Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/dEsTQxi7cTfc-1iW-jYh2jcn-IM.roa
File:                     dEsTQxi7cTfc-1iW-jYh2jcn-IM.roa (raw, json)
Hash identifier:          PbhN9D8Tke37YOh72KDs5f1NqpofqkJnQQ7GyHck7ww=
Subject key identifier:   74:4B:13:43:18:BB:71:37:DC:FB:58:96:FA:36:21:DA:37:27:F8:83
Certificate issuer:       /CN=66feef09c450990af34779ce701be6cd54b3d924
Certificate serial:       018D1C31DC1FAA37DCB0D0DB92AE018A558D
Authority key identifier: 66:FE:EF:09:C4:50:99:0A:F3:47:79:CE:70:1B:E6:CD:54:B3:D9:24
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/dEsTQxi7cTfc-1iW-jYh2jcn-IM.roa
Signing time:             Thu 18 Jan 2024 10:50:46 +0000
ROA not before:           Thu 18 Jan 2024 10:50:46 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     202520
IP address blocks:        83.168.68.0/23 maxlen: 24
                          83.168.105.0/24 maxlen: 24
                          83.168.106.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 02 Feb 2024 14:36:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:1c:31:dc:1f:aa:37:dc:b0:d0:db:92:ae:01:8a:55:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=66feef09c450990af34779ce701be6cd54b3d924
        Validity
            Not Before: Jan 18 10:50:46 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=744b134318bb7137dcfb5896fa3621da3727f883
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:09:8c:3b:51:e8:b5:10:33:d7:4b:e5:93:84:
                    68:d7:e0:76:33:61:b9:d9:0b:cb:a6:fa:8c:9c:9a:
                    14:dd:b9:a6:1f:c9:e7:1f:83:f1:fe:7c:56:a2:d7:
                    13:b8:c6:4c:ba:e3:53:e6:88:34:24:38:eb:47:93:
                    93:0e:30:ae:cc:0e:5a:8c:96:8b:84:57:f5:13:7d:
                    e7:f2:d0:87:22:de:69:64:c5:35:64:7f:09:dc:0f:
                    54:9c:58:7b:22:10:3b:84:65:14:ed:d1:43:64:d1:
                    75:bc:8e:4a:c1:55:eb:1a:14:32:6f:44:c6:78:f4:
                    eb:bd:dc:d2:e0:bc:93:ca:83:2d:cf:0a:dc:93:bb:
                    be:9e:1d:61:1b:8e:ac:45:80:d9:1d:0b:7b:73:7d:
                    65:62:49:ab:67:dd:a8:63:84:9d:f4:85:47:1e:8c:
                    19:d7:ef:3f:84:b9:a4:68:b4:1a:52:a4:48:85:55:
                    e8:63:68:4e:0a:e1:da:4e:7f:76:c5:4a:c8:fd:42:
                    ca:62:7b:a4:e9:44:08:b6:0f:21:5b:f9:6b:ef:9a:
                    ea:a7:15:23:79:38:53:64:45:fd:53:d3:2c:69:58:
                    0c:f1:3d:aa:36:a4:b7:49:e6:96:b3:ad:18:8d:08:
                    c2:7d:fb:f0:6c:5e:ca:3f:9d:be:8b:97:7a:3b:eb:
                    6e:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:4B:13:43:18:BB:71:37:DC:FB:58:96:FA:36:21:DA:37:27:F8:83
            X509v3 Authority Key Identifier:
                keyid:66:FE:EF:09:C4:50:99:0A:F3:47:79:CE:70:1B:E6:CD:54:B3:D9:24

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/dEsTQxi7cTfc-1iW-jYh2jcn-IM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  83.168.68.0/23
