Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/L8p5rlejRyygWzMEXg7N_QndrMo.roa
File:                     L8p5rlejRyygWzMEXg7N_QndrMo.roa (raw, json)
Hash identifier:          UBz998exWAHnrYoyR3qlsWv/mjwOqhrsp3iRnU7fKmo=
Subject key identifier:   2F:CA:79:AE:57:A3:47:2C:A0:5B:33:04:5E:0E:CD:FD:09:DD:AC:CA
Certificate issuer:       /CN=6363bb65895f3a54a4b324a10c79ac98efe2a1ca
Certificate serial:       0189D3B539146DCA043EC4A5B68C0B63BEE5
Authority key identifier: 63:63:BB:65:89:5F:3A:54:A4:B3:24:A1:0C:79:AC:98:EF:E2:A1:CA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y2O7ZYlfOlSksyShDHmsmO_ioco.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/L8p5rlejRyygWzMEXg7N_QndrMo.roa
Signing time:             Tue 08 Aug 2023 05:53:36 +0000
ROA not before:           Tue 08 Aug 2023 05:53:36 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        185.126.158.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Mon 28 Aug 2023 17:50:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:d3:b5:39:14:6d:ca:04:3e:c4:a5:b6:8c:0b:63:be:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6363bb65895f3a54a4b324a10c79ac98efe2a1ca
        Validity
            Not Before: Aug  8 05:53:36 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2fca79ae57a3472ca05b33045e0ecdfd09ddacca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:4b:01:2b:73:e0:84:d4:f4:9f:b7:b9:85:7e:
                    a1:9d:d5:e4:f4:85:47:61:5d:79:a3:33:97:18:39:
                    a9:69:e4:02:80:64:d3:38:6d:01:6c:7d:98:ae:b4:
                    7a:33:6e:f8:ba:fb:ec:a6:10:13:1d:01:36:57:ae:
                    f6:9c:e4:2c:ce:5b:3c:32:24:cd:9a:2a:6f:45:29:
                    c7:e9:f1:6a:92:c0:36:52:b2:03:aa:b9:e3:41:df:
                    38:43:25:83:b9:c7:6c:eb:8f:d5:a8:05:11:15:3c:
                    57:fa:5d:59:22:ba:c7:c0:dd:20:77:2b:80:15:af:
                    d1:cf:7b:b6:33:bb:f7:e5:13:e5:25:b4:4d:a1:41:
                    9f:0e:e6:7d:03:1b:ca:35:f0:7b:48:af:d5:fc:0b:
                    35:f7:ac:a9:21:f5:70:c8:72:df:5e:50:f4:13:81:
                    d6:ac:c5:14:37:18:c0:46:2e:22:bc:60:2b:4b:7b:
                    29:b1:1b:25:a6:39:84:ad:ec:3b:37:8d:bf:4c:d6:
                    9c:f8:fa:24:7a:21:b1:12:f9:1c:92:b9:29:f2:8b:
                    1f:bb:f3:00:40:83:f8:47:0a:14:97:dc:ff:75:ea:
                    52:34:29:b0:ea:86:04:2b:c4:d2:d6:b6:19:0c:41:
                    5c:0e:4a:67:d3:07:24:8a:0b:65:e3:b7:25:bf:4e:
                    45:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:CA:79:AE:57:A3:47:2C:A0:5B:33:04:5E:0E:CD:FD:09:DD:AC:CA
            X509v3 Authority Key Identifier:
                keyid:63:63:BB:65:89:5F:3A:54:A4:B3:24:A1:0C:79:AC:98:EF:E2:A1:CA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y2O7ZYlfOlSksyShDHmsmO_ioco.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/L8p5rlejRyygWzMEXg7N_QndrMo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/Y2O7ZYlfOlSksyShDHmsmO_ioco.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.126.158.0/23

