Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/bwMVGvS4VDhN6sgm-af2ZMZ783c.roa
File:                     bwMVGvS4VDhN6sgm-af2ZMZ783c.roa (raw, json)
Hash identifier:          Kg+EHUGIETVNGC0YZaC38tTrrzfDIcdXN0p5yAEfbTg=
Subject key identifier:   6F:03:15:1A:F4:B8:54:38:4D:EA:C8:26:F9:A7:F6:64:C6:7B:F3:77
Certificate issuer:       /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial:       018E8A253C000F64749683AE8132140E47BF
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/bwMVGvS4VDhN6sgm-af2ZMZ783c.roa
Signing time:             Fri 29 Mar 2024 12:17:59 +0000
ROA not before:           Fri 29 Mar 2024 12:17:59 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     207594
IP address blocks:        212.38.83.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 30 Apr 2024 08:22:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:8a:25:3c:00:0f:64:74:96:83:ae:81:32:14:0e:47:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
        Validity
            Not Before: Mar 29 12:17:59 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=6f03151af4b854384deac826f9a7f664c67bf377
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:8c:f6:13:7f:b0:8e:f1:4f:08:16:1b:60:e2:
                    67:d5:73:58:5d:cd:6f:88:25:24:fb:10:a7:19:d4:
                    56:24:37:b2:3e:a3:3b:ae:5f:7d:77:57:04:73:96:
                    e0:5e:55:e0:52:85:0f:8c:12:e4:fc:40:31:50:bb:
                    d4:cf:ba:d3:43:ee:b2:c1:29:86:a4:19:88:b1:b1:
                    f9:11:f6:82:35:21:d1:79:c6:c0:ee:cf:58:d3:80:
                    a2:c3:f2:0a:a8:4b:ae:c1:ab:4c:01:56:41:f4:77:
                    e8:a0:5e:34:69:ee:ec:90:85:1c:d1:08:23:32:56:
                    d1:f1:4c:a3:d9:d0:33:89:e1:07:29:fd:4f:85:43:
                    fd:9d:5e:60:3a:56:bb:c2:ca:b6:0f:2f:ce:08:6a:
                    6a:78:02:e1:72:90:ae:42:97:3b:51:f3:57:5f:3c:
                    36:ee:66:26:31:c2:8c:e4:d3:94:75:8c:2b:a5:90:
                    c6:dc:01:95:ae:a0:cb:47:24:03:8f:21:c3:5a:2a:
                    75:94:d5:0c:b0:da:8c:e8:82:a7:9f:fd:b1:02:bb:
                    90:73:0e:9d:bf:6c:10:26:ec:cc:41:ba:b7:97:8b:
                    bc:18:a2:b4:ab:61:48:f0:33:06:a9:a8:c7:32:99:
                    f5:55:9d:3a:5c:3c:1c:32:ad:d5:1c:94:8c:92:d2:
                    92:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:03:15:1A:F4:B8:54:38:4D:EA:C8:26:F9:A7:F6:64:C6:7B:F3:77
            X509v3 Authority Key Identifier:
                keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/bwMVGvS4VDhN6sgm-af2ZMZ783c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.38.83.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2b:6c:e6:15:d1:8d:98:cd:06:29:be:93:d5:cd:8b:ca:32:fd:
         6a:15:ec:da:03:39:c9:43:45:95:c6:58:f1:23:75:4f:79:7c:
         63:d9:9f:43:ce:bc:15:71:66:a9:96:ea:7d:ed:a3:b7:11:3c:
         29:81:ee:e1:84:ae:a8:f4:6e:1e:2b:79:36:8a:9b:eb:e0:88:
         c1:27:be:a1:8c:18:a9:e5:86:be:6c:d7:da:5e:e2:10:7e:e4:
         37:57:9b:fc:1b:a7:61:57:9d:59:08:73:20:a0:f7:d6:f2:4b:
         32:a4:fa:ae:01:5f:0a:9f:36:10:02:4f:2f:a0:fc:35:cd:29:
         fc:50:9d:f0:a8:eb:d0:0b:a6:f2:31:22:e7:ce:c2:ae:14:12:
         5f:b6:69:71:2f:9c:99:e9:73:1d:b6:07:32:52:a1:79:09:24:
         15:7a:32:0f:6f:92:01:bb:32:34:e2:8d:84:a2:74:00:72:2a:
         c6:c0:9f:6f:22:b0:d3:5e:74:c1:28:a0:65:56:7a:5c:64:55:
         95:05:48:be:00:74:3e:20:1f:ec:30:d9:ef:ad:40:68:f7:b3:
         70:bc:22:62:b2:9a:44:04:e8:1a:fc:4e:94:4d:53:06:6c:b6:
         95:76:4f:3f:31:71:00:0c:66:ee:b2:8d:1f:50:a7:cd:18:fc:
         9e:ba:7d:b1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY6KJTwAD2R0loOugTIUDke/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMzI5MTIxNzU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjAzMTUxYWY0Yjg1NDM4NGRlYWM4MjZmOWE3ZjY2NGM2N2JmMzc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk4z2E3+wjvFPCBYbYOJn1XNYXc1v
iCUk+xCnGdRWJDeyPqM7rl99d1cEc5bgXlXgUoUPjBLk/EAxULvUz7rTQ+6ywSmG
pBmIsbH5EfaCNSHRecbA7s9Y04Ciw/IKqEuuwatMAVZB9HfooF40ae7skIUc0Qgj
MlbR8Uyj2dAzieEHKf1PhUP9nV5gOla7wsq2Dy/OCGpqeALhcpCuQpc7UfNXXzw2
7mYmMcKM5NOUdYwrpZDG3AGVrqDLRyQDjyHDWip1lNUMsNqM6IKnn/2xAruQcw6d
v2wQJuzMQbq3l4u8GKK0q2FI8DMGqajHMpn1VZ06XDwcMq3VHJSMktKS7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG8DFRr0uFQ4TerIJvmn9mTGe/N3MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvYndNVkd2UzRWRGhONnNnbS1hZjJaTVo3ODNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1CZTMA0G
CSqGSIb3DQEBCwUAA4IBAQArbOYV0Y2YzQYpvpPVzYvKMv1qFezaAznJQ0WVxljx
I3VPeXxj2Z9DzrwVcWaplup97aO3ETwpge7hhK6o9G4eK3k2ipvr4IjBJ76hjBip
5Ya+bNfaXuIQfuQ3V5v8G6dhV51ZCHMgoPfW8ksypPquAV8KnzYQAk8voPw1zSn8
UJ3wqOvQC6byMSLnzsKuFBJftmlxL5yZ6XMdtgcyUqF5CSQVejIPb5IBuzI04o2E
onQAcirGwJ9vIrDTXnTBKKBlVnpcZFWVBUi+AHQ+IB/sMNnvrUBo97NwvCJisppE
BOga/E6UTVMGbLaVdk8/MXEADGbuso0fUKfNGPyeun2x
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:24 2024 by rpki-client on console-ams.rpki-client.org