Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/cc7e6b-8c86-45ab-ac03-cbadb64340e0/1/xcNglH7inwgmtGV2bsEz861rNy8.roa
File:                     xcNglH7inwgmtGV2bsEz861rNy8.roa (raw, json)
Hash identifier:          g0Lf7qAjNKqb0hCl0R6wpB0Om7nsomkATP4bM7bDs0c=
Subject key identifier:   C5:C3:60:94:7E:E2:9F:08:26:B4:65:76:6E:C1:33:F3:AD:6B:37:2F
Certificate issuer:       /CN=27c637a709ddbe7f6237af8d5b2913b42237157c
Certificate serial:       018CC56ED5220C49150485A5667312C9F4D9
Authority key identifier: 27:C6:37:A7:09:DD:BE:7F:62:37:AF:8D:5B:29:13:B4:22:37:15:7C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/J8Y3pwndvn9iN6-NWykTtCI3FXw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/16/cc7e6b-8c86-45ab-ac03-cbadb64340e0/1/xcNglH7inwgmtGV2bsEz861rNy8.roa
Signing time:             Mon 01 Jan 2024 14:30:24 +0000
ROA not before:           Mon 01 Jan 2024 14:30:24 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     211029
IP address blocks:        185.253.245.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 09 Jan 2024 10:55:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:6e:d5:22:0c:49:15:04:85:a5:66:73:12:c9:f4:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=27c637a709ddbe7f6237af8d5b2913b42237157c
        Validity
            Not Before: Jan  1 14:30:24 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=c5c360947ee29f0826b465766ec133f3ad6b372f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:23:f9:aa:aa:04:cc:94:83:0e:91:26:3d:e5:
                    bb:12:07:0a:9f:b1:92:d3:8d:30:09:11:b1:62:69:
                    22:e4:20:56:bd:cf:20:4c:80:c3:86:eb:a8:bc:c7:
                    31:4c:5f:e4:b7:06:d0:65:f4:a2:3e:d3:6e:29:af:
                    ad:64:2a:e6:e9:3a:22:e0:df:70:d5:4b:a0:02:fd:
                    f0:84:3f:35:b6:91:29:87:50:3f:13:61:57:71:31:
                    39:4c:9f:6c:f1:bc:b5:81:61:f9:15:90:51:8a:ee:
                    26:18:d2:e8:52:88:d4:24:63:f5:96:18:a0:85:5f:
                    9a:31:84:80:25:44:59:22:04:13:b2:50:c4:5a:c7:
                    f1:be:5f:a4:cb:e6:40:28:93:18:2b:e5:b2:72:9e:
                    0b:83:f5:e5:67:b3:a3:1c:33:5c:e5:ac:26:a4:71:
                    4d:fb:b1:2a:e7:4d:fd:ca:0a:2a:39:51:e0:78:e8:
                    15:9b:26:15:ec:b5:a7:c3:cd:63:a3:7f:b2:8f:72:
                    d6:2d:2b:06:d5:1f:ef:c4:9b:ee:65:5f:71:ae:76:
                    b6:b7:6b:5e:c4:9d:68:af:f9:50:8f:73:4d:cf:35:
                    9a:2d:57:6a:00:f1:91:8a:25:c2:eb:06:91:e4:b5:
                    02:e4:9e:2d:17:47:ab:a5:e6:af:b5:0e:ae:99:34:
                    e8:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:C3:60:94:7E:E2:9F:08:26:B4:65:76:6E:C1:33:F3:AD:6B:37:2F
            X509v3 Authority Key Identifier:
