Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/70ee21-d93f-4a71-8474-5bcc8458aa2c/1/OoHZjM9zOGdm-Rag4TZNrIH_qLE.roa
File:                     OoHZjM9zOGdm-Rag4TZNrIH_qLE.roa (raw, json)
Hash identifier:          sJJzQ0IrTUZs8NZSyz98F6smeD3npKiigd02K0tQQjU=
Subject key identifier:   3A:81:D9:8C:CF:73:38:67:66:F9:16:A0:E1:36:4D:AC:81:FF:A8:B1
Certificate issuer:       /CN=62117a1e6f699c322b6b983494f42c2209127553
Certificate serial:       01856C6F0690362BA95D42CCB2585ED6939B
Authority key identifier: 62:11:7A:1E:6F:69:9C:32:2B:6B:98:34:94:F4:2C:22:09:12:75:53
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YhF6Hm9pnDIra5g0lPQsIgkSdVM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/01/70ee21-d93f-4a71-8474-5bcc8458aa2c/1/OoHZjM9zOGdm-Rag4TZNrIH_qLE.roa
Signing time:             Sun 01 Jan 2023 08:24:53 +0000
ROA not before:           Sun 01 Jan 2023 08:24:53 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60277
IP address blocks:        185.124.204.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:33:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:6f:06:90:36:2b:a9:5d:42:cc:b2:58:5e:d6:93:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=62117a1e6f699c322b6b983494f42c2209127553
        Validity
            Not Before: Jan  1 08:24:53 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3a81d98ccf73386766f916a0e1364dac81ffa8b1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:0f:0b:54:f5:f3:7a:eb:12:5b:1a:ef:7e:72:
                    4a:ca:59:52:66:ef:49:c8:7b:c3:da:78:49:08:59:
                    27:81:98:17:64:0b:17:4d:68:5f:01:4f:3c:3c:47:
                    8d:65:9f:02:27:7b:b5:c7:f2:dd:28:ef:8b:7c:40:
                    69:a6:9b:a7:84:24:27:37:5e:c3:69:fd:71:c3:4d:
                    56:94:5d:44:3c:af:df:a1:4c:fd:22:30:9a:e1:41:
                    cd:97:8d:82:76:0f:e9:83:0a:18:d4:2e:b5:2c:43:
                    9a:f2:4c:52:59:d4:a3:38:8c:96:94:b8:2d:a4:9d:
                    de:f0:8d:f9:18:95:c7:4d:33:88:de:37:2c:aa:97:
                    f0:b2:39:bf:bb:99:5f:43:df:01:aa:37:9b:8b:a6:
                    dc:02:81:ca:ac:5a:74:7a:1a:44:27:4b:ad:88:3f:
                    be:ce:21:32:d6:98:ed:41:77:e1:1c:70:97:02:aa:
                    c8:cc:ff:a0:2e:39:68:a8:21:0a:d8:1e:09:4b:65:
                    bc:ee:8e:3d:c8:94:f7:07:a2:1d:30:d7:6a:79:03:
                    15:2a:77:05:ff:5c:0e:55:90:b0:a4:a7:c4:6f:a4:
                    5d:ec:b1:65:3b:03:fa:29:33:6d:fd:11:94:6a:e4:
                    37:42:28:29:08:9a:90:f2:d5:ac:7b:a1:81:db:f7:
                    74:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:81:D9:8C:CF:73:38:67:66:F9:16:A0:E1:36:4D:AC:81:FF:A8:B1
            X509v3 Authority Key Identifier:
                keyid:62:11:7A:1E:6F:69:9C:32:2B:6B:98:34:94:F4:2C:22:09:12:75:53

