Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/doVij8fKZOSUqFb-5QYk-Bvk8B8.roa
File:                     doVij8fKZOSUqFb-5QYk-Bvk8B8.roa (raw, json)
Hash identifier:          Q/w4GTao3D2hnmCrRHuS8e5fVsCclAGek4WgAisNNes=
Subject key identifier:   76:85:62:8F:C7:CA:64:E4:94:A8:56:FE:E5:06:24:F8:1B:E4:F0:1F
Certificate issuer:       /CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
Certificate serial:       01856F5DCA25B3FAF0F4857500258FB91267
Authority key identifier: 87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/doVij8fKZOSUqFb-5QYk-Bvk8B8.roa
Signing time:             Sun 01 Jan 2023 22:04:55 +0000
ROA not before:           Sun 01 Jan 2023 22:04:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     39885
IP address blocks:        212.183.23.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 16:29:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:5d:ca:25:b3:fa:f0:f4:85:75:00:25:8f:b9:12:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
        Validity
            Not Before: Jan  1 22:04:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7685628fc7ca64e494a856fee50624f81be4f01f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:b0:47:f1:21:cc:9c:66:e3:cb:57:f9:d2:65:
                    03:08:fe:c8:20:2a:c7:55:59:98:55:ae:cf:63:98:
                    42:1b:bd:ed:93:7d:97:2d:fd:45:80:64:12:09:b5:
                    1c:f3:30:76:31:12:9d:c5:ff:0c:40:63:ae:d0:38:
                    f3:b2:6b:cc:0c:ab:84:42:7b:64:74:57:c0:56:ff:
                    69:f0:0c:99:94:9e:d2:17:72:c9:32:b0:69:6e:67:
                    ea:1f:96:5b:f3:ee:8f:dd:5f:d9:f0:45:f1:0c:f1:
                    e9:62:2a:48:c2:cb:9e:d1:f5:d3:0f:ee:21:53:22:
                    38:00:57:9c:13:50:d5:37:32:52:67:b1:cc:1c:11:
                    9b:7f:bc:4c:2a:ac:70:ba:7d:32:3d:db:70:b4:fa:
                    29:bb:0f:b1:0c:5a:32:b9:4f:99:ab:22:27:82:15:
                    4c:52:4a:10:a6:33:95:9e:16:2c:0a:56:06:4e:cb:
                    0a:8c:88:0e:42:73:35:99:a0:e9:b7:74:04:10:11:
                    7d:9b:92:da:16:9b:b4:af:99:a3:66:c1:02:59:39:
                    f2:b4:9c:0c:a5:df:3a:cd:23:de:f2:ba:33:c1:99:
                    e4:ad:6b:d2:aa:39:38:81:10:93:45:92:8c:0f:f0:
                    80:f6:0c:03:b9:06:8b:88:86:99:80:84:3f:1f:cc:
                    0c:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:85:62:8F:C7:CA:64:E4:94:A8:56:FE:E5:06:24:F8:1B:E4:F0:1F
            X509v3 Authority Key Identifier:
                keyid:87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/doVij8fKZOSUqFb-5QYk-Bvk8B8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/hwxYmk8iqcov-ZtMSPi99JKHFyU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.183.23.0/24

    Signature Algorithm: sha256WithRSAEncryption
         62:b9:82:f6:f2:9c:df:42:4d:fe:10:79:e5:d6:88:3a:b6:62:
         da:ee:1d:3a:ba:ea:85:21:9e:97:fb:c8:c7:cc:9e:32:78:71:
         a0:56:50:02:cc:e8:da:ec:9e:41:6b:6e:31:03:ff:e5:6f:5a:
         55:bc:1c:77:57:72:7b:2a:69:e5:c5:c9:a1:99:23:05:6e:ed:
         36:4a:18:14:f6:11:4e:8c:8c:e4:ea:ff:f5:b8:83:9c:86:97:
         94:a2:c7:5d:18:45:6c:e7:95:b5:b2:7b:fb:0a:ec:17:f6:f2:
         29:b6:b4:9b:ef:d5:f9:95:04:52:44:70:40:c3:d3:1c:58:4c:
         f0:55:1f:ba:89:1f:cd:92:81:17:c9:e4:ab:46:fa:7c:24:93:
         4c:10:f1:1f:fc:9b:16:fd:6f:75:db:7d:12:ee:4d:be:aa:94:
         a4:3d:c3:70:10:36:65:36:5d:ab:f6:3b:05:70:40:ef:cf:62:
         94:4c:2b:8e:80:46:78:cc:ac:06:95:28:c2:42:c8:44:6d:e2:
         71:8e:89:d3:41:56:bf:bd:08:44:e6:f9:f2:ac:d8:23:f8:9c:
         6a:67:fb:93:9f:82:04:e5:bf:ec:e0:4c:2e:a2:00:c2:1e:0c:
         e3:02:48:44:64:e9:9d:29:1c:f5:44:3f:83:59:c0:22:5a:4d:
         59:e0:f5:02
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvXcols/rw9IV1ACWPuRJnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MGM1ODlhNGYyMmE5Y2EyZmY5OWI0YzQ4ZjhiZGY0OTI4
NzE3MjUwHhcNMjMwMTAxMjIwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Njg1NjI4ZmM3Y2E2NGU0OTRhODU2ZmVlNTA2MjRmODFiZTRmMDFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh7BH8SHMnGbjy1f50mUDCP7IICrH
VVmYVa7PY5hCG73tk32XLf1FgGQSCbUc8zB2MRKdxf8MQGOu0DjzsmvMDKuEQntk
dFfAVv9p8AyZlJ7SF3LJMrBpbmfqH5Zb8+6P3V/Z8EXxDPHpYipIwsue0fXTD+4h
UyI4AFecE1DVNzJSZ7HMHBGbf7xMKqxwun0yPdtwtPopuw+xDFoyuU+ZqyInghVM
UkoQpjOVnhYsClYGTssKjIgOQnM1maDpt3QEEBF9m5LaFpu0r5mjZsECWTnytJwM
pd86zSPe8rozwZnkrWvSqjk4gRCTRZKMD/CA9gwDuQaLiIaZgIQ/H8wMTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHaFYo/HymTklKhW/uUGJPgb5PAfMB8GA1UdIwQY
MBaAFIcMWJpPIqnKL/mbTEj4vfSShxclMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWIt
ODQ5ZDNhNmI5YzJkLzEvZG9WaWo4ZktaT1NVcUZiLTVRWWstQnZrOEI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWItODQ5ZDNhNmI5YzJk
LzEvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1LcXMA0G
CSqGSIb3DQEBCwUAA4IBAQBiuYL28pzfQk3+EHnl1og6tmLa7h06uuqFIZ6X+8jH
zJ4yeHGgVlACzOja7J5Ba24xA//lb1pVvBx3V3J7KmnlxcmhmSMFbu02ShgU9hFO
jIzk6v/1uIOchpeUosddGEVs55W1snv7CuwX9vIptrSb79X5lQRSRHBAw9McWEzw
VR+6iR/NkoEXyeSrRvp8JJNMEPEf/JsW/W91230S7k2+qpSkPcNwEDZlNl2r9jsF
cEDvz2KUTCuOgEZ4zKwGlSjCQshEbeJxjonTQVa/vQhE5vnyrNgj+JxqZ/uTn4IE
5b/s4EwuogDCHgzjAkhEZOmdKRz1RD+DWcAiWk1Z4PUC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:38 2024 by rpki-client on console-fra.rpki-client.org