                keyid:27:C6:37:A7:09:DD:BE:7F:62:37:AF:8D:5B:29:13:B4:22:37:15:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J8Y3pwndvn9iN6-NWykTtCI3FXw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/cc7e6b-8c86-45ab-ac03-cbadb64340e0/1/xcNglH7inwgmtGV2bsEz861rNy8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/16/cc7e6b-8c86-45ab-ac03-cbadb64340e0/1/J8Y3pwndvn9iN6-NWykTtCI3FXw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.253.245.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5a:84:7a:7e:79:47:02:cb:19:18:23:75:6b:4c:56:a6:16:fe:
         61:57:22:12:07:3e:04:31:aa:7b:ad:e0:ba:2c:71:f6:7e:d1:
         6c:6d:49:4b:85:5b:3b:99:9f:a7:43:d4:b2:a0:53:c9:e0:99:
         98:97:62:6d:b2:34:9f:d3:54:69:76:8c:f6:31:31:c9:6e:c8:
         23:c2:cb:4c:72:76:c5:67:50:14:8b:56:f7:f8:ba:b4:85:3a:
         f8:e0:f4:0f:a1:22:ed:a1:28:ba:89:e7:fa:29:dd:7d:c0:4b:
         c0:52:d7:9c:b2:e8:f9:68:b5:cf:77:89:65:70:28:54:8b:13:
         fc:8f:6a:d5:07:ff:23:10:dc:51:bf:9d:4f:fb:95:15:cc:51:
         2a:d9:43:97:84:64:68:a1:bd:34:ed:22:9c:1b:12:69:75:81:
         ec:5d:b7:f1:69:b5:3a:2b:7f:90:a1:93:e3:9d:d8:ef:3b:f3:
         a8:6d:bb:e5:5f:be:56:3b:70:a4:20:bd:93:8e:f6:45:7e:13:
         13:21:df:cb:f8:87:10:8e:ad:94:aa:a9:91:fc:dc:99:34:b1:
         d3:e2:9f:82:71:cf:32:6f:93:2e:84:bd:07:23:9c:7e:e5:a7:
         c8:e4:e4:4e:f6:d5:4b:2a:66:5b:3e:b5:45:81:fe:2b:b6:b9:
         84:bd:94:87
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbtUiDEkVBIWlZnMSyfTZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YzYzN2E3MDlkZGJlN2Y2MjM3YWY4ZDViMjkxM2I0MjIz
NzE1N2MwHhcNMjQwMTAxMTQzMDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWMzNjA5NDdlZTI5ZjA4MjZiNDY1NzY2ZWMxMzNmM2FkNmIzNzJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnCP5qqoEzJSDDpEmPeW7EgcKn7GS
040wCRGxYmki5CBWvc8gTIDDhuuovMcxTF/ktwbQZfSiPtNuKa+tZCrm6Toi4N9w
1UugAv3whD81tpEph1A/E2FXcTE5TJ9s8by1gWH5FZBRiu4mGNLoUojUJGP1lhig
hV+aMYSAJURZIgQTslDEWsfxvl+ky+ZAKJMYK+Wycp4Lg/XlZ7OjHDNc5awmpHFN
+7Eq5039ygoqOVHgeOgVmyYV7LWnw81jo3+yj3LWLSsG1R/vxJvuZV9xrna2t2te
xJ1or/lQj3NNzzWaLVdqAPGRiiXC6waR5LUC5J4tF0erpeavtQ6umTToXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMXDYJR+4p8IJrRldm7BM/OtazcvMB8GA1UdIwQY
MBaAFCfGN6cJ3b5/YjevjVspE7QiNxV8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjhZM3B3bmR2bjlpTjYtTld5a1R0Q0kzRlh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9jYzdlNmItOGM4Ni00NWFiLWFjMDMt
Y2JhZGI2NDM0MGUwLzEveGNOZ2xIN2lud2dtdEdWMmJzRXo4NjFyTnk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9jYzdlNmItOGM4Ni00NWFiLWFjMDMtY2JhZGI2NDM0MGUw
LzEvSjhZM3B3bmR2bjlpTjYtTld5a1R0Q0kzRlh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuf31MA0G
CSqGSIb3DQEBCwUAA4IBAQBahHp+eUcCyxkYI3VrTFamFv5hVyISBz4EMap7reC6
LHH2ftFsbUlLhVs7mZ+nQ9SyoFPJ4JmYl2JtsjSf01Rpdoz2MTHJbsgjwstMcnbF
Z1AUi1b3+Lq0hTr44PQPoSLtoSi6ief6Kd19wEvAUtecsuj5aLXPd4llcChUixP8
j2rVB/8jENxRv51P+5UVzFEq2UOXhGRoob007SKcGxJpdYHsXbfxabU6K3+QoZPj
ndjvO/OobbvlX75WO3CkIL2TjvZFfhMTId/L+IcQjq2UqqmR/NyZNLHT4p+Ccc8y
b5MuhL0HI5x+5afI5ORO9tVLKmZbPrVFgf4rtrmEvZSH
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:26 2024 by rpki-client on console-ams.rpki-client.org