Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/cc7e6b-8c86-45ab-ac03-cbadb64340e0/1/lTXJ1YIYIlgJXu_1U1beG9uxX2w.roa
File:                     lTXJ1YIYIlgJXu_1U1beG9uxX2w.roa (raw, json)
Hash identifier:          I6mHWcR11wt5OrPC2txMiI9KWXI3u84I1P0of6iD7bw=
Subject key identifier:   95:35:C9:D5:82:18:22:58:09:5E:EF:F5:53:56:DE:1B:DB:B1:5F:6C
Certificate issuer:       /CN=27c637a709ddbe7f6237af8d5b2913b42237157c
Certificate serial:       01856FE71BBF82E1B86952FE4151E5FD389F
Authority key identifier: 27:C6:37:A7:09:DD:BE:7F:62:37:AF:8D:5B:29:13:B4:22:37:15:7C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/J8Y3pwndvn9iN6-NWykTtCI3FXw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/cc7e6b-8c86-45ab-ac03-cbadb64340e0/1/lTXJ1YIYIlgJXu_1U1beG9uxX2w.roa
Signing time:             Mon 02 Jan 2023 00:34:54 +0000
ROA not before:           Mon 02 Jan 2023 00:34:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211029
IP address blocks:        185.253.245.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:30:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:e7:1b:bf:82:e1:b8:69:52:fe:41:51:e5:fd:38:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=27c637a709ddbe7f6237af8d5b2913b42237157c
        Validity
            Not Before: Jan  2 00:34:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9535c9d582182258095eeff55356de1bdbb15f6c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:a1:aa:ab:b7:87:fa:4c:fb:be:22:48:4a:a0:
                    bb:a9:16:e8:9f:a5:76:2b:6f:28:35:3d:de:79:0b:
                    70:60:db:b0:b3:9a:ab:d6:90:35:87:4c:22:a1:5b:
                    83:b5:66:23:5b:ab:39:7d:ca:9d:8d:58:30:b2:83:
                    71:d2:0c:63:ea:0a:d7:0d:3a:74:bf:47:b7:88:e1:
                    c6:18:16:d2:46:f6:d9:d0:a3:1d:2a:d1:5c:16:fc:
                    bb:8b:4d:55:87:bb:68:de:0a:5f:b7:2f:e8:29:56:
                    05:36:4f:90:80:d4:88:2e:2c:e7:85:24:d7:12:5e:
                    ce:56:f7:0e:12:d7:37:49:4c:4e:ea:18:b2:6e:18:
                    12:f2:27:d5:57:f2:a4:be:f2:b7:18:77:00:ae:19:
                    19:5b:9b:d2:4a:0f:bd:68:ca:29:73:03:1c:b4:b2:
                    9d:eb:a3:4d:a1:9c:b2:17:b8:f5:2c:69:23:b7:3d:
                    62:a0:40:a0:31:23:3a:25:97:c0:c5:49:c5:6d:c0:
                    9c:f4:53:8e:d5:e9:75:c0:db:01:86:c3:2d:5d:df:
                    49:38:88:8a:2d:23:65:38:e3:2e:9e:ca:54:c2:29:
                    50:64:17:67:5f:cc:6b:7a:40:7a:b6:47:1f:6b:eb:
                    85:be:e1:70:e9:5f:0c:3a:8a:99:8f:35:56:da:35:
                    94:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:35:C9:D5:82:18:22:58:09:5E:EF:F5:53:56:DE:1B:DB:B1:5F:6C
            X509v3 Authority Key Identifier:
