Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/fIfDHPKwbStd6Rhg5zeqis9q0SA.roa
File:                     fIfDHPKwbStd6Rhg5zeqis9q0SA.roa (raw, json)
Hash identifier:          vMTgMPmpiXM5wXRBw9vc/Rz277OqJ2RRzrL6RWh+z9E=
Subject key identifier:   7C:87:C3:1C:F2:B0:6D:2B:5D:E9:18:60:E7:37:AA:8A:CF:6A:D1:20
Certificate issuer:       /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial:       018BD4D56863D721DA5E4648C23BEE0C2E1D
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/fIfDHPKwbStd6Rhg5zeqis9q0SA.roa
Signing time:             Wed 15 Nov 2023 21:13:57 +0000
ROA not before:           Wed 15 Nov 2023 21:13:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     24768
IP address blocks:        83.147.222.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:31:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:d4:d5:68:63:d7:21:da:5e:46:48:c2:3b:ee:0c:2e:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
        Validity
            Not Before: Nov 15 21:13:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7c87c31cf2b06d2b5de91860e737aa8acf6ad120
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:d5:19:1c:19:ff:30:b4:6e:7c:b9:3c:a2:0a:
                    31:30:e0:c4:b0:68:32:1b:c5:36:de:0d:d8:23:31:
                    5e:98:19:95:f1:1a:75:2a:21:9e:fa:44:32:d4:96:
                    fb:67:b3:6f:ff:74:e9:df:fe:04:0c:17:ad:32:35:
                    c0:17:7d:39:05:34:c9:45:bd:04:c1:a1:f6:1e:4c:
                    fe:89:60:b3:42:2f:54:7b:48:e6:a8:d0:a0:55:83:
                    23:33:b3:8c:81:e6:fd:49:45:c1:42:c8:b1:0e:45:
                    b0:0a:27:f6:b4:6c:11:c5:c7:d5:02:e5:49:ff:dc:
                    5f:26:55:df:1e:3f:1e:8d:36:09:29:06:cd:a1:c0:
                    df:59:e1:05:7b:cb:ad:96:09:63:ac:45:a7:d8:65:
                    67:ae:ea:48:6a:88:4d:d8:d7:d7:0c:d9:e0:c7:da:
                    a1:bf:b6:f2:ec:db:69:cf:17:25:8a:63:2f:76:2b:
                    26:16:ad:dc:06:fc:0d:10:60:7e:08:9a:6d:df:9e:
                    9b:8b:29:2b:bd:5b:2e:aa:75:3e:8c:d1:cd:b4:ba:
                    0c:a4:f2:b9:42:74:03:f2:bf:9f:6d:3a:99:88:e5:
                    90:29:11:df:c5:13:22:97:7b:40:a3:ab:84:16:63:
                    5f:90:a9:95:a8:de:49:57:b6:87:05:64:f7:f6:71:
                    6f:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:87:C3:1C:F2:B0:6D:2B:5D:E9:18:60:E7:37:AA:8A:CF:6A:D1:20
            X509v3 Authority Key Identifier:
                keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/fIfDHPKwbStd6Rhg5zeqis9q0SA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  83.147.222.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9c:fb:be:77:01:14:db:a9:67:f8:1e:3b:85:83:b5:de:04:24:
         48:70:71:e9:16:89:0c:57:e6:fa:3b:c1:7a:3d:f7:e5:28:60:
         87:4d:30:cf:cc:ef:7e:11:58:a2:49:e3:f1:6d:1b:a5:8c:66:
         f5:81:70:73:3a:8b:aa:a2:dd:80:46:6b:4e:77:50:55:51:86:
         64:39:91:6e:96:7e:a4:da:aa:6e:0d:57:ee:c9:66:b1:a3:53:
         57:0b:bf:01:4c:84:23:ad:7b:b6:dd:23:8b:e5:57:5d:c8:1f:
         b5:79:7c:81:d3:48:56:43:c8:8e:e8:5c:09:52:27:a5:c8:9e:
         a7:43:d2:a2:7d:76:06:a8:99:28:51:46:f2:35:d6:29:63:7b:
         9e:58:ca:3f:ff:2b:29:55:d8:34:39:ef:75:3d:0e:33:34:c2:
         07:ff:e1:15:b4:c2:71:05:77:f9:20:27:29:9e:2b:3c:f6:37:
         a3:00:67:00:a6:9e:ce:28:de:2c:b9:26:99:fb:b5:d6:50:93:
         69:f4:89:9e:26:82:2e:28:8f:f6:df:6c:6c:cb:b1:a9:7c:b5:
         de:76:66:12:68:cc:f9:51:e5:95:28:0a:72:f6:01:45:f2:bc:
         58:95:d3:e2:18:19:ff:e6:c2:6d:36:79:61:8d:2f:07:10:05:
         dc:b9:bd:27
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYvU1Whj1yHaXkZIwjvuDC4dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjMxMTE1MjExMzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Yzg3YzMxY2YyYjA2ZDJiNWRlOTE4NjBlNzM3YWE4YWNmNmFkMTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjtUZHBn/MLRufLk8ogoxMODEsGgy
G8U23g3YIzFemBmV8Rp1KiGe+kQy1Jb7Z7Nv/3Tp3/4EDBetMjXAF305BTTJRb0E
waH2Hkz+iWCzQi9Ue0jmqNCgVYMjM7OMgeb9SUXBQsixDkWwCif2tGwRxcfVAuVJ
/9xfJlXfHj8ejTYJKQbNocDfWeEFe8utlgljrEWn2GVnrupIaohN2NfXDNngx9qh
v7by7NtpzxclimMvdismFq3cBvwNEGB+CJpt356biykrvVsuqnU+jNHNtLoMpPK5
QnQD8r+fbTqZiOWQKRHfxRMil3tAo6uEFmNfkKmVqN5JV7aHBWT39nFvAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHyHwxzysG0rXekYYOc3qorPatEgMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvZklmREhQS3diU3RkNlJoZzV6ZXFpczlxMFNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAU5PeMA0G
CSqGSIb3DQEBCwUAA4IBAQCc+753ARTbqWf4HjuFg7XeBCRIcHHpFokMV+b6O8F6
PfflKGCHTTDPzO9+EViiSePxbRuljGb1gXBzOouqot2ARmtOd1BVUYZkOZFuln6k
2qpuDVfuyWaxo1NXC78BTIQjrXu23SOL5VddyB+1eXyB00hWQ8iO6FwJUielyJ6n
Q9KifXYGqJkoUUbyNdYpY3ueWMo//yspVdg0Oe91PQ4zNMIH/+EVtMJxBXf5ICcp
nis89jejAGcApp7OKN4suSaZ+7XWUJNp9ImeJoIuKI/232xsy7GpfLXedmYSaMz5
UeWVKApy9gFF8rxYldPiGBn/5sJtNnlhjS8HEAXcub0n
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:10 2024 by rpki-client on console-fra.rpki-client.org