Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/hQ243sYts2b_ypKoDsRf4gMQXwg.roa
File:                     hQ243sYts2b_ypKoDsRf4gMQXwg.roa (raw, json)
Hash identifier:          gg2Y1/X9WeJqo3e4ZthkcEqeWpApysfmPc+OrH63cK8=
Subject key identifier:   85:0D:B8:DE:C6:2D:B3:66:FF:CA:92:A8:0E:C4:5F:E2:03:10:5F:08
Certificate issuer:       /CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Certificate serial:       0187D06438FF8C2B6CF7C72B7319E645B23B
Authority key identifier: 81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/hQ243sYts2b_ypKoDsRf4gMQXwg.roa
Signing time:             Sun 30 Apr 2023 04:20:41 +0000
ROA not before:           Sun 30 Apr 2023 04:20:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     57043
IP address blocks:        83.147.9.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 29 May 2023 04:02:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:d0:64:38:ff:8c:2b:6c:f7:c7:2b:73:19:e6:45:b2:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
        Validity
            Not Before: Apr 30 04:20:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=850db8dec62db366ffca92a80ec45fe203105f08
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:d4:08:0c:f3:c8:d8:08:9f:de:38:b1:d7:2d:
                    9a:3b:b9:71:f2:5d:48:f7:41:58:72:d2:be:f2:17:
                    b5:3a:c4:da:78:42:54:0e:ae:c9:8a:7d:5f:71:ac:
                    09:45:28:a3:11:e1:43:4e:1f:4c:a3:cd:a5:7b:43:
                    ad:f3:2e:93:20:5f:92:3e:06:c3:05:37:f4:2d:47:
                    0c:b1:27:db:e2:31:14:e9:07:a7:ac:ab:23:a0:d6:
                    3b:c8:a7:c0:2b:ef:83:d8:1a:10:72:bb:52:ba:e8:
                    3c:67:70:49:bb:60:20:a6:3b:6d:0d:01:c9:e6:39:
                    fc:7f:98:08:b1:d2:41:1e:81:5d:74:e6:6e:c7:e8:
                    1d:b2:d1:ff:54:1d:e6:53:e3:14:f8:52:7e:a6:64:
                    25:49:b1:a3:d8:92:0a:3e:eb:2d:ea:e4:6e:cc:23:
                    31:9c:08:b4:93:71:3e:40:ea:67:16:76:c6:91:e5:
                    0a:7e:93:b7:5c:f5:55:2e:54:da:62:a3:9c:32:9b:
                    10:24:1b:d4:10:73:00:f3:ab:3b:2e:7e:be:a9:44:
                    f6:aa:b5:1b:bc:dd:77:00:d2:da:5f:52:d3:bd:1c:
                    29:70:a0:bc:26:b5:4b:17:26:04:7d:1b:83:fd:a8:
                    e8:f5:26:10:85:cc:4f:cb:dc:e1:7a:cd:53:69:d5:
                    4a:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:0D:B8:DE:C6:2D:B3:66:FF:CA:92:A8:0E:C4:5F:E2:03:10:5F:08
            X509v3 Authority Key Identifier:
                keyid:81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/hQ243sYts2b_ypKoDsRf4gMQXwg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/gZP_6ds3YmsT-F18xFeq1cHzDJ8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  83.147.9.0/24

    Signature Algorithm: sha256WithRSAEncryption
         76:b9:a5:f0:e2:cf:95:4d:99:25:58:d8:0e:b3:2f:45:a6:38:
         d6:f2:5e:47:86:fa:de:26:fb:2c:b2:45:89:44:b8:46:d2:e4:
         15:ad:90:59:2c:09:a5:a1:89:76:ae:34:dd:c9:37:e6:33:43:
         73:07:49:da:29:8f:e0:ca:df:83:07:f0:b7:c0:cd:5c:17:27:
         68:12:60:cc:ae:40:35:e6:2f:25:5f:eb:6a:c0:a2:6d:7f:cf:
         bb:c1:57:75:87:8d:c4:8f:5a:a8:37:fc:07:56:20:27:f1:90:
         7b:17:f9:bd:7a:e0:5c:78:bd:ef:1d:6a:8d:42:c3:69:8b:02:
         2e:0e:e8:68:3c:d7:93:8b:75:d8:78:93:a0:e0:ea:5d:d4:74:
         06:f7:1c:38:84:85:c0:de:46:ed:99:d6:03:bc:08:fa:1b:0f:
         ed:fc:20:df:04:bb:f7:c0:d1:c7:9a:e1:4b:41:03:56:da:80:
         48:f9:76:ba:80:37:53:12:fa:d5:03:2c:85:0c:75:51:94:60:
         e2:68:5f:8a:65:81:34:4a:32:83:d1:30:2c:fc:d5:37:78:8d:
         7f:ea:10:4b:5c:63:82:e1:f9:d4:b0:47:05:e7:10:91:f0:3c:
         53:cf:15:ee:2b:31:09:a4:8d:8d:1d:31:e6:5b:9d:5b:97:df:
         ea:c8:12:57
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYfQZDj/jCts98crcxnmRbI7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxOTNmZmU5ZGIzNzYyNmIxM2Y4NWQ3Y2M0NTdhYWQ1YzFm
MzBjOWYwHhcNMjMwNDMwMDQyMDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTBkYjhkZWM2MmRiMzY2ZmZjYTkyYTgwZWM0NWZlMjAzMTA1ZjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApdQIDPPI2Aif3jix1y2aO7lx8l1I
90FYctK+8he1OsTaeEJUDq7Jin1fcawJRSijEeFDTh9Mo82le0Ot8y6TIF+SPgbD
BTf0LUcMsSfb4jEU6QenrKsjoNY7yKfAK++D2BoQcrtSuug8Z3BJu2AgpjttDQHJ
5jn8f5gIsdJBHoFddOZux+gdstH/VB3mU+MU+FJ+pmQlSbGj2JIKPust6uRuzCMx
nAi0k3E+QOpnFnbGkeUKfpO3XPVVLlTaYqOcMpsQJBvUEHMA86s7Ln6+qUT2qrUb
vN13ANLaX1LTvRwpcKC8JrVLFyYEfRuD/ajo9SYQhcxPy9zhes1TadVKcQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIUNuN7GLbNm/8qSqA7EX+IDEF8IMB8GA1UdIwQY
MBaAFIGT/+nbN2JrE/hdfMRXqtXB8wyfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODkt
MDhkMTI3MGMyZTcxLzEvaFEyNDNzWXRzMmJfeXBLb0RzUmY0Z01RWHdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODktMDhkMTI3MGMyZTcx
LzEvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAU5MJMA0G
CSqGSIb3DQEBCwUAA4IBAQB2uaXw4s+VTZklWNgOsy9FpjjW8l5HhvreJvssskWJ
RLhG0uQVrZBZLAmloYl2rjTdyTfmM0NzB0naKY/gyt+DB/C3wM1cFydoEmDMrkA1
5i8lX+tqwKJtf8+7wVd1h43Ej1qoN/wHViAn8ZB7F/m9euBceL3vHWqNQsNpiwIu
DuhoPNeTi3XYeJOg4Opd1HQG9xw4hIXA3kbtmdYDvAj6Gw/t/CDfBLv3wNHHmuFL
QQNW2oBI+Xa6gDdTEvrVAyyFDHVRlGDiaF+KZYE0SjKD0TAs/NU3eI1/6hBLXGOC
4fnUsEcF5xCR8DxTzxXuKzEJpI2NHTHmW51bl9/qyBJX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:50 2024 by rpki-client on console-fra.rpki-client.org