Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/a63fd8-9b36-496d-b6e2-b20ebe595475/1/cn-CoSkHOC7LR0jQJdddaJUuIpA.roa
File:                     cn-CoSkHOC7LR0jQJdddaJUuIpA.roa (raw, json)
Hash identifier:          DuVGKsckGZUgqqVSl0D9Gui/Gnn83ujGd6Dy/aPIhQE=
Subject key identifier:   72:7F:82:A1:29:07:38:2E:CB:47:48:D0:25:D7:5D:68:95:2E:22:90
Certificate issuer:       /CN=ad3b529c9dc9526f099bf16ac89dcc8adfe18240
Certificate serial:       018CB5B5C7190E4301B74B14B57C363182D5
Authority key identifier: AD:3B:52:9C:9D:C9:52:6F:09:9B:F1:6A:C8:9D:CC:8A:DF:E1:82:40
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rTtSnJ3JUm8Jm_FqyJ3Mit_hgkA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/a63fd8-9b36-496d-b6e2-b20ebe595475/1/cn-CoSkHOC7LR0jQJdddaJUuIpA.roa
Signing time:             Fri 29 Dec 2023 13:13:58 +0000
ROA not before:           Fri 29 Dec 2023 13:13:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     48501
IP address blocks:        185.161.141.0/24 maxlen: 24
                          185.161.140.0/22 maxlen: 22
                          185.161.140.0/24 maxlen: 24
                          185.161.143.0/24 maxlen: 24
                          185.161.142.0/24 maxlen: 24
                          2a07:c500::/29 maxlen: 29

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:b5:b5:c7:19:0e:43:01:b7:4b:14:b5:7c:36:31:82:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ad3b529c9dc9526f099bf16ac89dcc8adfe18240
        Validity
            Not Before: Dec 29 13:13:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=727f82a12907382ecb4748d025d75d68952e2290
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:66:07:f9:94:69:5d:22:35:42:57:37:f7:35:
                    4d:b9:eb:11:f9:83:47:3e:d3:b8:bb:fc:0a:c0:ca:
                    f0:f2:40:ea:be:b5:dd:ce:6a:10:43:6f:a0:3e:67:
                    fc:84:04:b0:d8:6a:f6:c5:e8:27:c3:2e:62:cd:32:
                    8d:64:fb:01:b1:1f:05:be:8c:01:ae:f4:0b:91:34:
                    f5:ea:09:28:62:4c:4c:0f:dd:68:bd:1b:f3:33:55:
                    c5:22:8a:15:aa:a1:f9:30:0b:1d:5b:e4:46:6c:bf:
                    ed:b0:65:3b:6b:7d:b3:ff:e1:3e:d7:e3:12:37:4e:
                    6c:c7:b1:39:34:41:b2:13:bd:6d:4b:0a:cd:9f:c6:
                    7e:d9:c0:16:52:de:cc:db:2c:5b:64:9b:0d:54:e0:
                    51:e8:de:28:02:a1:23:fc:54:f2:a7:8c:38:37:4d:
                    46:a2:67:0d:0b:cc:61:96:ea:b0:e6:ef:ac:8b:49:
                    bd:fe:af:c8:7d:36:0a:9c:6f:f6:7e:3b:f1:da:e0:
                    93:08:3a:a9:b5:f2:19:85:de:3c:a9:63:3b:5f:d9:
                    a0:f2:5b:81:1c:05:ae:de:64:e5:34:ef:a6:2a:fa:
                    e7:c8:b3:ab:c8:cc:87:fe:b3:2b:01:44:ae:e4:a8:
                    33:39:99:f6:d4:5d:ce:d7:83:f2:12:00:8c:ae:b0:
                    0e:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:7F:82:A1:29:07:38:2E:CB:47:48:D0:25:D7:5D:68:95:2E:22:90
            X509v3 Authority Key Identifier:
                keyid:AD:3B:52:9C:9D:C9:52:6F:09:9B:F1:6A:C8:9D:CC:8A:DF:E1:82:40

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rTtSnJ3JUm8Jm_FqyJ3Mit_hgkA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/a63fd8-9b36-496d-b6e2-b20ebe595475/1/cn-CoSkHOC7LR0jQJdddaJUuIpA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/a63fd8-9b36-496d-b6e2-b20ebe595475/1/rTtSnJ3JUm8Jm_FqyJ3Mit_hgkA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.161.140.0/22
                IPv6:
                  2a07:c500::/29