    Signature Algorithm: sha256WithRSAEncryption
         79:79:15:42:ca:ce:88:6c:a3:76:e7:8c:b2:02:48:f3:a0:73:
         a8:9c:11:34:75:2e:e9:53:8d:0d:f3:ce:c3:1c:ab:99:3e:d3:
         cf:9b:5c:3e:64:25:10:48:dd:13:8f:7c:7a:f1:7a:e2:16:72:
         a4:ce:e8:01:39:a7:94:27:63:a5:8a:e6:c5:98:7b:e7:c8:c7:
         f1:b4:1a:9d:3f:df:7a:b9:cb:b8:3c:a4:4f:a4:8a:fd:16:30:
         27:03:13:f9:f7:99:0c:94:df:40:73:0b:8e:d0:21:95:86:3a:
         1a:67:bf:cf:b6:56:a2:d7:3a:12:cd:b1:bd:12:b9:26:53:65:
         18:fc:d6:02:a4:db:7b:a0:1b:03:d8:77:00:9c:69:29:c4:74:
         cc:71:08:43:71:ca:38:14:68:9e:ef:ab:8a:74:e9:3c:cf:5d:
         87:af:3b:54:95:da:0d:b8:d2:19:51:85:d6:6c:5b:be:56:67:
         66:fb:32:6c:6b:c0:72:0e:31:db:bc:a2:9c:9b:f6:6d:7e:7d:
         96:38:99:b2:ac:93:a4:37:76:8a:fa:04:20:c3:3a:bc:8d:fe:
         2f:3e:c0:4f:2a:1e:34:e4:55:48:1c:48:4c:80:db:1b:68:b3:
         f8:b1:3a:d1:e2:9d:68:87:bd:d9:cf:70:e7:7b:90:f7:22:65:
         66:1d:10:a1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYnTtTkUbcoEPsSltowLY77lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzNjNiYjY1ODk1ZjNhNTRhNGIzMjRhMTBjNzlhYzk4ZWZl
MmExY2EwHhcNMjMwODA4MDU1MzM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmNhNzlhZTU3YTM0NzJjYTA1YjMzMDQ1ZTBlY2RmZDA5ZGRhY2NhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr0sBK3PghNT0n7e5hX6hndXk9IVH
YV15ozOXGDmpaeQCgGTTOG0BbH2YrrR6M274uvvsphATHQE2V672nOQszls8MiTN
mipvRSnH6fFqksA2UrIDqrnjQd84QyWDucds64/VqAURFTxX+l1ZIrrHwN0gdyuA
Fa/Rz3u2M7v35RPlJbRNoUGfDuZ9AxvKNfB7SK/V/As196ypIfVwyHLfXlD0E4HW
rMUUNxjARi4ivGArS3spsRslpjmErew7N42/TNac+PokeiGxEvkckrkp8osfu/MA
QIP4RwoUl9z/depSNCmw6oYEK8TS1rYZDEFcDkpn0wckigtl47clv05FiwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC/Kea5Xo0csoFszBF4Ozf0J3azKMB8GA1UdIwQY
MBaAFGNju2WJXzpUpLMkoQx5rJjv4qHKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTJPN1pZbGZPbFNrc3lTaERIbXNtT19pb2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9kYjliZjEtZTAxOS00NWE0LTg2NjMt
YTZjYTQ1NGRiMmQ3LzEvTDhwNXJsZWpSeXlnV3pNRVhnN05fUW5kck1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9kYjliZjEtZTAxOS00NWE0LTg2NjMtYTZjYTQ1NGRiMmQ3
LzEvWTJPN1pZbGZPbFNrc3lTaERIbXNtT19pb2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuX6eMA0G
CSqGSIb3DQEBCwUAA4IBAQB5eRVCys6IbKN254yyAkjzoHOonBE0dS7pU40N887D
HKuZPtPPm1w+ZCUQSN0Tj3x68XriFnKkzugBOaeUJ2OliubFmHvnyMfxtBqdP996
ucu4PKRPpIr9FjAnAxP595kMlN9AcwuO0CGVhjoaZ7/Ptlai1zoSzbG9ErkmU2UY
/NYCpNt7oBsD2HcAnGkpxHTMcQhDcco4FGie76uKdOk8z12HrztUldoNuNIZUYXW
bFu+Vmdm+zJsa8ByDjHbvKKcm/Ztfn2WOJmyrJOkN3aK+gQgwzq8jf4vPsBPKh40
5FVIHEhMgNsbaLP4sTrR4p1oh73Zz3Dne5D3ImVmHRCh
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:45 2024 by rpki-client on console-fra.rpki-client.org