Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/CSP5Plywll4JbWtNFWkwgvniEnY.roa
File:                     CSP5Plywll4JbWtNFWkwgvniEnY.roa (raw, json)
Hash identifier:          Uz793V8CWZ/e7RpdQhRHivCKARdmiESWSFX53XS9RII=
Subject key identifier:   09:23:F9:3E:5C:B0:96:5E:09:6D:6B:4D:15:69:30:82:F9:E2:12:76
Certificate issuer:       /CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Certificate serial:       018B17DC028BF326D37AA7449C90EFCDC4E3
Authority key identifier: 81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/CSP5Plywll4JbWtNFWkwgvniEnY.roa
Signing time:             Tue 10 Oct 2023 04:32:56 +0000
ROA not before:           Tue 10 Oct 2023 04:32:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212238
IP address blocks:        83.147.44.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Sun 15 Oct 2023 03:57:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:17:dc:02:8b:f3:26:d3:7a:a7:44:9c:90:ef:cd:c4:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
        Validity
            Not Before: Oct 10 04:32:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0923f93e5cb0965e096d6b4d15693082f9e21276
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:d0:44:a7:4d:8b:a6:d5:8b:51:3c:be:e7:a8:
                    39:67:a2:3a:0b:0d:5c:39:d4:de:7f:5d:49:c4:43:
                    93:0b:db:c4:f1:9b:23:08:17:d2:fe:38:88:b5:ba:
                    0f:40:f7:87:c9:07:86:b7:94:72:78:c8:4d:e6:87:
                    cc:f3:be:55:76:dd:a3:51:e3:a6:78:96:e0:96:c6:
                    5b:30:a3:d6:cc:ad:6a:b8:a3:1b:a5:c6:37:03:a5:
                    2a:a6:22:2f:18:3f:a7:38:ad:e2:c5:15:3c:19:59:
                    70:d1:f0:39:21:bc:5c:53:5d:6f:07:81:84:25:fe:
                    95:55:14:e7:2c:b9:4c:b4:8c:ee:8e:51:5e:47:5a:
                    ed:07:15:96:18:6a:2a:d0:a0:59:1d:fa:75:ca:db:
                    60:06:87:49:78:1d:f4:4f:7f:82:bb:10:44:2d:cf:
                    d0:e0:d5:54:ce:3a:73:47:0c:f3:da:82:1f:6d:1c:
                    c0:f9:c2:2f:67:98:72:cd:e7:29:a8:13:63:a0:c7:
                    e5:da:a0:f8:28:1b:55:64:a3:03:1e:38:29:ea:26:
                    ea:12:b0:50:d6:89:26:93:f9:e9:32:f1:ff:a3:f0:
                    0c:6b:b1:b5:b0:a1:cf:91:40:fd:50:3e:f9:28:74:
                    eb:49:f5:36:e5:32:30:ef:8f:56:88:d4:63:6e:60:
                    5b:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:23:F9:3E:5C:B0:96:5E:09:6D:6B:4D:15:69:30:82:F9:E2:12:76
            X509v3 Authority Key Identifier:
                keyid:81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/CSP5Plywll4JbWtNFWkwgvniEnY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/gZP_6ds3YmsT-F18xFeq1cHzDJ8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  83.147.44.0/22

    Signature Algorithm: sha256WithRSAEncryption
         16:ba:73:68:40:9b:11:a8:ea:06:da:5b:85:e9:40:7a:89:c9:
         4f:75:ae:44:45:bc:46:f5:58:f3:c5:4f:43:31:0f:ac:44:4a:
         91:25:24:b1:bf:c3:c5:fc:ed:35:54:da:f3:5a:7f:a2:ff:9e:
         0e:00:60:f2:a2:23:52:1f:2e:f4:5d:b4:08:b8:43:b2:5f:18:
         34:d1:e3:15:8d:2f:19:25:6c:7e:24:94:f1:0b:4d:fa:45:1e:
         bf:83:eb:c9:79:ee:00:07:b6:41:06:d1:90:33:3c:29:f6:e0:
         fc:21:b7:de:5c:dc:59:3a:aa:c8:bc:bd:e9:0b:45:be:37:3b:
         af:5f:fb:cf:87:fd:5c:9b:08:ef:ea:9d:1d:f7:be:fc:66:47:
         a2:25:f4:69:80:ce:b3:1e:c0:6e:c6:81:49:c6:a0:1b:e8:44:
         70:2e:67:f0:8c:d6:c1:6e:1a:c9:22:8e:a7:4c:3c:b1:39:76:
         9c:f7:84:b1:d4:6b:df:a5:38:b8:1d:42:4c:61:d7:50:de:81:
         af:b9:98:37:d0:c3:77:77:ac:61:1a:48:fa:19:7f:33:6d:49:
         54:da:74:ee:26:21:4d:0e:ec:88:81:61:cc:3f:e1:c3:07:26:
         ef:36:0d:30:9a:5f:52:58:2b:1a:24:32:eb:07:22:19:b1:1f:
         4c:52:55:c8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYsX3AKL8ybTeqdEnJDvzcTjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxOTNmZmU5ZGIzNzYyNmIxM2Y4NWQ3Y2M0NTdhYWQ1YzFm
MzBjOWYwHhcNMjMxMDEwMDQzMjU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTIzZjkzZTVjYjA5NjVlMDk2ZDZiNGQxNTY5MzA4MmY5ZTIxMjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi9BEp02LptWLUTy+56g5Z6I6Cw1c
OdTef11JxEOTC9vE8ZsjCBfS/jiItboPQPeHyQeGt5RyeMhN5ofM875Vdt2jUeOm
eJbglsZbMKPWzK1quKMbpcY3A6UqpiIvGD+nOK3ixRU8GVlw0fA5IbxcU11vB4GE
Jf6VVRTnLLlMtIzujlFeR1rtBxWWGGoq0KBZHfp1yttgBodJeB30T3+CuxBELc/Q
4NVUzjpzRwzz2oIfbRzA+cIvZ5hyzecpqBNjoMfl2qD4KBtVZKMDHjgp6ibqErBQ
1okmk/npMvH/o/AMa7G1sKHPkUD9UD75KHTrSfU25TIw749WiNRjbmBb6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAkj+T5csJZeCW1rTRVpMIL54hJ2MB8GA1UdIwQY
MBaAFIGT/+nbN2JrE/hdfMRXqtXB8wyfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODkt
MDhkMTI3MGMyZTcxLzEvQ1NQNVBseXdsbDRKYld0TkZXa3dndm5pRW5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODktMDhkMTI3MGMyZTcx
LzEvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCU5MsMA0G
CSqGSIb3DQEBCwUAA4IBAQAWunNoQJsRqOoG2luF6UB6iclPda5ERbxG9VjzxU9D
MQ+sREqRJSSxv8PF/O01VNrzWn+i/54OAGDyoiNSHy70XbQIuEOyXxg00eMVjS8Z
JWx+JJTxC036RR6/g+vJee4AB7ZBBtGQMzwp9uD8IbfeXNxZOqrIvL3pC0W+Nzuv
X/vPh/1cmwjv6p0d9778ZkeiJfRpgM6zHsBuxoFJxqAb6ERwLmfwjNbBbhrJIo6n
TDyxOXac94Sx1GvfpTi4HUJMYddQ3oGvuZg30MN3d6xhGkj6GX8zbUlU2nTuJiFN
DuyIgWHMP+HDBybvNg0wml9SWCsaJDLrByIZsR9MUlXI
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:01 2024 by rpki-client on console-ams.rpki-client.org