    Signature Algorithm: sha256WithRSAEncryption
         69:67:cf:e0:e2:81:c5:a2:69:b6:6d:81:de:49:13:14:f3:ed:
         f6:af:c6:dd:ce:7d:e7:ac:29:5e:5b:f9:df:b9:c7:27:7c:6c:
         20:3a:1e:c7:01:ba:09:cf:1a:fa:32:4d:60:d1:dd:87:ef:29:
         14:2d:a8:ec:08:0b:2a:91:22:49:0a:41:f8:ae:b7:12:6e:a8:
         64:2c:bf:45:6e:21:29:2a:e8:db:a0:32:a9:ca:3f:d2:d4:87:
         0d:2c:eb:10:13:d6:1e:ce:cf:d4:9e:25:03:c8:b9:1c:90:2e:
         cf:93:65:eb:89:45:aa:4c:9b:71:25:42:2c:6f:e4:17:4f:64:
         c6:0c:8d:ca:3a:ab:fd:f2:66:77:20:37:cf:ff:07:62:8d:34:
         f1:0a:3c:05:ab:8b:f6:71:94:7b:a0:3f:9f:d4:e8:18:fe:89:
         e8:81:77:2a:f3:e9:33:f5:68:e4:cc:7b:f7:4a:ed:e7:6b:6f:
         aa:e9:2e:19:54:57:7c:4e:36:f9:b0:07:94:33:f6:33:4b:58:
         98:77:a8:7e:90:da:05:af:01:19:bf:fa:0e:23:06:cc:d9:60:
         8c:af:6e:f9:96:8b:a7:45:88:47:1c:40:93:4c:5d:44:00:96:
         87:8a:56:49:00:5f:26:1c:11:c7:bd:78:27:f9:a8:1a:ef:ab:
         aa:e4:b9:10
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYy1tccZDkMBt0sUtXw2MYLVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkM2I1MjljOWRjOTUyNmYwOTliZjE2YWM4OWRjYzhhZGZl
MTgyNDAwHhcNMjMxMjI5MTMxMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjdmODJhMTI5MDczODJlY2I0NzQ4ZDAyNWQ3NWQ2ODk1MmUyMjkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiWYH+ZRpXSI1Qlc39zVNuesR+YNH
PtO4u/wKwMrw8kDqvrXdzmoQQ2+gPmf8hASw2Gr2xegnwy5izTKNZPsBsR8FvowB
rvQLkTT16gkoYkxMD91ovRvzM1XFIooVqqH5MAsdW+RGbL/tsGU7a32z/+E+1+MS
N05sx7E5NEGyE71tSwrNn8Z+2cAWUt7M2yxbZJsNVOBR6N4oAqEj/FTyp4w4N01G
omcNC8xhluqw5u+si0m9/q/IfTYKnG/2fjvx2uCTCDqptfIZhd48qWM7X9mg8luB
HAWu3mTlNO+mKvrnyLOryMyH/rMrAUSu5KgzOZn21F3O14PyEgCMrrAOtQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHJ/gqEpBzguy0dI0CXXXWiVLiKQMB8GA1UdIwQY
MBaAFK07UpydyVJvCZvxasidzIrf4YJAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclR0U25KM0pVbThKbV9GcXlKM01pdF9oZ2tBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9hNjNmZDgtOWIzNi00OTZkLWI2ZTIt
YjIwZWJlNTk1NDc1LzEvY24tQ29Ta0hPQzdMUjBqUUpkZGRhSlV1SXBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9hNjNmZDgtOWIzNi00OTZkLWI2ZTItYjIwZWJlNTk1NDc1
LzEvclR0U25KM0pVbThKbV9GcXlKM01pdF9oZ2tBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuaGMMA0E
AgACMAcDBQMqB8UAMA0GCSqGSIb3DQEBCwUAA4IBAQBpZ8/g4oHFomm2bYHeSRMU
8+32r8bdzn3nrCleW/nfuccnfGwgOh7HAboJzxr6Mk1g0d2H7ykULajsCAsqkSJJ
CkH4rrcSbqhkLL9FbiEpKujboDKpyj/S1IcNLOsQE9Yezs/UniUDyLkckC7Pk2Xr
iUWqTJtxJUIsb+QXT2TGDI3KOqv98mZ3IDfP/wdijTTxCjwFq4v2cZR7oD+f1OgY
/onogXcq8+kz9WjkzHv3Su3na2+q6S4ZVFd8Tjb5sAeUM/YzS1iYd6h+kNoFrwEZ
v/oOIwbM2WCMr275lounRYhHHECTTF1EAJaHilZJAF8mHBHHvXgn+aga76uq5LkQ
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:51:03 2024 by rpki-client on console-fra.rpki-client.org