Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/27ca16-f46b-4f8e-b92e-5ed089c1afed/1/BwzivSMoRDfPAhKRCD-J1x_VLwc.roa
File:                     BwzivSMoRDfPAhKRCD-J1x_VLwc.roa (raw, json)
Hash identifier:          LHC4oFEiH7slj7uRANBq6FCuR1AaPYSd7b0D9VJsXT8=
Subject key identifier:   07:0C:E2:BD:23:28:44:37:CF:02:12:91:08:3F:89:D7:1F:D5:2F:07
Certificate issuer:       /CN=67920420f722f7d7f3c4b25a80e17d7290171180
Certificate serial:       01856CCAD2194DAA882EB894F334117D16E4
Authority key identifier: 67:92:04:20:F7:22:F7:D7:F3:C4:B2:5A:80:E1:7D:72:90:17:11:80
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Z5IEIPci99fzxLJagOF9cpAXEYA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/82/27ca16-f46b-4f8e-b92e-5ed089c1afed/1/BwzivSMoRDfPAhKRCD-J1x_VLwc.roa
Signing time:             Sun 01 Jan 2023 10:05:09 +0000
ROA not before:           Sun 01 Jan 2023 10:05:09 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     8280
IP address blocks:        185.82.36.0/24 maxlen: 32
                          185.82.38.0/24 maxlen: 32
                          185.82.36.0/22 maxlen: 24
                          185.82.37.0/24 maxlen: 32
                          185.82.39.0/24 maxlen: 32

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:33:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:ca:d2:19:4d:aa:88:2e:b8:94:f3:34:11:7d:16:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=67920420f722f7d7f3c4b25a80e17d7290171180
        Validity
            Not Before: Jan  1 10:05:09 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=070ce2bd23284437cf021291083f89d71fd52f07
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:4f:4f:04:02:d8:86:98:43:7f:69:82:63:49:
                    86:4b:01:f1:be:a6:cd:35:4a:d1:f0:c9:46:f0:42:
                    62:fe:11:f5:ea:c0:c8:de:27:63:01:90:0f:1f:68:
                    bd:2e:d6:db:39:65:18:38:97:08:36:54:c7:f1:c6:
                    e8:51:e7:b3:2b:ad:6d:43:e6:da:13:ac:1e:1b:21:
                    38:88:f9:47:c2:9e:84:05:3c:01:8f:bd:31:a6:1a:
                    eb:a7:34:17:e5:86:6d:fc:7c:47:c4:2e:9b:19:0d:
                    ec:5f:86:b0:fe:34:3b:4e:65:ca:91:ee:d1:24:64:
                    63:34:fd:69:7a:24:8c:1b:98:43:e0:7e:1f:5f:c6:
                    7a:ee:1b:5c:b1:38:d3:bb:7e:4f:a9:92:4e:98:f9:
                    a7:9a:da:65:49:6b:6c:f7:67:d9:98:fe:cd:2d:a1:
                    39:08:51:c0:af:46:df:5a:f1:4b:ae:e7:17:42:49:
                    15:ec:5e:12:d5:52:e0:06:3e:b7:6f:5c:28:3e:7f:
                    52:8e:51:c8:47:4d:98:df:e2:03:84:34:78:bb:48:
                    d3:dd:93:03:7b:32:df:21:62:96:7f:ac:b7:7b:69:
                    93:be:1c:0b:b0:f1:06:2d:70:1c:cb:ae:0e:4c:78:
                    39:c4:45:b7:7f:9e:fc:ea:fb:5e:1d:a8:43:3d:82:
                    4c:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:0C:E2:BD:23:28:44:37:CF:02:12:91:08:3F:89:D7:1F:D5:2F:07
            X509v3 Authority Key Identifier:
                keyid:67:92:04:20:F7:22:F7:D7:F3:C4:B2:5A:80:E1:7D:72:90:17:11:80

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z5IEIPci99fzxLJagOF9cpAXEYA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/27ca16-f46b-4f8e-b92e-5ed089c1afed/1/BwzivSMoRDfPAhKRCD-J1x_VLwc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/82/27ca16-f46b-4f8e-b92e-5ed089c1afed/1/Z5IEIPci99fzxLJagOF9cpAXEYA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.82.36.0/22

