Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/hGqRqeTMBpIiOqBR1aKL2yHVPMg.roa
File:                     hGqRqeTMBpIiOqBR1aKL2yHVPMg.roa (raw, json)
Hash identifier:          1rYFZa0zZhd4HjH2venS/ILjYbOCOltVH8o32fof0nM=
Subject key identifier:   84:6A:91:A9:E4:CC:06:92:22:3A:A0:51:D5:A2:8B:DB:21:D5:3C:C8
Certificate issuer:       /CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Certificate serial:       018E05E3F20E17BB32D94A7B452EAB2FFF05
Authority key identifier: 81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/hGqRqeTMBpIiOqBR1aKL2yHVPMg.roa
Signing time:             Sun 03 Mar 2024 19:56:48 +0000
ROA not before:           Sun 03 Mar 2024 19:56:48 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        83.147.0.0/22 maxlen: 24
                          83.147.21.0/24 maxlen: 24
                          83.147.48.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Thu 14 Mar 2024 05:04:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:05:e3:f2:0e:17:bb:32:d9:4a:7b:45:2e:ab:2f:ff:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
        Validity
            Not Before: Mar  3 19:56:48 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=846a91a9e4cc0692223aa051d5a28bdb21d53cc8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:fd:be:aa:91:09:1b:a7:af:82:56:c3:16:8c:
                    40:8c:6f:d1:01:92:90:c8:31:17:c1:03:99:96:c3:
                    f5:ba:96:1c:b4:85:3d:92:7d:f0:d8:7c:b0:ff:88:
                    1a:2d:f0:2b:15:bf:cd:c9:eb:bb:eb:f9:f7:ef:2d:
                    b4:3c:32:91:c1:a2:c7:d5:a4:db:bd:45:32:38:51:
                    c0:47:43:6e:93:05:27:92:7e:69:b0:70:9b:15:96:
                    fb:91:9f:07:70:51:ff:36:8f:6c:18:f1:f6:73:7a:
                    df:45:94:b6:8a:22:35:1d:9a:58:0e:44:65:a4:2f:
                    92:7f:e4:39:34:58:bd:72:fe:67:81:ed:fa:c9:d8:
                    d6:93:9b:87:64:56:a8:13:31:bb:7a:7e:8a:69:7d:
                    e4:8a:18:df:76:a5:be:b1:95:7f:5f:ec:36:99:af:
                    94:6b:b5:b6:0c:68:67:9b:c7:73:60:15:48:13:f4:
                    b7:4d:96:68:d8:88:0f:41:09:c5:6f:d3:4e:7d:38:
                    81:97:2b:04:f0:4b:70:25:71:b2:e4:69:e5:5e:e3:
                    f9:c9:78:c6:9b:a1:ce:6d:00:78:4a:89:0e:08:8a:
                    e8:3c:b1:31:d8:ec:1f:bd:25:c2:e5:ee:eb:6d:2a:
                    b4:ce:a6:13:f4:55:4c:cf:da:9f:2b:d4:da:4b:ae:
                    ce:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:6A:91:A9:E4:CC:06:92:22:3A:A0:51:D5:A2:8B:DB:21:D5:3C:C8
            X509v3 Authority Key Identifier:
                keyid:81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/hGqRqeTMBpIiOqBR1aKL2yHVPMg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/gZP_6ds3YmsT-F18xFeq1cHzDJ8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  83.147.0.0/22
