Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/7c70f4-5f3a-4fd3-883c-eb9415ec548a/1/GAsO3XvqTgyvSanloSy7GKjg7Vc.roa
File:                     GAsO3XvqTgyvSanloSy7GKjg7Vc.roa (raw, json)
Hash identifier:          Oe9ZTuVSaBYyj1FldsFZJqjw0IxzfP58elu2tqPNKLs=
Subject key identifier:   18:0B:0E:DD:7B:EA:4E:0C:AF:49:A9:E5:A1:2C:BB:18:A8:E0:ED:57
Certificate issuer:       /CN=836528e152b6dcba1571241ac55be5bce01118b7
Certificate serial:       018571554079DCCE20051A0D83BBBF5D646C
Authority key identifier: 83:65:28:E1:52:B6:DC:BA:15:71:24:1A:C5:5B:E5:BC:E0:11:18:B7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/g2Uo4VK23LoVcSQaxVvlvOARGLc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/04/7c70f4-5f3a-4fd3-883c-eb9415ec548a/1/GAsO3XvqTgyvSanloSy7GKjg7Vc.roa
Signing time:             Mon 02 Jan 2023 07:14:50 +0000
ROA not before:           Mon 02 Jan 2023 07:14:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     265554
IP address blocks:        185.198.100.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:30:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:55:40:79:dc:ce:20:05:1a:0d:83:bb:bf:5d:64:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=836528e152b6dcba1571241ac55be5bce01118b7
        Validity
            Not Before: Jan  2 07:14:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=180b0edd7bea4e0caf49a9e5a12cbb18a8e0ed57
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:61:25:45:c0:04:05:11:57:34:58:6c:1b:9c:
                    87:d3:a8:eb:d6:50:7e:85:cb:c5:36:d8:93:59:95:
                    2b:50:30:ff:6e:8e:ca:4f:1c:12:e7:76:1c:85:08:
                    d1:f3:23:14:53:93:e6:f2:c1:32:80:44:a3:ce:c9:
                    58:1f:6b:f2:4a:76:70:4f:9b:3f:49:d4:02:d4:aa:
                    f5:c6:e3:8e:f3:c9:22:ca:e7:80:57:cb:69:d9:3c:
                    91:2d:95:55:ba:18:88:a9:5c:c8:09:bd:de:bd:79:
                    e7:68:63:c1:09:7a:e2:b0:b9:31:cb:32:96:62:28:
                    1a:80:19:30:f5:6f:fd:8a:da:d9:01:03:38:4e:dd:
                    dd:54:7c:79:02:ad:b7:6a:e7:96:6a:36:6f:3e:30:
                    e6:4d:69:1b:45:96:81:70:59:00:22:35:f1:e3:00:
                    43:60:82:6b:57:96:90:df:04:8a:3e:28:de:a2:e6:
                    f5:48:f4:1d:ef:d1:34:51:ac:04:d7:ee:3d:59:93:
                    f1:56:f1:45:1e:45:26:2c:a0:2f:f7:c6:27:30:40:
                    10:26:c6:62:0b:a8:2c:fe:56:05:6d:5d:bd:fa:ad:
                    43:ca:af:f3:be:82:27:d0:22:8b:25:7e:af:4e:94:
                    4c:bf:c7:00:7d:dc:92:b1:d9:78:24:43:c3:b8:39:
                    7f:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:0B:0E:DD:7B:EA:4E:0C:AF:49:A9:E5:A1:2C:BB:18:A8:E0:ED:57
            X509v3 Authority Key Identifier:
                keyid:83:65:28:E1:52:B6:DC:BA:15:71:24:1A:C5:5B:E5:BC:E0:11:18:B7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g2Uo4VK23LoVcSQaxVvlvOARGLc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/7c70f4-5f3a-4fd3-883c-eb9415ec548a/1/GAsO3XvqTgyvSanloSy7GKjg7Vc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/04/7c70f4-5f3a-4fd3-883c-eb9415ec548a/1/g2Uo4VK23LoVcSQaxVvlvOARGLc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.198.100.0/22

    Signature Algorithm: sha256WithRSAEncryption
         93:53:f0:e9:40:c8:30:fc:c5:70:15:7f:e5:7b:c0:7e:8c:47:
         a2:00:47:73:e1:c3:01:d3:9b:f4:9e:cc:a1:63:59:27:bc:3e:
         96:9d:6c:f9:a0:b3:9e:d9:2f:3b:18:64:c2:00:c4:76:07:8a:
         8e:04:cc:fb:36:f7:03:14:cb:52:af:74:24:ff:e1:d8:3a:fd:
         eb:d9:1f:d4:2c:26:90:56:0d:b6:66:eb:5f:43:65:d4:8e:b5:
         30:0d:33:98:6e:60:22:0f:b9:b4:c3:ed:7f:30:d8:b6:10:4a:
         3f:2f:26:d0:57:ea:10:b1:53:70:d7:71:85:97:c3:da:1b:28:
         ca:f1:a2:44:ca:90:69:64:fe:f8:21:35:c7:c3:ea:8b:12:8b:
         cc:5a:f8:6b:04:63:bf:cd:f1:e7:3d:8b:6e:35:f7:12:36:3d:
         7d:40:ef:7e:fe:cc:48:97:89:cc:a4:7d:c5:9b:b4:90:ec:54:
         f9:c8:85:34:55:d2:0d:dd:66:a4:8c:19:49:59:02:c0:39:48:
         d8:d2:a9:45:92:f1:85:db:18:aa:19:0c:96:31:60:18:85:72:
         5b:f5:9f:26:85:bf:27:a5:c7:13:fb:a0:0f:f8:f5:5e:4b:12:
         75:0b:99:5b:b5:a4:5c:0e:64:92:f5:da:a0:84:c6:a7:25:da:
         03:92:4f:b3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxVUB53M4gBRoNg7u/XWRsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzNjUyOGUxNTJiNmRjYmExNTcxMjQxYWM1NWJlNWJjZTAx
MTE4YjcwHhcNMjMwMTAyMDcxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODBiMGVkZDdiZWE0ZTBjYWY0OWE5ZTVhMTJjYmIxOGE4ZTBlZDU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhGElRcAEBRFXNFhsG5yH06jr1lB+
hcvFNtiTWZUrUDD/bo7KTxwS53YchQjR8yMUU5Pm8sEygESjzslYH2vySnZwT5s/
SdQC1Kr1xuOO88kiyueAV8tp2TyRLZVVuhiIqVzICb3evXnnaGPBCXrisLkxyzKW
YigagBkw9W/9itrZAQM4Tt3dVHx5Aq23aueWajZvPjDmTWkbRZaBcFkAIjXx4wBD
YIJrV5aQ3wSKPijeoub1SPQd79E0UawE1+49WZPxVvFFHkUmLKAv98YnMEAQJsZi
C6gs/lYFbV29+q1Dyq/zvoIn0CKLJX6vTpRMv8cAfdySsdl4JEPDuDl/UwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBgLDt176k4Mr0mp5aEsuxio4O1XMB8GA1UdIwQY
MBaAFINlKOFStty6FXEkGsVb5bzgERi3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzJVbzRWSzIzTG9WY1NRYXhWdmx2T0FSR0xjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC83YzcwZjQtNWYzYS00ZmQzLTg4M2Mt
ZWI5NDE1ZWM1NDhhLzEvR0FzTzNYdnFUZ3l2U2FubG9TeTdHS2pnN1ZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC83YzcwZjQtNWYzYS00ZmQzLTg4M2MtZWI5NDE1ZWM1NDhh
LzEvZzJVbzRWSzIzTG9WY1NRYXhWdmx2T0FSR0xjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucZkMA0G
CSqGSIb3DQEBCwUAA4IBAQCTU/DpQMgw/MVwFX/le8B+jEeiAEdz4cMB05v0nsyh
Y1knvD6WnWz5oLOe2S87GGTCAMR2B4qOBMz7NvcDFMtSr3Qk/+HYOv3r2R/ULCaQ
Vg22ZutfQ2XUjrUwDTOYbmAiD7m0w+1/MNi2EEo/LybQV+oQsVNw13GFl8PaGyjK
8aJEypBpZP74ITXHw+qLEovMWvhrBGO/zfHnPYtuNfcSNj19QO9+/sxIl4nMpH3F
m7SQ7FT5yIU0VdIN3WakjBlJWQLAOUjY0qlFkvGF2xiqGQyWMWAYhXJb9Z8mhb8n
pccT+6AP+PVeSxJ1C5lbtaRcDmSS9dqghManJdoDkk+z
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:57 2024 by rpki-client on console-ams.rpki-client.org