    Signature Algorithm: sha256WithRSAEncryption
         70:55:06:5b:63:f4:3d:2d:e0:2c:6f:dc:49:cc:13:3e:f6:75:
         2c:5e:86:1f:fb:f1:68:47:56:55:c4:7f:80:52:de:4c:4d:0c:
         e8:8e:cc:6f:01:1a:37:14:cd:f0:42:81:5d:1f:91:8a:b0:08:
         38:0a:24:48:20:1f:80:7f:17:bd:f4:27:d1:54:46:93:c8:ae:
         23:3f:60:c4:44:91:a8:0a:0e:d3:62:f7:18:01:45:67:52:63:
         50:64:f9:1d:dc:d1:41:fc:bb:1a:fd:cd:44:0a:9c:ff:b4:6a:
         26:11:d7:4c:9a:9e:8f:c2:f4:c9:b7:d6:d9:19:55:59:18:b7:
         fe:53:3b:70:46:50:7a:30:21:c1:f1:3c:ee:a2:89:02:8e:e1:
         d7:7f:c1:2f:ab:6c:fa:11:e8:b9:80:f9:5f:7a:fe:2b:20:27:
         8e:91:bc:96:ea:f9:cf:28:c5:82:17:4a:17:f2:56:26:81:42:
         84:30:33:dc:b7:7c:f3:06:59:b2:06:f7:9a:80:07:62:f4:fb:
         f2:e2:05:7e:25:94:b3:cd:2b:bb:e4:2d:13:60:66:26:55:f1:
         2d:f5:fd:3f:3a:85:29:77:16:6d:ac:61:dd:42:49:a1:53:89:
         86:99:0f:5e:34:d2:0e:81:1d:15:0f:cd:02:79:4b:d6:4f:91:
         b2:70:f4:2b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsytIZTaqILriU8zQRfRbkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3OTIwNDIwZjcyMmY3ZDdmM2M0YjI1YTgwZTE3ZDcyOTAx
NzExODAwHhcNMjMwMTAxMTAwNTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzBjZTJiZDIzMjg0NDM3Y2YwMjEyOTEwODNmODlkNzFmZDUyZjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiE9PBALYhphDf2mCY0mGSwHxvqbN
NUrR8MlG8EJi/hH16sDI3idjAZAPH2i9LtbbOWUYOJcINlTH8cboUeezK61tQ+ba
E6weGyE4iPlHwp6EBTwBj70xphrrpzQX5YZt/HxHxC6bGQ3sX4aw/jQ7TmXKke7R
JGRjNP1peiSMG5hD4H4fX8Z67htcsTjTu35PqZJOmPmnmtplSWts92fZmP7NLaE5
CFHAr0bfWvFLrucXQkkV7F4S1VLgBj63b1woPn9SjlHIR02Y3+IDhDR4u0jT3ZMD
ezLfIWKWf6y3e2mTvhwLsPEGLXAcy64OTHg5xEW3f5786vteHahDPYJMcQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAcM4r0jKEQ3zwISkQg/idcf1S8HMB8GA1UdIwQY
MBaAFGeSBCD3IvfX88SyWoDhfXKQFxGAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjVJRUlQY2k5OWZ6eExKYWdPRjljcEFYRVlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8yN2NhMTYtZjQ2Yi00ZjhlLWI5MmUt
NWVkMDg5YzFhZmVkLzEvQnd6aXZTTW9SRGZQQWhLUkNELUoxeF9WTHdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8yN2NhMTYtZjQ2Yi00ZjhlLWI5MmUtNWVkMDg5YzFhZmVk
LzEvWjVJRUlQY2k5OWZ6eExKYWdPRjljcEFYRVlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVIkMA0G
CSqGSIb3DQEBCwUAA4IBAQBwVQZbY/Q9LeAsb9xJzBM+9nUsXoYf+/FoR1ZVxH+A
Ut5MTQzojsxvARo3FM3wQoFdH5GKsAg4CiRIIB+Afxe99CfRVEaTyK4jP2DERJGo
Cg7TYvcYAUVnUmNQZPkd3NFB/Lsa/c1ECpz/tGomEddMmp6PwvTJt9bZGVVZGLf+
UztwRlB6MCHB8TzuookCjuHXf8Evq2z6Eei5gPlfev4rICeOkbyW6vnPKMWCF0oX
8lYmgUKEMDPct3zzBlmyBveagAdi9Pvy4gV+JZSzzSu75C0TYGYmVfEt9f0/OoUp
dxZtrGHdQkmhU4mGmQ9eNNIOgR0VD80CeUvWT5GycPQr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:07 2024 by rpki-client on console-fra.rpki-client.org