Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/70cb80-4e6d-46a5-b1b4-4e3f4d68f682/1/fV8kfFVPe233W-p0qVO2GdOqe0Q.roa
File:                     fV8kfFVPe233W-p0qVO2GdOqe0Q.roa (raw, json)
Hash identifier:          D+4Mo4yEHRdPSNp3KGIE/M45oofwrckh8BoGJ8/NN6U=
Subject key identifier:   7D:5F:24:7C:55:4F:7B:6D:F7:5B:EA:74:A9:53:B6:19:D3:AA:7B:44
Certificate issuer:       /CN=74267f3ecfcc61668e0501bca60ced6dd75d347c
Certificate serial:       01856D5D2457A38E50448360285C2951FACF
Authority key identifier: 74:26:7F:3E:CF:CC:61:66:8E:05:01:BC:A6:0C:ED:6D:D7:5D:34:7C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/dCZ_Ps_MYWaOBQG8pgztbdddNHw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/67/70cb80-4e6d-46a5-b1b4-4e3f4d68f682/1/fV8kfFVPe233W-p0qVO2GdOqe0Q.roa
Signing time:             Sun 01 Jan 2023 12:44:58 +0000
ROA not before:           Sun 01 Jan 2023 12:44:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     2200
IP address blocks:        192.44.76.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:5d:24:57:a3:8e:50:44:83:60:28:5c:29:51:fa:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=74267f3ecfcc61668e0501bca60ced6dd75d347c
        Validity
            Not Before: Jan  1 12:44:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7d5f247c554f7b6df75bea74a953b619d3aa7b44
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:4d:cd:3c:22:2f:02:a5:f1:bc:88:98:7f:b8:
                    e1:9f:ee:83:3d:79:f2:38:8b:dc:3a:93:f9:c5:3b:
                    84:c5:d0:22:db:89:3f:fe:72:09:90:86:cc:36:29:
                    97:b9:e8:4c:b1:1b:6b:f9:19:7d:28:35:7d:23:f4:
                    a4:d5:81:30:82:94:45:bc:e7:0e:0e:00:97:71:e9:
                    ca:b5:ff:3c:36:41:f5:c9:2c:55:e6:a9:97:b5:38:
                    d1:ac:1f:e4:df:5b:f6:90:e8:44:2d:04:a1:d9:3f:
                    42:29:02:8a:c9:12:b8:c8:12:09:af:81:7e:91:62:
                    b0:ea:a8:41:82:ad:2f:c1:56:c1:ed:da:c5:11:26:
                    97:c5:f9:f7:98:e9:f5:6a:84:cc:d1:d5:ef:32:e0:
                    a2:2d:25:0d:67:c9:7f:ab:dc:82:3f:15:81:4a:3f:
                    75:73:6b:c0:a0:d9:5d:ad:3e:87:da:83:cb:03:66:
                    c2:1b:ba:e7:38:b1:81:fd:57:24:6c:86:f8:5a:38:
                    60:90:2b:ed:44:23:ce:9a:04:47:c9:31:9e:90:ca:
                    f9:bf:99:64:22:27:22:0d:dc:9e:ed:ac:38:e0:91:
                    10:0d:74:45:7a:b1:9f:2b:7f:ed:b1:05:69:3e:f7:
                    bf:f5:42:9f:3a:93:8b:63:d1:fe:6f:d4:35:91:2d:
                    22:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:5F:24:7C:55:4F:7B:6D:F7:5B:EA:74:A9:53:B6:19:D3:AA:7B:44
            X509v3 Authority Key Identifier:
