Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/e7e9ee-17d8-4e7e-bc28-7e1329e05ff4/1/IcC_2OgeoB2FwRyuUjOvWRMNXEw.roa
File:                     IcC_2OgeoB2FwRyuUjOvWRMNXEw.roa (raw, json)
Hash identifier:          wyfrzrU4k4hGE+eLVHAQ1TbCEIYkBMeKKoi8HuPjccc=
Subject key identifier:   21:C0:BF:D8:E8:1E:A0:1D:85:C1:1C:AE:52:33:AF:59:13:0D:5C:4C
Certificate issuer:       /CN=237084712fdebb1bfc5a8c0262d919a8aa440603
Certificate serial:       01856E542B49F2816154F3F4FB6A4222901C
Authority key identifier: 23:70:84:71:2F:DE:BB:1B:FC:5A:8C:02:62:D9:19:A8:AA:44:06:03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I3CEcS_euxv8WowCYtkZqKpEBgM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4f/e7e9ee-17d8-4e7e-bc28-7e1329e05ff4/1/IcC_2OgeoB2FwRyuUjOvWRMNXEw.roa
Signing time:             Sun 01 Jan 2023 17:14:47 +0000
ROA not before:           Sun 01 Jan 2023 17:14:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     4201
IP address blocks:        87.199.2.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 16:30:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:54:2b:49:f2:81:61:54:f3:f4:fb:6a:42:22:90:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=237084712fdebb1bfc5a8c0262d919a8aa440603
        Validity
            Not Before: Jan  1 17:14:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=21c0bfd8e81ea01d85c11cae5233af59130d5c4c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:e8:89:8c:20:ab:6e:04:9c:c4:84:7b:79:59:
                    97:ef:b5:5f:0a:ba:ff:04:da:60:f5:5e:55:00:c0:
                    6a:32:91:17:48:b0:56:70:fc:7c:04:a1:48:21:58:
                    b9:df:17:85:73:40:4b:d7:8b:cd:bf:86:1f:21:ed:
                    5c:21:b7:87:80:ff:d1:41:77:23:5c:54:4f:3b:ff:
                    70:91:36:69:08:f6:c6:99:0d:54:06:f3:7f:d8:de:
                    64:57:37:78:d0:b3:92:7b:36:df:40:10:2c:eb:e2:
                    9d:cc:53:9c:fd:c4:f9:79:b1:f6:34:74:59:06:78:
                    27:36:03:2f:5d:9c:ed:f8:09:9d:48:6d:53:58:6c:
                    c7:21:42:bc:ce:42:d2:22:ae:57:57:f1:d8:a1:73:
                    2c:2c:1c:18:39:ee:84:4c:2b:54:2c:9b:35:93:2c:
                    f6:36:7e:f3:30:1c:dd:2d:1a:87:0c:27:55:64:3b:
                    61:be:f1:8a:8e:a5:35:a9:c9:83:32:86:ee:26:af:
                    3d:83:1d:df:cb:ce:1a:40:7b:8f:de:fe:1b:87:80:
                    e7:b3:a3:1a:84:04:44:5f:cd:64:8d:6f:4f:b5:b2:
                    3f:7d:c4:2c:4c:04:10:72:e4:17:07:26:12:78:b3:
                    9b:b5:52:92:10:24:b4:42:53:ee:11:a4:44:5d:f7:
                    9a:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:C0:BF:D8:E8:1E:A0:1D:85:C1:1C:AE:52:33:AF:59:13:0D:5C:4C
            X509v3 Authority Key Identifier:
