Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/cb2ee8-8782-4af4-8f6b-9d7f86f0d477/1/0gWCNMVEygODh8Gp21OPM9RP8bk.roa
File:                     0gWCNMVEygODh8Gp21OPM9RP8bk.roa (raw, json)
Hash identifier:          0cl/rniP2s4Qa8aeD9fLuiL/VcHGdPcqUElUbAtj9Oo=
Subject key identifier:   D2:05:82:34:C5:44:CA:03:83:87:C1:A9:DB:53:8F:33:D4:4F:F1:B9
Certificate issuer:       /CN=956866562d9f25831ec0ace8a9d8cd0e594d71fc
Certificate serial:       01856FA6F7ABEE52B8BDFB7EA2E6D2E85854
Authority key identifier: 95:68:66:56:2D:9F:25:83:1E:C0:AC:E8:A9:D8:CD:0E:59:4D:71:FC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lWhmVi2fJYMewKzoqdjNDllNcfw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/be/cb2ee8-8782-4af4-8f6b-9d7f86f0d477/1/0gWCNMVEygODh8Gp21OPM9RP8bk.roa
Signing time:             Sun 01 Jan 2023 23:24:51 +0000
ROA not before:           Sun 01 Jan 2023 23:24:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     19905
IP address blocks:        164.10.0.0/16 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 16:30:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:a6:f7:ab:ee:52:b8:bd:fb:7e:a2:e6:d2:e8:58:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=956866562d9f25831ec0ace8a9d8cd0e594d71fc
        Validity
            Not Before: Jan  1 23:24:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d2058234c544ca038387c1a9db538f33d44ff1b9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:b9:bc:75:9c:6c:61:ac:f8:50:f3:65:35:a0:
                    dd:be:c4:58:43:53:01:d4:22:0c:47:ea:26:82:ab:
                    6c:77:c4:32:04:fa:ac:51:c9:2c:39:9b:75:a6:b1:
                    6e:9c:f9:5e:60:eb:89:9c:2b:e9:8e:84:d9:37:7c:
                    6f:e6:49:b4:24:be:74:73:73:b9:fe:f8:11:bd:a4:
                    4b:7e:96:2e:e1:30:dc:bf:0e:99:da:fb:26:36:fc:
                    9d:e9:bf:ec:9a:8e:a3:e4:f3:34:5c:bb:61:a0:7e:
                    d5:0b:94:71:9d:95:42:42:f6:38:03:12:3c:91:14:
                    27:07:4b:50:c3:53:58:8a:e7:37:16:ca:db:8b:c6:
                    eb:cd:ba:09:58:ab:5a:c4:d7:24:75:92:99:90:5b:
                    4a:80:3e:7b:11:8d:ed:5b:93:d3:db:c9:0e:f5:c2:
                    ac:07:37:d3:ce:14:3d:9c:5c:b5:96:ac:f1:13:48:
                    6c:65:b0:d9:20:1b:ba:f2:df:6e:5a:b1:94:7c:ef:
                    0e:27:56:94:0a:f0:b6:2a:e3:1f:77:0a:c2:b2:61:
                    e4:4c:e5:55:10:ec:3f:79:99:4c:2a:84:19:86:49:
                    8e:70:ad:e9:a5:d6:99:d4:51:83:c8:05:4b:c4:2a:
                    5b:cc:64:f1:17:76:49:0f:e7:96:d1:b4:73:8e:19:
                    b5:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:05:82:34:C5:44:CA:03:83:87:C1:A9:DB:53:8F:33:D4:4F:F1:B9
            X509v3 Authority Key Identifier:
