Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/ff3422-0ecd-4bb5-8b27-5d9603638322/1/7DvbmbXdGzal12mQvNkOHoNmdiQ.roa
File:                     7DvbmbXdGzal12mQvNkOHoNmdiQ.roa (raw, json)
Hash identifier:          G9GsU8scxGEiN1qq/aqLGPc3BVMxtC3hkHFcHFMOtcg=
Subject key identifier:   EC:3B:DB:99:B5:DD:1B:36:A5:D7:69:90:BC:D9:0E:1E:83:66:76:24
Certificate issuer:       /CN=ba9c1933f1efd78700efdd5fdb0dc89cc8b6734a
Certificate serial:       01856D81BB3D42BAB82068AC4D3CE021274D
Authority key identifier: BA:9C:19:33:F1:EF:D7:87:00:EF:DD:5F:DB:0D:C8:9C:C8:B6:73:4A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/upwZM_Hv14cA791f2w3InMi2c0o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/ff3422-0ecd-4bb5-8b27-5d9603638322/1/7DvbmbXdGzal12mQvNkOHoNmdiQ.roa
Signing time:             Sun 01 Jan 2023 13:24:56 +0000
ROA not before:           Sun 01 Jan 2023 13:24:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     20473
IP address blocks:        185.103.202.0/24 maxlen: 24
                          185.103.203.0/24 maxlen: 24
                          185.103.200.0/24 maxlen: 24
                          2a06:2d40::/48 maxlen: 48
                          2a06:2d40:3::/48 maxlen: 48
                          2a06:2d40:1::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:31:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:81:bb:3d:42:ba:b8:20:68:ac:4d:3c:e0:21:27:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ba9c1933f1efd78700efdd5fdb0dc89cc8b6734a
        Validity
            Not Before: Jan  1 13:24:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ec3bdb99b5dd1b36a5d76990bcd90e1e83667624
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:35:2c:69:1b:a7:a1:96:b5:bc:a1:07:69:3f:
                    11:24:0e:d1:2e:c2:89:cd:96:b3:27:35:97:0d:36:
                    c5:36:5c:48:3b:5c:f5:18:10:40:db:30:48:e9:22:
                    9e:c8:f9:d9:3b:3d:d7:62:58:e0:d0:e0:11:fc:f9:
                    3c:15:1d:c2:7a:e4:d5:62:29:cf:c4:24:f4:75:1d:
                    96:93:b5:5b:17:33:f2:56:8c:d9:03:f8:f0:1e:25:
                    70:ad:e6:b0:57:c9:93:34:34:02:69:5f:8b:26:ee:
                    cb:ee:25:9a:97:1f:65:3d:14:3c:fe:40:fa:d6:96:
                    f1:60:42:2f:fb:31:f1:b1:1e:ea:eb:11:1a:d7:3d:
                    d1:42:1a:ba:12:2e:dd:f7:bc:b9:35:58:43:1e:6f:
                    5f:21:0e:92:b4:11:a3:fd:7c:0a:2e:38:07:b7:b1:
                    4e:e7:e0:91:9f:8b:c7:05:c4:b5:a7:f4:d6:17:92:
                    10:10:f6:4a:28:0c:68:d7:55:49:ad:c5:62:95:fc:
                    14:60:dd:64:80:9a:7e:3d:a8:49:e4:61:b5:13:49:
                    38:bf:28:ce:60:6f:25:78:83:c2:90:7a:ea:db:e0:
                    3d:50:f6:63:32:32:45:d2:be:87:5f:4b:98:d3:d3:
                    c2:c1:2d:51:dd:6c:e0:94:65:21:a4:9e:8f:f0:30:
                    ca:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:3B:DB:99:B5:DD:1B:36:A5:D7:69:90:BC:D9:0E:1E:83:66:76:24
            X509v3 Authority Key Identifier:
