Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/95de21-0fbc-4d13-b6e0-cb9e1ed779ac/1/c5Bwi38hHQ49e7bruNDSk3VmWbY.roa
File:                     c5Bwi38hHQ49e7bruNDSk3VmWbY.roa (raw, json)
Hash identifier:          CVAWSazfA62ZHO3yZ+WBfekD/epX9qZo0kZtWYB73EE=
Subject key identifier:   73:90:70:8B:7F:21:1D:0E:3D:7B:B6:EB:B8:D0:D2:93:75:66:59:B6
Certificate issuer:       /CN=c4df0bd04aa843e68082f6dece0798732b6f8832
Certificate serial:       01886705F91CB22C0B1BB3B422A997E677B8
Authority key identifier: C4:DF:0B:D0:4A:A8:43:E6:80:82:F6:DE:CE:07:98:73:2B:6F:88:32
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xN8L0EqoQ-aAgvbezgeYcytviDI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bf/95de21-0fbc-4d13-b6e0-cb9e1ed779ac/1/c5Bwi38hHQ49e7bruNDSk3VmWbY.roa
Signing time:             Mon 29 May 2023 10:20:24 +0000
ROA not before:           Mon 29 May 2023 10:20:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49100
IP address blocks:        176.122.211.0/24 maxlen: 24
                          176.122.210.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:30:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:67:05:f9:1c:b2:2c:0b:1b:b3:b4:22:a9:97:e6:77:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c4df0bd04aa843e68082f6dece0798732b6f8832
        Validity
            Not Before: May 29 10:20:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7390708b7f211d0e3d7bb6ebb8d0d293756659b6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:b5:17:7a:46:41:57:37:b3:bb:6b:15:3f:7e:
                    7f:3f:5b:8d:37:04:bf:fd:65:b8:1f:d0:eb:07:8f:
                    5d:78:27:42:32:bd:01:80:dd:12:ef:63:b4:95:88:
                    a4:4f:a6:07:1d:5f:f9:e1:42:24:cd:72:30:24:11:
                    56:ba:32:a4:4a:3f:4e:7b:4b:59:0a:b8:53:b8:e4:
                    5e:62:7e:a0:cf:c1:dc:87:fa:ee:77:25:c6:1a:e2:
                    ce:4c:5a:fd:08:81:05:7d:66:70:30:ab:0d:ec:22:
                    be:ca:fb:d7:95:94:33:ef:b5:97:12:37:68:50:b0:
                    01:a7:c3:00:45:c7:ce:f2:ba:ae:d5:93:ef:99:b6:
                    21:cf:6a:63:82:97:a0:2d:db:72:1d:aa:1c:37:1f:
                    f3:ca:49:bc:63:da:de:62:ba:bd:b1:50:2e:71:55:
                    8e:b0:5d:be:5b:b7:75:90:75:02:17:9a:4d:b9:19:
                    e4:7a:17:ba:a4:9e:91:76:97:6c:3e:f5:60:5f:5c:
                    53:62:84:89:3e:41:90:2d:0a:97:fc:91:cd:1d:ab:
                    e2:3a:aa:8d:5f:54:91:b7:04:4d:f3:32:de:c8:8a:
                    1c:85:0c:ac:92:03:27:76:7f:f8:1f:13:b5:45:b4:
                    d7:c7:bd:91:8e:8c:6e:49:2a:c4:4b:4f:f5:2a:56:
                    b7:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:90:70:8B:7F:21:1D:0E:3D:7B:B6:EB:B8:D0:D2:93:75:66:59:B6
            X509v3 Authority Key Identifier:
