Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/830b5c-b6c8-4979-a53e-494e26491796/1/vDmPw8OxuPpooAp4QWX3zoLwS5U.roa
File:                     vDmPw8OxuPpooAp4QWX3zoLwS5U.roa (raw, json)
Hash identifier:          sdTw/Kc8NK2lczt0hEC605+ekPs8uV/1nhALz74XIQM=
Subject key identifier:   BC:39:8F:C3:C3:B1:B8:FA:68:A0:0A:78:41:65:F7:CE:82:F0:4B:95
Certificate issuer:       /CN=e1006a06dc490997ff8fc3a42ecf389bed3dd178
Certificate serial:       01857321D2DCDFA6EB060FB40CD3CFC0A7D5
Authority key identifier: E1:00:6A:06:DC:49:09:97:FF:8F:C3:A4:2E:CF:38:9B:ED:3D:D1:78
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4QBqBtxJCZf_j8OkLs84m-090Xg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/830b5c-b6c8-4979-a53e-494e26491796/1/vDmPw8OxuPpooAp4QWX3zoLwS5U.roa
Signing time:             Mon 02 Jan 2023 15:37:54 +0000
ROA not before:           Mon 02 Jan 2023 15:37:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43366
IP address blocks:        185.79.8.0/22 maxlen: 24
                          2a05:6c80::/29 maxlen: 29

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:29:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:21:d2:dc:df:a6:eb:06:0f:b4:0c:d3:cf:c0:a7:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e1006a06dc490997ff8fc3a42ecf389bed3dd178
        Validity
            Not Before: Jan  2 15:37:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=bc398fc3c3b1b8fa68a00a784165f7ce82f04b95
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:9d:09:f4:91:e3:8c:aa:99:65:0c:a2:b1:c1:
                    83:3a:f9:52:1b:42:c8:49:e9:5a:3c:4b:b2:af:e6:
                    c4:91:26:d7:3b:d3:1e:72:f0:12:1e:f4:25:73:bc:
                    79:e5:ca:ee:7e:dc:6b:5f:d0:6e:fd:ae:b7:09:c1:
                    72:92:db:38:86:bd:42:e2:ab:0c:06:30:40:8c:da:
                    6d:2f:c6:83:70:f4:0d:8e:ce:82:be:fc:3c:c5:40:
                    bf:89:18:e4:34:9e:6d:c4:8c:dd:eb:9d:0e:89:c8:
                    2c:ea:58:96:84:7a:bc:cc:92:7d:ed:be:45:5e:51:
                    fe:72:c5:6c:63:d5:90:e4:9e:4c:6d:99:6c:b7:3f:
                    e7:f8:7a:7f:da:ac:1b:cd:51:3f:29:1f:45:34:d5:
                    13:ec:7a:3e:d5:35:81:d4:68:35:c1:d5:4f:02:f5:
                    cf:1a:60:f3:2f:c9:25:aa:c9:15:91:99:9d:a5:64:
                    20:97:80:17:e5:72:42:f9:c4:d4:8f:ba:5f:f2:d5:
                    a0:e3:67:c3:07:89:df:c0:e2:5b:60:59:99:93:f8:
                    fe:7d:aa:4c:08:27:ab:8d:b2:c0:a7:45:dc:e0:60:
                    b1:95:e1:7d:8f:7a:e7:26:48:cc:00:b5:cf:0a:a6:
                    78:75:cc:22:2f:a2:48:a0:b7:84:75:28:42:aa:ac:
                    a9:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:39:8F:C3:C3:B1:B8:FA:68:A0:0A:78:41:65:F7:CE:82:F0:4B:95
            X509v3 Authority Key Identifier:
                keyid:E1:00:6A:06:DC:49:09:97:FF:8F:C3:A4:2E:CF:38:9B:ED:3D:D1:78

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4QBqBtxJCZf_j8OkLs84m-090Xg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/830b5c-b6c8-4979-a53e-494e26491796/1/vDmPw8OxuPpooAp4QWX3zoLwS5U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/830b5c-b6c8-4979-a53e-494e26491796/1/4QBqBtxJCZf_j8OkLs84m-090Xg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.79.8.0/22
                IPv6:
                  2a05:6c80::/29

