Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/396759-b0c6-48ef-97b3-a15a18613da6/1/OJ2ZZ-A7HzMMwgt8dLDOtQCMV94.roa
File:                     OJ2ZZ-A7HzMMwgt8dLDOtQCMV94.roa (raw, json)
Hash identifier:          MXyfJqPgFul/ylCg/GS4ULeON6jDSxpatwpxZHtQTFg=
Subject key identifier:   38:9D:99:67:E0:3B:1F:33:0C:C2:0B:7C:74:B0:CE:B5:00:8C:57:DE
Certificate issuer:       /CN=b82b722715f91be792a1ec3c31e77ed9da05cbe1
Certificate serial:       01856C4137FFC2CE0F4C1C4A894B67585F15
Authority key identifier: B8:2B:72:27:15:F9:1B:E7:92:A1:EC:3C:31:E7:7E:D9:DA:05:CB:E1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uCtyJxX5G-eSoew8Med-2doFy-E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/396759-b0c6-48ef-97b3-a15a18613da6/1/OJ2ZZ-A7HzMMwgt8dLDOtQCMV94.roa
Signing time:             Sun 01 Jan 2023 07:34:51 +0000
ROA not before:           Sun 01 Jan 2023 07:34:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     8301
IP address blocks:        217.65.48.0/20 maxlen: 24
                          185.74.74.0/24 maxlen: 24
                          185.74.72.0/22 maxlen: 24
                          185.74.72.0/24 maxlen: 24
                          185.74.75.0/24 maxlen: 24
                          178.208.192.0/19 maxlen: 24
                          212.120.224.0/19 maxlen: 24
                          212.120.236.0/24 maxlen: 24
                          212.120.244.0/24 maxlen: 24
                          195.244.192.0/19 maxlen: 24
                          212.120.250.0/24 maxlen: 24
                          195.244.204.0/24 maxlen: 24
                          2a01:8c40::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 00:30:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:41:37:ff:c2:ce:0f:4c:1c:4a:89:4b:67:58:5f:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b82b722715f91be792a1ec3c31e77ed9da05cbe1
        Validity
            Not Before: Jan  1 07:34:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=389d9967e03b1f330cc20b7c74b0ceb5008c57de
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:58:c2:51:dc:21:3c:02:3f:9e:a3:79:49:63:
                    14:18:91:89:80:f9:5f:1b:bf:e9:c9:6f:1f:61:28:
                    10:92:44:db:ac:ad:3b:93:c0:bd:5b:23:a7:41:23:
                    bf:9a:f2:61:15:df:29:0b:59:e1:2d:4c:2f:ac:81:
                    02:01:c6:1e:09:21:28:b2:d7:56:51:a8:4c:bb:9d:
                    63:0b:fa:65:47:75:27:9c:8d:99:31:18:17:5e:5c:
                    ce:d1:a3:1b:7d:c2:7d:d8:af:7a:3a:76:7c:08:3e:
                    27:1a:b3:24:2f:5e:c2:13:bf:3f:4e:64:0b:b8:99:
                    85:85:dc:57:37:7d:a6:1c:0a:a3:ba:bb:1e:56:bd:
                    fa:e5:d1:ba:78:87:2e:79:cc:77:3d:fd:c3:29:39:
                    e1:50:23:41:de:fb:1f:f3:4c:ff:f4:06:ac:1e:74:
                    dd:66:91:d7:7f:06:97:8d:14:19:34:45:a3:c0:51:
                    f4:0c:6d:01:16:1e:9c:be:c4:7f:5e:72:57:5d:2a:
                    e9:5c:c5:45:0b:be:b3:d7:a7:f2:5e:55:d8:8f:f9:
                    8c:af:6a:95:fc:f5:2a:04:75:85:0c:13:45:cc:f4:
                    93:7e:0e:89:5e:e4:69:82:46:c5:db:69:37:18:45:
                    17:7f:3e:72:51:ec:34:cc:21:18:4f:8d:07:d8:77:
                    5a:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:9D:99:67:E0:3B:1F:33:0C:C2:0B:7C:74:B0:CE:B5:00:8C:57:DE
            X509v3 Authority Key Identifier:
