Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/c533b2-ae9d-4470-b982-f540439a4ae2/1/K3O8QCBUZU_wisLWgsb3ltFAVaQ.roa
File:                     K3O8QCBUZU_wisLWgsb3ltFAVaQ.roa (raw, json)
Hash identifier:          CKkqT8VgT1sIaE6eTFhRydCxlo8lJGzIb3FliAfwYuM=
Subject key identifier:   2B:73:BC:40:20:54:65:4F:F0:8A:C2:D6:82:C6:F7:96:D1:40:55:A4
Certificate issuer:       /CN=9a5f0d912b5e747ae568d808a04029b4ebc66e47
Certificate serial:       0188D4EAE5DE0DE8AFEB0A80278B15C14FAB
Authority key identifier: 9A:5F:0D:91:2B:5E:74:7A:E5:68:D8:08:A0:40:29:B4:EB:C6:6E:47
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ml8NkStedHrlaNgIoEAptOvGbkc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d6/c533b2-ae9d-4470-b982-f540439a4ae2/1/K3O8QCBUZU_wisLWgsb3ltFAVaQ.roa
Signing time:             Mon 19 Jun 2023 18:29:03 +0000
ROA not before:           Mon 19 Jun 2023 18:29:03 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     44092
IP address blocks:        176.56.136.0/22 maxlen: 24
                          176.56.140.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:30:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:d4:ea:e5:de:0d:e8:af:eb:0a:80:27:8b:15:c1:4f:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9a5f0d912b5e747ae568d808a04029b4ebc66e47
        Validity
            Not Before: Jun 19 18:29:03 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2b73bc402054654ff08ac2d682c6f796d14055a4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:79:5c:8d:d0:88:f4:52:cc:d6:d8:82:38:6e:
                    e0:6c:83:90:ef:a6:dd:39:dc:74:9d:2f:6d:29:cb:
                    59:92:40:32:a7:d6:eb:bf:57:52:3c:c4:ed:bf:b1:
                    32:48:2c:32:6f:94:54:7f:50:d4:79:14:29:8b:58:
                    a0:09:c1:af:b8:4a:d0:10:b6:95:fb:3d:17:ca:7f:
                    27:34:01:e4:2c:5c:8c:00:90:96:aa:39:5b:18:e9:
                    5e:df:e9:cc:b5:a5:8a:29:81:e3:f3:7b:1c:f9:b8:
                    33:7e:46:55:f1:76:03:03:f1:ef:85:06:7d:79:ce:
                    c8:31:6a:a3:e4:a7:22:3b:be:b6:7e:b2:27:41:d6:
                    b0:d7:7f:1c:e4:93:31:c2:99:55:73:17:fd:e8:b5:
                    cf:33:08:72:6a:f7:16:df:d5:16:5e:fa:67:1f:af:
                    16:45:80:99:af:35:0f:16:ed:7b:ea:8d:35:05:b6:
                    04:c3:7c:28:04:0d:eb:69:67:08:a1:3a:c7:82:f2:
                    8b:cf:36:80:db:f7:6c:c4:61:e3:b3:ac:85:92:5a:
                    64:8a:40:7c:4c:79:75:f4:31:81:81:56:70:84:9e:
                    62:0c:34:79:87:c5:21:f4:01:16:cc:ab:aa:1e:9e:
                    e2:60:a5:bd:51:4f:85:f3:9a:67:f4:30:9f:89:f6:
                    00:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:73:BC:40:20:54:65:4F:F0:8A:C2:D6:82:C6:F7:96:D1:40:55:A4
            X509v3 Authority Key Identifier:
                keyid:9A:5F:0D:91:2B:5E:74:7A:E5:68:D8:08:A0:40:29:B4:EB:C6:6E:47

