Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/8b01c2-ecbe-4f88-ae37-504c8fc220ea/1/AvqSDLWvXQOf-ug2lGfSQU3bpps.roa
File:                     AvqSDLWvXQOf-ug2lGfSQU3bpps.roa (raw, json)
Hash identifier:          Ue4A7lfgc4aD9hneR4clfwU2yqjWw4DpGlO+hgs9LH8=
Subject key identifier:   02:FA:92:0C:B5:AF:5D:03:9F:FA:E8:36:94:67:D2:41:4D:DB:A6:9B
Certificate issuer:       /CN=0562d5a67b7a20f865e753163a6ed0e5f347e839
Certificate serial:       018679750425DC88ADC94D33998245F5FAC2
Authority key identifier: 05:62:D5:A6:7B:7A:20:F8:65:E7:53:16:3A:6E:D0:E5:F3:47:E8:39
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BWLVpnt6IPhl51MWOm7Q5fNH6Dk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/82/8b01c2-ecbe-4f88-ae37-504c8fc220ea/1/AvqSDLWvXQOf-ug2lGfSQU3bpps.roa
Signing time:             Wed 22 Feb 2023 14:09:17 +0000
ROA not before:           Wed 22 Feb 2023 14:09:17 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     6658
IP address blocks:        194.1.128.0/24 maxlen: 24
                          194.1.129.0/24 maxlen: 24
                          194.1.140.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 16 May 2023 13:00:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:79:75:04:25:dc:88:ad:c9:4d:33:99:82:45:f5:fa:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0562d5a67b7a20f865e753163a6ed0e5f347e839
        Validity
            Not Before: Feb 22 14:09:17 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=02fa920cb5af5d039ffae8369467d2414ddba69b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:aa:dd:f4:f1:d7:34:c1:8c:71:89:8b:c8:3a:
                    d6:9a:da:c0:ff:2f:14:92:52:38:cb:71:09:14:68:
                    9b:f7:70:64:f2:1e:1d:50:23:75:63:4a:2f:9c:3d:
                    d4:06:9d:ac:65:23:9a:07:78:a1:47:4d:40:c5:0c:
                    63:08:5b:2b:9e:79:40:63:6e:56:90:13:d9:b3:55:
                    77:96:8c:5f:2a:98:59:cb:13:f1:20:f6:66:54:8c:
                    eb:98:c9:4f:88:95:04:64:b1:3d:9d:cc:d5:04:cc:
                    1e:79:07:73:1d:09:8d:6d:fe:c7:bf:83:f1:92:74:
                    82:3e:3d:0b:98:20:e0:8b:71:42:b1:41:89:0b:f9:
                    68:6b:53:9e:04:cd:ec:c9:8a:b4:7a:8a:4a:b8:36:
                    c9:49:ad:5a:09:e4:78:2f:dd:fa:c2:d3:79:31:02:
                    cd:7e:72:9f:48:e2:c2:3e:be:75:b5:de:6f:ad:06:
                    e7:9e:63:66:b9:02:2b:37:ab:6b:a4:34:0d:7f:f9:
                    d3:0c:66:50:f4:a0:7f:be:10:1a:66:ed:a9:55:02:
                    71:97:01:01:ca:8b:b9:fe:ec:74:1f:d2:6f:72:3f:
                    70:06:e8:26:87:45:a8:66:b1:eb:87:e1:1e:59:20:
                    4a:a2:24:c8:25:46:06:91:3f:92:b4:e8:3f:22:eb:
                    62:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:FA:92:0C:B5:AF:5D:03:9F:FA:E8:36:94:67:D2:41:4D:DB:A6:9B
            X509v3 Authority Key Identifier:
                keyid:05:62:D5:A6:7B:7A:20:F8:65:E7:53:16:3A:6E:D0:E5:F3:47:E8:39