                keyid:BA:9C:19:33:F1:EF:D7:87:00:EF:DD:5F:DB:0D:C8:9C:C8:B6:73:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/upwZM_Hv14cA791f2w3InMi2c0o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/ff3422-0ecd-4bb5-8b27-5d9603638322/1/7DvbmbXdGzal12mQvNkOHoNmdiQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/ff3422-0ecd-4bb5-8b27-5d9603638322/1/upwZM_Hv14cA791f2w3InMi2c0o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.103.200.0/24
                  185.103.202.0/23
                IPv6:
                  2a06:2d40::/47
                  2a06:2d40:3::/48

    Signature Algorithm: sha256WithRSAEncryption
         15:09:bc:52:df:a7:9e:77:c5:39:69:71:7b:df:5d:37:38:ed:
         ca:51:70:3f:0d:47:9e:1f:17:49:3b:e0:f0:8a:b7:76:e8:71:
         ee:8e:75:10:c0:61:28:93:3f:ba:3d:46:55:da:e3:69:e0:73:
         a1:e9:33:1b:83:ea:f2:0d:de:63:44:38:68:82:eb:99:1d:fd:
         97:9b:f5:f3:de:3a:b6:5e:1d:b2:33:24:0f:19:00:ff:40:e6:
         26:4f:ba:3a:2e:f3:b7:51:ab:60:44:6a:77:31:b7:a7:bd:ed:
         c5:3f:07:a8:b8:5f:e5:2c:15:30:3b:15:e1:a7:f1:d1:20:0a:
         8a:52:48:3e:91:81:2f:d8:89:32:36:67:ce:f5:5d:a0:2f:45:
         aa:6b:f8:fc:e0:00:3f:de:84:a9:31:c6:34:43:4a:e3:72:7a:
         dc:99:26:6d:a2:18:68:b2:1f:30:81:8e:3b:a6:d4:f0:84:a4:
         85:09:2d:e0:87:ae:0a:a0:42:32:a5:5b:0c:a2:a9:4b:b7:81:
         2d:c8:97:64:b1:b4:f8:34:cb:d1:e3:24:e8:a8:ae:a6:9f:1f:
         27:e7:0c:63:7d:5c:c0:95:19:3f:3d:c3:0b:48:57:5f:4d:b3:
         f1:31:7a:4c:65:71:b1:c2:ba:e8:f9:2e:4d:e6:ea:17:e8:1c:
         01:51:dc:62
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYVtgbs9Qrq4IGisTTzgISdNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhOWMxOTMzZjFlZmQ3ODcwMGVmZGQ1ZmRiMGRjODljYzhi
NjczNGEwHhcNMjMwMTAxMTMyNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzNiZGI5OWI1ZGQxYjM2YTVkNzY5OTBiY2Q5MGUxZTgzNjY3NjI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApTUsaRunoZa1vKEHaT8RJA7RLsKJ
zZazJzWXDTbFNlxIO1z1GBBA2zBI6SKeyPnZOz3XYljg0OAR/Pk8FR3CeuTVYinP
xCT0dR2Wk7VbFzPyVozZA/jwHiVwreawV8mTNDQCaV+LJu7L7iWalx9lPRQ8/kD6
1pbxYEIv+zHxsR7q6xEa1z3RQhq6Ei7d97y5NVhDHm9fIQ6StBGj/XwKLjgHt7FO
5+CRn4vHBcS1p/TWF5IQEPZKKAxo11VJrcVilfwUYN1kgJp+PahJ5GG1E0k4vyjO
YG8leIPCkHrq2+A9UPZjMjJF0r6HX0uY09PCwS1R3WzglGUhpJ6P8DDKkQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFOw725m13Rs2pddpkLzZDh6DZnYkMB8GA1UdIwQY
MBaAFLqcGTPx79eHAO/dX9sNyJzItnNKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXB3Wk1fSHYxNGNBNzkxZjJ3M0luTWkyYzBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mZjM0MjItMGVjZC00YmI1LThiMjct
NWQ5NjAzNjM4MzIyLzEvN0R2Ym1iWGRHemFsMTJtUXZOa09Ib05tZGlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mZjM0MjItMGVjZC00YmI1LThiMjctNWQ5NjAzNjM4MzIy
LzEvdXB3Wk1fSHYxNGNBNzkxZjJ3M0luTWkyYzBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQAuWfIAwQB
uWfKMBgEAgACMBIDBwEqBi1AAAADBwAqBi1AAAMwDQYJKoZIhvcNAQELBQADggEB
ABUJvFLfp553xTlpcXvfXTc47cpRcD8NR54fF0k74PCKt3boce6OdRDAYSiTP7o9
RlXa42ngc6HpMxuD6vIN3mNEOGiC65kd/Zeb9fPeOrZeHbIzJA8ZAP9A5iZPujou
87dRq2BEancxt6e97cU/B6i4X+UsFTA7FeGn8dEgCopSSD6RgS/YiTI2Z871XaAv
Rapr+PzgAD/ehKkxxjRDSuNyetyZJm2iGGiyHzCBjjum1PCEpIUJLeCHrgqgQjKl
WwyiqUu3gS3Il2SxtPg0y9HjJOiorqafHyfnDGN9XMCVGT89wwtIV19Ns/Exekxl
cbHCuuj5Lk3m6hfoHAFR3GI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:16 2024 by rpki-client on console-ams.rpki-client.org