Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/D2w3tYjlcz6uxgnsnCVDgSaJBiQ.roa
File:                     D2w3tYjlcz6uxgnsnCVDgSaJBiQ.roa (raw, json)
Hash identifier:          g34jNIFuBJ6h/CKN2XMWrgtgcnSNAmuHWhVkoE8Cp6Q=
Subject key identifier:   0F:6C:37:B5:88:E5:73:3E:AE:C6:09:EC:9C:25:43:81:26:89:06:24
Certificate issuer:       /CN=722a8c1d311895016108ffbd14575c77cc28773a
Certificate serial:       018837D76C24FA3395F87DEA77A2A5BBF237
Authority key identifier: 72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/D2w3tYjlcz6uxgnsnCVDgSaJBiQ.roa
Signing time:             Sat 20 May 2023 06:27:24 +0000
ROA not before:           Sat 20 May 2023 06:27:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     25211
IP address blocks:        87.246.16.0/21 maxlen: 21

Validation:               Failed, certificate revoked on Tue 04 Jul 2023 05:12:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:37:d7:6c:24:fa:33:95:f8:7d:ea:77:a2:a5:bb:f2:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=722a8c1d311895016108ffbd14575c77cc28773a
        Validity
            Not Before: May 20 06:27:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0f6c37b588e5733eaec609ec9c25438126890624
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:96:a0:4a:63:64:3f:9d:18:37:cc:1b:4a:8d:
                    1e:21:0e:9b:ad:8d:6e:0f:be:be:8b:8a:f0:b1:71:
                    a7:e5:60:25:c6:1d:67:6e:7c:ee:05:16:95:cd:1b:
                    cc:dd:73:89:40:45:28:e6:a2:d6:49:af:f6:97:7d:
                    97:e4:bf:e8:ef:84:58:96:6a:9e:34:73:4d:c6:cd:
                    0b:93:dc:df:7b:dc:40:61:b6:20:5f:5c:af:78:5f:
                    70:5b:8f:d9:b3:22:fc:49:71:64:bb:44:3c:ee:56:
                    8b:15:b3:ec:f1:bb:8b:6d:31:40:37:ad:cb:4c:cf:
                    b7:00:9a:bf:c7:2c:ff:a6:b4:a9:28:27:46:fe:e3:
                    f5:bb:03:ff:e9:97:0f:24:b6:59:2e:43:7d:e1:10:
                    6e:3b:fc:ae:ee:b5:28:a1:80:38:50:3f:3a:ec:72:
                    8f:6f:25:08:95:44:dd:3b:f2:a1:78:f2:9b:2e:c9:
                    ef:b5:93:52:07:33:62:f3:55:1f:d0:d7:b6:47:c8:
                    61:4e:24:75:94:7a:17:69:f7:4c:7a:5f:48:6e:5c:
                    5f:3d:51:d0:8c:18:c6:af:47:41:b5:83:12:b4:0b:
                    92:66:d3:62:87:85:15:1c:6a:2d:d4:4a:ca:df:64:
                    ab:7a:0b:c4:31:b9:60:65:53:4d:c4:fb:e4:ce:08:
                    ea:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:6C:37:B5:88:E5:73:3E:AE:C6:09:EC:9C:25:43:81:26:89:06:24
            X509v3 Authority Key Identifier:
                keyid:72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/D2w3tYjlcz6uxgnsnCVDgSaJBiQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  87.246.16.0/21

    Signature Algorithm: sha256WithRSAEncryption
         a4:29:ee:af:d9:96:44:ee:cb:96:07:fb:cd:be:a6:46:80:26:
         10:d5:7c:e8:a6:34:c0:ab:91:47:c3:35:d0:f0:6c:e2:9c:cf:
         9a:7d:f3:77:37:65:66:9b:23:59:8d:fd:37:5e:34:c9:92:bb:
         0b:22:d7:de:b0:bf:fd:55:5e:0e:a7:3e:86:13:d4:76:20:8d:
         06:2a:70:54:5b:1b:df:ca:3c:d7:30:c5:05:28:f0:9f:09:0f:
         5e:fe:f8:fd:ea:24:2d:0c:84:69:e6:ea:4d:7a:fc:f4:bf:f7:
         f7:73:52:f8:8e:87:00:35:64:14:f8:9b:44:0a:90:c4:cc:fa:
         5e:1e:2c:d6:12:84:5e:4f:a9:51:1b:8c:e3:03:6c:9d:94:fe:
         e7:d5:d6:42:74:d0:19:f5:f5:54:33:b6:2a:d8:ef:d9:5b:7a:
         8e:52:97:ad:f1:e7:c6:c3:f3:82:b1:71:6f:10:e9:8e:e1:a6:
         01:d0:b0:f8:7c:76:3d:3e:d1:a6:ab:57:92:03:47:85:12:49:
         09:cf:98:d2:b4:3f:e5:81:ba:52:61:1d:fa:01:17:ad:b2:2d:
         3e:d4:61:85:07:2f:38:4a:6e:55:b5:5d:ce:b2:fa:62:80:95:
         0b:31:02:08:0c:75:3d:f9:1a:3a:9a:b6:67:57:a9:8e:51:52:
         bb:fd:2f:c1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYg312wk+jOV+H3qd6Klu/I3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMmE4YzFkMzExODk1MDE2MTA4ZmZiZDE0NTc1Yzc3Y2My
ODc3M2EwHhcNMjMwNTIwMDYyNzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjZjMzdiNTg4ZTU3MzNlYWVjNjA5ZWM5YzI1NDM4MTI2ODkwNjI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp5agSmNkP50YN8wbSo0eIQ6brY1u
D76+i4rwsXGn5WAlxh1nbnzuBRaVzRvM3XOJQEUo5qLWSa/2l32X5L/o74RYlmqe
NHNNxs0Lk9zfe9xAYbYgX1yveF9wW4/ZsyL8SXFku0Q87laLFbPs8buLbTFAN63L
TM+3AJq/xyz/prSpKCdG/uP1uwP/6ZcPJLZZLkN94RBuO/yu7rUooYA4UD867HKP
byUIlUTdO/KhePKbLsnvtZNSBzNi81Uf0Ne2R8hhTiR1lHoXafdMel9IblxfPVHQ
jBjGr0dBtYMStAuSZtNih4UVHGot1ErK32SregvEMblgZVNNxPvkzgjqWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA9sN7WI5XM+rsYJ7JwlQ4EmiQYkMB8GA1UdIwQY
MBaAFHIqjB0xGJUBYQj/vRRXXHfMKHc6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYt
YTU1OGVlNjU0MzFmLzEvRDJ3M3RZamxjejZ1eGduc25DVkRnU2FKQmlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYtYTU1OGVlNjU0MzFm
LzEvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDV/YQMA0G
CSqGSIb3DQEBCwUAA4IBAQCkKe6v2ZZE7suWB/vNvqZGgCYQ1XzopjTAq5FHwzXQ
8GzinM+affN3N2VmmyNZjf03XjTJkrsLItfesL/9VV4Opz6GE9R2II0GKnBUWxvf
yjzXMMUFKPCfCQ9e/vj96iQtDIRp5upNevz0v/f3c1L4jocANWQU+JtECpDEzPpe
HizWEoReT6lRG4zjA2ydlP7n1dZCdNAZ9fVUM7Yq2O/ZW3qOUpet8efGw/OCsXFv
EOmO4aYB0LD4fHY9PtGmq1eSA0eFEkkJz5jStD/lgbpSYR36ARetsi0+1GGFBy84
Sm5VtV3OsvpigJULMQIIDHU9+Ro6mrZnV6mOUVK7/S/B
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:27 2024 by rpki-client on console-ams.rpki-client.org