Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/e16001-6525-404b-9b49-a57b1b392205/1/OrcbdbQ_vLPTvFfVu_beo-eqgY0.roa
File:                     OrcbdbQ_vLPTvFfVu_beo-eqgY0.roa (raw, json)
Hash identifier:          uLih0+1kjm+sw0TKlPFuZ22O1lP2Jcc0QV45aBBzWqc=
Subject key identifier:   3A:B7:1B:75:B4:3F:BC:B3:D3:BC:57:D5:BB:F6:DE:A3:E7:AA:81:8D
Certificate issuer:       /CN=0dcda5d060ba9366bb4325828b57033bef18e3c0
Certificate serial:       018BE6B3BF5488B51EEB3B128D4D2EADC0BD
Authority key identifier: 0D:CD:A5:D0:60:BA:93:66:BB:43:25:82:8B:57:03:3B:EF:18:E3:C0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Dc2l0GC6k2a7QyWCi1cDO-8Y48A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0b/e16001-6525-404b-9b49-a57b1b392205/1/OrcbdbQ_vLPTvFfVu_beo-eqgY0.roa
Signing time:             Sun 19 Nov 2023 08:30:21 +0000
ROA not before:           Sun 19 Nov 2023 08:30:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207443
IP address blocks:        185.89.97.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:e6:b3:bf:54:88:b5:1e:eb:3b:12:8d:4d:2e:ad:c0:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0dcda5d060ba9366bb4325828b57033bef18e3c0
        Validity
            Not Before: Nov 19 08:30:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3ab71b75b43fbcb3d3bc57d5bbf6dea3e7aa818d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:2e:50:a3:d0:1b:e1:a4:3b:94:a4:7f:e3:0c:
                    55:29:7d:ce:71:1c:cc:6e:8a:7a:c2:27:38:38:e0:
                    e4:26:79:95:cc:1e:39:5f:93:1f:6c:e8:93:2a:6c:
                    d4:c6:ba:ab:c2:ea:6c:7c:08:60:ac:c4:88:11:3e:
                    3f:2f:61:6c:0c:11:e3:ba:96:3d:f9:4d:73:92:79:
                    18:52:a4:d3:33:3e:f6:ed:bc:24:27:51:a9:94:e8:
                    f1:7c:53:24:0b:41:08:63:70:4e:49:a3:a4:2b:09:
                    f5:64:25:a6:22:a2:87:38:5b:4b:4c:c7:bc:06:ce:
                    6e:89:71:fe:08:cd:56:ee:19:1e:98:d7:54:68:0c:
                    cf:98:db:08:b2:50:21:38:35:1c:07:32:6c:1f:3a:
                    eb:77:29:98:08:37:17:d7:6f:8c:7e:71:08:23:b9:
                    b4:80:37:2b:d0:19:75:e4:66:55:48:34:48:42:1c:
                    d0:b2:5d:08:5b:4b:f2:ae:45:36:64:20:f8:22:bd:
                    08:8b:20:de:86:0e:51:ae:1d:89:60:34:f9:dc:f7:
                    26:80:a7:72:fb:48:ae:4a:c1:de:5e:54:73:b3:90:
                    18:eb:01:ec:d2:64:87:5f:46:11:24:77:96:ab:8d:
                    28:04:24:b4:21:46:09:59:3f:6f:03:0b:f4:57:8a:
                    68:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:B7:1B:75:B4:3F:BC:B3:D3:BC:57:D5:BB:F6:DE:A3:E7:AA:81:8D
            X509v3 Authority Key Identifier:
                keyid:0D:CD:A5:D0:60:BA:93:66:BB:43:25:82:8B:57:03:3B:EF:18:E3:C0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dc2l0GC6k2a7QyWCi1cDO-8Y48A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/e16001-6525-404b-9b49-a57b1b392205/1/OrcbdbQ_vLPTvFfVu_beo-eqgY0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/e16001-6525-404b-9b49-a57b1b392205/1/Dc2l0GC6k2a7QyWCi1cDO-8Y48A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.89.97.0/24

