Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9c5c1f-f4b6-45a8-9c9f-30733d370df3/1/hSdWB8T0zLNJTPGyKtX3Gp0DV-g.roa
File:                     hSdWB8T0zLNJTPGyKtX3Gp0DV-g.roa (raw, json)
Hash identifier:          3DZ698L2X2lr7lHMBMwu1EDRFqIGzLIALspGtmHZPDY=
Subject key identifier:   85:27:56:07:C4:F4:CC:B3:49:4C:F1:B2:2A:D5:F7:1A:9D:03:57:E8
Certificate issuer:       /CN=3b637ccf393f52e0b56fb58ee35af54411daf644
Certificate serial:       018CC56E2093E0AC1289C140D0CF6E3B60EA
Authority key identifier: 3B:63:7C:CF:39:3F:52:E0:B5:6F:B5:8E:E3:5A:F5:44:11:DA:F6:44
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O2N8zzk_UuC1b7WO41r1RBHa9kQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c7/9c5c1f-f4b6-45a8-9c9f-30733d370df3/1/hSdWB8T0zLNJTPGyKtX3Gp0DV-g.roa
Signing time:             Mon 01 Jan 2024 14:29:38 +0000
ROA not before:           Mon 01 Jan 2024 14:29:38 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     29518
IP address blocks:        185.63.72.0/24 maxlen: 24
                          185.63.74.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 03 Jun 2024 08:45:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:6e:20:93:e0:ac:12:89:c1:40:d0:cf:6e:3b:60:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b637ccf393f52e0b56fb58ee35af54411daf644
        Validity
            Not Before: Jan  1 14:29:38 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=85275607c4f4ccb3494cf1b22ad5f71a9d0357e8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:bc:d9:65:29:a8:e8:62:b0:1f:60:ed:d9:57:
                    d5:1d:31:70:99:53:44:5a:77:08:5a:81:23:07:b0:
                    ee:6a:81:25:62:29:48:0a:61:19:49:9e:05:f5:a6:
                    e5:7a:1e:ea:f8:df:f1:c2:3f:e6:c4:a0:d7:01:f8:
                    a0:32:db:44:7c:04:98:3c:98:7f:f5:e7:bb:54:e4:
                    1d:a4:73:b3:03:d0:55:63:b1:2a:e9:7e:00:d6:f4:
                    2a:56:81:6b:42:51:5a:94:6e:3f:69:ca:74:e9:a8:
                    41:c6:a7:bd:9d:1c:03:ed:5c:af:3f:50:28:11:5f:
                    09:ed:42:58:8d:ff:8a:8d:f2:f6:9a:8b:13:df:10:
                    b4:9d:ec:a6:6f:93:e0:ca:bc:6f:ac:9f:16:1a:bd:
                    c2:28:17:a2:16:51:2d:42:c2:16:51:b4:7e:b7:2f:
                    e1:e9:09:01:6c:65:a9:1b:c3:e1:02:e3:2b:2b:2b:
                    bf:48:f3:a3:98:7d:ef:7a:3f:5f:66:52:c9:a6:a1:
                    ee:f0:27:11:30:11:b3:66:f9:ce:31:0a:b9:87:81:
                    91:a8:1e:73:25:5b:a4:32:84:43:bc:b2:b2:06:b8:
                    78:9a:16:e7:7c:19:ae:f7:00:09:f5:f7:f1:ca:1b:
                    76:95:eb:da:52:42:d9:a5:3f:dc:59:f3:9f:42:2a:
                    d5:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:27:56:07:C4:F4:CC:B3:49:4C:F1:B2:2A:D5:F7:1A:9D:03:57:E8
            X509v3 Authority Key Identifier:
                keyid:3B:63:7C:CF:39:3F:52:E0:B5:6F:B5:8E:E3:5A:F5:44:11:DA:F6:44

