Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/d09e34-cc11-4394-904d-840ccb34b3f5/1/vk3CKoTe-6vnWjEtHTBmw6Q0l6w.roa
File:                     vk3CKoTe-6vnWjEtHTBmw6Q0l6w.roa (raw, json)
Hash identifier:          ErrzXWlk6DJv2Nqf8KLyTI9j2wa/KnGupQ+kFAG7GaU=
Subject key identifier:   BE:4D:C2:2A:84:DE:FB:AB:E7:5A:31:2D:1D:30:66:C3:A4:34:97:AC
Certificate issuer:       /CN=fe8199e8345567d8516b788fe2e1d397e27c73a4
Certificate serial:       018D6AFFF6C19E3A2373A582443D144E8512
Authority key identifier: FE:81:99:E8:34:55:67:D8:51:6B:78:8F:E2:E1:D3:97:E2:7C:73:A4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_oGZ6DRVZ9hRa3iP4uHTl-J8c6Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/d09e34-cc11-4394-904d-840ccb34b3f5/1/vk3CKoTe-6vnWjEtHTBmw6Q0l6w.roa
Signing time:             Fri 02 Feb 2024 18:06:16 +0000
ROA not before:           Fri 02 Feb 2024 18:06:16 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     51430
IP address blocks:        176.67.83.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 02 Feb 2024 21:23:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:6a:ff:f6:c1:9e:3a:23:73:a5:82:44:3d:14:4e:85:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fe8199e8345567d8516b788fe2e1d397e27c73a4
        Validity
            Not Before: Feb  2 18:06:16 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=be4dc22a84defbabe75a312d1d3066c3a43497ac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:95:fa:ca:f5:cd:30:98:10:d0:68:43:a6:e1:
                    dc:18:79:52:8e:07:75:ed:60:76:a1:7a:9c:09:fc:
                    b9:e5:73:f8:57:f8:3c:26:01:55:fe:81:39:80:b6:
                    62:c6:aa:2c:03:d8:71:a5:1c:a0:23:da:e5:91:32:
                    7e:7c:7e:9d:04:51:87:dc:01:9b:0c:e4:6b:15:62:
                    8e:bf:e4:b8:86:21:cf:d6:23:9e:0b:bd:2e:d8:e7:
                    79:f8:9a:ab:a1:8f:03:73:54:a3:9e:db:28:85:03:
                    f2:5a:f0:6e:bd:cf:82:f6:76:ff:9f:de:28:17:f3:
                    88:bc:36:d6:eb:d2:46:f2:65:2b:48:ea:cd:50:e2:
                    ad:02:7e:30:40:7e:e2:20:45:b4:da:ad:b0:9a:db:
                    54:33:3b:de:8f:41:0f:33:25:01:b0:57:57:fb:1e:
                    a9:8d:07:ff:2f:69:8c:91:b8:3b:d5:dc:87:02:e6:
                    d6:de:91:89:21:6d:a9:83:23:9c:40:f3:9a:2b:9f:
                    1c:3f:a1:07:49:bc:43:a9:ba:1e:fe:2d:c8:5c:0e:
                    8c:20:45:76:58:5b:04:74:11:f6:af:6e:ec:e8:e4:
                    14:5d:8d:09:49:4a:b2:db:23:63:08:ec:6b:76:07:
                    a2:30:bb:9f:33:48:6c:64:e0:d1:10:e0:2a:60:a0:
                    5c:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:4D:C2:2A:84:DE:FB:AB:E7:5A:31:2D:1D:30:66:C3:A4:34:97:AC
            X509v3 Authority Key Identifier:
                keyid:FE:81:99:E8:34:55:67:D8:51:6B:78:8F:E2:E1:D3:97:E2:7C:73:A4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_oGZ6DRVZ9hRa3iP4uHTl-J8c6Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/d09e34-cc11-4394-904d-840ccb34b3f5/1/vk3CKoTe-6vnWjEtHTBmw6Q0l6w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/d09e34-cc11-4394-904d-840ccb34b3f5/1/_oGZ6DRVZ9hRa3iP4uHTl-J8c6Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.67.83.0/24

    Signature Algorithm: sha256WithRSAEncryption
         33:f2:02:15:04:8b:70:51:94:5a:bb:f6:e0:40:7f:e5:07:fc:
         2b:bc:f9:61:06:e9:ac:13:df:c7:71:cc:9d:69:23:a5:2a:05:
         3d:93:38:0a:b6:f9:9b:ba:b8:40:96:71:d9:4a:1a:95:40:bf:
         9b:a2:0d:38:ce:ba:4b:7c:6d:2a:b4:63:9e:70:bb:44:f2:59:
         56:13:80:e2:c0:e1:90:4f:a4:8a:da:d6:a1:d7:46:64:74:0d:
         0d:ff:f1:a2:b4:e8:91:a6:aa:07:64:a7:06:d3:76:e1:97:43:
         33:86:bf:b2:2d:a0:78:cb:93:60:73:b3:8e:aa:ad:00:3d:96:
         71:b2:f0:10:e5:6a:af:2d:2f:1f:75:43:24:a5:79:d5:5c:72:
         86:b4:8e:9c:28:ad:0a:b0:37:72:88:f0:e8:2b:ca:5f:ab:44:
         f3:ed:56:7d:34:df:de:f5:2d:c6:b7:6b:30:0f:0a:fd:de:d5:
         be:9e:a6:ff:7c:4e:f1:c3:12:7f:f4:3f:73:53:a4:cf:1b:c0:
         61:97:40:5b:4d:c3:00:66:dd:e0:0f:14:99:db:71:a3:47:af:
         4a:db:1a:a6:15:f2:7a:4a:21:8b:6c:ea:d9:6c:03:b0:6c:ca:
         96:0f:91:70:80:f0:e1:b7:ec:53:fd:33:be:df:da:38:7f:db:
         b5:eb:2e:48
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY1q//bBnjojc6WCRD0UToUSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlODE5OWU4MzQ1NTY3ZDg1MTZiNzg4ZmUyZTFkMzk3ZTI3
YzczYTQwHhcNMjQwMjAyMTgwNjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTRkYzIyYTg0ZGVmYmFiZTc1YTMxMmQxZDMwNjZjM2E0MzQ5N2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAupX6yvXNMJgQ0GhDpuHcGHlSjgd1
7WB2oXqcCfy55XP4V/g8JgFV/oE5gLZixqosA9hxpRygI9rlkTJ+fH6dBFGH3AGb
DORrFWKOv+S4hiHP1iOeC70u2Od5+JqroY8Dc1SjntsohQPyWvBuvc+C9nb/n94o
F/OIvDbW69JG8mUrSOrNUOKtAn4wQH7iIEW02q2wmttUMzvej0EPMyUBsFdX+x6p
jQf/L2mMkbg71dyHAubW3pGJIW2pgyOcQPOaK58cP6EHSbxDqboe/i3IXA6MIEV2
WFsEdBH2r27s6OQUXY0JSUqy2yNjCOxrdgeiMLufM0hsZODREOAqYKBcAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL5NwiqE3vur51oxLR0wZsOkNJesMB8GA1UdIwQY
MBaAFP6Bmeg0VWfYUWt4j+Lh05fifHOkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX29HWjZEUlZaOWhSYTNpUDR1SFRsLUo4YzZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9kMDllMzQtY2MxMS00Mzk0LTkwNGQt
ODQwY2NiMzRiM2Y1LzEvdmszQ0tvVGUtNnZuV2pFdEhUQm13NlEwbDZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9kMDllMzQtY2MxMS00Mzk0LTkwNGQtODQwY2NiMzRiM2Y1
LzEvX29HWjZEUlZaOWhSYTNpUDR1SFRsLUo4YzZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsENTMA0G
CSqGSIb3DQEBCwUAA4IBAQAz8gIVBItwUZRau/bgQH/lB/wrvPlhBumsE9/Hccyd
aSOlKgU9kzgKtvmburhAlnHZShqVQL+bog04zrpLfG0qtGOecLtE8llWE4DiwOGQ
T6SK2tah10ZkdA0N//GitOiRpqoHZKcG03bhl0Mzhr+yLaB4y5Ngc7OOqq0APZZx
svAQ5WqvLS8fdUMkpXnVXHKGtI6cKK0KsDdyiPDoK8pfq0Tz7VZ9NN/e9S3Gt2sw
Dwr93tW+nqb/fE7xwxJ/9D9zU6TPG8Bhl0BbTcMAZt3gDxSZ23GjR69K2xqmFfJ6
SiGLbOrZbAOwbMqWD5FwgPDht+xT/TO+39o4f9u16y5I
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:38 2024 by rpki-client on console-ams.rpki-client.org