Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/4c3d5a-a27f-4b9b-9d08-74c8da294d5c/1/NRfMJOhojXMEJs0IDxawQ8mYLXc.roa
File:                     NRfMJOhojXMEJs0IDxawQ8mYLXc.roa (raw, json)
Hash identifier:          T34eV3RxudlhLlnPFwiWy+slyejn7ZQcnsBhaB0Milc=
Subject key identifier:   35:17:CC:24:E8:68:8D:73:04:26:CD:08:0F:16:B0:43:C9:98:2D:77
Certificate issuer:       /CN=c9fe703d3790cdb8514a603e7a45ee50eeffa962
Certificate serial:       01856D2F54B576528AA324B3C675FE810E6B
Authority key identifier: C9:FE:70:3D:37:90:CD:B8:51:4A:60:3E:7A:45:EE:50:EE:FF:A9:62
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yf5wPTeQzbhRSmA-ekXuUO7_qWI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/4c3d5a-a27f-4b9b-9d08-74c8da294d5c/1/NRfMJOhojXMEJs0IDxawQ8mYLXc.roa
Signing time:             Sun 01 Jan 2023 11:54:56 +0000
ROA not before:           Sun 01 Jan 2023 11:54:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     201199
IP address blocks:        185.82.103.0/24 maxlen: 24
                          185.82.102.0/24 maxlen: 24
                          185.82.101.0/24 maxlen: 24
                          185.82.100.0/24 maxlen: 24
                          185.82.100.0/22 maxlen: 22
                          2a05:8f00::/29 maxlen: 29

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:2f:54:b5:76:52:8a:a3:24:b3:c6:75:fe:81:0e:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c9fe703d3790cdb8514a603e7a45ee50eeffa962
        Validity
            Not Before: Jan  1 11:54:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3517cc24e8688d730426cd080f16b043c9982d77
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:ef:6f:6a:3c:fe:bf:6a:4f:9f:de:93:e6:3a:
                    e9:54:91:d1:48:df:59:b5:69:6a:4f:b2:1d:23:16:
                    ee:b2:0a:c7:62:66:b5:af:6f:3f:cd:62:f8:ca:41:
                    6f:8e:bc:de:f5:b7:a7:c8:e5:5f:a3:e5:42:f8:d5:
                    80:f9:46:ef:df:5c:b3:32:48:00:69:b2:1d:18:e1:
                    82:71:1f:37:3b:78:d1:24:97:20:3d:82:6b:92:46:
                    1b:68:ef:b3:d7:10:bf:6a:79:04:89:5e:c9:fe:0f:
                    25:85:56:ae:5f:18:f4:68:4b:16:2b:46:1c:49:e2:
                    5b:07:f3:49:d9:2f:1d:09:d4:2d:f4:f3:12:be:30:
                    ae:ca:ac:b3:20:1c:79:54:14:31:43:9e:9b:19:97:
                    a1:85:26:63:5c:82:7c:52:d6:bc:ca:99:16:8a:86:
                    0a:70:92:a1:a3:7a:97:bd:87:2a:a1:52:0c:27:7f:
                    96:5f:03:90:15:df:d7:16:a5:79:c2:ab:22:7b:9f:
                    77:12:30:40:46:1a:97:fb:34:f9:21:37:63:7b:3a:
                    f8:17:ef:24:e0:f1:08:a2:4b:14:86:cb:6d:a9:e6:
                    d7:d0:82:74:99:fd:54:67:b0:6f:78:96:f7:2f:19:
                    82:af:12:7a:46:76:15:5c:b5:71:a2:4a:02:a5:1b:
                    c7:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:17:CC:24:E8:68:8D:73:04:26:CD:08:0F:16:B0:43:C9:98:2D:77
            X509v3 Authority Key Identifier:
                keyid:C9:FE:70:3D:37:90:CD:B8:51:4A:60:3E:7A:45:EE:50:EE:FF:A9:62

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yf5wPTeQzbhRSmA-ekXuUO7_qWI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/4c3d5a-a27f-4b9b-9d08-74c8da294d5c/1/NRfMJOhojXMEJs0IDxawQ8mYLXc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/4c3d5a-a27f-4b9b-9d08-74c8da294d5c/1/yf5wPTeQzbhRSmA-ekXuUO7_qWI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.82.100.0/22
                IPv6:
                  2a05:8f00::/29

