Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/COzWZqs2Sl_Ub_vSObz-Xzpbd98.roa
File:                     COzWZqs2Sl_Ub_vSObz-Xzpbd98.roa (raw, json)
Hash identifier:          FOkfzrVse8Bv1LO2jc992Kih9Ae6shY/o6HCtcM/l/I=
Subject key identifier:   08:EC:D6:66:AB:36:4A:5F:D4:6F:FB:D2:39:BC:FE:5F:3A:5B:77:DF
Certificate issuer:       /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial:       0187525AC65ECB6B34C7086F7DBF7BEDCA5A
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/COzWZqs2Sl_Ub_vSObz-Xzpbd98.roa
Signing time:             Wed 05 Apr 2023 16:58:13 +0000
ROA not before:           Wed 05 Apr 2023 16:58:13 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     16509
IP address blocks:        212.192.221.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 07 Nov 2023 14:27:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:52:5a:c6:5e:cb:6b:34:c7:08:6f:7d:bf:7b:ed:ca:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
        Validity
            Not Before: Apr  5 16:58:13 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=08ecd666ab364a5fd46ffbd239bcfe5f3a5b77df
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:74:d3:6a:3a:22:71:4e:32:24:2a:8c:1c:b7:
                    70:b0:cc:a5:74:8a:cc:55:ef:e2:3c:8d:be:c4:87:
                    6f:d3:5f:58:7e:60:75:62:00:21:54:46:85:25:5f:
                    1e:ee:a7:fb:48:9a:d9:70:fd:6a:7d:58:99:fd:83:
                    5c:fc:13:72:2c:e0:52:95:aa:9f:31:fc:c6:0f:9f:
                    93:72:2a:58:71:99:48:2c:97:07:6c:1a:97:ba:4a:
                    87:28:3a:38:c3:00:8f:20:af:0b:d7:65:f4:14:03:
                    8d:58:22:98:fb:a2:c3:20:2d:56:16:90:03:1a:b8:
                    a2:b6:25:9b:ab:02:11:74:7a:7a:c3:c8:f0:d2:97:
                    0a:a8:73:e2:63:e3:09:c3:31:ee:69:7d:f9:6f:32:
                    cd:60:83:71:52:5f:2a:bf:a9:db:ce:02:7e:b5:1b:
                    7f:0d:1b:e4:bc:84:21:3c:f6:35:13:d6:63:e1:e5:
                    80:b4:f5:bb:16:ec:41:fd:ff:36:63:3a:dc:90:5b:
                    85:2f:4c:cf:db:80:42:17:a4:ea:78:b5:08:be:ce:
                    a9:9b:27:21:e0:70:ec:34:8d:71:d3:53:33:f8:55:
                    64:6a:3c:c8:ad:e1:48:63:89:d4:98:14:ba:ed:c1:
                    a2:70:74:ce:e1:48:59:6c:09:43:1e:29:0f:fd:d5:
                    34:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:EC:D6:66:AB:36:4A:5F:D4:6F:FB:D2:39:BC:FE:5F:3A:5B:77:DF
            X509v3 Authority Key Identifier:
                keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/COzWZqs2Sl_Ub_vSObz-Xzpbd98.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.192.221.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4c:83:64:b6:b6:8b:58:e2:5a:5e:0a:81:3b:56:71:ae:c4:58:
         e1:1e:a6:f6:84:72:c6:0f:6f:36:6e:24:78:69:59:5c:fe:f3:
         4d:a9:0c:9f:fd:a8:e7:f4:5e:f7:e0:94:c7:46:9c:9f:2c:1c:
         eb:6b:61:2d:29:9d:40:79:3f:44:49:59:3b:aa:71:6a:4e:4f:
         71:69:94:9b:0b:40:7d:1b:97:3b:d9:d4:c2:de:0d:db:21:61:
         e2:ae:ec:da:4b:98:10:5c:d4:1f:aa:69:40:87:7a:9e:c1:9c:
         53:54:9a:95:24:30:85:dd:3c:1b:c2:d2:7c:16:fa:58:fa:56:
         05:13:7b:5d:b3:3e:88:31:56:3a:cb:d6:6e:ab:5b:10:fc:73:
         72:7b:ee:5e:6e:fb:ae:a0:2a:1b:d5:9b:a5:ba:60:34:a2:e1:
         5b:20:54:d2:43:98:7d:16:c7:2a:2d:c2:f5:99:bf:c9:5c:d3:
         29:98:d3:ad:a2:ab:fd:92:56:54:0c:14:2a:8e:d8:6b:c1:43:
         48:a6:b2:71:ce:8f:eb:3c:d9:f7:75:04:e4:6e:1a:9d:02:79:
         c3:af:47:4d:be:ac:c7:a3:0b:14:39:90:28:f9:ac:1f:7b:a5:
         9c:8b:4a:41:55:85:fa:06:f2:ac:32:33:69:cf:63:2b:9e:7c:
         bb:e7:e4:d1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYdSWsZey2s0xwhvfb977cpaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNDA1MTY1ODEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGVjZDY2NmFiMzY0YTVmZDQ2ZmZiZDIzOWJjZmU1ZjNhNWI3N2RmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqHTTajoicU4yJCqMHLdwsMyldIrM
Ve/iPI2+xIdv019YfmB1YgAhVEaFJV8e7qf7SJrZcP1qfViZ/YNc/BNyLOBSlaqf
MfzGD5+TcipYcZlILJcHbBqXukqHKDo4wwCPIK8L12X0FAONWCKY+6LDIC1WFpAD
GriitiWbqwIRdHp6w8jw0pcKqHPiY+MJwzHuaX35bzLNYINxUl8qv6nbzgJ+tRt/
DRvkvIQhPPY1E9Zj4eWAtPW7FuxB/f82YzrckFuFL0zP24BCF6TqeLUIvs6pmych
4HDsNI1x01Mz+FVkajzIreFIY4nUmBS67cGicHTO4UhZbAlDHikP/dU02wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAjs1marNkpf1G/70jm8/l86W3ffMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvQ096V1pxczJTbF9VYl92U09iei1YenBiZDk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1MDdMA0G
CSqGSIb3DQEBCwUAA4IBAQBMg2S2totY4lpeCoE7VnGuxFjhHqb2hHLGD282biR4
aVlc/vNNqQyf/ajn9F734JTHRpyfLBzra2EtKZ1AeT9ESVk7qnFqTk9xaZSbC0B9
G5c72dTC3g3bIWHiruzaS5gQXNQfqmlAh3qewZxTVJqVJDCF3TwbwtJ8FvpY+lYF
E3tdsz6IMVY6y9Zuq1sQ/HNye+5ebvuuoCob1ZulumA0ouFbIFTSQ5h9FscqLcL1
mb/JXNMpmNOtoqv9klZUDBQqjthrwUNIprJxzo/rPNn3dQTkbhqdAnnDr0dNvqzH
owsUOZAo+awfe6Wci0pBVYX6BvKsMjNpz2Mrnny75+TR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:09 2024 by rpki-client on console-fra.rpki-client.org