Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/2c5af2-0937-4f40-88e0-1104841d374e/1/A02GAh81Ux6KxMyKQox3gExKMkQ.roa
File:                     A02GAh81Ux6KxMyKQox3gExKMkQ.roa (raw, json)
Hash identifier:          3cmFts67dANC2TiUyAdPVgA8ov2jXt3oPJOoLJhWUu4=
Subject key identifier:   03:4D:86:02:1F:35:53:1E:8A:C4:CC:8A:42:8C:77:80:4C:4A:32:44
Certificate issuer:       /CN=479762e88d8f67fad4aa059a1b8b46fa4cc7a893
Certificate serial:       0187B2669A21B63F787679E358487FD93AFE
Authority key identifier: 47:97:62:E8:8D:8F:67:FA:D4:AA:05:9A:1B:8B:46:FA:4C:C7:A8:93
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/R5di6I2PZ_rUqgWaG4tG-kzHqJM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/2c5af2-0937-4f40-88e0-1104841d374e/1/A02GAh81Ux6KxMyKQox3gExKMkQ.roa
Signing time:             Mon 24 Apr 2023 08:34:41 +0000
ROA not before:           Mon 24 Apr 2023 08:34:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211325
IP address blocks:        92.61.180.0/22 maxlen: 22
                          2a13:f480::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:31:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:b2:66:9a:21:b6:3f:78:76:79:e3:58:48:7f:d9:3a:fe
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=479762e88d8f67fad4aa059a1b8b46fa4cc7a893
        Validity
            Not Before: Apr 24 08:34:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=034d86021f35531e8ac4cc8a428c77804c4a3244
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:9c:1c:c5:c6:f6:91:0e:4d:ef:20:95:52:95:
                    45:14:97:b5:20:d8:cc:75:7d:a7:a1:60:0e:89:7b:
                    1b:d0:bf:0d:ea:54:6a:59:3c:39:40:a6:6b:e7:08:
                    b3:bc:ee:5a:10:e7:72:4a:42:86:87:c0:41:a9:83:
                    67:43:46:f5:a1:86:b4:34:2c:ea:44:0f:88:67:cc:
                    74:7f:c9:56:14:cc:0f:4b:7d:eb:ee:94:c8:36:e7:
                    b3:59:f1:91:d7:8b:37:22:de:13:bf:42:21:4f:96:
                    a9:db:b2:36:c7:d6:e0:a6:e0:15:95:9c:14:d6:4e:
                    97:cb:32:15:a8:fb:02:14:f8:88:de:ea:2d:b3:f7:
                    3f:78:12:67:f5:79:27:ac:ce:20:77:1c:f7:e4:da:
                    5e:39:98:ab:5a:32:9f:95:ba:bc:dc:02:fb:79:6d:
                    3d:b7:10:a3:cd:56:28:8c:10:eb:e3:d3:8f:2f:8b:
                    1a:b0:f2:3e:e8:c0:96:d7:12:b1:2f:a1:78:5f:89:
                    5f:e9:9f:b0:dc:ce:28:fd:3e:e9:3e:84:e8:d7:5e:
                    9d:13:58:21:d3:90:a1:dc:66:9f:eb:6b:d7:b1:44:
                    b5:d3:9a:08:4c:66:eb:10:7d:3c:78:8e:7c:cd:49:
                    1e:c9:dd:7a:12:af:cc:1e:bf:ef:9b:c1:f5:dc:90:
                    97:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:4D:86:02:1F:35:53:1E:8A:C4:CC:8A:42:8C:77:80:4C:4A:32:44
            X509v3 Authority Key Identifier:
                keyid:47:97:62:E8:8D:8F:67:FA:D4:AA:05:9A:1B:8B:46:FA:4C:C7:A8:93

