Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/87702a-3af6-46c7-a123-a2e24f980b3f/1/OBeKgyaDdIxwPM1dewP-ERq6dw0.roa
File:                     OBeKgyaDdIxwPM1dewP-ERq6dw0.roa (raw, json)
Hash identifier:          BWG3P3ki9RMDyKZEQQlOHbvl9UWFIO1tGEDg2gsX03E=
Subject key identifier:   38:17:8A:83:26:83:74:8C:70:3C:CD:5D:7B:03:FE:11:1A:BA:77:0D
Certificate issuer:       /CN=0b1870c96ef09723811fb89250eea6eba963c0df
Certificate serial:       018570706ACF22E51E54BB21FBF1FC0BCB17
Authority key identifier: 0B:18:70:C9:6E:F0:97:23:81:1F:B8:92:50:EE:A6:EB:A9:63:C0:DF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CxhwyW7wlyOBH7iSUO6m66ljwN8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/87702a-3af6-46c7-a123-a2e24f980b3f/1/OBeKgyaDdIxwPM1dewP-ERq6dw0.roa
Signing time:             Mon 02 Jan 2023 03:04:53 +0000
ROA not before:           Mon 02 Jan 2023 03:04:53 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     378
IP address blocks:        192.114.88.0/22 maxlen: 22
                          132.64.0.0/15 maxlen: 15

Validation:               Failed, certificate revoked on Wed 05 Apr 2023 14:07:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:70:6a:cf:22:e5:1e:54:bb:21:fb:f1:fc:0b:cb:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0b1870c96ef09723811fb89250eea6eba963c0df
        Validity
            Not Before: Jan  2 03:04:53 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=38178a832683748c703ccd5d7b03fe111aba770d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:3f:59:bd:af:46:20:d6:6d:1e:c9:23:fc:d1:
                    40:90:d0:27:00:6a:5f:af:40:f7:f5:71:b6:27:15:
                    f2:ba:eb:8f:ab:b4:46:c7:2d:10:f0:94:c3:35:d7:
                    6b:0b:e7:46:be:91:34:ac:36:1e:e7:b1:09:bb:3f:
                    56:5b:0a:08:60:71:09:64:de:d3:ad:f1:da:2c:62:
                    ef:fe:2c:3d:29:ef:b2:3a:03:94:0c:9f:31:0b:cf:
                    73:39:9a:08:c6:69:e5:fc:b2:0d:e2:de:9b:1c:57:
                    37:7a:3f:5b:31:c7:09:2b:02:82:14:f6:d0:53:11:
                    4b:6f:35:bc:40:9d:72:e2:68:ce:60:51:2e:44:bc:
                    73:98:9b:8e:24:e5:0d:8c:4f:33:c6:5d:89:7a:53:
                    cc:2b:ae:e5:99:8b:22:18:b2:7c:99:f4:f1:92:45:
                    ec:c3:ac:6a:eb:d7:35:2b:cb:17:26:e6:aa:9b:69:
                    ee:58:6b:47:43:3f:4b:a4:fc:53:76:a4:d2:2f:f1:
                    5c:29:6f:40:4e:ba:ba:d5:90:e9:49:31:8c:13:9f:
                    82:23:12:42:78:51:15:b0:1c:1d:1a:aa:9e:7e:05:
                    e7:c6:8b:13:d5:9e:17:41:db:c5:19:7f:a4:67:bd:
                    9e:83:33:95:40:ae:07:21:e5:a7:ac:c5:1d:a5:02:
                    ff:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:17:8A:83:26:83:74:8C:70:3C:CD:5D:7B:03:FE:11:1A:BA:77:0D
            X509v3 Authority Key Identifier:
                keyid:0B:18:70:C9:6E:F0:97:23:81:1F:B8:92:50:EE:A6:EB:A9:63:C0:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CxhwyW7wlyOBH7iSUO6m66ljwN8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/87702a-3af6-46c7-a123-a2e24f980b3f/1/OBeKgyaDdIxwPM1dewP-ERq6dw0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/87702a-3af6-46c7-a123-a2e24f980b3f/1/CxhwyW7wlyOBH7iSUO6m66ljwN8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  132.64.0.0/15
                  192.114.88.0/22

    Signature Algorithm: sha256WithRSAEncryption
         b2:0b:cb:7e:bc:bd:4a:47:c0:c2:c6:a4:58:81:fa:c6:b4:cd:
         07:85:82:2d:e9:27:e2:fb:5c:5f:3d:77:22:ea:fa:6d:09:d4:
         ec:32:20:2d:6d:85:1b:da:31:61:67:38:6a:8d:8e:dc:fe:f7:
         cd:46:9c:de:2e:49:7b:43:82:4c:b4:21:76:e9:48:31:a7:c9:
         f0:a0:5c:91:f4:24:4e:2a:53:32:5a:11:0b:40:ad:e0:6a:78:
         bc:58:5a:e9:d9:65:e4:26:de:e9:67:c4:f8:8e:f2:ff:16:35:
         aa:cd:2c:e5:28:35:ae:72:16:5e:36:23:c0:9f:6e:83:39:4f:
         e4:e2:f3:46:c8:47:ca:46:bf:28:b4:e3:3b:2a:78:44:58:24:
         82:ec:df:1d:e3:39:ad:3f:d0:eb:e4:fe:9e:69:c4:a1:9d:5b:
         9a:a2:56:82:76:69:a6:df:c3:11:c3:32:90:9c:5f:0d:e2:36:
         38:76:fb:8e:c5:3f:9e:64:70:3d:9e:62:db:63:36:c0:02:cc:
         0b:80:4c:66:f0:e7:5e:13:01:15:b1:75:5b:5d:c3:42:c3:35:
         8d:f0:99:a4:4a:be:12:bc:87:9e:60:9a:3f:89:6c:65:81:3a:
         3f:88:ec:25:3a:dd:0e:97:b8:41:1c:c9:98:2d:63:19:94:18:
         bd:6b:e4:66
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgISAYVwcGrPIuUeVLsh+/H8C8sXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiMTg3MGM5NmVmMDk3MjM4MTFmYjg5MjUwZWVhNmViYTk2
M2MwZGYwHhcNMjMwMTAyMDMwNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODE3OGE4MzI2ODM3NDhjNzAzY2NkNWQ3YjAzZmUxMTFhYmE3NzBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmD9Zva9GINZtHskj/NFAkNAnAGpf
r0D39XG2JxXyuuuPq7RGxy0Q8JTDNddrC+dGvpE0rDYe57EJuz9WWwoIYHEJZN7T
rfHaLGLv/iw9Ke+yOgOUDJ8xC89zOZoIxmnl/LIN4t6bHFc3ej9bMccJKwKCFPbQ
UxFLbzW8QJ1y4mjOYFEuRLxzmJuOJOUNjE8zxl2JelPMK67lmYsiGLJ8mfTxkkXs
w6xq69c1K8sXJuaqm2nuWGtHQz9LpPxTdqTSL/FcKW9ATrq61ZDpSTGME5+CIxJC
eFEVsBwdGqqefgXnxosT1Z4XQdvFGX+kZ72egzOVQK4HIeWnrMUdpQL/FwIDAQAB
o4ICDjCCAgowHQYDVR0OBBYEFDgXioMmg3SMcDzNXXsD/hEauncNMB8GA1UdIwQY
MBaAFAsYcMlu8JcjgR+4klDupuupY8DfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3hod3lXN3dseU9CSDdpU1VPNm02Nmxqd044LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny84NzcwMmEtM2FmNi00NmM3LWExMjMt
YTJlMjRmOTgwYjNmLzEvT0JlS2d5YURkSXh3UE0xZGV3UC1FUnE2ZHcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny84NzcwMmEtM2FmNi00NmM3LWExMjMtYTJlMjRmOTgwYjNm
LzEvQ3hod3lXN3dseU9CSDdpU1VPNm02Nmxqd044LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCQGCCsGAQUFBwEHAQH/BBUwEzARBAIAATALAwMBhEADBALA
clgwDQYJKoZIhvcNAQELBQADggEBALILy368vUpHwMLGpFiB+sa0zQeFgi3pJ+L7
XF89dyLq+m0J1OwyIC1thRvaMWFnOGqNjtz+981GnN4uSXtDgky0IXbpSDGnyfCg
XJH0JE4qUzJaEQtAreBqeLxYWunZZeQm3ulnxPiO8v8WNarNLOUoNa5yFl42I8Cf
boM5T+Ti80bIR8pGvyi04zsqeERYJILs3x3jOa0/0Ovk/p5pxKGdW5qiVoJ2aabf
wxHDMpCcXw3iNjh2+47FP55kcD2eYttjNsACzAuATGbw514TARWxdVtdw0LDNY3w
maRKvhK8h55gmj+JbGWBOj+I7CU63Q6XuEEcyZgtYxmUGL1r5GY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:42 2024 by rpki-client on console-ams.rpki-client.org