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YhF6Hm9pnDIra5g0lPQsIgkSdVM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/70ee21-d93f-4a71-8474-5bcc8458aa2c/1/OoHZjM9zOGdm-Rag4TZNrIH_qLE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/01/70ee21-d93f-4a71-8474-5bcc8458aa2c/1/YhF6Hm9pnDIra5g0lPQsIgkSdVM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.124.204.0/22

    Signature Algorithm: sha256WithRSAEncryption
         01:c0:77:d7:7d:19:2e:20:db:99:b1:a7:85:fe:39:6d:a9:ae:
         68:30:c8:bd:ec:6f:31:2e:68:ec:04:0b:61:32:6f:29:94:d4:
         04:76:08:07:99:ce:14:de:74:85:9d:72:ca:2f:40:7d:04:2a:
         b0:f2:02:8a:c0:5d:c7:ae:b1:39:00:c7:02:44:fc:65:bf:c5:
         23:d3:be:5d:04:4f:f6:1a:83:6c:da:fb:72:c5:ca:9e:b9:95:
         d4:73:45:0b:19:df:15:98:fc:a2:94:89:9c:98:bc:2b:91:fd:
         01:c0:02:42:4c:a5:82:e7:af:0e:3b:eb:98:ee:42:5a:2c:a8:
         61:58:77:55:72:24:a9:cc:1d:16:d8:a0:97:1c:d8:04:a8:7f:
         30:21:eb:20:44:66:31:4a:54:ae:af:05:15:54:d0:9a:53:3b:
         6d:a8:ad:5c:79:c2:be:1d:f5:fe:8b:79:57:cd:71:4b:7a:86:
         70:14:91:29:6e:35:00:ab:1f:fa:9b:be:b5:51:21:75:37:51:
         71:e0:52:c7:c6:ac:9a:79:fe:ee:9c:75:76:f7:6c:32:30:c0:
         f1:b1:ff:20:20:38:44:3d:d4:ce:f6:13:7f:5c:8a:c8:dc:13:
         c1:b8:d6:0f:3c:51:bf:f0:84:fd:a6:e3:6c:c1:1b:df:e3:dd:
         85:68:36:df
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsbwaQNiupXULMslhe1pObMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMTE3YTFlNmY2OTljMzIyYjZiOTgzNDk0ZjQyYzIyMDkx
Mjc1NTMwHhcNMjMwMTAxMDgyNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTgxZDk4Y2NmNzMzODY3NjZmOTE2YTBlMTM2NGRhYzgxZmZhOGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgw8LVPXzeusSWxrvfnJKyllSZu9J
yHvD2nhJCFkngZgXZAsXTWhfAU88PEeNZZ8CJ3u1x/LdKO+LfEBpppunhCQnN17D
af1xw01WlF1EPK/foUz9IjCa4UHNl42Cdg/pgwoY1C61LEOa8kxSWdSjOIyWlLgt
pJ3e8I35GJXHTTOI3jcsqpfwsjm/u5lfQ98Bqjebi6bcAoHKrFp0ehpEJ0utiD++
ziEy1pjtQXfhHHCXAqrIzP+gLjloqCEK2B4JS2W87o49yJT3B6IdMNdqeQMVKncF
/1wOVZCwpKfEb6Rd7LFlOwP6KTNt/RGUauQ3QigpCJqQ8tWse6GB2/d0VwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDqB2YzPczhnZvkWoOE2TayB/6ixMB8GA1UdIwQY
MBaAFGIReh5vaZwyK2uYNJT0LCIJEnVTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWhGNkhtOXBuRElyYTVnMGxQUXNJZ2tTZFZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS83MGVlMjEtZDkzZi00YTcxLTg0NzQt
NWJjYzg0NThhYTJjLzEvT29IWmpNOXpPR2RtLVJhZzRUWk5ySUhfcUxFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS83MGVlMjEtZDkzZi00YTcxLTg0NzQtNWJjYzg0NThhYTJj
LzEvWWhGNkhtOXBuRElyYTVnMGxQUXNJZ2tTZFZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXzMMA0G
CSqGSIb3DQEBCwUAA4IBAQABwHfXfRkuINuZsaeF/jltqa5oMMi97G8xLmjsBAth
Mm8plNQEdggHmc4U3nSFnXLKL0B9BCqw8gKKwF3HrrE5AMcCRPxlv8Uj075dBE/2
GoNs2vtyxcqeuZXUc0ULGd8VmPyilImcmLwrkf0BwAJCTKWC568OO+uY7kJaLKhh
WHdVciSpzB0W2KCXHNgEqH8wIesgRGYxSlSurwUVVNCaUzttqK1cecK+HfX+i3lX
zXFLeoZwFJEpbjUAqx/6m761USF1N1Fx4FLHxqyaef7unHV292wyMMDxsf8gIDhE
PdTO9hN/XIrI3BPBuNYPPFG/8IT9puNswRvf492FaDbf
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:35 2024 by rpki-client on console-fra.rpki-client.org