Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/mnic84bOwfk-Kjp0jpeZqFECnRo.roa
File:                     mnic84bOwfk-Kjp0jpeZqFECnRo.roa (raw, json)
Hash identifier:          EkphwmRJ+BInwMx9ljKqGIOOZsbVxdBwlyEDk3xPZuI=
Subject key identifier:   9A:78:9C:F3:86:CE:C1:F9:3E:2A:3A:74:8E:97:99:A8:51:02:9D:1A
Certificate issuer:       /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial:       0185708CE01167E5B0A28FF11DE301416AB9
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/mnic84bOwfk-Kjp0jpeZqFECnRo.roa
Signing time:             Mon 02 Jan 2023 03:35:58 +0000
ROA not before:           Mon 02 Jan 2023 03:35:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     51765
IP address blocks:        83.147.223.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 06 Feb 2023 17:09:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:8c:e0:11:67:e5:b0:a2:8f:f1:1d:e3:01:41:6a:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
        Validity
            Not Before: Jan  2 03:35:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9a789cf386cec1f93e2a3a748e9799a851029d1a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:a5:ab:44:46:9d:48:13:4b:4c:fd:f6:ec:88:
                    50:09:0f:06:e9:95:10:de:29:28:26:85:79:3b:a7:
                    c1:01:b5:29:d6:9a:01:17:27:67:ce:b0:b5:cc:37:
                    de:af:ed:04:48:50:ed:52:a3:25:ff:ed:0a:55:f6:
                    63:5b:e6:73:0e:db:14:56:bf:c2:7c:6a:c9:aa:4b:
                    9f:9f:3e:76:1d:54:ff:61:9e:e0:d9:5c:6d:e5:82:
                    eb:85:b1:73:77:5d:79:49:67:dd:4c:47:50:d0:7e:
                    e7:89:5e:7c:25:80:a7:dc:9c:4d:e0:c4:77:da:30:
                    62:28:f0:6f:a1:dd:5b:8d:76:6c:8d:ca:27:6e:00:
                    01:c3:74:7d:92:12:7b:c4:2c:f0:3e:0a:7f:52:97:
                    30:e1:fd:17:2c:e0:f1:31:2a:9b:3f:89:62:ba:93:
                    2f:ca:a5:e4:96:8a:9c:69:7d:69:98:28:11:c5:9a:
                    e1:9a:49:ab:99:13:c5:55:2f:94:40:a6:b4:37:19:
                    d0:bc:f5:c3:a3:6d:78:4a:d9:90:8e:64:f7:74:75:
                    c1:e0:9f:57:37:97:42:d4:09:8d:aa:07:13:47:13:
                    90:46:43:50:20:0a:4a:dc:83:e2:35:86:39:20:a2:
                    cc:b3:70:67:47:0f:70:fc:0e:ac:a5:9b:e4:25:55:
                    98:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:78:9C:F3:86:CE:C1:F9:3E:2A:3A:74:8E:97:99:A8:51:02:9D:1A
            X509v3 Authority Key Identifier:
                keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/mnic84bOwfk-Kjp0jpeZqFECnRo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  83.147.223.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0b:25:8b:70:a0:72:f2:4b:82:a3:d6:9e:4d:bd:c8:2f:b6:c8:
         36:38:1f:35:77:e1:30:84:48:58:5e:f8:3a:87:4c:a9:67:79:
         2d:8f:c0:65:64:0e:cb:6d:95:19:65:6d:7d:8a:5d:1b:11:92:
         ef:d9:86:12:a2:bc:18:b8:9a:7f:4d:db:92:f5:3c:76:9e:6e:
         2e:ef:e4:19:10:b1:5a:66:ed:5c:ba:ce:5d:eb:63:53:71:54:
         b5:8c:9a:69:e3:23:d6:fe:68:ab:77:16:ad:99:10:8a:fe:0a:
         ab:ad:55:71:ed:a0:b4:2e:87:96:91:f3:95:47:32:a4:92:2d:
         41:68:3b:f3:67:61:65:e5:7f:31:b0:ba:6e:e1:0a:10:10:2a:
         f0:e4:e5:30:31:c4:5f:1d:32:b2:a3:69:4d:a4:ac:0f:0f:2f:
         49:21:11:d8:32:bd:ab:5c:22:3f:22:de:03:4b:27:f2:77:3b:
         32:07:37:43:ed:46:43:f8:31:59:1d:1a:22:b2:d1:10:f1:6d:
         80:a3:c8:dc:fc:69:aa:8a:04:c2:fc:b1:f6:f4:00:be:70:1e:
         24:ea:05:e0:03:95:bc:8f:d4:b5:36:ca:d7:ae:fd:36:1f:e7:
         6b:e6:86:f9:27:81:58:50:0b:0c:28:b3:49:e2:16:3e:fb:40:
         75:06:1f:46
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwjOARZ+Wwoo/xHeMBQWq5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjMwMTAyMDMzNTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTc4OWNmMzg2Y2VjMWY5M2UyYTNhNzQ4ZTk3OTlhODUxMDI5ZDFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmKWrREadSBNLTP327IhQCQ8G6ZUQ
3ikoJoV5O6fBAbUp1poBFydnzrC1zDfer+0ESFDtUqMl/+0KVfZjW+ZzDtsUVr/C
fGrJqkufnz52HVT/YZ7g2Vxt5YLrhbFzd115SWfdTEdQ0H7niV58JYCn3JxN4MR3
2jBiKPBvod1bjXZsjconbgABw3R9khJ7xCzwPgp/Upcw4f0XLODxMSqbP4liupMv
yqXkloqcaX1pmCgRxZrhmkmrmRPFVS+UQKa0NxnQvPXDo214StmQjmT3dHXB4J9X
N5dC1AmNqgcTRxOQRkNQIApK3IPiNYY5IKLMs3BnRw9w/A6spZvkJVWYcQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJp4nPOGzsH5Pio6dI6XmahRAp0aMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvbW5pYzg0Yk93ZmstS2pwMGpwZVpxRkVDblJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAU5PfMA0G
CSqGSIb3DQEBCwUAA4IBAQALJYtwoHLyS4Kj1p5Nvcgvtsg2OB81d+EwhEhYXvg6
h0ypZ3ktj8BlZA7LbZUZZW19il0bEZLv2YYSorwYuJp/TduS9Tx2nm4u7+QZELFa
Zu1cus5d62NTcVS1jJpp4yPW/mirdxatmRCK/gqrrVVx7aC0LoeWkfOVRzKkki1B
aDvzZ2Fl5X8xsLpu4QoQECrw5OUwMcRfHTKyo2lNpKwPDy9JIRHYMr2rXCI/It4D
SyfydzsyBzdD7UZD+DFZHRoistEQ8W2Ao8jc/GmqigTC/LH29AC+cB4k6gXgA5W8
j9S1NsrXrv02H+dr5ob5J4FYUAsMKLNJ4hY++0B1Bh9G
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:19 2024 by rpki-client on console-ams.rpki-client.org