Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/oEDW5OeKvLaGHOW6UxSKKaLwMvg.roa
File:                     oEDW5OeKvLaGHOW6UxSKKaLwMvg.roa (raw, json)
Hash identifier:          FjVoPaarWcI3z7/zrvbmlYc2W9lFYMTYOU7lnTU58sk=
Subject key identifier:   A0:40:D6:E4:E7:8A:BC:B6:86:1C:E5:BA:53:14:8A:29:A2:F0:32:F8
Certificate issuer:       /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial:       01879F6EA9D3FA6D1D2EFD99DD2549069568
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/oEDW5OeKvLaGHOW6UxSKKaLwMvg.roa
Signing time:             Thu 20 Apr 2023 16:10:42 +0000
ROA not before:           Thu 20 Apr 2023 16:10:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209043
IP address blocks:        83.147.223.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 20 Jun 2023 10:14:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:9f:6e:a9:d3:fa:6d:1d:2e:fd:99:dd:25:49:06:95:68
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
        Validity
            Not Before: Apr 20 16:10:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a040d6e4e78abcb6861ce5ba53148a29a2f032f8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:39:f3:51:e8:e9:ae:17:9f:16:88:ba:02:d0:
                    a3:a3:60:1a:b9:52:4d:bd:cc:27:8b:27:d7:09:af:
                    77:69:92:8e:54:ec:d6:b6:68:f8:8e:a1:de:4d:b8:
                    74:15:3f:70:00:a1:f4:e1:42:7f:45:6f:07:9d:90:
                    86:5e:2c:9d:48:a3:4a:c4:1a:60:d0:53:8c:5b:06:
                    06:0d:ac:c9:b7:d4:54:a8:82:ed:c7:20:0f:c1:4f:
                    98:aa:54:7a:e0:20:ce:83:af:b6:fd:c9:59:e2:4a:
                    9c:ef:e3:c7:cb:76:b7:d0:c8:f5:eb:09:fa:d6:97:
                    ce:d4:45:35:49:1b:25:4b:71:ca:d0:1e:a0:7c:82:
                    ec:82:b8:59:d4:d9:2e:58:d7:a9:10:9e:59:15:1c:
                    ea:cf:3b:94:5d:7a:27:07:82:e7:41:97:12:71:df:
                    a0:82:20:1f:14:8a:29:cb:04:14:9a:66:2f:f6:7f:
                    7b:ba:21:68:62:57:db:ad:11:03:51:f6:10:eb:b5:
                    38:f1:7e:00:08:66:a0:26:98:1e:ea:96:f9:97:a0:
                    ec:a1:5d:3c:fc:96:6d:87:96:c2:67:b8:46:a0:d3:
                    fa:06:38:37:18:74:ec:3a:23:98:27:ac:0c:58:8c:
                    ae:f8:34:1a:16:8e:aa:db:c5:e7:1f:30:fb:82:a6:
                    c7:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:40:D6:E4:E7:8A:BC:B6:86:1C:E5:BA:53:14:8A:29:A2:F0:32:F8
            X509v3 Authority Key Identifier:
                keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/oEDW5OeKvLaGHOW6UxSKKaLwMvg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  83.147.223.0/24

    Signature Algorithm: sha256WithRSAEncryption
         01:06:fd:f9:19:a4:ea:b6:54:8b:18:42:f4:91:84:84:6a:04:
         ef:de:41:52:a8:e3:c7:ad:55:2c:31:6d:02:0d:14:1d:37:98:
         35:c6:96:ea:17:85:db:74:d4:41:f2:17:dd:30:12:f8:71:e6:
         23:d5:0c:5d:95:76:99:48:39:42:0c:64:60:7a:b5:4a:b2:1a:
         9f:cf:0a:6b:df:4a:b7:50:e5:a6:c3:39:8a:34:64:e2:68:92:
         b0:21:4b:e3:62:92:61:c5:80:7b:56:c6:6e:ac:f5:ca:4f:00:
         cb:d3:d5:55:ab:ff:a9:81:5b:d7:3c:78:f8:80:e8:d4:15:6f:
         4b:f2:76:79:df:6c:a2:54:b0:db:c9:31:18:fa:8b:4f:1a:fc:
         c7:62:c4:63:fe:8d:27:44:7e:cf:9c:d2:a1:c3:ae:8f:f0:d7:
         55:68:5f:ec:ca:55:35:72:dd:cc:e4:4b:cb:04:bf:74:30:93:
         24:d9:ec:66:3b:87:e1:b9:f6:17:b3:f6:39:35:ce:91:23:db:
         b0:e3:6c:5a:dc:15:82:c0:e1:19:e1:f1:f6:18:15:ae:41:d2:
         bb:b3:f2:af:80:1f:b8:bf:e0:a2:01:a7:f9:13:14:83:55:d8:
         bf:02:e3:99:dc:8f:0f:6e:6d:6f:ca:1c:2e:22:8c:af:37:44:
         40:ea:22:56
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYefbqnT+m0dLv2Z3SVJBpVoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjMwNDIwMTYxMDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDQwZDZlNGU3OGFiY2I2ODYxY2U1YmE1MzE0OGEyOWEyZjAzMmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhjnzUejprhefFoi6AtCjo2AauVJN
vcwniyfXCa93aZKOVOzWtmj4jqHeTbh0FT9wAKH04UJ/RW8HnZCGXiydSKNKxBpg
0FOMWwYGDazJt9RUqILtxyAPwU+YqlR64CDOg6+2/clZ4kqc7+PHy3a30Mj16wn6
1pfO1EU1SRslS3HK0B6gfILsgrhZ1NkuWNepEJ5ZFRzqzzuUXXonB4LnQZcScd+g
giAfFIopywQUmmYv9n97uiFoYlfbrREDUfYQ67U48X4ACGagJpge6pb5l6DsoV08
/JZth5bCZ7hGoNP6Bjg3GHTsOiOYJ6wMWIyu+DQaFo6q28XnHzD7gqbH5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKBA1uTniry2hhzlulMUiimi8DL4MB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvb0VEVzVPZUt2TGFHSE9XNlV4U0tLYUx3TXZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAU5PfMA0G
CSqGSIb3DQEBCwUAA4IBAQABBv35GaTqtlSLGEL0kYSEagTv3kFSqOPHrVUsMW0C
DRQdN5g1xpbqF4XbdNRB8hfdMBL4ceYj1QxdlXaZSDlCDGRgerVKshqfzwpr30q3
UOWmwzmKNGTiaJKwIUvjYpJhxYB7VsZurPXKTwDL09VVq/+pgVvXPHj4gOjUFW9L
8nZ532yiVLDbyTEY+otPGvzHYsRj/o0nRH7PnNKhw66P8NdVaF/sylU1ct3M5EvL
BL90MJMk2exmO4fhufYXs/Y5Nc6RI9uw42xa3BWCwOEZ4fH2GBWuQdK7s/KvgB+4
v+CiAaf5ExSDVdi/AuOZ3I8Pbm1vyhwuIoyvN0RA6iJW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:10 2024 by rpki-client on console-fra.rpki-client.org