Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/1373a0-8c3d-4283-a5ce-822ea43dc18d/1/DSgqT_wkzYZ7lVXvP0wbEJfZ9f4.roa
File:                     DSgqT_wkzYZ7lVXvP0wbEJfZ9f4.roa (raw, json)
Hash identifier:          Xp86EASZBmk5UAm1oK5O39C2XtVVLLPCcWtHV8hT9iw=
Subject key identifier:   0D:28:2A:4F:FC:24:CD:86:7B:95:55:EF:3F:4C:1B:10:97:D9:F5:FE
Certificate issuer:       /CN=dbbf37909ce17ba53ad90a8632377a5d938743e5
Certificate serial:       018CFEBF533422C03C7F044B355296783CE9
Authority key identifier: DB:BF:37:90:9C:E1:7B:A5:3A:D9:0A:86:32:37:7A:5D:93:87:43:E5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2783kJzhe6U62QqGMjd6XZOHQ-U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/1373a0-8c3d-4283-a5ce-822ea43dc18d/1/DSgqT_wkzYZ7lVXvP0wbEJfZ9f4.roa
Signing time:             Fri 12 Jan 2024 17:36:40 +0000
ROA not before:           Fri 12 Jan 2024 17:36:40 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     271791
IP address blocks:        82.86.104.0/21 maxlen: 21

Validation:               Failed, certificate revoked on Wed 08 May 2024 08:04:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:fe:bf:53:34:22:c0:3c:7f:04:4b:35:52:96:78:3c:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dbbf37909ce17ba53ad90a8632377a5d938743e5
        Validity
            Not Before: Jan 12 17:36:40 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=0d282a4ffc24cd867b9555ef3f4c1b1097d9f5fe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:c3:d7:e8:28:dd:45:06:43:7d:45:b1:e4:76:
                    28:c0:29:6c:c7:36:5b:53:e3:37:e2:cf:87:6c:ff:
                    22:5c:8a:98:ac:f5:a7:12:b7:b1:e4:a2:8e:d2:29:
                    2e:38:b5:da:4e:11:6d:40:ce:ab:3b:81:4d:ae:1d:
                    3d:c4:3d:b4:47:2b:f6:5c:4f:67:8b:03:bd:28:b7:
                    94:be:75:79:4d:a5:ee:86:86:5f:91:31:80:58:70:
                    0c:c8:30:ad:29:f8:b8:70:56:2c:78:f6:ac:03:9a:
                    f4:9e:b6:a5:20:e6:ee:23:2a:5d:f2:e4:cf:a5:ab:
                    4d:1a:0f:26:98:12:bc:db:f4:54:d9:0d:41:cf:10:
                    e8:4f:5a:ab:23:95:a9:bf:fb:b5:6c:b9:06:7b:31:
                    49:67:71:cf:7b:2c:59:54:b9:e0:c5:84:94:f6:75:
                    b0:c2:c9:78:aa:95:80:b5:41:66:16:a4:ab:24:38:
                    9c:47:ed:b3:18:5c:1b:6f:99:fc:09:01:92:4b:35:
                    07:ba:4d:18:eb:46:a8:09:dd:e9:cd:31:30:26:0a:
                    a3:65:52:fa:bf:d5:8a:74:da:cf:7d:d9:3a:a2:20:
                    b6:2e:a9:88:45:10:94:c4:1a:b2:8f:4f:e0:1e:08:
                    ea:3d:e3:06:cf:ab:25:bd:9e:d2:78:35:9f:a8:95:
                    4d:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:28:2A:4F:FC:24:CD:86:7B:95:55:EF:3F:4C:1B:10:97:D9:F5:FE
            X509v3 Authority Key Identifier:
                keyid:DB:BF:37:90:9C:E1:7B:A5:3A:D9:0A:86:32:37:7A:5D:93:87:43:E5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2783kJzhe6U62QqGMjd6XZOHQ-U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/1373a0-8c3d-4283-a5ce-822ea43dc18d/1/DSgqT_wkzYZ7lVXvP0wbEJfZ9f4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/1373a0-8c3d-4283-a5ce-822ea43dc18d/1/2783kJzhe6U62QqGMjd6XZOHQ-U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.86.104.0/21

    Signature Algorithm: sha256WithRSAEncryption
         9a:c4:f8:69:6a:da:87:99:34:28:b2:f9:93:17:71:62:2c:e5:
         64:73:ee:69:57:89:c5:c2:cf:0f:2d:80:d9:44:24:0f:56:36:
         f2:21:a2:11:43:71:95:bf:82:14:6d:a1:51:b2:ba:d4:74:ee:
         8e:75:81:86:84:20:b2:4b:5c:99:b5:eb:e5:3b:28:1a:73:f7:
         a8:46:7d:e2:07:df:84:67:40:b3:10:b6:34:08:e9:a3:09:16:
         ce:6f:9f:e2:8b:15:e5:47:45:94:4f:ef:50:e1:e9:52:c0:96:
         cd:78:c1:30:e9:3f:d4:74:28:57:5d:3e:36:43:15:b5:08:1c:
         0e:d1:72:6a:dd:94:03:63:bf:e6:d6:c0:e6:89:57:b1:19:52:
         8b:d2:95:de:53:0b:f4:ee:95:93:ab:75:75:c7:5a:d5:6b:87:
         40:f3:e4:51:80:95:3a:7b:80:7c:c8:b9:8d:7e:fa:48:d8:7b:
         4e:d6:0b:b5:9f:12:68:b3:0b:46:f9:c7:b7:47:38:cc:a2:24:
         1f:09:11:3b:6b:cb:93:1d:f9:2c:c0:9d:de:bb:a3:fb:20:19:
         a3:13:4c:f2:34:40:b1:04:7b:95:c1:f2:18:88:e1:0d:83:fa:
         44:75:7a:37:e5:f3:68:27:a4:0e:ee:92:ea:e6:d9:6c:78:e8:
         a9:55:d9:7a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYz+v1M0IsA8fwRLNVKWeDzpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiYmYzNzkwOWNlMTdiYTUzYWQ5MGE4NjMyMzc3YTVkOTM4
NzQzZTUwHhcNMjQwMTEyMTczNjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDI4MmE0ZmZjMjRjZDg2N2I5NTU1ZWYzZjRjMWIxMDk3ZDlmNWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtsPX6CjdRQZDfUWx5HYowClsxzZb
U+M34s+HbP8iXIqYrPWnErex5KKO0ikuOLXaThFtQM6rO4FNrh09xD20Ryv2XE9n
iwO9KLeUvnV5TaXuhoZfkTGAWHAMyDCtKfi4cFYsePasA5r0nralIObuIypd8uTP
patNGg8mmBK82/RU2Q1BzxDoT1qrI5Wpv/u1bLkGezFJZ3HPeyxZVLngxYSU9nWw
wsl4qpWAtUFmFqSrJDicR+2zGFwbb5n8CQGSSzUHuk0Y60aoCd3pzTEwJgqjZVL6
v9WKdNrPfdk6oiC2LqmIRRCUxBqyj0/gHgjqPeMGz6slvZ7SeDWfqJVNSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA0oKk/8JM2Ge5VV7z9MGxCX2fX+MB8GA1UdIwQY
MBaAFNu/N5Cc4XulOtkKhjI3el2Th0PlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjc4M2tKemhlNlU2MlFxR01qZDZYWk9IUS1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC8xMzczYTAtOGMzZC00MjgzLWE1Y2Ut
ODIyZWE0M2RjMThkLzEvRFNncVRfd2t6WVo3bFZYdlAwd2JFSmZaOWY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC8xMzczYTAtOGMzZC00MjgzLWE1Y2UtODIyZWE0M2RjMThk
LzEvMjc4M2tKemhlNlU2MlFxR01qZDZYWk9IUS1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDUlZoMA0G
CSqGSIb3DQEBCwUAA4IBAQCaxPhpatqHmTQosvmTF3FiLOVkc+5pV4nFws8PLYDZ
RCQPVjbyIaIRQ3GVv4IUbaFRsrrUdO6OdYGGhCCyS1yZtevlOygac/eoRn3iB9+E
Z0CzELY0COmjCRbOb5/iixXlR0WUT+9Q4elSwJbNeMEw6T/UdChXXT42QxW1CBwO
0XJq3ZQDY7/m1sDmiVexGVKL0pXeUwv07pWTq3V1x1rVa4dA8+RRgJU6e4B8yLmN
fvpI2HtO1gu1nxJoswtG+ce3RzjMoiQfCRE7a8uTHfkswJ3eu6P7IBmjE0zyNECx
BHuVwfIYiOENg/pEdXo35fNoJ6QO7pLq5tlseOipVdl6
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:51 2024 by rpki-client on console-ams.rpki-client.org