                  83.168.105.0-83.168.106.255

    Signature Algorithm: sha256WithRSAEncryption
         4e:45:23:24:d2:be:10:c0:ff:f3:90:56:62:27:58:87:15:4d:
         ee:aa:f1:49:44:e4:f1:99:a8:8b:a3:81:cd:4f:b2:1c:c0:e6:
         67:2b:c8:78:73:c8:b0:5e:ee:ab:57:67:c7:ae:a1:7a:a3:1d:
         67:98:62:06:5b:3e:89:1b:3b:3a:9e:ab:19:cd:82:f4:35:7b:
         17:4c:d0:00:d5:28:aa:38:6b:10:3b:da:ac:92:77:5e:cf:48:
         1b:3a:27:39:76:47:cf:5f:bc:1d:2b:6c:63:b6:42:53:eb:fc:
         2b:56:a4:8b:e9:5b:89:9e:35:8c:b5:b9:01:1b:ca:94:0f:65:
         d5:a5:e5:ee:d6:e8:15:57:6b:ae:ff:bc:c9:ca:52:6f:98:c6:
         fc:a5:69:5c:39:71:c5:da:1e:94:fe:7e:2b:2e:ce:c3:25:4f:
         9b:3c:3d:26:cb:a7:27:99:ad:6f:85:12:21:0e:56:ba:df:6b:
         1c:6d:1e:9b:34:a8:56:89:84:11:d3:62:77:fa:56:ec:2f:ed:
         e6:f6:de:3e:8e:5b:1d:fa:dd:42:dc:e4:72:01:91:5a:cd:ca:
         9f:cc:b6:df:f8:47:46:6f:63:b8:38:b5:3f:27:32:9b:8a:eb:
         ac:47:86:8d:1b:24:c7:2c:a9:41:75:b2:bb:38:c8:0f:ef:b8:
         7f:57:5a:ba
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAY0cMdwfqjfcsNDbkq4BilWNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZmVlZjA5YzQ1MDk5MGFmMzQ3NzljZTcwMWJlNmNkNTRi
M2Q5MjQwHhcNMjQwMTE4MTA1MDQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDRiMTM0MzE4YmI3MTM3ZGNmYjU4OTZmYTM2MjFkYTM3MjdmODgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQmMO1HotRAz10vlk4Ro1+B2M2G5
2QvLpvqMnJoU3bmmH8nnH4Px/nxWotcTuMZMuuNT5og0JDjrR5OTDjCuzA5ajJaL
hFf1E33n8tCHIt5pZMU1ZH8J3A9UnFh7IhA7hGUU7dFDZNF1vI5KwVXrGhQyb0TG
ePTrvdzS4LyTyoMtzwrck7u+nh1hG46sRYDZHQt7c31lYkmrZ92oY4Sd9IVHHowZ
1+8/hLmkaLQaUqRIhVXoY2hOCuHaTn92xUrI/ULKYnuk6UQItg8hW/lr75rqpxUj
eThTZEX9U9MsaVgM8T2qNqS3SeaWs60YjQjCffvwbF7KP52+i5d6O+tuYQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFHRLE0MYu3E33PtYlvo2Ido3J/iDMB8GA1UdIwQY
MBaAFGb+7wnEUJkK80d5znAb5s1Us9kkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnY3dkNjUlFtUXJ6UjNuT2NCdm16VlN6MlNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9hMTU5N2ItNmVmMi00NDMwLWFhNTYt
ODI0NTFmMzNmNGNhLzEvZEVzVFF4aTdjVGZjLTFpVy1qWWgyamNuLUlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9hMTU5N2ItNmVmMi00NDMwLWFhNTYtODI0NTFmMzNmNGNh
LzEvWnY3dkNjUlFtUXJ6UjNuT2NCdm16VlN6MlNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQBU6hEMAwD
BABTqGkDBABTqGowDQYJKoZIhvcNAQELBQADggEBAE5FIyTSvhDA//OQVmInWIcV
Te6q8UlE5PGZqIujgc1PshzA5mcryHhzyLBe7qtXZ8euoXqjHWeYYgZbPokbOzqe
qxnNgvQ1exdM0ADVKKo4axA72qySd17PSBs6Jzl2R89fvB0rbGO2QlPr/CtWpIvp
W4meNYy1uQEbypQPZdWl5e7W6BVXa67/vMnKUm+YxvylaVw5ccXaHpT+fisuzsMl
T5s8PSbLpyeZrW+FEiEOVrrfaxxtHps0qFaJhBHTYnf6Vuwv7eb23j6OWx363ULc
5HIBkVrNyp/Mtt/4R0ZvY7g4tT8nMpuK66xHho0bJMcsqUF1srs4yA/vuH9XWro=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:01 2024 by rpki-client on console-ams.rpki-client.org