Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/exMU6ogNacxEbj-9zQu6t2eyJcQ.roa
File:                     exMU6ogNacxEbj-9zQu6t2eyJcQ.roa (raw, json)
Hash identifier:          j2O/PQqEJE9P1LcUkvpDxr7Z1x8DpI/0HCjFPBCIyG0=
Subject key identifier:   7B:13:14:EA:88:0D:69:CC:44:6E:3F:BD:CD:0B:BA:B7:67:B2:25:C4
Certificate issuer:       /CN=18101772248996b87d90840c2d27d62549458173
Certificate serial:       01870DA9D6856662CE1DD30645889E6952B6
Authority key identifier: 18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/exMU6ogNacxEbj-9zQu6t2eyJcQ.roa
Signing time:             Thu 23 Mar 2023 08:50:46 +0000
ROA not before:           Thu 23 Mar 2023 08:50:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212238
IP address blocks:        188.64.104.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Fri 23 Jun 2023 06:19:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:0d:a9:d6:85:66:62:ce:1d:d3:06:45:88:9e:69:52:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18101772248996b87d90840c2d27d62549458173
        Validity
            Not Before: Mar 23 08:50:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7b1314ea880d69cc446e3fbdcd0bbab767b225c4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:10:5e:14:b8:35:05:81:e6:9e:5c:cb:2d:f3:
                    a4:8b:43:7e:bd:7f:01:14:b0:8a:ad:1c:bb:7d:77:
                    57:78:ea:0f:ab:63:1c:91:ba:93:f7:df:23:aa:4f:
                    65:34:35:f4:00:e4:33:82:20:2e:02:8e:a0:01:2c:
                    3b:b3:02:2c:79:82:8f:8b:ff:b3:a1:58:37:47:42:
                    e8:e0:db:78:65:9c:a4:52:cb:d0:bf:f5:7c:4d:30:
                    e9:cf:a1:42:d2:41:8a:c2:07:90:b3:eb:68:99:7c:
                    02:6b:94:35:d4:a1:ae:29:e9:bd:67:60:13:8e:43:
                    6e:9a:65:ee:f3:08:57:5a:e7:09:78:95:56:86:64:
                    fe:cb:d9:20:ae:f7:43:a6:02:29:40:d1:b3:b3:69:
                    53:a9:d1:78:ed:19:b8:d3:fb:f2:7b:e4:4a:f4:cc:
                    d1:ad:cc:39:82:2a:a7:d4:43:e0:dd:db:07:04:c0:
                    81:f1:b4:c0:cf:1a:5f:63:11:b3:df:1d:98:52:02:
                    57:ac:a5:76:a0:cd:8e:12:6a:4e:ce:9d:ac:cb:1e:
                    26:a1:16:b5:0c:97:42:5c:31:73:a3:19:c7:30:47:
                    f9:23:8c:7f:57:68:5a:a6:38:fb:53:d6:43:f5:46:
                    85:b5:38:ee:b2:db:b3:05:a3:23:04:d9:73:33:c0:
                    dc:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:13:14:EA:88:0D:69:CC:44:6E:3F:BD:CD:0B:BA:B7:67:B2:25:C4
            X509v3 Authority Key Identifier:
                keyid:18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/exMU6ogNacxEbj-9zQu6t2eyJcQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/GBAXciSJlrh9kIQMLSfWJUlFgXM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.64.104.0/22

