Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/bf0162-fcba-4085-b4f1-d699ddc9d09c/1/4ybLWQraHXkKTSzl9qzxKHj3gjQ.roa
File:                     4ybLWQraHXkKTSzl9qzxKHj3gjQ.roa (raw, json)
Hash identifier:          UM7dj5F9HdEGs+DwM3LxZ4MpsY5oiF3x8OKirSKikv4=
Subject key identifier:   E3:26:CB:59:0A:DA:1D:79:0A:4D:2C:E5:F6:AC:F1:28:78:F7:82:34
Certificate issuer:       /CN=830555f011be5e241eb0b425de5fd86cc6834a54
Certificate serial:       018BA3BA95380C7C629A485698DBD2311100
Authority key identifier: 83:05:55:F0:11:BE:5E:24:1E:B0:B4:25:DE:5F:D8:6C:C6:83:4A:54
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gwVV8BG-XiQesLQl3l_YbMaDSlQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/bf0162-fcba-4085-b4f1-d699ddc9d09c/1/4ybLWQraHXkKTSzl9qzxKHj3gjQ.roa
Signing time:             Mon 06 Nov 2023 08:23:15 +0000
ROA not before:           Mon 06 Nov 2023 08:23:15 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     52130
IP address blocks:        188.92.40.0/21 maxlen: 23
                          2a02:7d00::/32 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:30:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:a3:ba:95:38:0c:7c:62:9a:48:56:98:db:d2:31:11:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=830555f011be5e241eb0b425de5fd86cc6834a54
        Validity
            Not Before: Nov  6 08:23:15 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e326cb590ada1d790a4d2ce5f6acf12878f78234
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:09:b7:df:f1:bc:36:26:83:01:59:c2:d4:b4:
                    b1:31:72:a5:5e:34:80:51:20:07:45:18:03:e5:5c:
                    28:06:6f:25:b2:59:92:bd:bf:ef:33:eb:57:db:bb:
                    37:56:27:76:3d:8b:38:c4:e4:e0:16:11:c8:49:42:
                    b7:be:67:83:99:3f:f6:33:c5:f2:7c:98:9e:e1:83:
                    49:7e:df:93:5c:66:46:f6:3c:43:29:81:5a:ce:8a:
                    96:ca:ad:b2:b5:3e:52:a1:73:98:cd:f6:67:25:c8:
                    3b:e9:59:53:ae:a0:6a:71:49:51:fa:6f:a7:09:ff:
                    5e:36:74:8f:68:31:88:a3:58:5b:75:9c:e8:56:8c:
                    9e:02:55:5b:f4:11:36:b6:a3:97:63:9f:0e:f4:de:
                    82:82:1c:49:16:7c:f7:31:4e:54:28:3c:26:52:4f:
                    7e:bb:d4:85:78:0d:af:59:b5:76:42:d9:2f:7f:8c:
                    7c:92:52:29:26:3e:52:5a:e8:c9:0c:0e:93:cc:0a:
                    bc:65:99:e4:41:11:ad:2d:c7:3e:00:5c:a4:76:f0:
                    63:48:6a:65:20:2c:a6:59:fc:bc:8f:67:fe:c3:b2:
                    5a:77:4a:69:49:ef:f6:3b:99:3d:2e:63:ef:90:32:
                    db:f3:fa:68:f8:ef:de:a9:9c:62:64:dc:3f:86:06:
                    2e:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:26:CB:59:0A:DA:1D:79:0A:4D:2C:E5:F6:AC:F1:28:78:F7:82:34
            X509v3 Authority Key Identifier:
                keyid:83:05:55:F0:11:BE:5E:24:1E:B0:B4:25:DE:5F:D8:6C:C6:83:4A:54

