Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/ca2213-e5a1-4ad2-8a22-768d3fb08e70/1/pmo4CRbahEyhf_MrUgc5bqN5JTI.roa
File:                     pmo4CRbahEyhf_MrUgc5bqN5JTI.roa (raw, json)
Hash identifier:          S5y9f42Kcox7BCemCkHbbNdExOHWbofNmatS+jLkpI8=
Subject key identifier:   A6:6A:38:09:16:DA:84:4C:A1:7F:F3:2B:52:07:39:6E:A3:79:25:32
Certificate issuer:       /CN=2cf6136315a52d5247124b7cf369aafb8312227e
Certificate serial:       0188526D73675090E20440E2F13FE9C50658
Authority key identifier: 2C:F6:13:63:15:A5:2D:52:47:12:4B:7C:F3:69:AA:FB:83:12:22:7E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LPYTYxWlLVJHEkt882mq-4MSIn4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0f/ca2213-e5a1-4ad2-8a22-768d3fb08e70/1/pmo4CRbahEyhf_MrUgc5bqN5JTI.roa
Signing time:             Thu 25 May 2023 10:21:24 +0000
ROA not before:           Thu 25 May 2023 10:21:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200735
IP address blocks:        85.208.237.0/24 maxlen: 24
                          85.208.236.0/24 maxlen: 24
                          2a09:8e40:5000::/36 maxlen: 36
                          2a09:8e40:4000::/36 maxlen: 36
                          2a09:8e40:3000::/36 maxlen: 36
                          2a09:8e40:2000::/36 maxlen: 36
                          2a09:8e40:1000::/36 maxlen: 36
                          2a09:8e40::/36 maxlen: 36
                          2a09:8e40:6000::/36 maxlen: 36

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:33:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:52:6d:73:67:50:90:e2:04:40:e2:f1:3f:e9:c5:06:58
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2cf6136315a52d5247124b7cf369aafb8312227e
        Validity
            Not Before: May 25 10:21:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a66a380916da844ca17ff32b5207396ea3792532
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:e9:ce:3c:5e:15:15:77:b7:2a:d9:0d:47:cb:
                    f1:1a:06:d1:50:e2:2f:7a:bd:46:d0:7f:16:3a:3e:
                    f0:95:81:a3:e8:55:c4:c3:6a:2d:9c:7b:65:3c:39:
                    f0:5e:15:44:57:95:b0:4b:c3:c7:78:9b:40:08:94:
                    20:23:5a:29:4e:88:fa:19:29:8c:24:b0:80:dc:d5:
                    53:c7:5f:cb:2c:a9:f4:a5:2d:6e:2a:c6:57:75:f9:
                    1c:42:80:38:d4:a0:53:99:65:a0:a8:69:6c:ba:5c:
                    9b:39:bc:ec:73:32:36:1b:5a:68:cf:ac:e5:3c:dd:
                    50:f0:9e:c0:7d:63:f3:3f:3a:5b:1c:4a:d0:ee:2f:
                    29:de:70:ea:94:0e:76:5f:a9:0a:42:b1:0c:ea:53:
                    e0:7a:c9:5f:18:30:b2:9a:3a:32:4c:ab:8f:96:12:
                    59:88:66:72:73:40:99:36:f5:16:54:13:01:03:39:
                    2d:a8:33:e5:28:89:56:ba:a8:3b:76:e2:b3:c4:5c:
                    91:89:48:5b:6f:36:a2:fc:c3:78:ff:8e:72:37:7e:
                    63:cf:88:b6:0a:17:0b:02:9e:58:f2:de:0d:f5:ce:
                    62:6d:f2:e0:34:b2:64:10:a4:27:13:8e:1a:9a:e7:
                    3f:a7:27:96:b2:64:80:62:cf:3f:f3:cf:ca:5f:f3:
                    b5:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:6A:38:09:16:DA:84:4C:A1:7F:F3:2B:52:07:39:6E:A3:79:25:32
            X509v3 Authority Key Identifier:
