Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/e828b7-b1d8-4f40-bd30-7c0497913af0/1/mIzAEPqF8Ue2M4qRSRcD70hLKnY.roa
File:                     mIzAEPqF8Ue2M4qRSRcD70hLKnY.roa (raw, json)
Hash identifier:          W+SyB68jEDwMdg/X1L12pStLUrNDU2DlcwmhgYIENws=
Subject key identifier:   98:8C:C0:10:FA:85:F1:47:B6:33:8A:91:49:17:03:EF:48:4B:2A:76
Certificate issuer:       /CN=4d0f2ee77621ea25c2819d4eac95c581877e30cd
Certificate serial:       018572BA7EA3133FF993CF56CCFA26ED1B3E
Authority key identifier: 4D:0F:2E:E7:76:21:EA:25:C2:81:9D:4E:AC:95:C5:81:87:7E:30:CD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TQ8u53Yh6iXCgZ1OrJXFgYd-MM0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/68/e828b7-b1d8-4f40-bd30-7c0497913af0/1/mIzAEPqF8Ue2M4qRSRcD70hLKnY.roa
Signing time:             Mon 02 Jan 2023 13:45:02 +0000
ROA not before:           Mon 02 Jan 2023 13:45:02 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     58340
IP address blocks:        83.146.128.0/20 maxlen: 20
                          193.177.188.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 14:35:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:ba:7e:a3:13:3f:f9:93:cf:56:cc:fa:26:ed:1b:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4d0f2ee77621ea25c2819d4eac95c581877e30cd
        Validity
            Not Before: Jan  2 13:45:02 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=988cc010fa85f147b6338a91491703ef484b2a76
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:53:aa:2f:2e:7c:7c:c6:bc:8a:93:70:d9:34:
                    1a:3d:98:28:f0:81:53:c7:bf:66:bb:29:22:7e:ec:
                    de:c4:7a:a9:b2:c3:78:6c:f0:62:57:31:d7:23:80:
                    22:95:d7:af:74:61:95:37:5f:30:ba:f4:cb:10:8b:
                    ba:63:53:64:a6:a7:7f:20:70:a8:05:09:aa:cd:de:
                    c3:bd:a0:c4:ad:aa:38:24:a9:99:ca:4b:93:c2:9c:
                    60:8a:ba:5b:1d:0c:2f:41:20:8e:e5:21:3c:79:64:
                    be:65:d8:96:d3:9e:d5:06:42:e2:f2:bf:1b:80:90:
                    cc:b6:4f:6e:a9:4b:c2:00:76:63:d6:c7:32:e9:1d:
                    71:2c:9f:9b:e8:77:d9:a7:a5:6b:16:38:96:0a:9a:
                    5e:02:65:af:9c:6f:b4:de:5f:62:3c:29:89:15:4c:
                    43:56:93:7d:6b:0a:89:0d:4f:ac:67:5d:e2:0e:0a:
                    91:50:40:a1:00:5d:fe:fa:14:ab:b5:3b:9f:7e:cf:
                    a9:3a:e8:76:f4:e8:a4:b2:ed:b5:74:2d:88:7a:fb:
                    32:a4:3d:8e:79:42:42:77:3a:7e:ba:95:25:9b:5a:
                    8e:2e:49:94:20:2b:9a:f4:7c:44:0c:75:d7:b1:3f:
                    75:98:65:e8:5e:39:9b:86:ad:61:2b:25:90:28:13:
                    0e:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:8C:C0:10:FA:85:F1:47:B6:33:8A:91:49:17:03:EF:48:4B:2A:76
            X509v3 Authority Key Identifier:
