Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/BqH830NSOc7s9KhZ9d82puWjSL8.roa
File:                     BqH830NSOc7s9KhZ9d82puWjSL8.roa (raw, json)
Hash identifier:          IUxp8lTK6ah7qvQSlXBTNDqrGFTAV/rpWMZEWjvrqrM=
Subject key identifier:   06:A1:FC:DF:43:52:39:CE:EC:F4:A8:59:F5:DF:36:A6:E5:A3:48:BF
Certificate issuer:       /CN=b9954499977278a75570b3403f4d3aa00b1b36e8
Certificate serial:       01856BEEB421A048548A16B295349E603DAE
Authority key identifier: B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/BqH830NSOc7s9KhZ9d82puWjSL8.roa
Signing time:             Sun 01 Jan 2023 06:04:43 +0000
ROA not before:           Sun 01 Jan 2023 06:04:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     28982
IP address blocks:        82.143.128.0/18 maxlen: 18

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:31:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:ee:b4:21:a0:48:54:8a:16:b2:95:34:9e:60:3d:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b9954499977278a75570b3403f4d3aa00b1b36e8
        Validity
            Not Before: Jan  1 06:04:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=06a1fcdf435239ceecf4a859f5df36a6e5a348bf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:0d:3a:f2:ce:32:96:e7:78:ef:25:4b:47:10:
                    6c:59:13:aa:b1:fd:54:96:35:c1:fe:2e:af:fe:16:
                    2d:aa:50:8a:2b:38:84:9a:26:c9:40:7e:52:7f:6b:
                    1b:4c:91:94:87:08:3f:bf:47:f6:b2:42:8f:cf:e8:
                    8b:2f:07:c3:ee:03:b5:18:6f:39:bd:3e:86:9e:26:
                    ee:0f:cd:2b:91:90:88:6a:15:0c:0b:67:78:44:fd:
                    25:92:57:b3:4f:2a:77:64:b6:4f:89:d1:b6:2f:91:
                    f8:f4:09:f7:86:4a:f3:13:f9:10:c2:6d:8f:22:12:
                    42:9e:12:65:93:a3:a9:26:08:f9:df:b0:8a:c3:83:
                    5c:0e:1b:e8:f3:bb:7a:b8:9d:58:2d:49:b9:d7:27:
                    37:7f:69:1a:4e:0a:d9:b2:63:17:4d:65:a0:cb:0f:
                    c9:d3:4b:d7:0d:7e:e4:95:52:43:1e:de:9d:97:16:
                    1b:8c:44:1a:58:0e:99:17:8e:b4:a2:e3:9c:5f:5d:
                    c9:24:74:41:e9:24:4f:ec:86:66:c0:79:bc:7e:49:
                    fc:fc:dd:33:5d:60:b6:94:ec:de:36:1d:13:ae:68:
                    34:6a:3c:dd:f1:96:95:c5:5d:14:20:60:06:1c:dd:
                    05:db:59:cd:dd:12:14:7e:e1:53:5e:f4:84:32:90:
                    7e:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:A1:FC:DF:43:52:39:CE:EC:F4:A8:59:F5:DF:36:A6:E5:A3:48:BF
            X509v3 Authority Key Identifier:
                keyid:B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/BqH830NSOc7s9KhZ9d82puWjSL8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/uZVEmZdyeKdVcLNAP006oAsbNug.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.143.128.0/18

