Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/BPkL0SfUa5vcA8IvKhjE9b_hquA.roa
File:                     BPkL0SfUa5vcA8IvKhjE9b_hquA.roa (raw, json)
Hash identifier:          +BLqjoK82UPmDKxHl94Tdk1yClsk4UrztK4HOPCEdpI=
Subject key identifier:   04:F9:0B:D1:27:D4:6B:9B:DC:03:C2:2F:2A:18:C4:F5:BF:E1:AA:E0
Certificate issuer:       /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial:       0188E53D3FA00E71B949F529CC71D2D1930E
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/BPkL0SfUa5vcA8IvKhjE9b_hquA.roa
Signing time:             Thu 22 Jun 2023 22:32:56 +0000
ROA not before:           Thu 22 Jun 2023 22:32:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49999
IP address blocks:        37.153.132.0/24 maxlen: 24
                          89.40.43.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 24 Jul 2023 19:12:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:e5:3d:3f:a0:0e:71:b9:49:f5:29:cc:71:d2:d1:93:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
        Validity
            Not Before: Jun 22 22:32:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=04f90bd127d46b9bdc03c22f2a18c4f5bfe1aae0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:3a:87:57:fe:7d:47:c7:92:e4:2b:8e:35:56:
                    64:2c:e7:4a:d8:34:cb:6c:a6:7e:ab:63:c5:29:40:
                    0f:d1:63:cf:0b:76:06:5f:2b:cf:67:3f:62:57:69:
                    1e:12:0d:61:87:e6:a2:ab:5a:6e:84:0c:db:e8:11:
                    be:bd:1c:4d:ce:fc:6d:d6:25:a1:49:b7:4e:ea:14:
                    eb:f2:cc:0b:25:83:8e:37:a9:49:01:16:ae:bd:f9:
                    44:2a:8d:88:6c:05:2e:50:ed:1c:46:58:e1:b3:b1:
                    b6:38:24:2b:aa:c5:0b:d7:20:25:90:56:a9:71:b8:
                    45:f4:82:fa:db:ce:10:24:64:76:4f:44:1f:51:1e:
                    e5:78:c3:e0:72:22:40:20:49:fd:f1:ed:9c:e1:30:
                    90:0f:f3:07:ab:4e:a7:5f:52:2a:40:04:9e:12:75:
                    18:db:7a:31:5a:dd:b0:90:93:e9:14:0b:07:4c:4f:
                    49:ca:84:5c:0a:a2:60:28:b6:a4:d5:b9:93:27:09:
                    78:05:7a:ea:b5:c2:63:23:40:9b:2f:37:8b:8e:b0:
                    bc:f0:56:c7:ef:25:c0:46:25:72:76:59:a4:2d:f3:
                    82:f7:fc:b4:48:0f:ee:aa:f3:51:7f:c5:55:a6:64:
                    c2:6c:28:d9:32:99:62:45:79:2e:e2:c9:66:7a:55:
                    69:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:F9:0B:D1:27:D4:6B:9B:DC:03:C2:2F:2A:18:C4:F5:BF:E1:AA:E0
            X509v3 Authority Key Identifier:
                keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/BPkL0SfUa5vcA8IvKhjE9b_hquA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.153.132.0/24
                  89.40.43.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8c:83:c3:71:a9:d3:78:bf:83:3d:99:ff:91:9b:47:94:be:04:
         a9:e9:c2:d2:e5:ad:2e:de:fa:1f:1c:60:ef:ed:e4:a5:fc:e4:
         d3:be:bd:d5:0f:64:51:d7:e5:0f:7e:fd:66:68:c3:ce:a6:44:
         f7:f4:79:90:25:84:a5:93:49:53:83:cd:bb:7d:b6:12:86:c9:
         48:b7:0d:f8:2d:13:c5:d4:74:f3:bd:d0:f2:65:05:e2:31:14:
         50:7c:12:24:e5:6b:01:4d:80:60:f3:93:ec:af:2d:aa:75:98:
         61:b1:7b:7c:f0:09:c8:0c:c8:6f:e9:70:cb:53:5b:82:3b:3a:
         ed:cb:ab:7a:c3:2b:15:44:fd:46:0f:c2:2c:cc:9a:7c:1e:e2:
         06:d4:91:3e:fb:65:6b:0d:bd:bd:d9:8f:38:fc:4d:3b:52:50:
         ba:a8:81:f6:14:29:25:1b:b4:8b:03:4d:57:e3:58:59:78:d0:
         0c:59:77:27:6f:c5:fb:90:e4:31:b8:56:af:f2:37:e2:e8:91:
         5d:3a:88:4d:5b:e6:29:7e:fd:e1:00:35:99:14:84:75:f8:2b:
         ea:9d:7f:46:45:e1:04:5e:3b:16:4c:88:dc:c1:1b:41:49:7a:
         c9:e3:2d:d2:e8:78:7a:70:89:06:66:3b:ce:b9:64:0d:8f:4b:
         1d:40:82:25
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYjlPT+gDnG5SfUpzHHS0ZMOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjMwNjIyMjIzMjU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGY5MGJkMTI3ZDQ2YjliZGMwM2MyMmYyYTE4YzRmNWJmZTFhYWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2zqHV/59R8eS5CuONVZkLOdK2DTL
bKZ+q2PFKUAP0WPPC3YGXyvPZz9iV2keEg1hh+aiq1puhAzb6BG+vRxNzvxt1iWh
SbdO6hTr8swLJYOON6lJARauvflEKo2IbAUuUO0cRljhs7G2OCQrqsUL1yAlkFap
cbhF9IL6284QJGR2T0QfUR7leMPgciJAIEn98e2c4TCQD/MHq06nX1IqQASeEnUY
23oxWt2wkJPpFAsHTE9JyoRcCqJgKLak1bmTJwl4BXrqtcJjI0CbLzeLjrC88FbH
7yXARiVydlmkLfOC9/y0SA/uqvNRf8VVpmTCbCjZMpliRXku4slmelVpTwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAT5C9En1Gub3APCLyoYxPW/4argMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvQlBrTDBTZlVhNXZjQThJdktoakU5Yl9ocXVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAJZmEAwQA
WSgrMA0GCSqGSIb3DQEBCwUAA4IBAQCMg8NxqdN4v4M9mf+Rm0eUvgSp6cLS5a0u
3vofHGDv7eSl/OTTvr3VD2RR1+UPfv1maMPOpkT39HmQJYSlk0lTg827fbYShslI
tw34LRPF1HTzvdDyZQXiMRRQfBIk5WsBTYBg85Psry2qdZhhsXt88AnIDMhv6XDL
U1uCOzrty6t6wysVRP1GD8IszJp8HuIG1JE++2VrDb292Y84/E07UlC6qIH2FCkl
G7SLA01X41hZeNAMWXcnb8X7kOQxuFav8jfi6JFdOohNW+Ypfv3hADWZFIR1+Cvq
nX9GReEEXjsWTIjcwRtBSXrJ4y3S6Hh6cIkGZjvOuWQNj0sdQIIl
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:14 2024 by rpki-client on console-fra.rpki-client.org