                keyid:27:C6:37:A7:09:DD:BE:7F:62:37:AF:8D:5B:29:13:B4:22:37:15:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J8Y3pwndvn9iN6-NWykTtCI3FXw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/cc7e6b-8c86-45ab-ac03-cbadb64340e0/1/lTXJ1YIYIlgJXu_1U1beG9uxX2w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/cc7e6b-8c86-45ab-ac03-cbadb64340e0/1/J8Y3pwndvn9iN6-NWykTtCI3FXw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.253.245.0/24

    Signature Algorithm: sha256WithRSAEncryption
         72:a2:ea:3e:68:7c:ac:ec:2d:44:23:b7:73:9e:b5:b3:38:1a:
         6f:16:fa:02:5d:40:f7:66:25:da:20:bf:f1:84:0e:9d:6c:5a:
         27:fe:18:2a:1a:45:b3:55:f5:57:69:1b:f3:66:c4:78:ad:83:
         00:be:3a:8d:a5:c8:bc:bd:e4:b5:96:82:1b:38:2b:7b:aa:09:
         a9:7a:19:84:75:14:d0:8f:bc:09:b2:ea:f8:46:32:18:09:f5:
         24:09:4c:49:72:dc:55:d7:ef:37:d2:3c:df:b9:bd:e3:a3:45:
         08:b9:dc:0b:fa:22:ea:0f:7f:4e:cb:ed:2a:d2:89:48:e8:d2:
         1c:88:cc:1e:79:4b:3d:1c:ee:a2:81:a8:f9:7b:0e:bd:06:9a:
         a1:e2:55:8f:f1:bc:fa:46:d0:7c:88:ad:b5:92:a6:ec:18:77:
         38:9c:e5:64:62:a6:07:e7:cf:bb:ce:c5:a3:55:bc:56:27:c7:
         84:25:cf:bc:37:67:cc:f6:a1:16:ba:12:0d:bb:8d:72:a1:a4:
         4d:33:a7:37:e8:00:9b:aa:b3:95:ca:a4:35:ea:d2:a4:3e:e8:
         8c:8d:06:35:a1:9d:37:9a:9f:40:49:99:f6:f8:bd:1a:cf:4a:
         10:3e:f1:e1:7d:17:d0:60:41:da:2c:b4:7a:3d:ff:05:16:4a:
         e0:71:01:5d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv5xu/guG4aVL+QVHl/TifMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YzYzN2E3MDlkZGJlN2Y2MjM3YWY4ZDViMjkxM2I0MjIz
NzE1N2MwHhcNMjMwMTAyMDAzNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTM1YzlkNTgyMTgyMjU4MDk1ZWVmZjU1MzU2ZGUxYmRiYjE1ZjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3KGqq7eH+kz7viJISqC7qRbon6V2
K28oNT3eeQtwYNuws5qr1pA1h0wioVuDtWYjW6s5fcqdjVgwsoNx0gxj6grXDTp0
v0e3iOHGGBbSRvbZ0KMdKtFcFvy7i01Vh7to3gpfty/oKVYFNk+QgNSILiznhSTX
El7OVvcOEtc3SUxO6hiybhgS8ifVV/KkvvK3GHcArhkZW5vSSg+9aMopcwMctLKd
66NNoZyyF7j1LGkjtz1ioECgMSM6JZfAxUnFbcCc9FOO1el1wNsBhsMtXd9JOIiK
LSNlOOMunspUwilQZBdnX8xrekB6tkcfa+uFvuFw6V8MOoqZjzVW2jWUYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJU1ydWCGCJYCV7v9VNW3hvbsV9sMB8GA1UdIwQY
MBaAFCfGN6cJ3b5/YjevjVspE7QiNxV8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjhZM3B3bmR2bjlpTjYtTld5a1R0Q0kzRlh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9jYzdlNmItOGM4Ni00NWFiLWFjMDMt
Y2JhZGI2NDM0MGUwLzEvbFRYSjFZSVlJbGdKWHVfMVUxYmVHOXV4WDJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9jYzdlNmItOGM4Ni00NWFiLWFjMDMtY2JhZGI2NDM0MGUw
LzEvSjhZM3B3bmR2bjlpTjYtTld5a1R0Q0kzRlh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuf31MA0G
CSqGSIb3DQEBCwUAA4IBAQByouo+aHys7C1EI7dznrWzOBpvFvoCXUD3ZiXaIL/x
hA6dbFon/hgqGkWzVfVXaRvzZsR4rYMAvjqNpci8veS1loIbOCt7qgmpehmEdRTQ
j7wJsur4RjIYCfUkCUxJctxV1+830jzfub3jo0UIudwL+iLqD39Oy+0q0olI6NIc
iMweeUs9HO6igaj5ew69Bpqh4lWP8bz6RtB8iK21kqbsGHc4nOVkYqYH58+7zsWj
VbxWJ8eEJc+8N2fM9qEWuhINu41yoaRNM6c36ACbqrOVyqQ16tKkPuiMjQY1oZ03
mp9ASZn2+L0az0oQPvHhfRfQYEHaLLR6Pf8FFkrgcQFd
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:36 2024 by rpki-client on console-fra.rpki-client.org