Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/MwKmGXgB-VN8yIa1rOQK4bYCj1E.roa
File:                     MwKmGXgB-VN8yIa1rOQK4bYCj1E.roa (raw, json)
Hash identifier:          rPp4Xf6HSxukVL6w1AeV9CbHChz3kaK1ssMIi7sbkIU=
Subject key identifier:   33:02:A6:19:78:01:F9:53:7C:C8:86:B5:AC:E4:0A:E1:B6:02:8F:51
Certificate issuer:       /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial:       0185708CE5DBC948B4A43348178D8B9D63E5
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/MwKmGXgB-VN8yIa1rOQK4bYCj1E.roa
Signing time:             Mon 02 Jan 2023 03:36:00 +0000
ROA not before:           Mon 02 Jan 2023 03:36:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     63023
IP address blocks:        83.147.216.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 31 Oct 2023 08:23:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:8c:e5:db:c9:48:b4:a4:33:48:17:8d:8b:9d:63:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
        Validity
            Not Before: Jan  2 03:36:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3302a6197801f9537cc886b5ace40ae1b6028f51
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:35:d7:98:c4:53:37:f4:46:97:af:cc:ea:5a:
                    d1:d0:2a:3a:ba:cc:dc:10:94:64:bd:c7:ce:66:b1:
                    c9:b6:7f:a5:ce:86:f5:35:ef:58:03:02:0e:9d:d7:
                    72:96:62:59:dd:8a:4c:96:e4:81:3e:8d:e9:db:2a:
                    dc:fb:9e:b1:88:c1:e4:8a:24:5a:3e:32:b3:8b:eb:
                    c4:e2:3a:20:c7:b0:83:50:a5:de:ab:50:57:b1:f0:
                    36:9a:82:cf:a1:29:8a:cc:f9:59:63:13:bc:3e:15:
                    3b:ea:38:1f:d5:f2:52:6c:b3:9f:17:43:72:be:73:
                    fe:f7:c1:09:25:00:60:a1:cc:65:39:70:d0:a0:34:
                    12:db:bb:7f:d2:ea:46:4f:68:d5:21:6f:4e:ec:f4:
                    85:0f:94:54:f1:d4:06:00:25:b8:9e:42:27:80:b6:
                    6e:22:67:5b:fc:a1:95:7f:d2:c6:85:a5:ae:73:c6:
                    17:5a:e7:8a:13:a1:13:dd:cb:9c:33:30:ab:c0:6d:
                    66:da:67:79:97:a2:96:db:4a:8b:6a:7b:5b:fa:fd:
                    f7:5f:ad:6c:6f:58:2e:0c:9b:92:59:73:c8:81:5c:
                    b8:09:f5:e9:86:b9:a8:7e:5c:47:e6:e6:94:5b:45:
                    7c:e5:3f:07:ad:5e:e2:c4:7d:31:81:29:16:8c:30:
                    82:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:02:A6:19:78:01:F9:53:7C:C8:86:B5:AC:E4:0A:E1:B6:02:8F:51
            X509v3 Authority Key Identifier:
                keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/MwKmGXgB-VN8yIa1rOQK4bYCj1E.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  83.147.216.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4b:44:77:4f:84:ae:50:7b:61:67:a1:27:17:4f:66:11:59:4e:
         89:f6:cb:b8:33:fe:59:f2:b1:8c:00:f2:7a:03:da:f2:e5:6a:
         bd:ba:40:83:dc:5f:48:80:1c:88:99:c5:ae:ce:dc:71:1a:a4:
         76:d5:be:46:f3:44:9f:38:f1:59:91:8b:2a:c1:53:19:9a:68:
         cc:b8:9f:34:67:83:7e:c1:42:3e:e8:ae:de:c5:4b:7f:24:67:
         96:9a:de:fa:c1:a6:59:c3:c7:c3:e1:ec:f3:5a:8c:82:aa:1f:
         02:d8:4d:94:96:1a:b9:f1:fa:24:fc:2a:19:1d:fa:e0:79:38:
         3d:83:b7:3d:49:ac:ed:57:1d:af:75:a7:4e:1e:b2:92:14:29:
         3e:8d:ee:e2:d8:bb:37:30:1b:75:b8:55:cf:a5:36:6a:94:df:
         32:07:22:01:9d:dd:75:eb:32:28:15:9a:d2:52:48:59:04:71:
         e3:cf:91:3e:fa:22:f7:a3:ee:b5:d7:cb:92:2c:f1:ba:8d:d3:
         1a:8f:cc:18:23:34:b2:f7:fd:a2:e3:00:1f:ed:d6:b7:a9:a9:
         c4:60:79:38:86:bf:6c:75:b8:bc:0c:9c:96:87:82:e9:11:6d:
         44:93:af:26:a1:76:ee:4d:ef:5f:c1:81:0c:c5:12:c0:83:77:
         b3:0f:06:f1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwjOXbyUi0pDNIF42LnWPlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjMwMTAyMDMzNjAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzAyYTYxOTc4MDFmOTUzN2NjODg2YjVhY2U0MGFlMWI2MDI4ZjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAszXXmMRTN/RGl6/M6lrR0Co6uszc
EJRkvcfOZrHJtn+lzob1Ne9YAwIOnddylmJZ3YpMluSBPo3p2yrc+56xiMHkiiRa
PjKzi+vE4jogx7CDUKXeq1BXsfA2moLPoSmKzPlZYxO8PhU76jgf1fJSbLOfF0Ny
vnP+98EJJQBgocxlOXDQoDQS27t/0upGT2jVIW9O7PSFD5RU8dQGACW4nkIngLZu
Imdb/KGVf9LGhaWuc8YXWueKE6ET3cucMzCrwG1m2md5l6KW20qLantb+v33X61s
b1guDJuSWXPIgVy4CfXphrmoflxH5uaUW0V85T8HrV7ixH0xgSkWjDCCrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDMCphl4AflTfMiGtazkCuG2Ao9RMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvTXdLbUdYZ0ItVk44eUlhMXJPUUs0YllDajFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAU5PYMA0G
CSqGSIb3DQEBCwUAA4IBAQBLRHdPhK5Qe2FnoScXT2YRWU6J9su4M/5Z8rGMAPJ6
A9ry5Wq9ukCD3F9IgByImcWuztxxGqR21b5G80SfOPFZkYsqwVMZmmjMuJ80Z4N+
wUI+6K7exUt/JGeWmt76waZZw8fD4ezzWoyCqh8C2E2Ulhq58fok/CoZHfrgeTg9
g7c9SaztVx2vdadOHrKSFCk+je7i2Ls3MBt1uFXPpTZqlN8yByIBnd116zIoFZrS
UkhZBHHjz5E++iL3o+6118uSLPG6jdMaj8wYIzSy9/2i4wAf7da3qanEYHk4hr9s
dbi8DJyWh4LpEW1Ek68moXbuTe9fwYEMxRLAg3ezDwbx
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:19 2024 by rpki-client on console-ams.rpki-client.org