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ml8NkStedHrlaNgIoEAptOvGbkc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/c533b2-ae9d-4470-b982-f540439a4ae2/1/K3O8QCBUZU_wisLWgsb3ltFAVaQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/c533b2-ae9d-4470-b982-f540439a4ae2/1/ml8NkStedHrlaNgIoEAptOvGbkc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.56.136.0/21

    Signature Algorithm: sha256WithRSAEncryption
         36:65:9d:61:4b:b3:93:5b:c5:84:d5:6a:ba:3d:fd:01:f3:3f:
         5c:c4:25:0e:df:a1:cc:85:f3:56:ae:eb:83:67:6f:a6:3b:db:
         53:18:1b:36:b6:0c:85:db:e4:47:15:85:e2:e7:7a:40:65:13:
         97:64:63:4a:ff:f8:98:d5:cc:6c:a0:17:c3:2b:1e:31:99:32:
         f5:53:d7:0a:0d:54:84:ad:95:73:78:f2:62:f2:0f:c7:dd:52:
         a0:c0:67:9f:94:25:4f:68:06:27:a9:f9:94:ca:15:17:9e:76:
         d0:bc:1c:f9:23:db:6e:24:81:7b:14:e4:ee:02:0e:69:68:95:
         f2:bd:a4:8b:69:bf:78:0b:73:71:94:fe:89:b2:ab:5c:02:7c:
         b3:d0:08:28:d5:3b:82:8c:4d:43:49:74:69:d6:4a:90:fb:7e:
         ec:99:f8:d1:72:70:26:b7:b9:7a:ab:1f:4d:62:b8:b4:8d:e3:
         09:01:00:5c:b5:3c:e6:75:47:5a:d3:07:5f:cd:a0:bc:9e:35:
         2b:ee:2d:ed:4b:4a:14:c8:fa:35:12:e8:7a:19:0b:74:39:c1:
         b9:99:2b:aa:93:83:0b:92:26:8c:5e:bd:a1:ef:51:84:d8:78:
         f5:35:8d:a4:47:8f:1b:e7:8e:df:a2:ae:8d:3a:32:0d:d7:e3:
         df:6a:2a:c3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYjU6uXeDeiv6wqAJ4sVwU+rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhNWYwZDkxMmI1ZTc0N2FlNTY4ZDgwOGEwNDAyOWI0ZWJj
NjZlNDcwHhcNMjMwNjE5MTgyOTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjczYmM0MDIwNTQ2NTRmZjA4YWMyZDY4MmM2Zjc5NmQxNDA1NWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjHlcjdCI9FLM1tiCOG7gbIOQ76bd
Odx0nS9tKctZkkAyp9brv1dSPMTtv7EySCwyb5RUf1DUeRQpi1igCcGvuErQELaV
+z0Xyn8nNAHkLFyMAJCWqjlbGOle3+nMtaWKKYHj83sc+bgzfkZV8XYDA/HvhQZ9
ec7IMWqj5KciO762frInQdaw138c5JMxwplVcxf96LXPMwhyavcW39UWXvpnH68W
RYCZrzUPFu176o01BbYEw3woBA3raWcIoTrHgvKLzzaA2/dsxGHjs6yFklpkikB8
THl19DGBgVZwhJ5iDDR5h8Uh9AEWzKuqHp7iYKW9UU+F85pn9DCfifYA4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCtzvEAgVGVP8IrC1oLG95bRQFWkMB8GA1UdIwQY
MBaAFJpfDZErXnR65WjYCKBAKbTrxm5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWw4TmtTdGVkSHJsYU5nSW9FQXB0T3ZHYmtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi9jNTMzYjItYWU5ZC00NDcwLWI5ODIt
ZjU0MDQzOWE0YWUyLzEvSzNPOFFDQlVaVV93aXNMV2dzYjNsdEZBVmFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi9jNTMzYjItYWU5ZC00NDcwLWI5ODItZjU0MDQzOWE0YWUy
LzEvbWw4TmtTdGVkSHJsYU5nSW9FQXB0T3ZHYmtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDsDiIMA0G
CSqGSIb3DQEBCwUAA4IBAQA2ZZ1hS7OTW8WE1Wq6Pf0B8z9cxCUO36HMhfNWruuD
Z2+mO9tTGBs2tgyF2+RHFYXi53pAZROXZGNK//iY1cxsoBfDKx4xmTL1U9cKDVSE
rZVzePJi8g/H3VKgwGeflCVPaAYnqfmUyhUXnnbQvBz5I9tuJIF7FOTuAg5paJXy
vaSLab94C3NxlP6JsqtcAnyz0Ago1TuCjE1DSXRp1kqQ+37smfjRcnAmt7l6qx9N
Yri0jeMJAQBctTzmdUda0wdfzaC8njUr7i3tS0oUyPo1Euh6GQt0OcG5mSuqk4ML
kiaMXr2h71GE2Hj1NY2kR48b547foq6NOjIN1+PfairD
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:44 2024 by rpki-client on console-ams.rpki-client.org