                keyid:2C:F6:13:63:15:A5:2D:52:47:12:4B:7C:F3:69:AA:FB:83:12:22:7E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LPYTYxWlLVJHEkt882mq-4MSIn4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/ca2213-e5a1-4ad2-8a22-768d3fb08e70/1/pmo4CRbahEyhf_MrUgc5bqN5JTI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/ca2213-e5a1-4ad2-8a22-768d3fb08e70/1/LPYTYxWlLVJHEkt882mq-4MSIn4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.208.236.0/23
                IPv6:
                  2a09:8e40::-2a09:8e40:6fff:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         3a:23:ec:af:39:3d:1d:60:af:53:69:f0:72:9d:2e:af:30:95:
         26:22:68:94:17:1f:ff:3e:ee:a3:82:a0:2c:b9:91:d5:0d:e6:
         9a:88:1f:ab:43:bb:d1:cd:30:4b:f7:0e:20:92:e4:8e:1f:cb:
         0e:9f:fd:8c:55:04:86:02:84:02:1d:5b:d8:9a:dc:67:f5:4b:
         5e:16:24:74:85:ae:4b:9a:ec:9e:d4:74:b0:f2:b6:32:a2:2f:
         1f:3d:31:72:73:a6:e8:57:51:70:63:85:b6:32:b1:22:d3:67:
         0a:2b:2f:72:b7:be:04:13:4b:7b:fd:b2:1d:5d:08:6e:9b:0c:
         6e:4f:d8:9b:ac:13:5e:92:66:f9:47:4a:8a:2d:ea:43:54:01:
         57:27:38:4d:f8:25:5c:aa:bd:d0:4a:a4:20:c0:35:ac:d8:ec:
         14:85:9c:8f:13:e1:82:a8:ec:0c:a9:d5:02:1c:ef:1d:35:01:
         8f:3b:b8:98:51:45:94:d5:fd:26:0e:18:2d:86:c5:2a:14:35:
         05:dd:fe:e2:8c:dd:5c:3c:e9:07:46:a6:98:4c:d5:bf:6a:7f:
         ac:e2:82:fd:5d:07:01:b1:69:6c:73:3f:50:60:0e:6e:0a:73:
         06:89:26:cf:bb:05:70:1f:fc:7f:ab:ac:a2:05:25:8e:82:a3:
         08:7b:7f:ee
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYhSbXNnUJDiBEDi8T/pxQZYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjZjYxMzYzMTVhNTJkNTI0NzEyNGI3Y2YzNjlhYWZiODMx
MjIyN2UwHhcNMjMwNTI1MTAyMTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjZhMzgwOTE2ZGE4NDRjYTE3ZmYzMmI1MjA3Mzk2ZWEzNzkyNTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmOnOPF4VFXe3KtkNR8vxGgbRUOIv
er1G0H8WOj7wlYGj6FXEw2otnHtlPDnwXhVEV5WwS8PHeJtACJQgI1opToj6GSmM
JLCA3NVTx1/LLKn0pS1uKsZXdfkcQoA41KBTmWWgqGlsulybObzsczI2G1poz6zl
PN1Q8J7AfWPzPzpbHErQ7i8p3nDqlA52X6kKQrEM6lPgeslfGDCymjoyTKuPlhJZ
iGZyc0CZNvUWVBMBAzktqDPlKIlWuqg7duKzxFyRiUhbbzai/MN4/45yN35jz4i2
ChcLAp5Y8t4N9c5ibfLgNLJkEKQnE44amuc/pyeWsmSAYs8/88/KX/O18wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKZqOAkW2oRMoX/zK1IHOW6jeSUyMB8GA1UdIwQY
MBaAFCz2E2MVpS1SRxJLfPNpqvuDEiJ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFBZVFl4V2xMVkpIRWt0ODgybXEtNE1TSW40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9jYTIyMTMtZTVhMS00YWQyLThhMjIt
NzY4ZDNmYjA4ZTcwLzEvcG1vNENSYmFoRXloZl9NclVnYzVicU41SlRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9jYTIyMTMtZTVhMS00YWQyLThhMjItNzY4ZDNmYjA4ZTcw
LzEvTFBZVFl4V2xMVkpIRWt0ODgybXEtNE1TSW40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAMBAIAATAGAwQBVdDsMBcE
AgACMBEwDwMFBioJjkADBgQqCY5AYDANBgkqhkiG9w0BAQsFAAOCAQEAOiPsrzk9
HWCvU2nwcp0urzCVJiJolBcf/z7uo4KgLLmR1Q3mmogfq0O70c0wS/cOIJLkjh/L
Dp/9jFUEhgKEAh1b2JrcZ/VLXhYkdIWuS5rsntR0sPK2MqIvHz0xcnOm6FdRcGOF
tjKxItNnCisvcre+BBNLe/2yHV0IbpsMbk/Ym6wTXpJm+UdKii3qQ1QBVyc4Tfgl
XKq90EqkIMA1rNjsFIWcjxPhgqjsDKnVAhzvHTUBjzu4mFFFlNX9Jg4YLYbFKhQ1
Bd3+4ozdXDzpB0ammEzVv2p/rOKC/V0HAbFpbHM/UGAObgpzBokmz7sFcB/8f6us
ogUljoKjCHt/7g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:21 2024 by rpki-client on console-ams.rpki-client.org