    Signature Algorithm: sha256WithRSAEncryption
         27:3f:ec:0c:bc:01:df:59:4c:14:21:ab:1a:81:5f:a1:61:b2:
         c3:64:f2:27:1f:65:ea:3f:b9:8d:d8:fd:06:6b:5f:a0:fa:8d:
         9a:82:fc:ff:f0:f6:b0:e4:4d:46:e3:36:7b:db:92:63:13:60:
         99:37:51:26:17:43:6f:c5:bf:cf:16:3b:03:4c:81:38:7b:f6:
         f9:96:68:a1:7d:64:43:ed:db:a9:60:b9:bf:aa:b7:e6:cb:8d:
         e9:c4:e5:ea:15:18:fa:f9:e1:6d:38:6d:3c:dd:d6:3b:77:1b:
         aa:f7:ec:46:3b:60:81:06:10:14:b8:f7:1d:ae:5a:d4:6d:96:
         64:be:2e:50:f5:fe:19:4a:47:6c:93:0d:88:8f:6b:cb:21:5a:
         82:62:50:e3:7b:bf:23:c1:f8:91:90:3a:5a:72:19:3a:1b:d4:
         b9:2a:87:06:a6:29:a8:79:71:69:d2:3c:44:df:fd:e8:05:70:
         2d:41:db:06:22:76:90:cf:48:0e:b3:93:19:70:56:db:14:d1:
         4d:c0:6d:a5:a1:17:97:a8:b3:56:fd:ca:a1:fd:c3:16:c1:29:
         ee:a0:60:40:16:7a:14:f3:ab:be:55:d1:24:ea:a9:f8:68:54:
         15:e5:bf:c5:a6:91:80:44:33:38:46:ee:2d:62:22:b4:32:ff:
         d5:96:fc:47
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYvms79UiLUe6zsSjU0urcC9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkY2RhNWQwNjBiYTkzNjZiYjQzMjU4MjhiNTcwMzNiZWYx
OGUzYzAwHhcNMjMxMTE5MDgzMDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWI3MWI3NWI0M2ZiY2IzZDNiYzU3ZDViYmY2ZGVhM2U3YWE4MThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAly5Qo9Ab4aQ7lKR/4wxVKX3OcRzM
bop6wic4OODkJnmVzB45X5MfbOiTKmzUxrqrwupsfAhgrMSIET4/L2FsDBHjupY9
+U1zknkYUqTTMz727bwkJ1GplOjxfFMkC0EIY3BOSaOkKwn1ZCWmIqKHOFtLTMe8
Bs5uiXH+CM1W7hkemNdUaAzPmNsIslAhODUcBzJsHzrrdymYCDcX12+MfnEII7m0
gDcr0Bl15GZVSDRIQhzQsl0IW0vyrkU2ZCD4Ir0IiyDehg5Rrh2JYDT53PcmgKdy
+0iuSsHeXlRzs5AY6wHs0mSHX0YRJHeWq40oBCS0IUYJWT9vAwv0V4pomwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDq3G3W0P7yz07xX1bv23qPnqoGNMB8GA1UdIwQY
MBaAFA3NpdBgupNmu0MlgotXAzvvGOPAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGMybDBHQzZrMmE3UXlXQ2kxY0RPLThZNDhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi9lMTYwMDEtNjUyNS00MDRiLTliNDkt
YTU3YjFiMzkyMjA1LzEvT3JjYmRiUV92TFBUdkZmVnVfYmVvLWVxZ1kwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi9lMTYwMDEtNjUyNS00MDRiLTliNDktYTU3YjFiMzkyMjA1
LzEvRGMybDBHQzZrMmE3UXlXQ2kxY0RPLThZNDhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuVlhMA0G
CSqGSIb3DQEBCwUAA4IBAQAnP+wMvAHfWUwUIasagV+hYbLDZPInH2XqP7mN2P0G
a1+g+o2agvz/8Paw5E1G4zZ725JjE2CZN1EmF0Nvxb/PFjsDTIE4e/b5lmihfWRD
7dupYLm/qrfmy43pxOXqFRj6+eFtOG083dY7dxuq9+xGO2CBBhAUuPcdrlrUbZZk
vi5Q9f4ZSkdskw2Ij2vLIVqCYlDje78jwfiRkDpachk6G9S5KocGpimoeXFp0jxE
3/3oBXAtQdsGInaQz0gOs5MZcFbbFNFNwG2loReXqLNW/cqh/cMWwSnuoGBAFnoU
86u+VdEk6qn4aFQV5b/FppGARDM4Ru4tYiK0Mv/VlvxH
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:25 2024 by rpki-client on console-ams.rpki-client.org