Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/9ede92-a838-40bc-a266-162b02bb15bd/1/gDWm39QDiDEdZ_wL-4lhE278XUA.roa
File:                     gDWm39QDiDEdZ_wL-4lhE278XUA.roa (raw, json)
Hash identifier:          If2ewmht5uBYq4fRsDRRpy5YhnWGlAhF0bnaE/N8Qbw=
Subject key identifier:   80:35:A6:DF:D4:03:88:31:1D:67:FC:0B:FB:89:61:13:6E:FC:5D:40
Certificate issuer:       /CN=501459c027a86e1a55709f860937fe2f81b312f0
Certificate serial:       018751BC19786EA6ED049473730203296834
Authority key identifier: 50:14:59:C0:27:A8:6E:1A:55:70:9F:86:09:37:FE:2F:81:B3:12:F0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UBRZwCeobhpVcJ-GCTf-L4GzEvA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fb/9ede92-a838-40bc-a266-162b02bb15bd/1/gDWm39QDiDEdZ_wL-4lhE278XUA.roa
Signing time:             Wed 05 Apr 2023 14:04:54 +0000
ROA not before:           Wed 05 Apr 2023 14:04:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     198949
IP address blocks:        147.233.128.0/17 maxlen: 17
                          147.233.250.0/24 maxlen: 24
                          147.233.0.0/17 maxlen: 17

Validation:               Failed, certificate revoked on Sun 07 May 2023 14:26:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:51:bc:19:78:6e:a6:ed:04:94:73:73:02:03:29:68:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=501459c027a86e1a55709f860937fe2f81b312f0
        Validity
            Not Before: Apr  5 14:04:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8035a6dfd40388311d67fc0bfb8961136efc5d40
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:c4:f3:ff:e0:e3:67:7a:7c:ab:b1:38:a1:19:
                    92:e4:75:db:a0:16:b6:3f:72:1f:70:6f:03:cd:ce:
                    9f:8c:56:1f:b1:95:cc:74:f8:8c:3b:e0:2c:37:67:
                    0b:0a:a5:d8:e7:4c:17:66:fe:33:a7:79:e6:f3:f0:
                    f6:7a:93:ef:38:2e:a8:7f:f2:f6:bc:1f:ee:0c:14:
                    e6:f1:77:f1:17:0e:02:f6:0e:f0:bc:2d:d9:72:11:
                    27:8d:de:31:52:83:f3:d2:94:4b:5b:25:ba:4f:15:
                    44:54:db:03:6c:e3:d4:05:98:cc:ac:c3:a5:1e:d5:
                    99:18:e9:70:6b:ee:7b:60:09:2d:46:f7:54:75:a0:
                    21:8b:1c:0d:04:49:17:fa:ec:b5:ac:0d:bb:83:ef:
                    b3:64:b2:23:e7:08:bd:d3:57:0c:90:0e:92:91:76:
                    9f:74:62:59:18:b0:60:a8:21:41:f8:f7:b1:02:64:
                    59:39:ee:f4:95:1f:3c:19:2f:01:5b:cd:5e:dc:26:
                    56:46:88:12:c1:a2:00:c1:42:4e:be:56:43:d2:23:
                    91:b1:c9:51:e0:6a:f5:de:77:a3:d5:f0:e4:5a:1c:
                    1d:8e:e1:f0:c8:bf:7a:70:f5:cb:49:48:43:03:4a:
                    8f:28:e3:52:3a:78:02:49:7f:ad:1b:6a:09:c5:46:
                    f1:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:35:A6:DF:D4:03:88:31:1D:67:FC:0B:FB:89:61:13:6E:FC:5D:40
            X509v3 Authority Key Identifier:
                keyid:50:14:59:C0:27:A8:6E:1A:55:70:9F:86:09:37:FE:2F:81:B3:12:F0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UBRZwCeobhpVcJ-GCTf-L4GzEvA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/9ede92-a838-40bc-a266-162b02bb15bd/1/gDWm39QDiDEdZ_wL-4lhE278XUA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/9ede92-a838-40bc-a266-162b02bb15bd/1/UBRZwCeobhpVcJ-GCTf-L4GzEvA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  147.233.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         99:07:f1:d0:3c:df:e3:92:54:78:6b:14:28:50:45:2d:66:15:
         d6:9b:68:bf:9a:67:cd:1a:0a:f2:14:f6:61:bc:40:10:70:5a:
         e4:2d:ed:7c:6f:16:ab:69:9a:2f:e9:56:e8:31:96:d0:82:51:
         3b:36:5b:5a:35:e7:12:7d:d4:7f:7c:15:2c:81:9d:29:e7:fd:
         7b:c1:e4:6b:2d:22:6d:9f:e3:60:6d:d7:57:d7:6e:93:49:63:
         e6:1d:48:6f:ca:1a:f8:0b:16:3e:51:62:ef:d0:cb:42:4b:76:
         17:84:81:05:6f:fa:0f:c8:a6:2d:aa:a2:73:6a:0f:7c:94:5a:
         f5:8a:0a:7b:1d:22:fa:b3:86:bc:0b:24:66:02:b4:61:08:0e:
         59:bf:33:97:69:98:68:7f:aa:c1:aa:b0:de:5c:bd:96:fd:1d:
         a7:b7:4c:cd:ca:da:9b:20:2b:f2:af:57:87:5a:68:d2:c7:ab:
         77:a3:34:85:42:5d:4e:7c:2f:d3:1c:a0:00:8b:1e:53:38:3e:
         2d:a5:29:64:a1:42:b2:a6:0d:94:62:04:d0:8c:9d:93:f3:ee:
         b5:b8:00:53:56:07:fc:0d:76:0d:b6:8b:96:70:b8:f5:a2:8c:
         bb:6c:ec:db:ae:cd:0c:de:3f:bb:d7:92:6f:f9:a5:06:dc:7f:
         a7:3e:40:aa
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYdRvBl4bqbtBJRzcwIDKWg0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwMTQ1OWMwMjdhODZlMWE1NTcwOWY4NjA5MzdmZTJmODFi
MzEyZjAwHhcNMjMwNDA1MTQwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDM1YTZkZmQ0MDM4ODMxMWQ2N2ZjMGJmYjg5NjExMzZlZmM1ZDQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgMTz/+DjZ3p8q7E4oRmS5HXboBa2
P3IfcG8Dzc6fjFYfsZXMdPiMO+AsN2cLCqXY50wXZv4zp3nm8/D2epPvOC6of/L2
vB/uDBTm8XfxFw4C9g7wvC3ZchEnjd4xUoPz0pRLWyW6TxVEVNsDbOPUBZjMrMOl
HtWZGOlwa+57YAktRvdUdaAhixwNBEkX+uy1rA27g++zZLIj5wi901cMkA6SkXaf
dGJZGLBgqCFB+PexAmRZOe70lR88GS8BW81e3CZWRogSwaIAwUJOvlZD0iORsclR
4Gr13nej1fDkWhwdjuHwyL96cPXLSUhDA0qPKONSOngCSX+tG2oJxUbxrQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFIA1pt/UA4gxHWf8C/uJYRNu/F1AMB8GA1UdIwQY
MBaAFFAUWcAnqG4aVXCfhgk3/i+BsxLwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUJSWndDZW9iaHBWY0otR0NUZi1MNEd6RXZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi85ZWRlOTItYTgzOC00MGJjLWEyNjYt
MTYyYjAyYmIxNWJkLzEvZ0RXbTM5UURpREVkWl93TC00bGhFMjc4WFVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi85ZWRlOTItYTgzOC00MGJjLWEyNjYtMTYyYjAyYmIxNWJk
LzEvVUJSWndDZW9iaHBWY0otR0NUZi1MNEd6RXZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAk+kwDQYJ
KoZIhvcNAQELBQADggEBAJkH8dA83+OSVHhrFChQRS1mFdabaL+aZ80aCvIU9mG8
QBBwWuQt7XxvFqtpmi/pVugxltCCUTs2W1o15xJ91H98FSyBnSnn/XvB5GstIm2f
42Bt11fXbpNJY+YdSG/KGvgLFj5RYu/Qy0JLdheEgQVv+g/Ipi2qonNqD3yUWvWK
CnsdIvqzhrwLJGYCtGEIDlm/M5dpmGh/qsGqsN5cvZb9Hae3TM3K2psgK/KvV4da
aNLHq3ejNIVCXU58L9McoACLHlM4Pi2lKWShQrKmDZRiBNCMnZPz7rW4AFNWB/wN
dg22i5ZwuPWijLts7NuuzQzeP7vXkm/5pQbcf6c+QKo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:38 2024 by rpki-client on console-fra.rpki-client.org