                keyid:4D:0F:2E:E7:76:21:EA:25:C2:81:9D:4E:AC:95:C5:81:87:7E:30:CD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TQ8u53Yh6iXCgZ1OrJXFgYd-MM0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/e828b7-b1d8-4f40-bd30-7c0497913af0/1/mIzAEPqF8Ue2M4qRSRcD70hLKnY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/68/e828b7-b1d8-4f40-bd30-7c0497913af0/1/TQ8u53Yh6iXCgZ1OrJXFgYd-MM0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  83.146.128.0/20
                  193.177.188.0/22

    Signature Algorithm: sha256WithRSAEncryption
         88:85:bf:c4:0d:01:8e:b7:5b:a4:8b:29:9c:44:90:b0:b4:06:
         7c:21:21:e0:84:41:25:43:e3:e0:67:39:a3:20:d0:66:a9:58:
         6d:88:5f:c8:56:f9:f8:49:26:d0:a7:ee:e4:4d:36:b6:07:35:
         9f:a8:2d:bc:2a:39:0c:5d:fb:71:e9:fa:12:6a:e0:a8:d0:48:
         7b:8c:05:ad:5d:6e:ce:72:07:48:d9:4f:ec:fc:c2:35:6b:68:
         92:7a:ee:5a:a4:20:b6:6e:03:02:f0:bb:b6:ae:09:4a:62:98:
         78:c0:7f:2b:3d:63:8b:67:43:6c:ef:f2:5f:9a:07:df:87:59:
         bf:6c:ba:bf:ca:b5:05:9a:51:7b:f7:8e:07:5f:33:9d:ef:a0:
         64:9a:f5:91:4d:bc:ee:0a:a8:49:9f:5c:b6:f4:fd:7e:87:57:
         c8:91:5d:54:8b:5d:3d:ad:23:d0:e8:75:a6:ae:cd:30:a9:82:
         d6:4e:f4:9b:4b:59:f0:39:59:95:d5:d0:7a:b9:f0:2e:d7:0f:
         06:4d:0e:4e:69:d8:a6:ad:1b:ba:65:9c:09:7f:98:48:3d:08:
         6a:e1:d9:09:c5:4f:c0:71:07:db:51:f6:b2:e6:66:d2:a2:00:
         c0:36:d3:d4:9b:82:d8:93:6b:60:4d:7a:b7:d6:e3:07:ea:ab:
         2d:b0:a1:0c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVyun6jEz/5k89WzPom7Rs+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkMGYyZWU3NzYyMWVhMjVjMjgxOWQ0ZWFjOTVjNTgxODc3
ZTMwY2QwHhcNMjMwMTAyMTM0NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODhjYzAxMGZhODVmMTQ3YjYzMzhhOTE0OTE3MDNlZjQ4NGIyYTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAklOqLy58fMa8ipNw2TQaPZgo8IFT
x79muykifuzexHqpssN4bPBiVzHXI4AildevdGGVN18wuvTLEIu6Y1Nkpqd/IHCo
BQmqzd7DvaDErao4JKmZykuTwpxgirpbHQwvQSCO5SE8eWS+ZdiW057VBkLi8r8b
gJDMtk9uqUvCAHZj1scy6R1xLJ+b6HfZp6VrFjiWCppeAmWvnG+03l9iPCmJFUxD
VpN9awqJDU+sZ13iDgqRUEChAF3++hSrtTuffs+pOuh29Oiksu21dC2IevsypD2O
eUJCdzp+upUlm1qOLkmUICua9HxEDHXXsT91mGXoXjmbhq1hKyWQKBMOQQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJiMwBD6hfFHtjOKkUkXA+9ISyp2MB8GA1UdIwQY
MBaAFE0PLud2IeolwoGdTqyVxYGHfjDNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFE4dTUzWWg2aVhDZ1oxT3JKWEZnWWQtTU0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC9lODI4YjctYjFkOC00ZjQwLWJkMzAt
N2MwNDk3OTEzYWYwLzEvbUl6QUVQcUY4VWUyTTRxUlNSY0Q3MGhMS25ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC9lODI4YjctYjFkOC00ZjQwLWJkMzAtN2MwNDk3OTEzYWYw
LzEvVFE4dTUzWWg2aVhDZ1oxT3JKWEZnWWQtTU0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEU5KAAwQC
wbG8MA0GCSqGSIb3DQEBCwUAA4IBAQCIhb/EDQGOt1ukiymcRJCwtAZ8ISHghEEl
Q+PgZzmjINBmqVhtiF/IVvn4SSbQp+7kTTa2BzWfqC28KjkMXftx6foSauCo0Eh7
jAWtXW7OcgdI2U/s/MI1a2iSeu5apCC2bgMC8Lu2rglKYph4wH8rPWOLZ0Ns7/Jf
mgffh1m/bLq/yrUFmlF7944HXzOd76BkmvWRTbzuCqhJn1y29P1+h1fIkV1Ui109
rSPQ6HWmrs0wqYLWTvSbS1nwOVmV1dB6ufAu1w8GTQ5OadimrRu6ZZwJf5hIPQhq
4dkJxU/AcQfbUfay5mbSogDANtPUm4LYk2tgTXq31uMH6qstsKEM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:28 2024 by rpki-client on console-fra.rpki-client.org