:78:7E:15:C0:77:3C:74:1F:76:AE:D3:03:9C:81:16:34:54
Certificate issuer:       /CN=2236ed5f5623edeb7910acd31d5f6ee81e5cb17e
Certificate serial:       01898C7B28263E68F481FA68EB439FB21ACC
Authority key identifier: 22:36:ED:5F:56:23:ED:EB:79:10:AC:D3:1D:5F:6E:E8:1E:5C:B1:7E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IjbtX1Yj7et5EKzTHV9u6B5csX4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/1d9dda-2adf-46bd-8af7-4d16be9ba132/1/oTWieH4VwHc8dB92rtMDnIEWNFQ.roa
Signing time:             Tue 25 Jul 2023 09:57:08 +0000
ROA not before:           Tue 25 Jul 2023 09:57:08 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43009
IP address blocks:        83.166.64.0/19 maxlen: 19
                          83.166.67.0/24 maxlen: 24
                          83.166.65.0/24 maxlen: 24
                          83.166.78.0/24 maxlen: 24
                          83.166.79.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 27 Jul 2023 08:30:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:8c:7b:28:26:3e:68:f4:81:fa:68:eb:43:9f:b2:1a:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2236ed5f5623edeb7910acd31d5f6ee81e5cb17e
        Validity
            Not Before: Jul 25 09:57:08 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a135a2787e15c0773c741f76aed3039c81163454
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:18:74:c4:4d:25:60:07:92:b4:63:d9:8b:8e:
                    c3:36:c4:f0:d9:69:00:31:f6:3b:ca:f9:73:3a:52:
                    2d:7a:1a:f1:3a:70:ac:80:a8:4e:12:c5:9b:af:fc:
                    91:5e:7c:77:73:2f:cd:7e:c1:af:2a:a8:6d:30:14:
                    ea:61:b3:e4:f6:72:e1:37:9f:89:32:16:e1:fa:1e:
                    f9:47:60:43:12:5e:e4:e8:d3:cb:bb:48:63:73:bb:
                    b5:c0:fc:31:5f:8c:86:ac:9b:c0:e5:19:ff:e1:6d:
                    bb:af:1b:c0:72:f9:af:4b:e5:e9:1d:e1:40:fa:ec:
                    d7:c8:8c:00:d0:09:5c:2c:e9:7e:c7:51:50:f4:04:
                    29:34:ea:87:c4:42:69:5b:74:ca:be:60:25:b6:2b:
                    5c:44:55:82:53:7d:67:de:d7:c9:a2:7d:6d:ee:d8:
                    c5:c6:27:a3:f2:ee:9e:a7:a5:2f:fd:6d:10:d2:f9:
                    11:2e:2c:9c:44:b0:7f:f2:62:81:2f:4d:36:00:d8:
                    8b:28:ea:1f:e3:ef:19:27:3d:1a:d8:ba:b4:ca:fa:
                    25:18:ef:15:72:56:5b:67:b3:46:26:62:e0:6d:0c:
                    ed:6f:5f:d4:78:f5:b6:53:5b:c4:77:68:80:1a:f7:
                    cc:95:1b:30:ea:6e:d2:a7:57:ab:a3:9f:c6:0e:53:
                    e9:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:35:A2:78:7E:15:C0:77:3C:74:1F:76:AE:D3:03:9C:81:16:34:54
            X509v3 Authority Key Identifier:
                keyid:22:36:ED:5F:56:23:ED:EB:79:10:AC:D3:1D:5F:6E:E8:1E:5C:B1:7E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IjbtX1Yj7et5EKzTHV9u6B5csX4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/1d9dda-2adf-46bd-8af7-4d16be9ba132/1/oTWieH4VwHc8dB92rtMDnIEWNFQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/1d9dda-2adf-46bd-8af7-4d16be9ba132/1/IjbtX1Yj7et5EKzTHV9u6B5csX4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  83.166.64.0/19

