Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1f1cbd-fea6-4553-8db6-4e09f9e85723/1/ii0aUuuoqJ1eG20P0Mgg9vF2Fno.roa
File:                     ii0aUuuoqJ1eG20P0Mgg9vF2Fno.roa (raw, json)
Hash identifier:          COYoYF6DF2AASIPbGjB1eo/BUI9/iAkLr4NkSnCJads=
Subject key identifier:   8A:2D:1A:52:EB:A8:A8:9D:5E:1B:6D:0F:D0:C8:20:F6:F1:76:16:7A
Certificate issuer:       /CN=9d4925e976ad0bfb73e097da6917e80f5bce6c8c
Certificate serial:       01856DC1B49ED3CB55D3E2E8B9B648048731
Authority key identifier: 9D:49:25:E9:76:AD:0B:FB:73:E0:97:DA:69:17:E8:0F:5B:CE:6C:8C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nUkl6XatC_tz4JfaaRfoD1vObIw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/1f1cbd-fea6-4553-8db6-4e09f9e85723/1/ii0aUuuoqJ1eG20P0Mgg9vF2Fno.roa
Signing time:             Sun 01 Jan 2023 14:34:49 +0000
ROA not before:           Sun 01 Jan 2023 14:34:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211079
IP address blocks:        185.83.228.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:30:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:c1:b4:9e:d3:cb:55:d3:e2:e8:b9:b6:48:04:87:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d4925e976ad0bfb73e097da6917e80f5bce6c8c
        Validity
            Not Before: Jan  1 14:34:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8a2d1a52eba8a89d5e1b6d0fd0c820f6f176167a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:7a:43:c3:fb:a0:51:ee:6c:7f:19:a4:fd:83:
                    1f:46:e3:90:05:a7:a4:8c:77:54:bc:01:18:4c:95:
                    35:e6:15:bd:d4:a5:21:b3:61:da:a0:f1:17:95:ab:
                    60:e7:33:26:05:99:3f:ad:22:e8:0f:9e:40:8c:b1:
                    cb:a1:f0:2c:c9:75:55:e0:74:5d:04:3a:38:06:41:
                    fe:ed:16:8b:19:4d:c3:ad:b9:53:e1:a5:d8:4a:3e:
                    51:d2:12:6b:73:86:4d:22:4b:7a:30:17:b1:fa:f2:
                    9f:39:2f:c0:e3:f6:7d:06:25:11:68:aa:8f:27:5c:
                    23:3b:d4:fa:10:b1:29:ef:ec:8a:03:fb:18:81:31:
                    d3:6c:ec:b4:3e:7a:3b:b6:21:30:b3:a3:3d:d6:97:
                    60:51:3b:d6:43:5d:00:a6:92:87:3a:62:62:e7:99:
                    99:64:cc:68:0b:29:bb:c8:07:14:aa:d1:94:e8:f9:
                    d3:6f:7e:fe:76:36:98:77:a2:82:8e:b7:b5:9e:b6:
                    ab:a3:ed:87:2a:0f:c6:08:9c:79:4e:0d:41:3c:13:
                    2c:87:25:bf:93:7f:75:f6:82:23:dc:38:2c:da:fb:
                    d5:6f:53:3d:0a:44:48:00:41:59:2a:bb:41:32:11:
                    8e:65:5a:6d:b9:52:20:e8:3e:be:b6:f0:52:84:91:
                    7b:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:2D:1A:52:EB:A8:A8:9D:5E:1B:6D:0F:D0:C8:20:F6:F1:76:16:7A
            X509v3 Authority Key Identifier:
                keyid:9D:49:25:E9:76:AD:0B:FB:73:E0:97:DA:69:17:E8:0F:5B:CE:6C:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nUkl6XatC_tz4JfaaRfoD1vObIw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1f1cbd-fea6-4553-8db6-4e09f9e85723/1/ii0aUuuoqJ1eG20P0Mgg9vF2Fno.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1f1cbd-fea6-4553-8db6-4e09f9e85723/1/nUkl6XatC_tz4JfaaRfoD1vObIw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.83.228.0/24

    Signature Algorithm: sha256WithRSAEncryption
         81:98:a8:fc:7c:09:ea:78:e1:c6:12:97:5b:e4:ec:b1:aa:53:
         06:76:77:87:ce:63:21:83:00:76:b6:35:79:c4:53:11:f3:21:
         69:40:a0:a8:ba:3c:e1:69:29:06:13:ea:98:58:ce:da:f6:09:
         a1:b9:d3:6e:be:8f:c5:93:34:91:63:54:74:2d:42:e5:b2:b9:
         0f:04:74:f7:c8:25:97:ec:d1:8e:c1:ed:e7:26:82:eb:4f:66:
         48:1d:1b:f8:18:eb:b3:d4:50:60:27:f5:5a:a8:27:d3:cd:a9:
         45:56:db:5d:d1:0b:86:5c:ff:6d:cb:57:4b:d5:87:1e:e7:37:
         ca:a5:96:b2:b5:34:16:d9:fa:a6:c8:73:d1:f0:f1:31:73:49:
         b5:01:a6:f4:f7:3a:87:a1:17:74:ca:71:5e:3f:d7:d6:cd:cf:
         b3:9e:bd:9a:7f:3a:25:a1:f9:0f:2b:f8:bb:c2:c9:4c:93:88:
         b9:a7:41:83:71:23:09:52:4c:1d:84:4e:02:b0:58:13:39:2c:
         a5:0e:87:0b:2e:41:4b:01:14:4d:0a:a9:cd:09:a0:8e:7a:b4:
         3f:c4:d1:23:e5:43:ee:44:ee:5e:11:ee:ed:23:87:9e:35:9c:
         2f:61:48:80:c9:1a:9d:be:d1:54:c9:0a:4a:09:9c:35:10:25:
         da:c0:a4:d8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtwbSe08tV0+LoubZIBIcxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkNDkyNWU5NzZhZDBiZmI3M2UwOTdkYTY5MTdlODBmNWJj
ZTZjOGMwHhcNMjMwMTAxMTQzNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTJkMWE1MmViYThhODlkNWUxYjZkMGZkMGM4MjBmNmYxNzYxNjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhXpDw/ugUe5sfxmk/YMfRuOQBaek
jHdUvAEYTJU15hW91KUhs2HaoPEXlatg5zMmBZk/rSLoD55AjLHLofAsyXVV4HRd
BDo4BkH+7RaLGU3DrblT4aXYSj5R0hJrc4ZNIkt6MBex+vKfOS/A4/Z9BiURaKqP
J1wjO9T6ELEp7+yKA/sYgTHTbOy0Pno7tiEws6M91pdgUTvWQ10AppKHOmJi55mZ
ZMxoCym7yAcUqtGU6PnTb37+djaYd6KCjre1nraro+2HKg/GCJx5Tg1BPBMshyW/
k3919oIj3Dgs2vvVb1M9CkRIAEFZKrtBMhGOZVptuVIg6D6+tvBShJF7uwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIotGlLrqKidXhttD9DIIPbxdhZ6MB8GA1UdIwQY
MBaAFJ1JJel2rQv7c+CX2mkX6A9bzmyMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblVrbDZYYXRDX3R6NEpmYWFSZm9EMXZPYkl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xZjFjYmQtZmVhNi00NTUzLThkYjYt
NGUwOWY5ZTg1NzIzLzEvaWkwYVV1dW9xSjFlRzIwUDBNZ2c5dkYyRm5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xZjFjYmQtZmVhNi00NTUzLThkYjYtNGUwOWY5ZTg1NzIz
LzEvblVrbDZYYXRDX3R6NEpmYWFSZm9EMXZPYkl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuVPkMA0G
CSqGSIb3DQEBCwUAA4IBAQCBmKj8fAnqeOHGEpdb5OyxqlMGdneHzmMhgwB2tjV5
xFMR8yFpQKCoujzhaSkGE+qYWM7a9gmhudNuvo/FkzSRY1R0LULlsrkPBHT3yCWX
7NGOwe3nJoLrT2ZIHRv4GOuz1FBgJ/VaqCfTzalFVttd0QuGXP9ty1dL1Yce5zfK
pZaytTQW2fqmyHPR8PExc0m1Aab09zqHoRd0ynFeP9fWzc+znr2afzolofkPK/i7
wslMk4i5p0GDcSMJUkwdhE4CsFgTOSylDocLLkFLARRNCqnNCaCOerQ/xNEj5UPu
RO5eEe7tI4eeNZwvYUiAyRqdvtFUyQpKCZw1ECXawKTY
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:40 2024 by rpki-client on console-fra.rpki-client.org