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gwVV8BG-XiQesLQl3l_YbMaDSlQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/bf0162-fcba-4085-b4f1-d699ddc9d09c/1/4ybLWQraHXkKTSzl9qzxKHj3gjQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/bf0162-fcba-4085-b4f1-d699ddc9d09c/1/gwVV8BG-XiQesLQl3l_YbMaDSlQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.92.40.0/21
                IPv6:
                  2a02:7d00::/32

    Signature Algorithm: sha256WithRSAEncryption
         2e:80:73:ff:c8:56:1a:8a:87:42:1b:e5:c0:c7:4d:42:02:74:
         62:d7:d0:82:d6:d6:d7:b6:d0:81:95:0b:bc:85:3a:e7:d2:c6:
         e5:3f:ce:2c:94:b0:d1:82:dc:b0:1d:f0:3b:0c:31:51:d3:8f:
         e2:09:89:dd:69:c7:37:48:68:93:e0:6c:9b:ac:dc:a0:f1:27:
         70:4d:08:e7:72:c1:86:02:d6:bf:a1:e7:e5:31:5b:e2:22:ae:
         80:c4:0e:dd:14:9d:11:92:cd:97:b0:92:cf:26:a3:f6:5b:5a:
         30:27:05:ad:99:52:d3:6e:2f:20:91:21:d5:fe:65:38:14:70:
         4a:c9:cc:c3:54:f9:76:bf:00:fc:4e:4d:e1:59:43:d8:c2:54:
         c2:ef:ed:9c:9c:9f:c8:f6:05:55:29:79:6c:85:41:3a:27:9d:
         2b:e9:13:0c:06:3c:23:cc:81:db:36:15:27:6d:be:66:29:45:
         04:3b:1f:6d:77:6a:0e:fd:5f:a9:2e:03:21:83:6c:e0:51:ae:
         53:40:96:e8:72:99:40:e1:fb:cf:ae:34:ef:a2:50:59:41:78:
         1e:cb:9c:94:53:d2:d0:1d:96:24:f8:75:52:05:0e:25:ef:c6:
         53:e4:c5:b9:23:b6:5e:9e:2d:85:f6:91:de:c9:82:b7:f2:f7:
         d4:01:85:38
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYujupU4DHximkhWmNvSMREAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzMDU1NWYwMTFiZTVlMjQxZWIwYjQyNWRlNWZkODZjYzY4
MzRhNTQwHhcNMjMxMTA2MDgyMzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzI2Y2I1OTBhZGExZDc5MGE0ZDJjZTVmNmFjZjEyODc4Zjc4MjM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiAm33/G8NiaDAVnC1LSxMXKlXjSA
USAHRRgD5VwoBm8lslmSvb/vM+tX27s3Vid2PYs4xOTgFhHISUK3vmeDmT/2M8Xy
fJie4YNJft+TXGZG9jxDKYFazoqWyq2ytT5SoXOYzfZnJcg76VlTrqBqcUlR+m+n
Cf9eNnSPaDGIo1hbdZzoVoyeAlVb9BE2tqOXY58O9N6CghxJFnz3MU5UKDwmUk9+
u9SFeA2vWbV2Qtkvf4x8klIpJj5SWujJDA6TzAq8ZZnkQRGtLcc+AFykdvBjSGpl
ICymWfy8j2f+w7Jad0ppSe/2O5k9LmPvkDLb8/po+O/eqZxiZNw/hgYuvQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOMmy1kK2h15Ck0s5fas8Sh494I0MB8GA1UdIwQY
MBaAFIMFVfARvl4kHrC0Jd5f2GzGg0pUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3dWVjhCRy1YaVFlc0xRbDNsX1liTWFEU2xRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9iZjAxNjItZmNiYS00MDg1LWI0ZjEt
ZDY5OWRkYzlkMDljLzEvNHliTFdRcmFIWGtLVFN6bDlxenhLSGozZ2pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9iZjAxNjItZmNiYS00MDg1LWI0ZjEtZDY5OWRkYzlkMDlj
LzEvZ3dWVjhCRy1YaVFlc0xRbDNsX1liTWFEU2xRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDvFwoMA0E
AgACMAcDBQAqAn0AMA0GCSqGSIb3DQEBCwUAA4IBAQAugHP/yFYaiodCG+XAx01C
AnRi19CC1tbXttCBlQu8hTrn0sblP84slLDRgtywHfA7DDFR04/iCYndacc3SGiT
4GybrNyg8SdwTQjncsGGAta/oeflMVviIq6AxA7dFJ0Rks2XsJLPJqP2W1owJwWt
mVLTbi8gkSHV/mU4FHBKyczDVPl2vwD8Tk3hWUPYwlTC7+2cnJ/I9gVVKXlshUE6
J50r6RMMBjwjzIHbNhUnbb5mKUUEOx9td2oO/V+pLgMhg2zgUa5TQJbocplA4fvP
rjTvolBZQXgey5yUU9LQHZYk+HVSBQ4l78ZT5MW5I7Zeni2F9pHeyYK38vfUAYU4
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:21 2024 by rpki-client on console-ams.rpki-client.org