    Signature Algorithm: sha256WithRSAEncryption
         6f:c0:41:2e:a9:30:91:62:aa:85:28:c6:90:5c:6c:07:9d:be:
         a2:65:42:af:be:2e:72:30:98:06:77:1d:dc:70:05:fd:d5:53:
         29:d4:12:81:74:ef:84:c1:c9:c8:5e:ea:43:3d:99:80:d1:db:
         3b:c1:57:06:a8:3c:76:4e:4e:ed:75:f5:ad:09:fa:a9:a2:1e:
         36:57:22:f6:4d:c5:db:20:56:91:9c:03:77:99:65:d5:2b:8a:
         21:70:3f:cc:87:20:cc:5a:89:c1:8b:50:f8:84:29:2a:33:fb:
         91:64:d1:c0:be:e0:23:53:d6:d2:14:ec:c9:ac:31:a7:6f:c7:
         f3:e1:9d:d5:f7:e6:18:34:2d:37:31:5d:62:ac:60:97:43:44:
         a6:08:97:70:14:90:7d:fa:c5:11:7b:82:28:0d:c8:07:44:f5:
         ab:49:ef:4b:8d:f9:0b:1c:5d:2a:d2:05:63:65:02:cc:97:54:
         6d:2c:8a:58:9e:d5:02:55:22:f7:61:43:ea:28:e6:8f:80:c7:
         3a:ba:04:99:1a:65:1f:ba:0f:84:bd:4d:96:99:96:0d:d4:f1:
         0f:a1:e2:01:d7:ab:7c:59:05:f2:6b:c4:1a:72:a6:a6:e4:33:
         76:96:46:e0:48:9b:e1:a9:c7:a3:ef:46:82:2b:ec:ef:e4:04:
         1f:5a:8f:c1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYmMeygmPmj0gfpo60OfshrMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMzZlZDVmNTYyM2VkZWI3OTEwYWNkMzFkNWY2ZWU4MWU1
Y2IxN2UwHhcNMjMwNzI1MDk1NzA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTM1YTI3ODdlMTVjMDc3M2M3NDFmNzZhZWQzMDM5YzgxMTYzNDU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxhh0xE0lYAeStGPZi47DNsTw2WkA
MfY7yvlzOlItehrxOnCsgKhOEsWbr/yRXnx3cy/NfsGvKqhtMBTqYbPk9nLhN5+J
Mhbh+h75R2BDEl7k6NPLu0hjc7u1wPwxX4yGrJvA5Rn/4W27rxvAcvmvS+XpHeFA
+uzXyIwA0AlcLOl+x1FQ9AQpNOqHxEJpW3TKvmAltitcRFWCU31n3tfJon1t7tjF
xiej8u6ep6Uv/W0Q0vkRLiycRLB/8mKBL002ANiLKOof4+8ZJz0a2Lq0yvolGO8V
clZbZ7NGJmLgbQztb1/UePW2U1vEd2iAGvfMlRsw6m7Sp1ero5/GDlPpXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKE1onh+FcB3PHQfdq7TA5yBFjRUMB8GA1UdIwQY
MBaAFCI27V9WI+3reRCs0x1fbugeXLF+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWpidFgxWWo3ZXQ1RUt6VEhWOXU2QjVjc1g0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8xZDlkZGEtMmFkZi00NmJkLThhZjct
NGQxNmJlOWJhMTMyLzEvb1RXaWVINFZ3SGM4ZEI5MnJ0TURuSUVXTkZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8xZDlkZGEtMmFkZi00NmJkLThhZjctNGQxNmJlOWJhMTMy
LzEvSWpidFgxWWo3ZXQ1RUt6VEhWOXU2QjVjc1g0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFU6ZAMA0G
CSqGSIb3DQEBCwUAA4IBAQBvwEEuqTCRYqqFKMaQXGwHnb6iZUKvvi5yMJgGdx3c
cAX91VMp1BKBdO+EwcnIXupDPZmA0ds7wVcGqDx2Tk7tdfWtCfqpoh42VyL2TcXb
IFaRnAN3mWXVK4ohcD/MhyDMWonBi1D4hCkqM/uRZNHAvuAjU9bSFOzJrDGnb8fz
4Z3V9+YYNC03MV1irGCXQ0SmCJdwFJB9+sURe4IoDcgHRPWrSe9LjfkLHF0q0gVj
ZQLMl1RtLIpYntUCVSL3YUPqKOaPgMc6ugSZGmUfug+EvU2WmZYN1PEPoeIB16t8
WQXya8Qacqam5DN2lkbgSJvhqcej70aCK+zv5AQfWo/B
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:51 2024 by rpki-client on console-ams.rpki-client.org