Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/5aa448-643f-4aee-90d9-f47e169266c2/1/R8SFtD2QwaVTOLneeTyVfzhs3zE.roa
File:                     R8SFtD2QwaVTOLneeTyVfzhs3zE.roa (raw, json)
Hash identifier:          lUXuQbypz/F1tFaeM8t4Yf7pLTNOcQGhnqqusH7vqlc=
Subject key identifier:   47:C4:85:B4:3D:90:C1:A5:53:38:B9:DE:79:3C:95:7F:38:6C:DF:31
Certificate issuer:       /CN=dbc950098436281cee542a1e74546551e1e55283
Certificate serial:       01856B6E92234CE0FF90AD35FDCBD27F6159
Authority key identifier: DB:C9:50:09:84:36:28:1C:EE:54:2A:1E:74:54:65:51:E1:E5:52:83
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/28lQCYQ2KBzuVCoedFRlUeHlUoM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/5aa448-643f-4aee-90d9-f47e169266c2/1/R8SFtD2QwaVTOLneeTyVfzhs3zE.roa
Signing time:             Sun 01 Jan 2023 03:44:46 +0000
ROA not before:           Sun 01 Jan 2023 03:44:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     34762
IP address blocks:        185.116.72.0/22 maxlen: 24
                          2a0d:5040::/32 maxlen: 32
                          2a0d:5041::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:31:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:6e:92:23:4c:e0:ff:90:ad:35:fd:cb:d2:7f:61:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dbc950098436281cee542a1e74546551e1e55283
        Validity
            Not Before: Jan  1 03:44:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=47c485b43d90c1a55338b9de793c957f386cdf31
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:e8:5f:47:ee:49:32:b8:01:cc:f8:17:5a:d5:
                    f8:e3:72:4e:ae:06:34:6e:4b:80:85:57:0d:45:de:
                    7f:cc:f3:24:54:a8:f6:be:ec:8e:4e:e0:ed:8b:9f:
                    e2:c6:ec:c6:24:46:46:2e:f2:8d:0f:e0:2e:75:a7:
                    81:6a:1e:94:76:ea:f2:d1:b2:7c:fe:c3:0c:5e:37:
                    ac:ba:32:cb:f1:ee:a4:47:dd:70:08:18:f0:47:ed:
                    eb:bc:36:e3:e0:cd:da:94:65:e6:b9:d2:e7:58:ca:
                    21:01:0f:c0:c5:28:a7:2b:36:4e:db:19:6b:de:7e:
                    9b:7b:8d:5f:23:18:fe:8c:a4:69:02:cd:6f:90:18:
                    df:27:bc:3e:cc:68:9c:45:3a:d2:89:cf:13:6f:8a:
                    8c:6a:4e:51:46:65:2c:22:02:b6:45:dd:d4:48:89:
                    66:ca:a7:03:f6:70:bf:68:9e:f2:db:9f:a4:89:68:
                    b0:98:1d:4d:2d:c9:65:75:e6:bb:a4:90:19:5e:52:
                    8a:ea:bc:9a:42:bb:f7:6b:5d:17:65:c8:23:ba:4f:
                    5d:7e:84:d8:c3:de:f2:ec:3a:25:ef:f7:f1:3c:bc:
                    9c:fd:bc:28:69:0c:07:06:ea:53:82:9c:97:70:14:
                    0f:7f:0d:35:73:d9:c3:43:62:c5:ec:99:05:78:3f:
                    ab:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:C4:85:B4:3D:90:C1:A5:53:38:B9:DE:79:3C:95:7F:38:6C:DF:31
            X509v3 Authority Key Identifier:
                keyid:DB:C9:50:09:84:36:28:1C:EE:54:2A:1E:74:54:65:51:E1:E5:52:83

