Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/ogpvBQbvee7eD0T6XHeUpodGOGM.roa
File:                     ogpvBQbvee7eD0T6XHeUpodGOGM.roa (raw, json)
Hash identifier:          pRymsGmJsFw3LuQD5Zi92vpfiOQbCe8w4GzYxyRir6c=
Subject key identifier:   A2:0A:6F:05:06:EF:79:EE:DE:0F:44:FA:5C:77:94:A6:87:46:38:63
Certificate issuer:       /CN=66feef09c450990af34779ce701be6cd54b3d924
Certificate serial:       018A180AF29F6D230AEDD7C7132577C655AC
Authority key identifier: 66:FE:EF:09:C4:50:99:0A:F3:47:79:CE:70:1B:E6:CD:54:B3:D9:24
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/ogpvBQbvee7eD0T6XHeUpodGOGM.roa
Signing time:             Mon 21 Aug 2023 12:21:25 +0000
ROA not before:           Mon 21 Aug 2023 12:21:25 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200088
IP address blocks:        83.168.112.0/24 maxlen: 24
                          83.168.113.0/24 maxlen: 24
                          83.168.123.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:18:0a:f2:9f:6d:23:0a:ed:d7:c7:13:25:77:c6:55:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=66feef09c450990af34779ce701be6cd54b3d924
        Validity
            Not Before: Aug 21 12:21:25 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a20a6f0506ef79eede0f44fa5c7794a687463863
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:5d:3f:6f:13:88:7d:7b:ba:b5:bf:68:58:fe:
                    ae:be:4e:9a:8e:7e:43:c8:89:fe:7b:31:3b:73:c1:
                    90:48:09:c4:c2:b3:0e:4e:b4:09:6d:cb:13:56:2e:
                    46:8c:08:bb:be:3d:95:3e:17:5c:76:b8:5b:56:b6:
                    cf:91:b6:a1:e9:1d:5d:da:4f:53:69:19:de:28:6c:
                    e1:a4:f6:65:29:4b:41:58:12:e5:e5:57:7b:c2:55:
                    eb:fa:be:d6:e8:9b:61:3e:09:73:30:f5:e8:a7:ea:
                    3d:f5:60:25:60:5f:e5:52:bd:9b:32:c5:54:30:c8:
                    32:8e:71:57:22:fc:f7:f9:aa:f7:a6:bf:39:79:a0:
                    46:fe:ec:c9:65:e7:bd:2d:75:d1:5b:bd:d9:24:66:
                    33:9c:a2:62:9a:01:5d:ef:04:af:c1:df:22:68:1e:
                    ba:6f:7a:f9:79:90:b1:b6:9d:fc:17:b4:a6:b5:84:
                    f4:1a:ad:dd:43:07:15:35:11:a8:02:ab:66:03:fe:
                    4f:b2:7c:b6:0f:e2:a7:07:51:76:88:47:f8:f9:34:
                    35:39:6a:7b:87:7b:b8:0f:8a:29:dc:d1:17:36:80:
                    66:03:bc:a0:bc:57:c6:9d:b3:65:71:3f:78:28:9a:
                    92:d9:0d:11:2f:47:20:c2:51:8d:56:9b:54:d8:f1:
                    76:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:0A:6F:05:06:EF:79:EE:DE:0F:44:FA:5C:77:94:A6:87:46:38:63
            X509v3 Authority Key Identifier:
                keyid:66:FE:EF:09:C4:50:99:0A:F3:47:79:CE:70:1B:E6:CD:54:B3:D9:24

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/ogpvBQbvee7eD0T6XHeUpodGOGM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  83.168.112.0/23