                  83.147.21.0/24
                  83.147.48.0/22

    Signature Algorithm: sha256WithRSAEncryption
         38:a0:89:d9:6f:dc:fb:5e:c4:27:ff:85:67:77:03:6e:6f:6f:
         a3:23:2f:50:12:7b:1f:cb:83:74:78:ee:0b:7a:8f:66:d8:86:
         12:7a:be:79:dd:ae:f5:05:83:61:2b:58:0f:4f:fc:f9:42:cd:
         d9:5f:e6:bd:f1:df:39:6d:69:45:32:37:ee:99:6f:bd:93:58:
         52:14:05:3e:4b:ff:28:96:dc:71:0e:a9:ea:c8:62:b3:b8:74:
         82:e8:00:7e:f6:c1:0d:e2:0f:1b:e1:f0:13:7d:2f:64:92:59:
         ad:70:b3:63:cb:63:90:69:c4:0b:a1:a9:1c:53:3f:9c:b0:e7:
         bc:b0:e1:f8:0f:79:01:60:3b:4c:31:c4:15:dd:54:41:da:f6:
         56:5c:60:6a:4a:6d:10:46:7f:75:05:2c:38:1a:5a:a0:e9:05:
         71:31:5d:53:1f:03:ba:20:9d:ac:69:25:10:d3:0a:d6:09:a2:
         11:d9:4f:c2:dc:59:4b:eb:ed:2c:14:2e:59:5f:16:5a:f3:66:
         66:f5:45:71:d7:38:05:fd:9f:a2:8a:ad:b1:96:88:f5:96:fc:
         10:3e:16:32:0f:b8:73:5f:6c:38:1b:c0:5a:55:38:0f:30:72:
         30:7b:a0:7a:7a:5d:b1:1c:70:ea:b3:42:91:57:9b:da:ff:66:
         9a:27:f7:cd
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY4F4/IOF7sy2Up7RS6rL/8FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxOTNmZmU5ZGIzNzYyNmIxM2Y4NWQ3Y2M0NTdhYWQ1YzFm
MzBjOWYwHhcNMjQwMzAzMTk1NjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDZhOTFhOWU0Y2MwNjkyMjIzYWEwNTFkNWEyOGJkYjIxZDUzY2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1P2+qpEJG6evglbDFoxAjG/RAZKQ
yDEXwQOZlsP1upYctIU9kn3w2Hyw/4gaLfArFb/Nyeu76/n37y20PDKRwaLH1aTb
vUUyOFHAR0NukwUnkn5psHCbFZb7kZ8HcFH/No9sGPH2c3rfRZS2iiI1HZpYDkRl
pC+Sf+Q5NFi9cv5nge36ydjWk5uHZFaoEzG7en6KaX3kihjfdqW+sZV/X+w2ma+U
a7W2DGhnm8dzYBVIE/S3TZZo2IgPQQnFb9NOfTiBlysE8EtwJXGy5GnlXuP5yXjG
m6HObQB4SokOCIroPLEx2OwfvSXC5e7rbSq0zqYT9FVMz9qfK9TaS67OhwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIRqkankzAaSIjqgUdWii9sh1TzIMB8GA1UdIwQY
MBaAFIGT/+nbN2JrE/hdfMRXqtXB8wyfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODkt
MDhkMTI3MGMyZTcxLzEvaEdxUnFlVE1CcElpT3FCUjFhS0wyeUhWUE1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODktMDhkMTI3MGMyZTcx
LzEvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCU5MAAwQA
U5MVAwQCU5MwMA0GCSqGSIb3DQEBCwUAA4IBAQA4oInZb9z7XsQn/4VndwNub2+j
Iy9QEnsfy4N0eO4Leo9m2IYSer553a71BYNhK1gPT/z5Qs3ZX+a98d85bWlFMjfu
mW+9k1hSFAU+S/8oltxxDqnqyGKzuHSC6AB+9sEN4g8b4fATfS9kklmtcLNjy2OQ
acQLoakcUz+csOe8sOH4D3kBYDtMMcQV3VRB2vZWXGBqSm0QRn91BSw4Glqg6QVx
MV1THwO6IJ2saSUQ0wrWCaIR2U/C3FlL6+0sFC5ZXxZa82Zm9UVx1zgF/Z+iiq2x
loj1lvwQPhYyD7hzX2w4G8BaVTgPMHIwe6B6el2xHHDqs0KRV5va/2aaJ/fN
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:01 2024 by rpki-client on console-ams.rpki-client.org