                keyid:74:26:7F:3E:CF:CC:61:66:8E:05:01:BC:A6:0C:ED:6D:D7:5D:34:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dCZ_Ps_MYWaOBQG8pgztbdddNHw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/70cb80-4e6d-46a5-b1b4-4e3f4d68f682/1/fV8kfFVPe233W-p0qVO2GdOqe0Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/67/70cb80-4e6d-46a5-b1b4-4e3f4d68f682/1/dCZ_Ps_MYWaOBQG8pgztbdddNHw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.44.76.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2d:2e:12:7c:88:60:87:1c:ca:98:a8:bc:ab:c5:3d:73:2f:55:
         84:21:96:6d:67:c5:58:92:20:1f:c9:86:18:c9:7b:a1:93:75:
         79:47:9a:21:74:9d:f4:85:6f:61:b3:1b:26:08:1e:58:33:63:
         e8:b6:00:be:15:f3:3e:18:e1:50:2a:be:70:ba:6e:0c:39:e6:
         ca:74:86:9b:18:23:67:a7:32:b7:77:c3:c0:69:d1:f8:e1:67:
         ed:1e:59:48:af:7b:d9:0e:72:7e:a8:45:a1:94:29:90:be:a3:
         cf:9d:4f:cc:87:ad:4a:f7:8c:9f:78:29:f5:de:7c:db:f3:25:
         c8:64:75:37:47:b6:36:53:68:a2:e4:3c:c8:c2:36:c5:de:ba:
         cf:f2:41:20:84:11:05:99:1c:73:d7:d3:b7:b0:48:19:f8:2b:
         d5:05:fc:4e:7b:f6:0a:ff:c5:2e:07:9b:4a:85:4e:4e:29:39:
         43:fc:82:9c:d2:80:73:ec:4a:d2:70:c8:59:67:0f:55:b2:d0:
         1f:40:da:b9:a6:31:49:4a:fa:42:d4:07:b0:c7:a2:4a:13:20:
         9f:47:ed:49:c2:d7:a9:7f:53:bc:de:6e:86:00:8f:13:8a:bc:
         31:47:4e:8d:e8:3f:4d:bd:77:3a:57:5a:9a:c6:13:75:d0:af:
         97:d5:0f:86
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtXSRXo45QRINgKFwpUfrPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0MjY3ZjNlY2ZjYzYxNjY4ZTA1MDFiY2E2MGNlZDZkZDc1
ZDM0N2MwHhcNMjMwMTAxMTI0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDVmMjQ3YzU1NGY3YjZkZjc1YmVhNzRhOTUzYjYxOWQzYWE3YjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu03NPCIvAqXxvIiYf7jhn+6DPXny
OIvcOpP5xTuExdAi24k//nIJkIbMNimXuehMsRtr+Rl9KDV9I/Sk1YEwgpRFvOcO
DgCXcenKtf88NkH1ySxV5qmXtTjRrB/k31v2kOhELQSh2T9CKQKKyRK4yBIJr4F+
kWKw6qhBgq0vwVbB7drFESaXxfn3mOn1aoTM0dXvMuCiLSUNZ8l/q9yCPxWBSj91
c2vAoNldrT6H2oPLA2bCG7rnOLGB/VckbIb4WjhgkCvtRCPOmgRHyTGekMr5v5lk
IiciDdye7aw44JEQDXRFerGfK3/tsQVpPve/9UKfOpOLY9H+b9Q1kS0ixQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH1fJHxVT3tt91vqdKlTthnTqntEMB8GA1UdIwQY
MBaAFHQmfz7PzGFmjgUBvKYM7W3XXTR8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZENaX1BzX01ZV2FPQlFHOHBnenRiZGRkTkh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny83MGNiODAtNGU2ZC00NmE1LWIxYjQt
NGUzZjRkNjhmNjgyLzEvZlY4a2ZGVlBlMjMzVy1wMHFWTzJHZE9xZTBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny83MGNiODAtNGU2ZC00NmE1LWIxYjQtNGUzZjRkNjhmNjgy
LzEvZENaX1BzX01ZV2FPQlFHOHBnenRiZGRkTkh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwCxMMA0G
CSqGSIb3DQEBCwUAA4IBAQAtLhJ8iGCHHMqYqLyrxT1zL1WEIZZtZ8VYkiAfyYYY
yXuhk3V5R5ohdJ30hW9hsxsmCB5YM2PotgC+FfM+GOFQKr5wum4MOebKdIabGCNn
pzK3d8PAadH44WftHllIr3vZDnJ+qEWhlCmQvqPPnU/Mh61K94yfeCn13nzb8yXI
ZHU3R7Y2U2ii5DzIwjbF3rrP8kEghBEFmRxz19O3sEgZ+CvVBfxOe/YK/8UuB5tK
hU5OKTlD/IKc0oBz7ErScMhZZw9VstAfQNq5pjFJSvpC1Aewx6JKEyCfR+1Jwtep
f1O83m6GAI8TirwxR06N6D9NvXc6V1qaxhN10K+X1Q+G
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:19 2024 by rpki-client on console-fra.rpki-client.org