                keyid:B8:2B:72:27:15:F9:1B:E7:92:A1:EC:3C:31:E7:7E:D9:DA:05:CB:E1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uCtyJxX5G-eSoew8Med-2doFy-E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/396759-b0c6-48ef-97b3-a15a18613da6/1/OJ2ZZ-A7HzMMwgt8dLDOtQCMV94.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/396759-b0c6-48ef-97b3-a15a18613da6/1/uCtyJxX5G-eSoew8Med-2doFy-E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.208.192.0/19
                  185.74.72.0/22
                  195.244.192.0/19
                  212.120.224.0/19
                  217.65.48.0/20
                IPv6:
                  2a01:8c40::/32

    Signature Algorithm: sha256WithRSAEncryption
         08:2c:18:18:dd:28:db:6d:c1:e3:e1:b8:3b:6b:03:8d:c3:b8:
         ae:ae:73:be:c4:c7:2e:1f:99:7c:81:4a:a0:70:5c:7e:09:f2:
         61:2d:fe:e1:a8:ae:c2:76:dd:5a:14:ca:b2:3d:76:3b:ea:9a:
         9e:61:c7:7d:63:ad:53:5f:bb:02:b8:89:74:32:94:e3:39:75:
         93:31:18:d2:d6:3d:c5:76:6e:eb:61:5f:9c:05:11:a3:31:d5:
         db:3b:2a:ca:4f:02:fc:12:af:6a:3f:07:58:65:73:90:aa:9d:
         20:8f:f7:0a:11:28:ad:3c:d7:f7:16:9a:e5:53:f8:61:87:9e:
         71:54:59:3f:49:03:99:09:c3:32:2c:17:6f:26:b2:b9:9f:2c:
         a8:0f:d3:10:21:67:7d:b8:61:03:16:75:79:e4:40:3b:60:9a:
         2a:e6:fc:00:87:69:42:4a:50:c4:ee:16:20:d3:73:7a:28:9f:
         bd:85:35:08:97:35:0b:82:eb:d9:6d:9d:89:f9:f8:08:db:a7:
         97:6f:0b:2f:23:16:d9:9a:a1:aa:c0:13:af:a3:6d:40:22:43:
         80:60:f0:cf:65:38:21:59:46:26:8c:75:5e:47:ed:43:c7:25:
         c5:88:51:60:18:fc:58:a2:4b:ef:86:ec:09:23:e9:6e:e7:df:
         6e:17:f7:f5
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVsQTf/ws4PTBxKiUtnWF8VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MmI3MjI3MTVmOTFiZTc5MmExZWMzYzMxZTc3ZWQ5ZGEw
NWNiZTEwHhcNMjMwMTAxMDczNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODlkOTk2N2UwM2IxZjMzMGNjMjBiN2M3NGIwY2ViNTAwOGM1N2RlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgljCUdwhPAI/nqN5SWMUGJGJgPlf
G7/pyW8fYSgQkkTbrK07k8C9WyOnQSO/mvJhFd8pC1nhLUwvrIECAcYeCSEostdW
UahMu51jC/plR3UnnI2ZMRgXXlzO0aMbfcJ92K96OnZ8CD4nGrMkL17CE78/TmQL
uJmFhdxXN32mHAqjurseVr365dG6eIcuecx3Pf3DKTnhUCNB3vsf80z/9AasHnTd
ZpHXfwaXjRQZNEWjwFH0DG0BFh6cvsR/XnJXXSrpXMVFC76z16fyXlXYj/mMr2qV
/PUqBHWFDBNFzPSTfg6JXuRpgkbF22k3GEUXfz5yUew0zCEYT40H2Hda6QIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFDidmWfgOx8zDMILfHSwzrUAjFfeMB8GA1UdIwQY
MBaAFLgrcicV+RvnkqHsPDHnftnaBcvhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUN0eUp4WDVHLWVTb2V3OE1lZC0yZG9GeS1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC8zOTY3NTktYjBjNi00OGVmLTk3YjMt
YTE1YTE4NjEzZGE2LzEvT0oyWlotQTdIek1Nd2d0OGRMRE90UUNNVjk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC8zOTY3NTktYjBjNi00OGVmLTk3YjMtYTE1YTE4NjEzZGE2
LzEvdUN0eUp4WDVHLWVTb2V3OE1lZC0yZG9GeS1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQFstDAAwQC
uUpIAwQFw/TAAwQF1HjgAwQE2UEwMA0EAgACMAcDBQAqAYxAMA0GCSqGSIb3DQEB
CwUAA4IBAQAILBgY3SjbbcHj4bg7awONw7iurnO+xMcuH5l8gUqgcFx+CfJhLf7h
qK7Cdt1aFMqyPXY76pqeYcd9Y61TX7sCuIl0MpTjOXWTMRjS1j3Fdm7rYV+cBRGj
MdXbOyrKTwL8Eq9qPwdYZXOQqp0gj/cKESitPNf3FprlU/hhh55xVFk/SQOZCcMy
LBdvJrK5nyyoD9MQIWd9uGEDFnV55EA7YJoq5vwAh2lCSlDE7hYg03N6KJ+9hTUI
lzULguvZbZ2J+fgI26eXbwsvIxbZmqGqwBOvo21AIkOAYPDPZTghWUYmjHVeR+1D
xyXFiFFgGPxYokvvhuwJI+lu599uF/f1
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:39 2024 by rpki-client on console-ams.rpki-client.org