Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/_lP_AEAbVH_j8HUaS4Oi_msphrc.roa
File:                     _lP_AEAbVH_j8HUaS4Oi_msphrc.roa (raw, json)
Hash identifier:          DiP8WxBvDUJUTrC7n5BG2gswCkAGsy5KJg5o/ZzcAV0=
Subject key identifier:   FE:53:FF:00:40:1B:54:7F:E3:F0:75:1A:4B:83:A2:FE:6B:29:86:B7
Certificate issuer:       /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial:       018866D1CA3888F383C74327A77F4483B59D
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/_lP_AEAbVH_j8HUaS4Oi_msphrc.roa
Signing time:             Mon 29 May 2023 09:23:24 +0000
ROA not before:           Mon 29 May 2023 09:23:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     64433
IP address blocks:        213.108.7.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:29:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:66:d1:ca:38:88:f3:83:c7:43:27:a7:7f:44:83:b5:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
        Validity
            Not Before: May 29 09:23:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=fe53ff00401b547fe3f0751a4b83a2fe6b2986b7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:86:2f:42:3f:0b:3d:84:6f:6d:dd:e9:b0:dd:
                    7b:24:50:ee:7f:cf:69:34:49:29:d3:29:76:91:cd:
                    2d:57:3f:d9:dd:a2:3e:5a:f5:85:40:03:13:96:46:
                    c2:e3:dd:7d:e3:5b:19:c8:69:2b:f4:a5:38:36:c3:
                    93:f0:b6:ef:8e:ef:e2:6f:c0:dd:e4:16:8e:0b:52:
                    e5:d4:4d:8b:a1:e5:11:bd:43:39:ad:f2:c7:f2:8e:
                    40:d8:a3:19:bd:5e:a7:83:20:f6:66:06:47:76:d0:
                    d4:c2:77:5c:78:97:7e:3f:0a:29:a1:2d:91:22:e4:
                    fa:01:3d:db:b5:56:9f:b2:73:23:f5:71:d9:16:1f:
                    34:1a:e4:19:25:b5:2f:56:24:81:88:e8:33:d4:4a:
                    08:25:88:ee:5f:a4:75:12:09:fd:b7:32:ee:c0:b8:
                    2d:96:d4:02:f0:75:d1:ed:15:b1:10:03:92:6d:22:
                    7d:67:7c:e7:2d:c9:8b:d8:54:d1:14:16:ed:e7:d5:
                    6a:3a:0e:1d:ff:6f:f7:de:be:6c:e8:db:fa:29:42:
                    d0:eb:42:30:a0:6e:01:14:2f:23:7d:5f:d7:03:43:
                    d0:fe:9c:22:06:b6:c9:ec:42:6a:7b:9e:36:cf:3e:
                    c1:dc:ff:de:6d:1e:ed:a9:a2:1e:4a:0d:3d:89:a6:
                    d1:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:53:FF:00:40:1B:54:7F:E3:F0:75:1A:4B:83:A2:FE:6B:29:86:B7
            X509v3 Authority Key Identifier:
                keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/_lP_AEAbVH_j8HUaS4Oi_msphrc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.108.7.0/24

    Signature Algorithm: sha256WithRSAEncryption
         88:e4:7f:c7:16:61:65:d5:ac:98:4b:51:15:62:0d:69:8c:23:
         c9:aa:47:58:ab:21:c3:3b:59:9c:95:61:54:7a:8d:1c:21:5a:
         c6:60:8d:fe:fa:f9:63:69:56:d4:39:82:4c:2b:9d:5d:c6:24:
         7b:3b:fe:a3:aa:4d:f2:29:6f:df:9c:82:cf:b2:68:6b:ee:54:
         32:62:46:a2:b3:29:a8:f6:1f:6d:57:5f:6b:cf:80:6f:75:9b:
         05:00:bd:ae:6e:cf:da:db:1b:8c:9b:d9:15:3c:8c:64:e8:46:
         ad:11:ba:d0:fd:64:da:6d:77:f0:cb:7b:e5:8c:19:a0:85:28:
         08:49:17:68:8b:20:15:91:79:b2:ed:b0:6e:c6:81:e0:87:b3:
         fb:36:fc:5f:e3:b5:f8:82:d2:3d:4d:02:35:f8:c9:dc:7c:82:
         6b:13:ba:66:48:67:d9:d9:ec:b6:09:4c:a3:40:c4:4e:a7:d9:
         f8:2e:05:3f:51:d6:14:25:80:1c:7f:3c:72:86:30:0a:62:85:
         ab:f7:aa:38:a8:71:df:db:76:88:80:1f:6f:0b:00:3a:d4:4b:
         f5:d2:66:22:76:53:90:e4:94:ed:39:3c:95:b9:a5:e7:55:94:
         40:4b:e8:c6:a1:44:e5:02:f6:bf:0b:e0:41:9b:1c:3d:8a:81:
         e0:be:37:1f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYhm0co4iPODx0Mnp39Eg7WdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjMwNTI5MDkyMzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTUzZmYwMDQwMWI1NDdmZTNmMDc1MWE0YjgzYTJmZTZiMjk4NmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwIYvQj8LPYRvbd3psN17JFDuf89p
NEkp0yl2kc0tVz/Z3aI+WvWFQAMTlkbC491941sZyGkr9KU4NsOT8Lbvju/ib8Dd
5BaOC1Ll1E2LoeURvUM5rfLH8o5A2KMZvV6ngyD2ZgZHdtDUwndceJd+PwopoS2R
IuT6AT3btVafsnMj9XHZFh80GuQZJbUvViSBiOgz1EoIJYjuX6R1Egn9tzLuwLgt
ltQC8HXR7RWxEAOSbSJ9Z3znLcmL2FTRFBbt59VqOg4d/2/33r5s6Nv6KULQ60Iw
oG4BFC8jfV/XA0PQ/pwiBrbJ7EJqe542zz7B3P/ebR7tqaIeSg09iabRiQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP5T/wBAG1R/4/B1GkuDov5rKYa3MB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvX2xQX0FFQWJWSF9qOEhVYVM0T2lfbXNwaHJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1WwHMA0G
CSqGSIb3DQEBCwUAA4IBAQCI5H/HFmFl1ayYS1EVYg1pjCPJqkdYqyHDO1mclWFU
eo0cIVrGYI3++vljaVbUOYJMK51dxiR7O/6jqk3yKW/fnILPsmhr7lQyYkaisymo
9h9tV19rz4BvdZsFAL2ubs/a2xuMm9kVPIxk6EatEbrQ/WTabXfwy3vljBmghSgI
SRdoiyAVkXmy7bBuxoHgh7P7Nvxf47X4gtI9TQI1+MncfIJrE7pmSGfZ2ey2CUyj
QMROp9n4LgU/UdYUJYAcfzxyhjAKYoWr96o4qHHf23aIgB9vCwA61Ev10mYidlOQ
5JTtOTyVuaXnVZRAS+jGoUTlAva/C+BBmxw9ioHgvjcf
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:00 2024 by rpki-client on console-fra.rpki-client.org