Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/dvnkt_mrS66D-eZb-djKdb49tv8.roa
File:                     dvnkt_mrS66D-eZb-djKdb49tv8.roa (raw, json)
Hash identifier:          sibP7irx9YvmRZLpGJCDNwU6EAcIVvU5g/cirxdzlNo=
Subject key identifier:   76:F9:E4:B7:F9:AB:4B:AE:83:F9:E6:5B:F9:D8:CA:75:BE:3D:B6:FF
Certificate issuer:       /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial:       018CC9BA948F6037A8B29F06F8BEEA11BC69
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/dvnkt_mrS66D-eZb-djKdb49tv8.roa
Signing time:             Tue 02 Jan 2024 10:31:37 +0000
ROA not before:           Tue 02 Jan 2024 10:31:37 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     6079
IP address blocks:        83.147.232.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Thu 01 Feb 2024 04:01:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c9:ba:94:8f:60:37:a8:b2:9f:06:f8:be:ea:11:bc:69
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
        Validity
            Not Before: Jan  2 10:31:37 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=76f9e4b7f9ab4bae83f9e65bf9d8ca75be3db6ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:c9:71:26:b4:2b:87:c4:29:f6:c3:73:de:20:
                    52:dd:94:46:b2:0f:9f:73:e0:3e:98:f6:31:d8:2a:
                    d8:64:07:e2:1a:a3:90:5a:0c:67:27:95:f1:6d:b6:
                    f3:f8:5e:95:f5:8f:d1:de:d2:7d:0d:13:6e:92:2a:
                    8d:c7:bd:9d:ee:3d:38:09:0e:27:41:20:47:52:ed:
                    78:a2:51:6d:5d:a3:22:17:42:db:4d:97:29:82:78:
                    c6:9a:6c:34:2b:8b:f5:97:4c:52:cb:92:40:e1:4d:
                    34:c7:55:8e:a8:33:3d:a7:d3:e0:73:e2:98:76:a5:
                    9c:88:17:8b:0e:69:47:a2:6e:ec:57:99:39:32:3a:
                    d1:fe:9e:e0:1f:8e:6d:42:91:b9:1a:5f:78:4e:23:
                    c3:3d:87:25:4f:2b:fb:3e:f4:cf:80:b6:3d:cf:e9:
                    61:c1:54:fe:20:31:dd:29:aa:e3:a1:9e:94:b0:ce:
                    e7:8f:a9:19:6a:8b:73:0d:ec:a9:aa:5a:28:af:e3:
                    60:2c:db:33:b3:36:e2:82:da:34:f6:c8:2c:2b:66:
                    c4:9f:ed:1d:13:03:ea:eb:50:94:ae:c9:cc:1e:05:
                    60:50:2e:db:5a:43:6a:ac:75:9e:b3:32:a4:39:99:
                    20:6b:97:32:25:43:a6:19:5d:f7:18:7a:0b:f5:bd:
                    21:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:F9:E4:B7:F9:AB:4B:AE:83:F9:E6:5B:F9:D8:CA:75:BE:3D:B6:FF
            X509v3 Authority Key Identifier:
                keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/dvnkt_mrS66D-eZb-djKdb49tv8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  83.147.232.0/22

    Signature Algorithm: sha256WithRSAEncryption
         9a:97:9d:b5:f9:ee:40:d1:8f:e0:9c:03:0b:62:bb:3b:0e:1a:
         d4:34:9c:6b:2f:6b:3d:11:7d:48:77:d7:b4:0d:d1:d8:8b:54:
         52:60:4f:89:82:26:ba:c0:31:df:99:84:33:e5:e3:ed:ee:f1:
         41:a7:a8:30:2d:a3:e2:e2:7e:85:2c:15:30:74:2c:9e:47:46:
         7e:38:c6:d8:2d:e2:80:e4:5a:26:30:ee:59:42:43:7f:1d:c2:
         f1:d5:6d:12:14:3b:5b:bf:a3:18:83:4c:5e:2e:b0:38:77:71:
         9d:37:7e:0c:c9:ab:5f:34:a2:d6:a9:a9:32:bd:c4:71:24:f4:
         f6:df:53:77:ad:c1:ad:8e:cf:c5:34:56:6f:55:d2:1e:08:5c:
         f2:e0:b9:cc:78:57:cd:b6:27:a9:ad:4a:64:64:04:b8:90:16:
         cd:a3:e7:54:cf:c3:0e:51:16:1b:3a:0e:09:ed:34:d1:cd:0c:
         2a:db:32:f2:1f:a7:82:fb:9b:eb:64:90:b0:da:5b:d6:3b:ef:
         84:2a:66:99:8d:96:c8:41:e0:52:90:da:d2:c0:05:04:6a:0a:
         41:e6:23:ab:cc:08:fa:f2:78:3d:4a:86:72:e7:56:2b:71:7a:
         f0:d0:20:f2:aa:3e:0d:c6:ad:dc:04:60:32:05:cf:4d:c7:74:
         6f:d8:0a:c2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJupSPYDeosp8G+L7qEbxpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjQwMTAyMTAzMTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmY5ZTRiN2Y5YWI0YmFlODNmOWU2NWJmOWQ4Y2E3NWJlM2RiNmZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiMlxJrQrh8Qp9sNz3iBS3ZRGsg+f
c+A+mPYx2CrYZAfiGqOQWgxnJ5Xxbbbz+F6V9Y/R3tJ9DRNukiqNx72d7j04CQ4n
QSBHUu14olFtXaMiF0LbTZcpgnjGmmw0K4v1l0xSy5JA4U00x1WOqDM9p9Pgc+KY
dqWciBeLDmlHom7sV5k5MjrR/p7gH45tQpG5Gl94TiPDPYclTyv7PvTPgLY9z+lh
wVT+IDHdKarjoZ6UsM7nj6kZaotzDeypqloor+NgLNszszbigto09sgsK2bEn+0d
EwPq61CUrsnMHgVgUC7bWkNqrHWeszKkOZkga5cyJUOmGV33GHoL9b0h1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHb55Lf5q0uug/nmW/nYynW+Pbb/MB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvZHZua3RfbXJTNjZELWVaYi1kaktkYjQ5dHY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCU5PoMA0G
CSqGSIb3DQEBCwUAA4IBAQCal521+e5A0Y/gnAMLYrs7DhrUNJxrL2s9EX1Id9e0
DdHYi1RSYE+Jgia6wDHfmYQz5ePt7vFBp6gwLaPi4n6FLBUwdCyeR0Z+OMbYLeKA
5FomMO5ZQkN/HcLx1W0SFDtbv6MYg0xeLrA4d3GdN34MyatfNKLWqakyvcRxJPT2
31N3rcGtjs/FNFZvVdIeCFzy4LnMeFfNtieprUpkZAS4kBbNo+dUz8MOURYbOg4J
7TTRzQwq2zLyH6eC+5vrZJCw2lvWO++EKmaZjZbIQeBSkNrSwAUEagpB5iOrzAj6
8ng9SoZy51YrcXrw0CDyqj4Nxq3cBGAyBc9Nx3Rv2ArC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:09 2024 by rpki-client on console-fra.rpki-client.org