    Signature Algorithm: sha256WithRSAEncryption
         46:24:08:fd:dc:67:c4:c6:75:dc:ba:15:3b:a1:79:06:55:20:
         3c:85:4e:1c:8b:ea:47:a3:73:fb:f9:09:f6:91:35:1b:ca:8f:
         37:b6:fd:28:2a:79:cb:ba:b8:4d:3a:85:02:7d:63:b4:dc:49:
         2d:d3:1e:c6:54:1d:c2:e0:40:5b:c8:c8:9f:e0:cc:a7:88:21:
         02:69:4b:72:a2:58:50:cb:ee:d5:e2:e8:89:1d:4e:65:e6:68:
         56:af:d1:f5:f2:17:33:a5:5f:16:08:82:c1:d7:12:65:ea:0f:
         d5:38:3d:f4:39:cd:31:d1:90:83:d5:81:9a:e7:fe:92:b3:b4:
         34:ee:b1:44:32:b2:94:45:96:da:1c:45:db:b0:78:c8:d8:2a:
         2b:c9:66:7b:4f:27:b5:8b:8d:ab:f0:1e:c8:59:6c:6a:d1:df:
         e6:a7:9e:bd:a7:85:f4:4b:80:87:8e:7b:f2:8a:35:46:67:80:
         df:93:c4:cf:28:f1:da:76:3b:fb:86:57:eb:f0:a1:b8:88:cb:
         b4:f7:69:68:81:c9:81:50:94:c6:97:7a:6e:01:e7:88:a9:b9:
         ee:4a:9a:29:b9:7b:4c:25:44:d6:65:04:6b:70:fe:35:4d:45:
         e3:5e:7b:24:b9:22:98:b2:48:27:0c:6c:8a:e8:34:bd:97:b5:
         d1:59:a7:46
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVzIdLc36brBg+0DNPPwKfVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxMDA2YTA2ZGM0OTA5OTdmZjhmYzNhNDJlY2YzODliZWQz
ZGQxNzgwHhcNMjMwMTAyMTUzNzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzM5OGZjM2MzYjFiOGZhNjhhMDBhNzg0MTY1ZjdjZTgyZjA0Yjk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkp0J9JHjjKqZZQyiscGDOvlSG0LI
SelaPEuyr+bEkSbXO9MecvASHvQlc7x55cruftxrX9Bu/a63CcFykts4hr1C4qsM
BjBAjNptL8aDcPQNjs6Cvvw8xUC/iRjkNJ5txIzd650Oicgs6liWhHq8zJJ97b5F
XlH+csVsY9WQ5J5MbZlstz/n+Hp/2qwbzVE/KR9FNNUT7Ho+1TWB1Gg1wdVPAvXP
GmDzL8klqskVkZmdpWQgl4AX5XJC+cTUj7pf8tWg42fDB4nfwOJbYFmZk/j+fapM
CCerjbLAp0Xc4GCxleF9j3rnJkjMALXPCqZ4dcwiL6JIoLeEdShCqqyp7wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLw5j8PDsbj6aKAKeEFl986C8EuVMB8GA1UdIwQY
MBaAFOEAagbcSQmX/4/DpC7POJvtPdF4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFFCcUJ0eEpDWmZfajhPa0xzODRtLTA5MFhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi84MzBiNWMtYjZjOC00OTc5LWE1M2Ut
NDk0ZTI2NDkxNzk2LzEvdkRtUHc4T3h1UHBvb0FwNFFXWDN6b0x3UzVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi84MzBiNWMtYjZjOC00OTc5LWE1M2UtNDk0ZTI2NDkxNzk2
LzEvNFFCcUJ0eEpDWmZfajhPa0xzODRtLTA5MFhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuU8IMA0E
AgACMAcDBQMqBWyAMA0GCSqGSIb3DQEBCwUAA4IBAQBGJAj93GfExnXcuhU7oXkG
VSA8hU4ci+pHo3P7+Qn2kTUbyo83tv0oKnnLurhNOoUCfWO03Ekt0x7GVB3C4EBb
yMif4MyniCECaUtyolhQy+7V4uiJHU5l5mhWr9H18hczpV8WCILB1xJl6g/VOD30
Oc0x0ZCD1YGa5/6Ss7Q07rFEMrKURZbaHEXbsHjI2CoryWZ7Tye1i42r8B7IWWxq
0d/mp569p4X0S4CHjnvyijVGZ4Dfk8TPKPHadjv7hlfr8KG4iMu092logcmBUJTG
l3puAeeIqbnuSpopuXtMJUTWZQRrcP41TUXjXnskuSKYskgnDGyK6DS9l7XRWadG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:03 2024 by rpki-client on console-fra.rpki-client.org