    Signature Algorithm: sha256WithRSAEncryption
         3e:fd:89:5c:89:fc:d9:07:c8:b2:18:e9:db:53:93:c6:a1:12:
         e7:46:5f:e9:f7:50:40:f4:a4:aa:dc:18:55:8b:d7:84:6a:1b:
         ae:52:7f:85:da:17:2c:f0:e9:5e:8c:2f:2b:42:ee:54:1e:b5:
         54:ca:7a:2e:80:3f:7f:b8:fe:fe:2e:0a:d1:ef:8d:7a:1d:87:
         c4:2a:41:af:f7:f3:63:6d:54:d6:71:ed:dd:9b:1c:16:06:ae:
         20:d5:72:45:c5:51:64:92:2e:d9:73:0a:f6:cb:d5:f7:3d:d8:
         fb:eb:d9:dc:82:1a:3d:af:3a:b9:90:1d:1d:ac:9c:02:0a:09:
         02:05:e5:0c:a3:9b:4d:45:7a:be:e0:a4:0b:62:ea:2c:54:01:
         58:c4:4c:e9:3a:ce:62:af:f5:b5:c9:49:ed:97:e0:bc:92:60:
         ae:69:cc:ab:d3:cc:f2:7b:e2:f1:64:e4:55:57:61:f1:b7:d4:
         63:ee:7f:45:43:52:96:3b:66:13:6a:95:6b:bb:d9:0b:08:4a:
         4d:02:54:3f:9b:fa:44:f0:78:1e:e5:4b:a9:9d:c4:7f:2a:1f:
         64:03:23:a8:b4:42:4d:e7:fe:08:bd:75:f0:02:da:f1:c6:a1:
         1c:03:cd:2a:09:f6:77:27:0c:2e:53:45:6c:17:35:2e:db:28:
         bc:f1:b8:b3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtL1S1dlKKoySzxnX+gQ5rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZmU3MDNkMzc5MGNkYjg1MTRhNjAzZTdhNDVlZTUwZWVm
ZmE5NjIwHhcNMjMwMTAxMTE1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTE3Y2MyNGU4Njg4ZDczMDQyNmNkMDgwZjE2YjA0M2M5OTgyZDc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh+9vajz+v2pPn96T5jrpVJHRSN9Z
tWlqT7IdIxbusgrHYma1r28/zWL4ykFvjrze9benyOVfo+VC+NWA+Ubv31yzMkgA
abIdGOGCcR83O3jRJJcgPYJrkkYbaO+z1xC/ankEiV7J/g8lhVauXxj0aEsWK0Yc
SeJbB/NJ2S8dCdQt9PMSvjCuyqyzIBx5VBQxQ56bGZehhSZjXIJ8Uta8ypkWioYK
cJKho3qXvYcqoVIMJ3+WXwOQFd/XFqV5wqsie593EjBARhqX+zT5ITdjezr4F+8k
4PEIoksUhsttqebX0IJ0mf1UZ7BveJb3LxmCrxJ6RnYVXLVxokoCpRvH7QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDUXzCToaI1zBCbNCA8WsEPJmC13MB8GA1UdIwQY
MBaAFMn+cD03kM24UUpgPnpF7lDu/6liMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWY1d1BUZVF6YmhSU21BLWVrWHVVTzdfcVdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC80YzNkNWEtYTI3Zi00YjliLTlkMDgt
NzRjOGRhMjk0ZDVjLzEvTlJmTUpPaG9qWE1FSnMwSUR4YXdROG1ZTFhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC80YzNkNWEtYTI3Zi00YjliLTlkMDgtNzRjOGRhMjk0ZDVj
LzEveWY1d1BUZVF6YmhSU21BLWVrWHVVTzdfcVdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVJkMA0E
AgACMAcDBQMqBY8AMA0GCSqGSIb3DQEBCwUAA4IBAQA+/YlcifzZB8iyGOnbU5PG
oRLnRl/p91BA9KSq3BhVi9eEahuuUn+F2hcs8OlejC8rQu5UHrVUynougD9/uP7+
LgrR7416HYfEKkGv9/NjbVTWce3dmxwWBq4g1XJFxVFkki7Zcwr2y9X3Pdj769nc
gho9rzq5kB0drJwCCgkCBeUMo5tNRXq+4KQLYuosVAFYxEzpOs5ir/W1yUntl+C8
kmCuacyr08zye+LxZORVV2Hxt9Rj7n9FQ1KWO2YTapVru9kLCEpNAlQ/m/pE8Hge
5UupncR/Kh9kAyOotEJN5/4IvXXwAtrxxqEcA80qCfZ3JwwuU0VsFzUu2yi88biz
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:45 2023 by rpki-client on console-ams.rpki-client.org