                keyid:C4:DF:0B:D0:4A:A8:43:E6:80:82:F6:DE:CE:07:98:73:2B:6F:88:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xN8L0EqoQ-aAgvbezgeYcytviDI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/95de21-0fbc-4d13-b6e0-cb9e1ed779ac/1/c5Bwi38hHQ49e7bruNDSk3VmWbY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/95de21-0fbc-4d13-b6e0-cb9e1ed779ac/1/xN8L0EqoQ-aAgvbezgeYcytviDI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.122.210.0/23

    Signature Algorithm: sha256WithRSAEncryption
         01:1b:21:8d:33:c9:0e:41:2c:30:97:a5:43:b0:d1:4c:83:47:
         ec:6e:4b:e5:e8:ff:6b:ad:63:c6:03:a7:c7:3e:05:36:f7:be:
         60:ff:15:dd:6f:68:2e:77:3a:7c:ae:dc:6d:d8:e7:2c:e1:90:
         9e:1a:89:78:6e:d5:43:c5:ab:70:6a:ac:eb:89:ef:78:8a:d5:
         19:eb:ed:3c:b8:50:50:b1:e1:8e:21:d1:fd:e5:ba:8c:57:ac:
         ed:65:c5:9b:a9:d4:fc:c4:97:5a:79:a0:42:a7:f8:63:ec:93:
         0f:ec:25:c7:fb:01:da:c1:6c:98:e5:00:91:cb:2d:43:e4:a5:
         cc:56:fc:c1:a5:87:d8:55:ae:22:ef:f0:64:4e:95:44:9f:8f:
         0e:e6:8b:9e:dc:0c:e4:93:ae:bb:37:f0:d6:d3:37:02:cd:f6:
         79:4d:00:a0:09:d7:46:a8:37:a0:47:17:9a:86:f7:9b:bb:18:
         ee:03:1c:29:db:3c:cf:f4:36:2e:2b:2b:ab:86:3a:6a:d9:f7:
         6d:8d:23:70:1e:71:48:0d:90:51:b8:1d:32:f0:81:a6:35:a1:
         d9:8e:f4:7e:f6:dc:f8:49:1a:e7:1d:04:96:58:41:59:75:ef:
         f5:e7:30:87:d1:4b:57:2f:16:84:2a:4f:ab:dd:70:b7:f8:76:
         4c:bb:98:0e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYhnBfkcsiwLG7O0IqmX5ne4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0ZGYwYmQwNGFhODQzZTY4MDgyZjZkZWNlMDc5ODczMmI2
Zjg4MzIwHhcNMjMwNTI5MTAyMDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzkwNzA4YjdmMjExZDBlM2Q3YmI2ZWJiOGQwZDI5Mzc1NjY1OWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvbUXekZBVzezu2sVP35/P1uNNwS/
/WW4H9DrB49deCdCMr0BgN0S72O0lYikT6YHHV/54UIkzXIwJBFWujKkSj9Oe0tZ
CrhTuOReYn6gz8Hch/rudyXGGuLOTFr9CIEFfWZwMKsN7CK+yvvXlZQz77WXEjdo
ULABp8MARcfO8rqu1ZPvmbYhz2pjgpegLdtyHaocNx/zykm8Y9reYrq9sVAucVWO
sF2+W7d1kHUCF5pNuRnkehe6pJ6RdpdsPvVgX1xTYoSJPkGQLQqX/JHNHaviOqqN
X1SRtwRN8zLeyIochQyskgMndn/4HxO1RbTXx72RjoxuSSrES0/1Kla3pQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHOQcIt/IR0OPXu267jQ0pN1Zlm2MB8GA1UdIwQY
MBaAFMTfC9BKqEPmgIL23s4HmHMrb4gyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveE44TDBFcW9RLWFBZ3ZiZXpnZVljeXR2aURJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi85NWRlMjEtMGZiYy00ZDEzLWI2ZTAt
Y2I5ZTFlZDc3OWFjLzEvYzVCd2kzOGhIUTQ5ZTdicnVORFNrM1ZtV2JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi85NWRlMjEtMGZiYy00ZDEzLWI2ZTAtY2I5ZTFlZDc3OWFj
LzEveE44TDBFcW9RLWFBZ3ZiZXpnZVljeXR2aURJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBsHrSMA0G
CSqGSIb3DQEBCwUAA4IBAQABGyGNM8kOQSwwl6VDsNFMg0fsbkvl6P9rrWPGA6fH
PgU2975g/xXdb2gudzp8rtxt2Ocs4ZCeGol4btVDxatwaqzrie94itUZ6+08uFBQ
seGOIdH95bqMV6ztZcWbqdT8xJdaeaBCp/hj7JMP7CXH+wHawWyY5QCRyy1D5KXM
VvzBpYfYVa4i7/BkTpVEn48O5oue3Azkk667N/DW0zcCzfZ5TQCgCddGqDegRxea
hvebuxjuAxwp2zzP9DYuKyurhjpq2fdtjSNwHnFIDZBRuB0y8IGmNaHZjvR+9tz4
SRrnHQSWWEFZde/15zCH0UtXLxaEKk+r3XC3+HZMu5gO
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:51 2024 by rpki-client on console-ams.rpki-client.org