                  83.168.123.0/24

    Signature Algorithm: sha256WithRSAEncryption
         48:6e:9e:ce:32:03:54:fa:57:a7:aa:3e:a3:cd:f3:a5:fe:64:
         c2:10:d6:77:04:d4:ff:da:b6:86:1a:d4:8f:34:db:fc:fd:27:
         7c:16:06:1d:e1:76:4a:e0:0b:d9:9e:fb:2f:68:5b:17:66:2f:
         31:3b:2c:6b:b1:c1:76:cc:c9:0a:81:f8:a9:e8:66:40:ee:a3:
         8c:2a:56:09:0e:df:35:25:cd:33:14:58:fc:a5:d8:65:97:89:
         40:32:26:b4:31:b5:26:35:1d:cb:e8:ad:0e:32:74:ab:60:51:
         cb:0b:d4:08:25:98:18:9d:4a:4d:bf:00:13:ff:ec:df:38:11:
         36:6f:12:7a:85:11:be:8b:68:26:ba:1b:99:fb:c6:04:9e:84:
         85:53:0b:47:e2:1f:17:2c:e1:7a:72:ec:d4:94:41:de:5b:7f:
         91:61:80:e8:8b:ae:30:f2:a2:02:4b:74:cf:ea:5f:74:0e:d3:
         d3:33:19:42:d2:b8:26:07:e1:e4:12:99:7c:6a:28:eb:8f:5c:
         0b:59:45:ad:9f:15:64:44:81:75:b9:ad:d0:19:08:19:30:bd:
         c5:f5:09:fd:9a:85:48:73:cf:31:ad:03:0a:f3:7b:89:59:11:
         bb:ee:ba:cc:24:f8:9e:f8:06:9a:5f:89:b3:d8:29:bd:c5:2a:
         cd:e3:60:3f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYoYCvKfbSMK7dfHEyV3xlWsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZmVlZjA5YzQ1MDk5MGFmMzQ3NzljZTcwMWJlNmNkNTRi
M2Q5MjQwHhcNMjMwODIxMTIyMTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjBhNmYwNTA2ZWY3OWVlZGUwZjQ0ZmE1Yzc3OTRhNjg3NDYzODYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo10/bxOIfXu6tb9oWP6uvk6ajn5D
yIn+ezE7c8GQSAnEwrMOTrQJbcsTVi5GjAi7vj2VPhdcdrhbVrbPkbah6R1d2k9T
aRneKGzhpPZlKUtBWBLl5Vd7wlXr+r7W6JthPglzMPXop+o99WAlYF/lUr2bMsVU
MMgyjnFXIvz3+ar3pr85eaBG/uzJZee9LXXRW73ZJGYznKJimgFd7wSvwd8iaB66
b3r5eZCxtp38F7SmtYT0Gq3dQwcVNRGoAqtmA/5Psny2D+KnB1F2iEf4+TQ1OWp7
h3u4D4op3NEXNoBmA7ygvFfGnbNlcT94KJqS2Q0RL0cgwlGNVptU2PF2zwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKIKbwUG73nu3g9E+lx3lKaHRjhjMB8GA1UdIwQY
MBaAFGb+7wnEUJkK80d5znAb5s1Us9kkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnY3dkNjUlFtUXJ6UjNuT2NCdm16VlN6MlNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9hMTU5N2ItNmVmMi00NDMwLWFhNTYt
ODI0NTFmMzNmNGNhLzEvb2dwdkJRYnZlZTdlRDBUNlhIZVVwb2RHT0dNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9hMTU5N2ItNmVmMi00NDMwLWFhNTYtODI0NTFmMzNmNGNh
LzEvWnY3dkNjUlFtUXJ6UjNuT2NCdm16VlN6MlNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBU6hwAwQA
U6h7MA0GCSqGSIb3DQEBCwUAA4IBAQBIbp7OMgNU+lenqj6jzfOl/mTCENZ3BNT/
2raGGtSPNNv8/Sd8FgYd4XZK4AvZnvsvaFsXZi8xOyxrscF2zMkKgfip6GZA7qOM
KlYJDt81Jc0zFFj8pdhll4lAMia0MbUmNR3L6K0OMnSrYFHLC9QIJZgYnUpNvwAT
/+zfOBE2bxJ6hRG+i2gmuhuZ+8YEnoSFUwtH4h8XLOF6cuzUlEHeW3+RYYDoi64w
8qICS3TP6l90DtPTMxlC0rgmB+HkEpl8aijrj1wLWUWtnxVkRIF1ua3QGQgZML3F
9Qn9moVIc88xrQMK83uJWRG77rrMJPie+AaaX4mz2Cm9xSrN42A/
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:01 2024 by rpki-client on console-ams.rpki-client.org