Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/87702a-3af6-46c7-a123-a2e24f980b3f/1/CBc8MfyX_zdgcRMawm73hN7OAkU.roa
File:                     CBc8MfyX_zdgcRMawm73hN7OAkU.roa (raw, json)
Hash identifier:          fHslSxrbj19n+9WvFRw5OmtNYZu31F0CbyHUI1aMuHA=
Subject key identifier:   08:17:3C:31:FC:97:FF:37:60:71:13:1A:C2:6E:F7:84:DE:CE:02:45
Certificate issuer:       /CN=0b1870c96ef09723811fb89250eea6eba963c0df
Certificate serial:       0187B4933E77C2239D370D463F953C0A2636
Authority key identifier: 0B:18:70:C9:6E:F0:97:23:81:1F:B8:92:50:EE:A6:EB:A9:63:C0:DF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CxhwyW7wlyOBH7iSUO6m66ljwN8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/87702a-3af6-46c7-a123-a2e24f980b3f/1/CBc8MfyX_zdgcRMawm73hN7OAkU.roa
Signing time:             Mon 24 Apr 2023 18:42:41 +0000
ROA not before:           Mon 24 Apr 2023 18:42:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     35280
IP address blocks:        132.64.0.0/16 maxlen: 16
                          132.65.0.0/16 maxlen: 16

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:29:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:b4:93:3e:77:c2:23:9d:37:0d:46:3f:95:3c:0a:26:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0b1870c96ef09723811fb89250eea6eba963c0df
        Validity
            Not Before: Apr 24 18:42:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=08173c31fc97ff376071131ac26ef784dece0245
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:3e:40:06:21:75:78:c2:bc:42:a5:1d:9b:41:
                    f8:7e:fd:31:19:49:26:fc:7f:ac:17:9f:d1:cd:01:
                    50:cd:90:b2:8d:06:6c:99:71:ac:af:3e:6b:15:c5:
                    8e:22:a1:27:43:fc:46:a3:a7:2b:82:81:c8:f2:02:
                    13:93:e2:9c:61:f8:86:22:cb:1a:88:9a:4a:3f:d2:
                    eb:45:40:a6:69:b3:85:9f:91:24:c4:9d:61:8b:df:
                    71:5d:1a:88:56:66:0d:59:8a:e3:3f:8b:ec:38:5a:
                    f9:12:fd:23:f6:40:e3:61:b6:f7:f9:2a:e4:2b:20:
                    3f:45:b5:cd:28:4b:8a:ea:00:83:d2:72:75:f4:b6:
                    cc:6c:d4:39:29:69:d6:c6:71:42:f2:2a:72:67:f6:
                    ac:e9:55:b1:43:0b:45:a6:0a:da:62:ff:bb:50:bf:
                    d2:fa:e5:53:30:23:cf:c6:57:16:7d:3d:6e:91:87:
                    85:71:a3:e3:31:6f:39:34:68:30:5a:bf:33:d9:e8:
                    7a:8c:d0:34:2d:25:7e:86:84:ba:b1:8e:ed:9f:9a:
                    49:75:03:82:1d:fd:3d:e5:ab:b5:28:ac:4b:0d:f3:
                    cd:28:a3:6a:30:10:0a:38:d5:12:11:76:3d:ec:62:
                    24:9d:cf:a4:56:18:9e:0b:21:67:26:94:91:1f:a3:
                    b7:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:17:3C:31:FC:97:FF:37:60:71:13:1A:C2:6E:F7:84:DE:CE:02:45
            X509v3 Authority Key Identifier:
                keyid:0B:18:70:C9:6E:F0:97:23:81:1F:B8:92:50:EE:A6:EB:A9:63:C0:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CxhwyW7wlyOBH7iSUO6m66ljwN8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/87702a-3af6-46c7-a123-a2e24f980b3f/1/CBc8MfyX_zdgcRMawm73hN7OAkU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/87702a-3af6-46c7-a123-a2e24f980b3f/1/CxhwyW7wlyOBH7iSUO6m66ljwN8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  132.64.0.0/15

    Signature Algorithm: sha256WithRSAEncryption
         b2:11:fc:65:42:5e:5e:43:d4:df:f1:00:36:1a:d7:01:af:12:
         cb:2d:63:88:7c:5a:15:ee:d9:34:cf:15:77:3d:48:80:8b:9d:
         e3:c0:eb:57:8d:68:10:a6:46:d9:68:89:c8:08:d7:1e:91:86:
         be:8e:c0:b1:e7:2a:c3:a8:cc:a5:29:10:31:bc:c0:d6:08:24:
         80:47:98:0b:de:2f:26:45:18:cc:a6:c8:7d:c1:a7:ec:39:94:
         26:a5:52:5c:26:be:8e:ab:f2:e3:52:41:5e:bb:1f:6e:cb:43:
         53:92:51:4f:cd:9d:d4:49:73:97:5f:c8:b9:7c:d4:b7:a3:3c:
         7f:42:41:a7:23:29:a7:84:d9:a9:08:d8:f1:cf:4d:85:01:ba:
         43:4f:a9:44:ac:d7:2e:28:b3:2d:17:04:01:33:f4:20:ae:c8:
         33:8e:d1:b9:1f:78:59:3e:b9:2f:44:ec:31:8a:36:7d:4c:7a:
         74:53:8a:00:bd:dc:2e:23:bd:ef:3b:17:89:eb:0a:e0:5a:b8:
         72:9c:a4:7c:36:f3:da:40:b4:3b:16:61:95:3a:12:9c:01:66:
         35:07:7e:7f:22:66:52:71:37:89:27:a1:9e:e3:ec:03:c0:ca:
         ba:77:d0:ae:f5:aa:c9:91:86:0d:32:6c:b1:92:27:29:7e:aa:
         25:b7:f4:4a
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYe0kz53wiOdNw1GP5U8CiY2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiMTg3MGM5NmVmMDk3MjM4MTFmYjg5MjUwZWVhNmViYTk2
M2MwZGYwHhcNMjMwNDI0MTg0MjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODE3M2MzMWZjOTdmZjM3NjA3MTEzMWFjMjZlZjc4NGRlY2UwMjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoD5ABiF1eMK8QqUdm0H4fv0xGUkm
/H+sF5/RzQFQzZCyjQZsmXGsrz5rFcWOIqEnQ/xGo6crgoHI8gITk+KcYfiGIssa
iJpKP9LrRUCmabOFn5EkxJ1hi99xXRqIVmYNWYrjP4vsOFr5Ev0j9kDjYbb3+Srk
KyA/RbXNKEuK6gCD0nJ19LbMbNQ5KWnWxnFC8ipyZ/as6VWxQwtFpgraYv+7UL/S
+uVTMCPPxlcWfT1ukYeFcaPjMW85NGgwWr8z2eh6jNA0LSV+hoS6sY7tn5pJdQOC
Hf095au1KKxLDfPNKKNqMBAKONUSEXY97GIknc+kVhieCyFnJpSRH6O3mwIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFAgXPDH8l/83YHETGsJu94TezgJFMB8GA1UdIwQY
MBaAFAsYcMlu8JcjgR+4klDupuupY8DfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3hod3lXN3dseU9CSDdpU1VPNm02Nmxqd044LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny84NzcwMmEtM2FmNi00NmM3LWExMjMt
YTJlMjRmOTgwYjNmLzEvQ0JjOE1meVhfemRnY1JNYXdtNzNoTjdPQWtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny84NzcwMmEtM2FmNi00NmM3LWExMjMtYTJlMjRmOTgwYjNm
LzEvQ3hod3lXN3dseU9CSDdpU1VPNm02Nmxqd044LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMBhEAwDQYJ
KoZIhvcNAQELBQADggEBALIR/GVCXl5D1N/xADYa1wGvEsstY4h8WhXu2TTPFXc9
SICLnePA61eNaBCmRtloicgI1x6Rhr6OwLHnKsOozKUpEDG8wNYIJIBHmAveLyZF
GMymyH3Bp+w5lCalUlwmvo6r8uNSQV67H27LQ1OSUU/NndRJc5dfyLl81LejPH9C
QacjKaeE2akI2PHPTYUBukNPqUSs1y4osy0XBAEz9CCuyDOO0bkfeFk+uS9E7DGK
Nn1MenRTigC93C4jve87F4nrCuBauHKcpHw289pAtDsWYZU6EpwBZjUHfn8iZlJx
N4knoZ7j7APAyrp30K71qsmRhg0ybLGSJyl+qiW39Eo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:31 2024 by rpki-client on console-fra.rpki-client.org