                keyid:95:68:66:56:2D:9F:25:83:1E:C0:AC:E8:A9:D8:CD:0E:59:4D:71:FC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lWhmVi2fJYMewKzoqdjNDllNcfw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/cb2ee8-8782-4af4-8f6b-9d7f86f0d477/1/0gWCNMVEygODh8Gp21OPM9RP8bk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/be/cb2ee8-8782-4af4-8f6b-9d7f86f0d477/1/lWhmVi2fJYMewKzoqdjNDllNcfw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  164.10.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         52:08:b6:27:60:bf:bc:98:a6:8f:d3:ba:f3:67:37:96:fc:b6:
         a3:75:c2:2e:84:7a:cb:88:0f:d0:e7:75:56:ac:88:d6:bf:6b:
         7a:83:0a:aa:45:76:80:20:3f:e5:d2:0e:c8:ed:0a:92:fc:93:
         05:32:70:b2:58:31:71:ba:fe:49:0f:16:ca:93:38:22:ea:39:
         0c:74:a2:e7:17:59:d8:c6:b0:bb:d9:8b:42:49:96:39:c1:79:
         9f:3d:d8:78:dc:99:5b:68:5b:06:77:8f:68:79:b8:ae:f5:65:
         d6:ba:ba:2f:d2:66:93:89:68:45:57:2e:75:f8:e5:18:bb:37:
         77:0d:bf:5e:6f:8c:3e:e1:b5:bb:22:8e:c5:83:d8:a4:00:ce:
         44:f2:f2:bc:35:55:8b:21:de:88:a0:f9:e3:e6:4d:36:cd:ec:
         7d:c8:9e:92:ee:b9:9d:3b:03:5c:28:7d:b7:c4:b3:86:f2:ab:
         2a:1b:31:78:b0:f5:a2:92:e9:37:b2:3f:f5:4c:d9:0a:24:6b:
         4b:23:df:60:59:31:00:b8:1e:c5:4a:b8:c6:cf:56:62:2c:bc:
         4e:ed:2d:ee:55:01:4e:f6:c7:e3:5c:ad:70:74:5d:fb:94:3d:
         8d:16:73:84:c2:ce:c8:91:a5:15:f8:ec:e1:4b:f6:b9:dd:f6:
         84:44:ba:d5
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYVvpver7lK4vft+oubS6FhUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1Njg2NjU2MmQ5ZjI1ODMxZWMwYWNlOGE5ZDhjZDBlNTk0
ZDcxZmMwHhcNMjMwMTAxMjMyNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjA1ODIzNGM1NDRjYTAzODM4N2MxYTlkYjUzOGYzM2Q0NGZmMWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl7m8dZxsYaz4UPNlNaDdvsRYQ1MB
1CIMR+omgqtsd8QyBPqsUcksOZt1prFunPleYOuJnCvpjoTZN3xv5km0JL50c3O5
/vgRvaRLfpYu4TDcvw6Z2vsmNvyd6b/smo6j5PM0XLthoH7VC5RxnZVCQvY4AxI8
kRQnB0tQw1NYiuc3Fsrbi8brzboJWKtaxNckdZKZkFtKgD57EY3tW5PT28kO9cKs
BzfTzhQ9nFy1lqzxE0hsZbDZIBu68t9uWrGUfO8OJ1aUCvC2KuMfdwrCsmHkTOVV
EOw/eZlMKoQZhkmOcK3ppdaZ1FGDyAVLxCpbzGTxF3ZJD+eW0bRzjhm1TwIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFNIFgjTFRMoDg4fBqdtTjzPUT/G5MB8GA1UdIwQY
MBaAFJVoZlYtnyWDHsCs6KnYzQ5ZTXH8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFdobVZpMmZKWU1ld0t6b3Fkak5EbGxOY2Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9jYjJlZTgtODc4Mi00YWY0LThmNmIt
OWQ3Zjg2ZjBkNDc3LzEvMGdXQ05NVkV5Z09EaDhHcDIxT1BNOVJQOGJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9jYjJlZTgtODc4Mi00YWY0LThmNmItOWQ3Zjg2ZjBkNDc3
LzEvbFdobVZpMmZKWU1ld0t6b3Fkak5EbGxOY2Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMApAowDQYJ
KoZIhvcNAQELBQADggEBAFIItidgv7yYpo/TuvNnN5b8tqN1wi6EesuID9DndVas
iNa/a3qDCqpFdoAgP+XSDsjtCpL8kwUycLJYMXG6/kkPFsqTOCLqOQx0oucXWdjG
sLvZi0JJljnBeZ892HjcmVtoWwZ3j2h5uK71Zda6ui/SZpOJaEVXLnX45Ri7N3cN
v15vjD7htbsijsWD2KQAzkTy8rw1VYsh3oig+ePmTTbN7H3InpLuuZ07A1wofbfE
s4byqyobMXiw9aKS6TeyP/VM2Qoka0sj32BZMQC4HsVKuMbPVmIsvE7tLe5VAU72
x+NcrXB0XfuUPY0Wc4TCzsiRpRX47OFL9rnd9oREutU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:07 2024 by rpki-client on console-fra.rpki-client.org