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BWLVpnt6IPhl51MWOm7Q5fNH6Dk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/8b01c2-ecbe-4f88-ae37-504c8fc220ea/1/AvqSDLWvXQOf-ug2lGfSQU3bpps.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/82/8b01c2-ecbe-4f88-ae37-504c8fc220ea/1/BWLVpnt6IPhl51MWOm7Q5fNH6Dk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.1.128.0/23
                  194.1.140.0/24

    Signature Algorithm: sha256WithRSAEncryption
         47:37:26:ee:72:7a:ac:da:15:3c:9f:4c:5b:40:2c:3d:71:25:
         44:6b:f0:57:ba:64:5b:fd:f3:27:0b:a6:cc:85:15:50:e7:da:
         b6:2b:9d:b7:e2:ba:70:80:9e:b8:3e:33:30:5e:f2:52:04:42:
         d4:8f:d4:89:b2:29:d2:2c:5e:ba:75:af:bb:54:fc:c2:d0:ce:
         66:d5:c4:b0:0f:ca:f3:32:1b:d9:53:a4:29:fe:7b:81:79:eb:
         14:7e:cc:52:1c:b7:a7:56:0d:a2:14:f0:0d:47:5f:40:67:c0:
         41:25:42:d2:e2:a5:29:9d:46:f5:c9:af:11:71:dd:db:9a:f1:
         20:25:85:75:70:48:75:b4:0a:7a:3d:ed:1a:80:36:bf:d9:41:
         a8:79:4d:56:93:5e:d8:57:fb:eb:ee:cc:a7:67:11:25:d1:c7:
         66:bb:a5:64:e8:0a:e3:b1:91:9b:58:fc:9f:7a:79:d4:6d:e8:
         c8:00:c1:31:c4:a8:5b:8e:42:69:05:36:29:ad:75:96:7e:e3:
         9a:90:b7:dc:c3:4e:88:13:0c:26:b5:c4:82:b5:a8:91:38:5f:
         b9:8b:35:79:b1:f8:de:46:95:53:3b:ad:40:80:26:88:62:7e:
         74:18:1b:b4:fe:e1:ca:36:5e:55:85:51:09:e0:a1:a3:17:9e:
         00:88:e0:ef
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYZ5dQQl3IityU0zmYJF9frCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NjJkNWE2N2I3YTIwZjg2NWU3NTMxNjNhNmVkMGU1ZjM0
N2U4MzkwHhcNMjMwMjIyMTQwOTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmZhOTIwY2I1YWY1ZDAzOWZmYWU4MzY5NDY3ZDI0MTRkZGJhNjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj6rd9PHXNMGMcYmLyDrWmtrA/y8U
klI4y3EJFGib93Bk8h4dUCN1Y0ovnD3UBp2sZSOaB3ihR01AxQxjCFsrnnlAY25W
kBPZs1V3loxfKphZyxPxIPZmVIzrmMlPiJUEZLE9nczVBMweeQdzHQmNbf7Hv4Px
knSCPj0LmCDgi3FCsUGJC/loa1OeBM3syYq0eopKuDbJSa1aCeR4L936wtN5MQLN
fnKfSOLCPr51td5vrQbnnmNmuQIrN6trpDQNf/nTDGZQ9KB/vhAaZu2pVQJxlwEB
you5/ux0H9Jvcj9wBugmh0WoZrHrh+EeWSBKoiTIJUYGkT+StOg/IutiQwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAL6kgy1r10Dn/roNpRn0kFN26abMB8GA1UdIwQY
MBaAFAVi1aZ7eiD4ZedTFjpu0OXzR+g5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQldMVnBudDZJUGhsNTFNV09tN1E1Zk5INkRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi84YjAxYzItZWNiZS00Zjg4LWFlMzct
NTA0YzhmYzIyMGVhLzEvQXZxU0RMV3ZYUU9mLXVnMmxHZlNRVTNicHBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi84YjAxYzItZWNiZS00Zjg4LWFlMzctNTA0YzhmYzIyMGVh
LzEvQldMVnBudDZJUGhsNTFNV09tN1E1Zk5INkRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwgGAAwQA
wgGMMA0GCSqGSIb3DQEBCwUAA4IBAQBHNybucnqs2hU8n0xbQCw9cSVEa/BXumRb
/fMnC6bMhRVQ59q2K5234rpwgJ64PjMwXvJSBELUj9SJsinSLF66da+7VPzC0M5m
1cSwD8rzMhvZU6Qp/nuBeesUfsxSHLenVg2iFPANR19AZ8BBJULS4qUpnUb1ya8R
cd3bmvEgJYV1cEh1tAp6Pe0agDa/2UGoeU1Wk17YV/vr7synZxEl0cdmu6Vk6Arj
sZGbWPyfennUbejIAMExxKhbjkJpBTYprXWWfuOakLfcw06IEwwmtcSCtaiROF+5
izV5sfjeRpVTO61AgCaIYn50GBu0/uHKNl5VhVEJ4KGjF54AiODv
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:54 2024 by rpki-client on console-ams.rpki-client.org