Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/8DySevbRGCylAy9VmjLSU7Er854.roa
File:                     8DySevbRGCylAy9VmjLSU7Er854.roa (raw, json)
Hash identifier:          rqFT9THMydsOQh39domLesV7mFEoh4vOpT7xuqW5olo=
Subject key identifier:   F0:3C:92:7A:F6:D1:18:2C:A5:03:2F:55:9A:32:D2:53:B1:2B:F3:9E
Certificate issuer:       /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial:       018C83552FC39A2033D81FF50623F6323620
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/8DySevbRGCylAy9VmjLSU7Er854.roa
Signing time:             Tue 19 Dec 2023 18:27:27 +0000
ROA not before:           Tue 19 Dec 2023 18:27:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207713
IP address blocks:        188.130.196.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:30:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:83:55:2f:c3:9a:20:33:d8:1f:f5:06:23:f6:32:36:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
        Validity
            Not Before: Dec 19 18:27:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f03c927af6d1182ca5032f559a32d253b12bf39e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:c7:71:e4:d8:84:af:1e:ca:a6:f0:e4:4f:ea:
                    ab:3f:e0:82:91:5b:bf:a6:c3:7f:88:4a:87:c0:5d:
                    70:64:bb:c2:84:fe:57:12:83:49:18:47:be:2e:9b:
                    e8:65:ef:84:91:aa:ae:48:4b:aa:98:7f:32:06:a0:
                    f0:c8:4a:a7:54:04:bb:f3:af:2b:ef:e8:f0:b1:dd:
                    05:2f:e6:db:f1:e5:99:82:65:2c:36:8d:aa:70:b3:
                    59:52:46:95:b6:51:8c:ec:e4:2d:08:75:2c:2d:01:
                    c3:4b:f1:4e:8b:78:c6:45:e2:c8:cd:d1:d0:76:8d:
                    40:16:43:6f:f7:c8:a2:f0:44:96:5d:9b:f8:6c:95:
                    25:5a:9b:a6:03:bf:6c:bc:77:68:d3:42:9c:c9:4d:
                    6b:71:1d:ee:a6:6c:ee:0c:7b:df:53:ae:31:6a:5a:
                    18:16:c1:e2:f0:0b:fd:60:3b:53:4e:47:24:d4:ac:
                    dd:b7:45:72:28:c6:3a:55:c6:28:52:9e:33:ef:91:
                    f2:74:4b:f7:c9:ff:d0:8e:59:93:4c:8e:37:86:a1:
                    08:48:a9:28:4e:3a:83:6b:fe:7c:c5:f5:3f:18:fc:
                    d5:c4:cc:cb:e9:7a:50:a4:28:d7:0c:32:04:6b:de:
                    92:be:0f:0b:55:b5:0d:5f:38:61:c3:c0:83:77:48:
                    c8:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:3C:92:7A:F6:D1:18:2C:A5:03:2F:55:9A:32:D2:53:B1:2B:F3:9E
            X509v3 Authority Key Identifier:
                keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/8DySevbRGCylAy9VmjLSU7Er854.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.130.196.0/22

    Signature Algorithm: sha256WithRSAEncryption
         14:a7:04:b3:ec:c9:fe:2f:88:22:c4:dd:f6:18:de:14:4d:2b:
         9f:3f:b3:ca:e1:b8:4e:12:d5:70:e0:a0:d3:96:a3:d8:1f:af:
         1c:d7:9d:ce:9b:08:e5:d2:c4:62:9e:f5:c7:92:6d:4c:ed:26:
         dc:d9:26:ca:ca:f3:a9:d3:a5:42:fd:68:00:7d:e2:52:f0:9e:
         25:56:e7:fe:d6:82:04:73:b7:5d:09:56:61:45:49:bb:7a:02:
         66:41:2f:0f:fe:12:03:b3:f7:03:d5:4b:75:eb:df:5f:c2:42:
         83:ba:cd:45:2a:89:26:14:f6:ea:7b:8d:3a:3d:7e:7f:5a:9d:
         47:45:7d:fb:ff:94:8f:9d:b0:68:ed:59:65:ef:97:bf:b4:fa:
         44:26:f2:e2:ed:d1:65:23:4a:f3:dc:36:ac:b1:89:2f:a5:69:
         11:68:7e:ea:17:c4:81:79:6f:f4:4f:84:4d:ad:ca:17:3f:4d:
         6f:ec:26:57:84:83:a4:26:f8:c3:ed:fc:e5:39:71:ea:3e:1e:
         ec:96:97:4e:5a:2f:ab:ad:03:c4:b2:e6:85:bb:d8:79:17:75:
         d8:d8:6e:0c:57:fe:97:03:32:45:96:b4:2d:09:34:f3:72:ec:
         1f:2e:60:8c:6b:ca:35:35:ad:95:4c:ab:36:95:a5:e4:4e:20:
         a1:c1:eb:54
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYyDVS/DmiAz2B/1BiP2MjYgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjMxMjE5MTgyNzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDNjOTI3YWY2ZDExODJjYTUwMzJmNTU5YTMyZDI1M2IxMmJmMzllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhMdx5NiErx7KpvDkT+qrP+CCkVu/
psN/iEqHwF1wZLvChP5XEoNJGEe+LpvoZe+EkaquSEuqmH8yBqDwyEqnVAS7868r
7+jwsd0FL+bb8eWZgmUsNo2qcLNZUkaVtlGM7OQtCHUsLQHDS/FOi3jGReLIzdHQ
do1AFkNv98ii8ESWXZv4bJUlWpumA79svHdo00KcyU1rcR3upmzuDHvfU64xaloY
FsHi8Av9YDtTTkck1Kzdt0VyKMY6VcYoUp4z75HydEv3yf/QjlmTTI43hqEISKko
TjqDa/58xfU/GPzVxMzL6XpQpCjXDDIEa96Svg8LVbUNXzhhw8CDd0jIjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPA8knr20RgspQMvVZoy0lOxK/OeMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvOER5U2V2YlJHQ3lsQXk5Vm1qTFNVN0VyODU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCvILEMA0G
CSqGSIb3DQEBCwUAA4IBAQAUpwSz7Mn+L4gixN32GN4UTSufP7PK4bhOEtVw4KDT
lqPYH68c153Omwjl0sRinvXHkm1M7Sbc2SbKyvOp06VC/WgAfeJS8J4lVuf+1oIE
c7ddCVZhRUm7egJmQS8P/hIDs/cD1Ut1699fwkKDus1FKokmFPbqe406PX5/Wp1H
RX37/5SPnbBo7Vll75e/tPpEJvLi7dFlI0rz3DassYkvpWkRaH7qF8SBeW/0T4RN
rcoXP01v7CZXhIOkJvjD7fzlOXHqPh7slpdOWi+rrQPEsuaFu9h5F3XY2G4MV/6X
AzJFlrQtCTTzcuwfLmCMa8o1Na2VTKs2laXkTiChwetU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:57 2024 by rpki-client on console-fra.rpki-client.org