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R5di6I2PZ_rUqgWaG4tG-kzHqJM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/2c5af2-0937-4f40-88e0-1104841d374e/1/A02GAh81Ux6KxMyKQox3gExKMkQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/2c5af2-0937-4f40-88e0-1104841d374e/1/R5di6I2PZ_rUqgWaG4tG-kzHqJM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  92.61.180.0/22
                IPv6:
                  2a13:f480::/29

    Signature Algorithm: sha256WithRSAEncryption
         39:aa:af:cd:67:e9:73:67:82:54:d3:01:f7:c6:31:98:02:b6:
         9b:3b:d0:a6:66:dd:9f:2a:e7:cd:c3:a1:1b:f4:33:19:75:42:
         42:a8:09:17:b3:42:a0:71:cd:76:ea:76:7d:54:57:55:d3:a3:
         70:ed:e6:48:a6:cb:ee:09:53:d5:1e:79:fd:7c:10:06:4f:b3:
         c5:5b:0f:8f:b2:bd:7e:e1:63:bc:ad:6b:49:b3:ea:e9:08:3c:
         f0:bb:60:b8:d5:aa:d7:bd:bd:64:69:dc:1e:d3:b0:47:c9:37:
         5a:b5:98:ba:c6:d2:64:41:8c:6a:fb:8b:0e:ad:88:dc:24:78:
         e1:ba:13:0a:ef:68:a3:13:8d:04:38:2e:bf:8d:3c:47:bd:db:
         61:cc:45:76:2d:c7:d6:d6:44:e3:8f:71:f3:77:9a:84:e8:be:
         4d:8c:cf:ba:14:4d:18:ab:02:55:0d:68:f9:b9:39:14:5c:2e:
         27:c2:34:26:94:7e:26:52:c3:90:8a:bd:39:0b:7a:f2:d6:8e:
         14:22:39:1d:a5:b3:80:5d:43:c0:ec:8f:53:a8:ec:29:86:0b:
         fa:7e:ba:3c:eb:63:d6:c0:57:5d:9e:7f:4d:02:8a:35:de:98:
         68:82:89:4c:fa:7e:74:0f:3f:4d:74:bf:88:e9:9d:cb:04:90:
         0c:fd:31:b3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYeyZpohtj94dnnjWEh/2Tr+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3OTc2MmU4OGQ4ZjY3ZmFkNGFhMDU5YTFiOGI0NmZhNGNj
N2E4OTMwHhcNMjMwNDI0MDgzNDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzRkODYwMjFmMzU1MzFlOGFjNGNjOGE0MjhjNzc4MDRjNGEzMjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwZwcxcb2kQ5N7yCVUpVFFJe1INjM
dX2noWAOiXsb0L8N6lRqWTw5QKZr5wizvO5aEOdySkKGh8BBqYNnQ0b1oYa0NCzq
RA+IZ8x0f8lWFMwPS33r7pTINuezWfGR14s3It4Tv0IhT5ap27I2x9bgpuAVlZwU
1k6XyzIVqPsCFPiI3uots/c/eBJn9XknrM4gdxz35NpeOZirWjKflbq83AL7eW09
txCjzVYojBDr49OPL4sasPI+6MCW1xKxL6F4X4lf6Z+w3M4o/T7pPoTo116dE1gh
05Ch3Gaf62vXsUS105oITGbrEH08eI58zUkeyd16Eq/MHr/vm8H13JCXTQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFANNhgIfNVMeisTMikKMd4BMSjJEMB8GA1UdIwQY
MBaAFEeXYuiNj2f61KoFmhuLRvpMx6iTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjVkaTZJMlBaX3JVcWdXYUc0dEcta3pIcUpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS8yYzVhZjItMDkzNy00ZjQwLTg4ZTAt
MTEwNDg0MWQzNzRlLzEvQTAyR0FoODFVeDZLeE15S1FveDNnRXhLTWtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS8yYzVhZjItMDkzNy00ZjQwLTg4ZTAtMTEwNDg0MWQzNzRl
LzEvUjVkaTZJMlBaX3JVcWdXYUc0dEcta3pIcUpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCXD20MA0E
AgACMAcDBQMqE/SAMA0GCSqGSIb3DQEBCwUAA4IBAQA5qq/NZ+lzZ4JU0wH3xjGY
ArabO9CmZt2fKufNw6Eb9DMZdUJCqAkXs0Kgcc126nZ9VFdV06Nw7eZIpsvuCVPV
Hnn9fBAGT7PFWw+Psr1+4WO8rWtJs+rpCDzwu2C41arXvb1kadwe07BHyTdatZi6
xtJkQYxq+4sOrYjcJHjhuhMK72ijE40EOC6/jTxHvdthzEV2LcfW1kTjj3Hzd5qE
6L5NjM+6FE0YqwJVDWj5uTkUXC4nwjQmlH4mUsOQir05C3ry1o4UIjkdpbOAXUPA
7I9TqOwphgv6fro862PWwFddnn9NAoo13phogolM+n50Dz9NdL+I6Z3LBJAM/TGz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:29 2024 by rpki-client on console-fra.rpki-client.org