                keyid:23:70:84:71:2F:DE:BB:1B:FC:5A:8C:02:62:D9:19:A8:AA:44:06:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I3CEcS_euxv8WowCYtkZqKpEBgM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/e7e9ee-17d8-4e7e-bc28-7e1329e05ff4/1/IcC_2OgeoB2FwRyuUjOvWRMNXEw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/e7e9ee-17d8-4e7e-bc28-7e1329e05ff4/1/I3CEcS_euxv8WowCYtkZqKpEBgM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  87.199.2.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4c:ea:d3:37:73:b1:e3:eb:16:a8:cc:d7:1e:55:7c:6b:34:dc:
         7e:ef:eb:ef:73:cc:b2:5c:3c:ba:d1:0a:a7:af:d4:ed:e9:5b:
         fa:a3:21:02:cf:9c:d2:ad:df:d3:af:0c:f3:da:22:b4:70:d3:
         23:be:4a:7f:85:74:fc:e6:a6:31:ff:39:54:75:e9:bf:08:e2:
         b9:fc:6d:bc:8d:88:d2:96:21:4f:58:ef:bd:e3:63:e3:a8:b3:
         3f:6a:4d:85:eb:23:00:ee:b5:a1:07:d6:26:84:d3:3b:1a:6d:
         55:d3:e2:4d:cd:70:a0:cf:4c:b2:43:b2:d2:40:ca:c0:9f:b8:
         9b:53:81:87:12:e1:9a:d8:76:01:e8:48:56:51:ba:19:5a:10:
         a3:9d:7a:15:64:af:f9:66:28:f1:96:69:87:94:3b:f6:5a:6d:
         00:f4:c8:6f:47:74:ff:67:b5:c3:19:15:a7:f7:3b:94:d2:17:
         f6:22:5b:43:54:43:58:30:ab:da:ee:af:71:59:35:bb:8f:88:
         32:7f:89:8b:ad:08:5c:3f:88:31:4a:b1:90:f2:aa:e6:a1:59:
         9c:1c:f6:38:ad:7a:7b:c4:b3:ac:d5:82:01:39:4e:8a:6a:cb:
         df:a3:6d:c0:51:2b:3d:c4:e4:1c:ef:fe:8d:8e:a3:89:a9:0a:
         1c:c8:88:ff
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuVCtJ8oFhVPP0+2pCIpAcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNzA4NDcxMmZkZWJiMWJmYzVhOGMwMjYyZDkxOWE4YWE0
NDA2MDMwHhcNMjMwMTAxMTcxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWMwYmZkOGU4MWVhMDFkODVjMTFjYWU1MjMzYWY1OTEzMGQ1YzRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgeiJjCCrbgScxIR7eVmX77VfCrr/
BNpg9V5VAMBqMpEXSLBWcPx8BKFIIVi53xeFc0BL14vNv4YfIe1cIbeHgP/RQXcj
XFRPO/9wkTZpCPbGmQ1UBvN/2N5kVzd40LOSezbfQBAs6+KdzFOc/cT5ebH2NHRZ
BngnNgMvXZzt+AmdSG1TWGzHIUK8zkLSIq5XV/HYoXMsLBwYOe6ETCtULJs1kyz2
Nn7zMBzdLRqHDCdVZDthvvGKjqU1qcmDMobuJq89gx3fy84aQHuP3v4bh4Dns6Ma
hAREX81kjW9PtbI/fcQsTAQQcuQXByYSeLObtVKSECS0QlPuEaREXfeaDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCHAv9joHqAdhcEcrlIzr1kTDVxMMB8GA1UdIwQY
MBaAFCNwhHEv3rsb/FqMAmLZGaiqRAYDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTNDRWNTX2V1eHY4V293Q1l0a1pxS3BFQmdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9lN2U5ZWUtMTdkOC00ZTdlLWJjMjgt
N2UxMzI5ZTA1ZmY0LzEvSWNDXzJPZ2VvQjJGd1J5dVVqT3ZXUk1OWEV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9lN2U5ZWUtMTdkOC00ZTdlLWJjMjgtN2UxMzI5ZTA1ZmY0
LzEvSTNDRWNTX2V1eHY4V293Q1l0a1pxS3BFQmdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV8cCMA0G
CSqGSIb3DQEBCwUAA4IBAQBM6tM3c7Hj6xaozNceVXxrNNx+7+vvc8yyXDy60Qqn
r9Tt6Vv6oyECz5zSrd/Trwzz2iK0cNMjvkp/hXT85qYx/zlUdem/COK5/G28jYjS
liFPWO+942PjqLM/ak2F6yMA7rWhB9YmhNM7Gm1V0+JNzXCgz0yyQ7LSQMrAn7ib
U4GHEuGa2HYB6EhWUboZWhCjnXoVZK/5ZijxlmmHlDv2Wm0A9MhvR3T/Z7XDGRWn
9zuU0hf2IltDVENYMKva7q9xWTW7j4gyf4mLrQhcP4gxSrGQ8qrmoVmcHPY4rXp7
xLOs1YIBOU6Kasvfo23AUSs9xOQc7/6NjqOJqQocyIj/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:06 2024 by rpki-client on console-fra.rpki-client.org