Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/f7f6c0-09d0-492c-92e6-8a95e6377332/1/2122yKrawBKN6ktEOk0pt7Qdlds.roa
File:                     2122yKrawBKN6ktEOk0pt7Qdlds.roa (raw, json)
Hash identifier:          odQNQf+Th4KWnYgNQqqWB8rgTajTCeDrocwUW2N+nYI=
Subject key identifier:   DB:5D:B6:C8:AA:DA:C0:12:8D:EA:4B:44:3A:4D:29:B7:B4:1D:95:DB
Certificate issuer:       /CN=0b5f8c9447d614b86182763d9333250e2d9412e2
Certificate serial:       018D7E7AD452F22F09E22BB9F4B97D8D788B
Authority key identifier: 0B:5F:8C:94:47:D6:14:B8:61:82:76:3D:93:33:25:0E:2D:94:12:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/C1-MlEfWFLhhgnY9kzMlDi2UEuI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ac/f7f6c0-09d0-492c-92e6-8a95e6377332/1/2122yKrawBKN6ktEOk0pt7Qdlds.roa
Signing time:             Tue 06 Feb 2024 12:53:15 +0000
ROA not before:           Tue 06 Feb 2024 12:53:15 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     7029
IP address blocks:        185.33.26.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 09 Mar 2024 13:24:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:7e:7a:d4:52:f2:2f:09:e2:2b:b9:f4:b9:7d:8d:78:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0b5f8c9447d614b86182763d9333250e2d9412e2
        Validity
            Not Before: Feb  6 12:53:15 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=db5db6c8aadac0128dea4b443a4d29b7b41d95db
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:de:ac:4e:4b:05:c1:a4:b5:2c:04:ec:2b:94:
                    04:3f:db:eb:b0:d0:2f:27:26:a7:f9:35:0d:12:5d:
                    2a:b0:16:10:6c:e7:79:99:6c:26:87:c6:43:01:81:
                    2f:75:8d:2f:f2:61:d6:78:93:45:83:14:93:73:a4:
                    ad:31:90:dd:60:33:e1:43:03:46:21:12:6b:c1:7a:
                    94:14:ab:ee:99:7d:5d:db:27:c4:6d:4d:b9:ab:72:
                    e1:f5:47:95:11:a7:9e:d1:81:85:dd:7a:99:ac:55:
                    6c:74:2e:08:e7:07:d8:28:2f:a6:c7:1b:66:e1:35:
                    79:58:47:32:e4:84:55:b2:13:ab:69:3a:c9:1f:e8:
                    4d:1d:41:5e:42:11:01:31:77:6b:5c:9c:6a:60:8c:
                    2c:9c:c6:25:f0:d4:55:e1:0c:7a:7e:93:dc:50:44:
                    9e:86:e5:50:eb:4b:e2:df:4c:39:b7:1b:51:fa:da:
                    e6:86:c0:89:32:90:4c:2a:bd:74:f5:01:f7:3f:58:
                    4c:10:26:6e:4c:2e:d9:1d:bc:2c:98:02:95:05:42:
                    98:7b:46:53:27:7f:44:cd:16:1d:34:8a:3d:5b:98:
                    90:3b:64:c5:bc:4e:03:9b:97:ec:2b:01:ce:b2:73:
                    12:9f:b4:32:10:e5:92:d9:b9:4c:13:a7:ae:d0:80:
                    c4:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:5D:B6:C8:AA:DA:C0:12:8D:EA:4B:44:3A:4D:29:B7:B4:1D:95:DB
            X509v3 Authority Key Identifier:
                keyid:0B:5F:8C:94:47:D6:14:B8:61:82:76:3D:93:33:25:0E:2D:94:12:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C1-MlEfWFLhhgnY9kzMlDi2UEuI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f7f6c0-09d0-492c-92e6-8a95e6377332/1/2122yKrawBKN6ktEOk0pt7Qdlds.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f7f6c0-09d0-492c-92e6-8a95e6377332/1/C1-MlEfWFLhhgnY9kzMlDi2UEuI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.33.26.0/24

    Signature Algorithm: sha256WithRSAEncryption
         22:7a:b5:f7:c4:ff:c0:4a:4a:5b:f0:68:ab:8d:c4:f0:1d:d6:
         27:1c:b9:99:7d:92:3b:11:2c:56:d6:0f:cd:41:69:4b:f4:11:
         40:98:97:6a:c7:f0:fd:6e:5c:13:47:88:4f:8f:f9:ce:82:4a:
         4f:b4:08:05:93:c9:5e:90:5e:1f:ca:ca:70:c7:b9:3c:e7:cf:
         d2:21:cc:e2:28:7b:3c:6f:92:51:71:f9:c6:c2:45:58:26:86:
         c2:84:47:01:d8:18:9d:47:65:be:f3:67:76:a2:92:15:82:a0:
         64:93:b0:51:2a:ab:c7:c0:64:61:e5:1c:f1:b6:7c:30:67:e7:
         cf:87:2f:2e:e1:88:75:0f:62:e8:f2:03:25:c2:f0:75:2b:dd:
         63:5f:48:8b:16:5e:48:3e:8f:c4:d2:18:7b:2f:d0:f7:3a:b3:
         7b:ac:d1:6f:e4:cf:5c:07:14:bc:ed:73:5b:30:f5:cd:71:39:
         8a:13:a3:5b:57:93:ed:f8:d5:82:04:89:01:bc:48:41:85:36:
         a8:f3:23:b4:b0:1d:43:09:3d:63:d0:89:0b:db:72:75:5d:95:
         d5:65:b3:19:22:9b:bc:ba:b7:97:c8:02:f0:5c:12:bb:f3:b3:
         11:b8:cc:fd:6c:dd:7f:5f:e5:89:81:e5:9e:19:91:37:ab:3e:
         10:35:4e:90
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY1+etRS8i8J4iu59Ll9jXiLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNWY4Yzk0NDdkNjE0Yjg2MTgyNzYzZDkzMzMyNTBlMmQ5
NDEyZTIwHhcNMjQwMjA2MTI1MzE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjVkYjZjOGFhZGFjMDEyOGRlYTRiNDQzYTRkMjliN2I0MWQ5NWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxt6sTksFwaS1LATsK5QEP9vrsNAv
Jyan+TUNEl0qsBYQbOd5mWwmh8ZDAYEvdY0v8mHWeJNFgxSTc6StMZDdYDPhQwNG
IRJrwXqUFKvumX1d2yfEbU25q3Lh9UeVEaee0YGF3XqZrFVsdC4I5wfYKC+mxxtm
4TV5WEcy5IRVshOraTrJH+hNHUFeQhEBMXdrXJxqYIwsnMYl8NRV4Qx6fpPcUESe
huVQ60vi30w5txtR+trmhsCJMpBMKr109QH3P1hMECZuTC7ZHbwsmAKVBUKYe0ZT
J39EzRYdNIo9W5iQO2TFvE4Dm5fsKwHOsnMSn7QyEOWS2blME6eu0IDE4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNtdtsiq2sASjepLRDpNKbe0HZXbMB8GA1UdIwQY
MBaAFAtfjJRH1hS4YYJ2PZMzJQ4tlBLiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzEtTWxFZldGTGhoZ25ZOWt6TWxEaTJVRXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9mN2Y2YzAtMDlkMC00OTJjLTkyZTYt
OGE5NWU2Mzc3MzMyLzEvMjEyMnlLcmF3QktONmt0RU9rMHB0N1FkbGRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9mN2Y2YzAtMDlkMC00OTJjLTkyZTYtOGE5NWU2Mzc3MzMy
LzEvQzEtTWxFZldGTGhoZ25ZOWt6TWxEaTJVRXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuSEaMA0G
CSqGSIb3DQEBCwUAA4IBAQAierX3xP/ASkpb8GirjcTwHdYnHLmZfZI7ESxW1g/N
QWlL9BFAmJdqx/D9blwTR4hPj/nOgkpPtAgFk8lekF4fyspwx7k858/SIcziKHs8
b5JRcfnGwkVYJobChEcB2BidR2W+82d2opIVgqBkk7BRKqvHwGRh5RzxtnwwZ+fP
hy8u4Yh1D2Lo8gMlwvB1K91jX0iLFl5IPo/E0hh7L9D3OrN7rNFv5M9cBxS87XNb
MPXNcTmKE6NbV5Pt+NWCBIkBvEhBhTao8yO0sB1DCT1j0IkL23J1XZXVZbMZIpu8
ureXyALwXBK787MRuMz9bN1/X+WJgeWeGZE3qz4QNU6Q
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:32 2024 by rpki-client on console-fra.rpki-client.org