    Signature Algorithm: sha256WithRSAEncryption
         44:3d:9f:66:5c:12:93:0d:f7:a4:61:0a:31:32:40:3f:d0:b7:
         21:ed:6d:58:3d:b2:39:36:e6:22:0b:15:39:c8:7a:50:5d:3d:
         f5:ba:61:50:fb:9c:38:80:d0:2d:e6:35:25:30:ee:c1:d0:52:
         ca:b6:90:f3:c7:05:4d:92:d4:f9:a5:0f:8d:ae:7e:4c:95:58:
         a1:02:03:b4:02:b6:42:7b:ff:f8:f2:76:62:40:87:0b:04:e1:
         c2:7f:25:6c:f0:41:19:d9:c4:16:bb:3c:bf:64:06:d1:60:0b:
         a2:fe:b0:a4:6b:c5:7e:e8:23:47:c3:85:c6:cb:55:a3:c2:ad:
         80:cf:7b:91:cf:f7:2a:62:17:57:67:7f:e0:00:84:c7:77:85:
         f4:d2:de:01:72:82:04:ef:f3:65:f7:04:08:13:fb:12:f9:56:
         dc:32:f7:f7:75:46:ca:74:70:76:90:fc:ac:d7:46:9f:4a:e0:
         1c:ba:96:29:e2:08:0e:fb:48:9b:4a:cc:16:23:63:77:68:a6:
         c6:77:76:b9:b9:a5:cb:8d:07:23:e3:aa:4b:bb:1e:0b:80:74:
         0d:2f:91:38:e3:51:ad:4c:72:72:a3:f2:a7:94:6d:30:fc:62:
         0d:0c:a9:d9:fe:52:79:e2:45:f7:01:da:d5:d9:08:60:92:03:
         38:2e:cc:f6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYcNqdaFZmLOHdMGRYieaVK2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4MTAxNzcyMjQ4OTk2Yjg3ZDkwODQwYzJkMjdkNjI1NDk0
NTgxNzMwHhcNMjMwMzIzMDg1MDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjEzMTRlYTg4MGQ2OWNjNDQ2ZTNmYmRjZDBiYmFiNzY3YjIyNWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmBBeFLg1BYHmnlzLLfOki0N+vX8B
FLCKrRy7fXdXeOoPq2MckbqT998jqk9lNDX0AOQzgiAuAo6gASw7swIseYKPi/+z
oVg3R0Lo4Nt4ZZykUsvQv/V8TTDpz6FC0kGKwgeQs+tomXwCa5Q11KGuKem9Z2AT
jkNummXu8whXWucJeJVWhmT+y9kgrvdDpgIpQNGzs2lTqdF47Rm40/vye+RK9MzR
rcw5giqn1EPg3dsHBMCB8bTAzxpfYxGz3x2YUgJXrKV2oM2OEmpOzp2syx4moRa1
DJdCXDFzoxnHMEf5I4x/V2hapjj7U9ZD9UaFtTjustuzBaMjBNlzM8DcTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHsTFOqIDWnMRG4/vc0LurdnsiXEMB8GA1UdIwQY
MBaAFBgQF3IkiZa4fZCEDC0n1iVJRYFzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0JBWGNpU0pscmg5a0lRTUxTZldKVWxGZ1hNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8yMGE1YTUtMGJhMi00MDUyLWJlYjQt
M2NjODVhZDNjMTkwLzEvZXhNVTZvZ05hY3hFYmotOXpRdTZ0MmV5SmNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8yMGE1YTUtMGJhMi00MDUyLWJlYjQtM2NjODVhZDNjMTkw
LzEvR0JBWGNpU0pscmg5a0lRTUxTZldKVWxGZ1hNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCvEBoMA0G
CSqGSIb3DQEBCwUAA4IBAQBEPZ9mXBKTDfekYQoxMkA/0Lch7W1YPbI5NuYiCxU5
yHpQXT31umFQ+5w4gNAt5jUlMO7B0FLKtpDzxwVNktT5pQ+Nrn5MlVihAgO0ArZC
e//48nZiQIcLBOHCfyVs8EEZ2cQWuzy/ZAbRYAui/rCka8V+6CNHw4XGy1Wjwq2A
z3uRz/cqYhdXZ3/gAITHd4X00t4BcoIE7/Nl9wQIE/sS+VbcMvf3dUbKdHB2kPys
10afSuAcupYp4ggO+0ibSswWI2N3aKbGd3a5uaXLjQcj46pLux4LgHQNL5E441Gt
THJyo/KnlG0w/GINDKnZ/lJ54kX3AdrV2QhgkgM4Lsz2
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:38 2024 by rpki-client on console-ams.rpki-client.org