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/28lQCYQ2KBzuVCoedFRlUeHlUoM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/5aa448-643f-4aee-90d9-f47e169266c2/1/R8SFtD2QwaVTOLneeTyVfzhs3zE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/5aa448-643f-4aee-90d9-f47e169266c2/1/28lQCYQ2KBzuVCoedFRlUeHlUoM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.116.72.0/22
                IPv6:
                  2a0d:5040::/31

    Signature Algorithm: sha256WithRSAEncryption
         32:12:c9:7e:7e:15:1e:3d:47:49:b3:16:ab:02:1d:f6:ae:b2:
         82:ff:90:7d:1b:6f:cf:54:82:83:69:b7:83:a4:5b:66:fd:a0:
         11:16:1f:6d:bc:59:f9:66:49:70:cb:1b:6c:65:6f:ac:3c:f8:
         fc:97:ec:f3:ff:b7:ef:c4:b7:88:27:01:b8:5a:58:dc:ad:ff:
         8a:6e:95:02:52:ad:71:ae:be:87:fa:18:44:a6:eb:e8:c8:a9:
         33:e5:57:62:ec:99:5e:1b:2a:c7:4d:92:46:b0:2b:14:4d:46:
         db:2d:c4:35:51:81:96:40:71:64:91:38:76:3e:11:1a:71:fe:
         90:b5:dc:b1:ef:b0:ad:dc:ff:b2:49:4f:d2:3e:19:27:6b:68:
         d8:96:22:5d:d1:79:19:b2:6a:77:09:2a:04:50:32:ba:f7:37:
         30:3c:93:88:c5:a1:4d:96:7e:0a:9e:73:96:a4:17:44:b4:72:
         be:20:16:be:45:64:4d:e6:46:fd:1f:95:9a:e0:f7:66:90:36:
         c4:69:d6:88:4e:2a:73:7e:aa:f2:f1:6f:f5:d7:d8:7c:fd:9e:
         8f:34:e8:e4:1b:17:73:89:44:5f:33:fd:e6:15:05:19:f5:13:
         df:a7:18:e9:69:fa:c8:ad:28:ea:ff:9d:99:7a:76:1c:c0:b1:
         49:71:90:b4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVrbpIjTOD/kK01/cvSf2FZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiYzk1MDA5ODQzNjI4MWNlZTU0MmExZTc0NTQ2NTUxZTFl
NTUyODMwHhcNMjMwMTAxMDM0NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2M0ODViNDNkOTBjMWE1NTMzOGI5ZGU3OTNjOTU3ZjM4NmNkZjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsehfR+5JMrgBzPgXWtX443JOrgY0
bkuAhVcNRd5/zPMkVKj2vuyOTuDti5/ixuzGJEZGLvKND+AudaeBah6Udury0bJ8
/sMMXjesujLL8e6kR91wCBjwR+3rvDbj4M3alGXmudLnWMohAQ/AxSinKzZO2xlr
3n6be41fIxj+jKRpAs1vkBjfJ7w+zGicRTrSic8Tb4qMak5RRmUsIgK2Rd3USIlm
yqcD9nC/aJ7y25+kiWiwmB1NLclldea7pJAZXlKK6ryaQrv3a10XZcgjuk9dfoTY
w97y7Dol7/fxPLyc/bwoaQwHBupTgpyXcBQPfw01c9nDQ2LF7JkFeD+rMQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEfEhbQ9kMGlUzi53nk8lX84bN8xMB8GA1UdIwQY
MBaAFNvJUAmENigc7lQqHnRUZVHh5VKDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjhsUUNZUTJLQnp1VkNvZWRGUmxVZUhsVW9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi81YWE0NDgtNjQzZi00YWVlLTkwZDkt
ZjQ3ZTE2OTI2NmMyLzEvUjhTRnREMlF3YVZUT0xuZWVUeVZmemhzM3pFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi81YWE0NDgtNjQzZi00YWVlLTkwZDktZjQ3ZTE2OTI2NmMy
LzEvMjhsUUNZUTJLQnp1VkNvZWRGUmxVZUhsVW9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuXRIMA0E
AgACMAcDBQEqDVBAMA0GCSqGSIb3DQEBCwUAA4IBAQAyEsl+fhUePUdJsxarAh32
rrKC/5B9G2/PVIKDabeDpFtm/aARFh9tvFn5ZklwyxtsZW+sPPj8l+zz/7fvxLeI
JwG4Wljcrf+KbpUCUq1xrr6H+hhEpuvoyKkz5Vdi7JleGyrHTZJGsCsUTUbbLcQ1
UYGWQHFkkTh2PhEacf6Qtdyx77Ct3P+ySU/SPhkna2jYliJd0XkZsmp3CSoEUDK6
9zcwPJOIxaFNln4KnnOWpBdEtHK+IBa+RWRN5kb9H5Wa4PdmkDbEadaITipzfqry
8W/119h8/Z6PNOjkGxdziURfM/3mFQUZ9RPfpxjpafrIrSjq/52ZenYcwLFJcZC0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:44 2024 by rpki-client on console-fra.rpki-client.org