Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/BVMMeIF6PINrkSwIFl9kLMiw70g.roa
File:                     BVMMeIF6PINrkSwIFl9kLMiw70g.roa (raw, json)
Hash identifier:          WBTfbZica8Ot6MrLqactVNwjy90UAGOgRO5vjTICpDc=
Subject key identifier:   05:53:0C:78:81:7A:3C:83:6B:91:2C:08:16:5F:64:2C:C8:B0:EF:48
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       01867461E458DDA098583114B51A51AF1E87
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/BVMMeIF6PINrkSwIFl9kLMiw70g.roa
Signing time:             Tue 21 Feb 2023 14:30:17 +0000
ROA not before:           Tue 21 Feb 2023 14:30:17 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     16276
IP address blocks:        87.247.149.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 22 Feb 2023 18:15:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:74:61:e4:58:dd:a0:98:58:31:14:b5:1a:51:af:1e:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Feb 21 14:30:17 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=05530c78817a3c836b912c08165f642cc8b0ef48
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:a6:e1:f8:da:1b:51:99:79:01:fb:ef:52:cd:
                    17:5c:88:9b:dc:fa:0a:84:6b:08:7c:59:8c:2f:4c:
                    b0:36:06:88:77:0f:39:f3:54:77:90:8f:32:94:78:
                    e8:50:b8:74:29:31:95:3c:2c:f5:37:a4:04:08:ea:
                    c2:cc:af:f8:bd:77:13:01:2d:9e:12:c1:dc:a9:13:
                    2d:e7:fa:fd:0c:ac:23:58:2f:1e:3c:aa:76:03:40:
                    ef:5f:6b:0b:47:7f:ab:7c:c1:0b:ee:37:0a:c8:87:
                    1a:9c:d6:bc:9b:22:76:57:c8:a5:3b:72:48:0f:53:
                    7b:7f:2a:48:6d:f7:df:9f:1e:66:ab:2e:e6:bb:bc:
                    c8:15:13:91:2a:9a:76:dd:da:99:f6:40:6d:1f:a0:
                    8f:f5:b8:e7:e5:f3:ab:c0:3b:61:f9:07:47:fa:15:
                    53:16:96:80:60:c2:ce:bf:2c:e3:a2:23:68:35:63:
                    b4:d0:c6:96:88:98:7d:42:c3:18:14:44:19:a2:45:
                    cc:6b:30:96:88:04:a6:f8:63:0d:72:6b:78:ff:62:
                    e5:71:0f:8a:28:77:56:31:22:cd:33:ec:70:1c:78:
                    41:13:5c:bd:4e:87:fe:bd:cd:ae:50:24:fa:96:b1:
                    76:cc:a8:b4:dd:f8:96:cb:c0:66:30:05:11:a3:a5:
                    d6:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:53:0C:78:81:7A:3C:83:6B:91:2C:08:16:5F:64:2C:C8:B0:EF:48
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/BVMMeIF6PINrkSwIFl9kLMiw70g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  87.247.149.0/24

    Signature Algorithm: sha256WithRSAEncryption
         91:6c:e9:46:f8:06:f6:af:4c:5f:93:5c:c5:ab:77:0a:d7:b6:
         9f:1e:a8:c7:0d:92:61:91:20:11:84:3d:34:0e:b7:1d:21:b0:
         42:ad:40:87:eb:9c:3a:0d:03:59:62:72:b7:53:4a:20:9a:4a:
         60:9d:67:55:8e:de:96:8d:d3:4d:ee:da:64:e5:ce:aa:dd:8d:
         60:bf:b7:24:bd:fc:d8:5a:af:75:ba:b0:a7:3f:2c:e1:a9:2d:
         dd:bf:41:3f:d6:64:86:3e:96:9a:ec:44:9a:ba:b2:30:93:db:
         ef:10:db:62:48:23:a6:37:54:7b:9e:4b:9f:fe:c5:66:6d:1c:
         80:d1:ec:62:4a:a4:8a:61:7d:6f:44:9e:ab:43:85:86:87:8c:
         fe:3e:7d:aa:5b:76:9c:c4:61:0e:f5:fa:ae:48:4b:a4:9d:b1:
         39:8e:01:e9:d0:a1:f4:3d:5b:02:1a:c6:5c:57:c1:10:ae:a2:
         21:9e:ae:78:50:9f:96:86:5e:69:53:70:59:6c:e0:5f:94:b7:
         de:7d:85:eb:20:b4:07:80:55:2f:f4:0e:e2:fa:69:4d:7d:c1:
         fc:f3:67:ba:6b:9f:dc:ee:75:c9:51:f0:d2:17:fc:82:64:d6:
         73:91:75:f7:30:b3:81:f6:f2:7a:9f:0e:a8:ab:0a:ab:ff:bf:
         f6:d1:3e:f1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYZ0YeRY3aCYWDEUtRpRrx6HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMjIxMTQzMDE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTUzMGM3ODgxN2EzYzgzNmI5MTJjMDgxNjVmNjQyY2M4YjBlZjQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtabh+NobUZl5AfvvUs0XXIib3PoK
hGsIfFmML0ywNgaIdw8581R3kI8ylHjoULh0KTGVPCz1N6QECOrCzK/4vXcTAS2e
EsHcqRMt5/r9DKwjWC8ePKp2A0DvX2sLR3+rfMEL7jcKyIcanNa8myJ2V8ilO3JI
D1N7fypIbfffnx5mqy7mu7zIFRORKpp23dqZ9kBtH6CP9bjn5fOrwDth+QdH+hVT
FpaAYMLOvyzjoiNoNWO00MaWiJh9QsMYFEQZokXMazCWiASm+GMNcmt4/2LlcQ+K
KHdWMSLNM+xwHHhBE1y9Tof+vc2uUCT6lrF2zKi03fiWy8BmMAURo6XWIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAVTDHiBejyDa5EsCBZfZCzIsO9IMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvQlZNTWVJRjZQSU5ya1N3SUZsOWtMTWl3NzBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV/eVMA0G
CSqGSIb3DQEBCwUAA4IBAQCRbOlG+Ab2r0xfk1zFq3cK17afHqjHDZJhkSARhD00
DrcdIbBCrUCH65w6DQNZYnK3U0ogmkpgnWdVjt6WjdNN7tpk5c6q3Y1gv7ckvfzY
Wq91urCnPyzhqS3dv0E/1mSGPpaa7ESaurIwk9vvENtiSCOmN1R7nkuf/sVmbRyA
0exiSqSKYX1vRJ6rQ4WGh4z+Pn2qW3acxGEO9fquSEuknbE5jgHp0KH0PVsCGsZc
V8EQrqIhnq54UJ+Whl5pU3BZbOBflLfefYXrILQHgFUv9A7i+mlNfcH882e6a5/c
7nXJUfDSF/yCZNZzkXX3MLOB9vJ6nw6oqwqr/7/20T7x
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:09 2024 by rpki-client on console-ams.rpki-client.org