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O2N8zzk_UuC1b7WO41r1RBHa9kQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9c5c1f-f4b6-45a8-9c9f-30733d370df3/1/hSdWB8T0zLNJTPGyKtX3Gp0DV-g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9c5c1f-f4b6-45a8-9c9f-30733d370df3/1/O2N8zzk_UuC1b7WO41r1RBHa9kQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.63.72.0/24
                  185.63.74.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0a:b8:a3:0b:dc:13:11:1d:23:a9:21:c2:16:a2:72:fa:16:a6:
         fe:5e:f3:ab:e0:db:db:d8:5b:89:52:c0:f3:9d:0a:33:3a:f5:
         09:81:3e:53:04:e6:7e:9e:aa:96:66:01:cf:e0:87:f0:17:ee:
         72:59:0b:fe:da:69:40:82:62:bd:91:d0:96:77:c5:28:ec:3f:
         f9:be:1c:06:fe:56:10:cd:48:fc:4d:32:65:88:0c:a3:67:84:
         b1:4c:7d:f9:97:4f:3b:6b:ba:60:5d:34:2e:69:fc:ec:7d:33:
         44:80:08:69:ec:45:93:4e:64:83:0a:6e:a5:a4:65:13:5d:9f:
         c3:5f:a0:ea:e7:4d:53:92:cd:a0:4a:43:55:5a:fc:ed:a1:c1:
         19:47:3b:82:fa:55:c2:57:74:7d:af:1a:d5:9b:be:56:11:68:
         a5:1e:78:8d:64:0d:b5:1c:ad:2b:b8:1b:73:ac:83:ce:1b:f2:
         25:db:4d:e0:78:e8:29:e8:c1:06:f8:25:41:e1:a3:eb:67:d3:
         7a:e8:4d:c3:ef:90:92:05:db:3c:cd:d0:27:54:a6:53:c4:8e:
         ba:22:db:40:77:37:f2:1d:1a:2c:58:41:a2:c7:e4:72:6b:dc:
         9f:d1:08:2b:11:bb:1d:ec:94:dc:19:6a:9f:f1:09:c4:1f:33:
         54:1f:a9:f6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzFbiCT4KwSicFA0M9uO2DqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNjM3Y2NmMzkzZjUyZTBiNTZmYjU4ZWUzNWFmNTQ0MTFk
YWY2NDQwHhcNMjQwMTAxMTQyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTI3NTYwN2M0ZjRjY2IzNDk0Y2YxYjIyYWQ1ZjcxYTlkMDM1N2U4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkLzZZSmo6GKwH2Dt2VfVHTFwmVNE
WncIWoEjB7DuaoElYilICmEZSZ4F9ableh7q+N/xwj/mxKDXAfigMttEfASYPJh/
9ee7VOQdpHOzA9BVY7Eq6X4A1vQqVoFrQlFalG4/acp06ahBxqe9nRwD7VyvP1Ao
EV8J7UJYjf+KjfL2mosT3xC0neymb5PgyrxvrJ8WGr3CKBeiFlEtQsIWUbR+ty/h
6QkBbGWpG8PhAuMrKyu/SPOjmH3vej9fZlLJpqHu8CcRMBGzZvnOMQq5h4GRqB5z
JVukMoRDvLKyBrh4mhbnfBmu9wAJ9ffxyht2levaUkLZpT/cWfOfQirVgwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIUnVgfE9MyzSUzxsirV9xqdA1foMB8GA1UdIwQY
MBaAFDtjfM85P1LgtW+1juNa9UQR2vZEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzJOOHp6a19VdUMxYjdXTzQxcjFSQkhhOWtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85YzVjMWYtZjRiNi00NWE4LTljOWYt
MzA3MzNkMzcwZGYzLzEvaFNkV0I4VDB6TE5KVFBHeUt0WDNHcDBEVi1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85YzVjMWYtZjRiNi00NWE4LTljOWYtMzA3MzNkMzcwZGYz
LzEvTzJOOHp6a19VdUMxYjdXTzQxcjFSQkhhOWtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuT9IAwQA
uT9KMA0GCSqGSIb3DQEBCwUAA4IBAQAKuKML3BMRHSOpIcIWonL6Fqb+XvOr4Nvb
2FuJUsDznQozOvUJgT5TBOZ+nqqWZgHP4IfwF+5yWQv+2mlAgmK9kdCWd8Uo7D/5
vhwG/lYQzUj8TTJliAyjZ4SxTH35l087a7pgXTQuafzsfTNEgAhp7EWTTmSDCm6l
pGUTXZ/DX6Dq501Tks2gSkNVWvztocEZRzuC+lXCV3R9rxrVm75WEWilHniNZA21
HK0ruBtzrIPOG/Il203geOgp6MEG+CVB4aPrZ9N66E3D75CSBds8zdAnVKZTxI66
IttAdzfyHRosWEGix+Rya9yf0QgrEbsd7JTcGWqf8QnEHzNUH6n2
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:24 2024 by rpki-client on console-fra.rpki-client.org