    Signature Algorithm: sha256WithRSAEncryption
         63:9a:50:17:ba:9f:2a:38:a6:1e:86:b1:48:a9:87:e6:9a:85:
         59:e0:e9:03:96:2b:45:eb:ac:6d:ae:52:cf:8b:43:5b:6c:55:
         e0:c7:85:27:ac:09:d0:04:34:15:cf:c3:c8:8d:91:33:c8:90:
         21:ec:33:ad:12:fc:54:a1:4f:50:c2:f2:12:37:22:fb:b5:8e:
         e3:d9:a0:c6:43:04:db:2e:59:70:64:01:00:9c:72:77:b4:c9:
         23:57:5e:24:dd:f4:ca:ad:97:c3:9b:1f:1e:08:e1:32:02:9a:
         c7:07:33:10:d4:88:21:1e:bc:51:73:63:b7:88:09:45:83:86:
         65:c6:b2:6a:94:07:fb:ba:3e:3e:33:64:44:43:70:c2:c6:20:
         5a:8e:83:37:b6:7e:61:bd:1b:d6:a7:90:00:51:f8:06:44:f3:
         57:a8:27:7a:01:dc:05:03:c8:3f:8c:76:9e:8a:a5:cb:0d:1f:
         a5:2b:a6:93:90:ab:ef:87:4f:05:0f:ac:02:e1:60:f7:3c:f1:
         b0:b3:38:ab:22:f5:87:ed:84:95:4f:4f:56:6d:37:61:91:70:
         65:5a:44:1e:bd:74:b6:39:85:53:92:4f:9b:ed:b1:e1:c6:d0:
         37:11:f0:c1:b0:cd:bd:e8:25:ce:d8:45:11:fd:c3:9b:f2:18:
         d6:6d:bc:55
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVr7rQhoEhUihaylTSeYD2uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5OTU0NDk5OTc3Mjc4YTc1NTcwYjM0MDNmNGQzYWEwMGIx
YjM2ZTgwHhcNMjMwMTAxMDYwNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmExZmNkZjQzNTIzOWNlZWNmNGE4NTlmNWRmMzZhNmU1YTM0OGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAng068s4ylud47yVLRxBsWROqsf1U
ljXB/i6v/hYtqlCKKziEmibJQH5Sf2sbTJGUhwg/v0f2skKPz+iLLwfD7gO1GG85
vT6GnibuD80rkZCIahUMC2d4RP0lklezTyp3ZLZPidG2L5H49An3hkrzE/kQwm2P
IhJCnhJlk6OpJgj537CKw4NcDhvo87t6uJ1YLUm51yc3f2kaTgrZsmMXTWWgyw/J
00vXDX7klVJDHt6dlxYbjEQaWA6ZF460ouOcX13JJHRB6SRP7IZmwHm8fkn8/N0z
XWC2lOzeNh0Trmg0ajzd8ZaVxV0UIGAGHN0F21nN3RIUfuFTXvSEMpB+DQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAah/N9DUjnO7PSoWfXfNqblo0i/MB8GA1UdIwQY
MBaAFLmVRJmXcninVXCzQD9NOqALGzboMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVpWRW1aZHllS2RWY0xOQVAwMDZvQXNiTnVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny83ODg4MDMtYmUxMi00MzNmLWE4ZDAt
MDI0YjE2NTVjMjQ3LzEvQnFIODMwTlNPYzdzOUtoWjlkODJwdVdqU0w4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny83ODg4MDMtYmUxMi00MzNmLWE4ZDAtMDI0YjE2NTVjMjQ3
LzEvdVpWRW1aZHllS2RWY0xOQVAwMDZvQXNiTnVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGUo+AMA0G
CSqGSIb3DQEBCwUAA4IBAQBjmlAXup8qOKYehrFIqYfmmoVZ4OkDlitF66xtrlLP
i0NbbFXgx4UnrAnQBDQVz8PIjZEzyJAh7DOtEvxUoU9QwvISNyL7tY7j2aDGQwTb
LllwZAEAnHJ3tMkjV14k3fTKrZfDmx8eCOEyAprHBzMQ1IghHrxRc2O3iAlFg4Zl
xrJqlAf7uj4+M2REQ3DCxiBajoM3tn5hvRvWp5AAUfgGRPNXqCd6AdwFA8g/jHae
iqXLDR+lK6aTkKvvh08FD6wC4WD3PPGwszirIvWH7YSVT09WbTdhkXBlWkQevXS2
OYVTkk+b7bHhxtA3EfDBsM296CXO2EUR/cOb8hjWbbxV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:47 2024 by rpki-client on console-fra.rpki-client.org