Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/e74f5f-75c5-4a75-98b9-9fecbd25d434/1/Z1OYtBU5xrEVOVJPmM3fMVw9woI.roa
File:                     Z1OYtBU5xrEVOVJPmM3fMVw9woI.roa (raw, json)
Hash identifier:          8Wf4ghS3iYiWktmCmPyltdssBTj8BixMHUYXVzextwk=
Subject key identifier:   67:53:98:B4:15:39:C6:B1:15:39:52:4F:98:CD:DF:31:5C:3D:C2:82
Certificate issuer:       /CN=36bd4a382dae2be5cb98b35e5a048d03b4ccbe2b
Certificate serial:       01877E2317A2C876633568477134EF375008
Authority key identifier: 36:BD:4A:38:2D:AE:2B:E5:CB:98:B3:5E:5A:04:8D:03:B4:CC:BE:2B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Nr1KOC2uK-XLmLNeWgSNA7TMvis.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/e74f5f-75c5-4a75-98b9-9fecbd25d434/1/Z1OYtBU5xrEVOVJPmM3fMVw9woI.roa
Signing time:             Fri 14 Apr 2023 05:00:41 +0000
ROA not before:           Fri 14 Apr 2023 05:00:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     8075
IP address blocks:        185.211.208.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:29:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:7e:23:17:a2:c8:76:63:35:68:47:71:34:ef:37:50:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36bd4a382dae2be5cb98b35e5a048d03b4ccbe2b
        Validity
            Not Before: Apr 14 05:00:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=675398b41539c6b11539524f98cddf315c3dc282
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:ba:7f:f7:fb:cc:fd:a9:51:f7:21:dd:5a:12:
                    01:95:00:4e:62:8f:f5:7a:18:85:f7:d8:9e:f0:50:
                    07:f7:c1:2b:61:42:f5:3b:14:c3:35:2a:d3:0e:84:
                    66:a4:94:a4:2d:b5:14:4a:69:fb:c5:00:84:91:92:
                    e9:c8:2a:34:58:18:39:7d:25:cd:c8:f3:c4:05:3f:
                    37:ff:48:72:a5:47:81:fd:90:e1:cd:29:e7:aa:a3:
                    19:47:05:6f:4d:1e:ff:73:05:e2:24:e6:66:9a:07:
                    06:8b:d2:a2:81:4c:e2:2d:0e:f2:07:96:47:fc:25:
                    6a:a1:d9:48:f9:ff:f6:7a:ef:65:50:47:a8:44:c1:
                    4f:87:fe:d4:02:5d:75:e6:02:f4:cb:e9:55:bd:63:
                    c9:89:2e:cf:4b:d8:cf:f9:76:86:55:e8:6a:7f:e6:
                    3b:24:4e:65:61:92:0d:b4:e3:af:d2:07:41:5b:f5:
                    bb:d8:ab:da:1d:8b:1e:21:7d:d9:6e:20:e2:2a:68:
                    94:0f:b1:d3:f8:77:3c:c9:87:08:66:12:16:d3:54:
                    04:bf:77:e5:f1:24:ad:22:85:78:d6:52:c6:52:cc:
                    e9:68:ae:23:39:ad:80:93:4a:9b:dd:51:8d:58:88:
                    9d:78:42:f5:8c:0d:05:21:7c:c0:ba:f0:7d:c2:68:
                    e6:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:53:98:B4:15:39:C6:B1:15:39:52:4F:98:CD:DF:31:5C:3D:C2:82
            X509v3 Authority Key Identifier:
                keyid:36:BD:4A:38:2D:AE:2B:E5:CB:98:B3:5E:5A:04:8D:03:B4:CC:BE:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nr1KOC2uK-XLmLNeWgSNA7TMvis.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/e74f5f-75c5-4a75-98b9-9fecbd25d434/1/Z1OYtBU5xrEVOVJPmM3fMVw9woI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/e74f5f-75c5-4a75-98b9-9fecbd25d434/1/Nr1KOC2uK-XLmLNeWgSNA7TMvis.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.211.208.0/24

    Signature Algorithm: sha256WithRSAEncryption
         01:b8:cb:70:c7:49:8f:18:28:35:ac:0c:36:a6:e1:95:f0:5a:
         2d:24:e0:e2:67:66:41:75:0c:2e:c3:95:66:31:47:48:a9:70:
         cd:bd:76:36:5d:60:e9:1b:0c:21:26:46:bf:05:14:bf:a5:7d:
         15:9a:e8:c4:8e:b0:9a:1b:65:55:a9:84:a1:1c:59:a3:3a:b3:
         4b:53:0f:f3:f5:96:85:36:a3:ef:a3:4d:94:9a:74:f2:8e:d7:
         32:62:95:ff:82:41:09:66:f5:7d:d3:92:e8:24:4c:c6:70:98:
         c0:3d:4d:d3:15:d0:f0:43:af:00:24:da:ba:45:9f:f1:87:41:
         1f:0c:72:20:4c:4c:0f:ee:93:6f:83:67:7a:31:c7:e3:cc:86:
         60:4e:d2:db:10:12:39:ef:61:45:99:e9:c3:46:05:24:fa:a3:
         89:72:16:20:55:22:a5:62:87:f1:23:0b:fa:36:4b:8b:f9:15:
         74:5b:7e:b7:52:5d:be:6b:6c:f9:74:75:17:b2:59:1b:d4:68:
         0a:d8:8c:e2:fa:5a:c8:ec:73:28:72:8d:91:5e:e1:79:7f:7f:
         4e:1c:29:dd:33:33:e4:f3:b6:6c:75:e7:20:f1:1e:86:c8:8d:
         7d:dc:e4:60:91:d5:eb:6d:55:b0:8c:08:27:a7:d6:98:3f:a3:
         d7:04:45:2a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYd+IxeiyHZjNWhHcTTvN1AIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YmQ0YTM4MmRhZTJiZTVjYjk4YjM1ZTVhMDQ4ZDAzYjRj
Y2JlMmIwHhcNMjMwNDE0MDUwMDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzUzOThiNDE1MzljNmIxMTUzOTUyNGY5OGNkZGYzMTVjM2RjMjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgbp/9/vM/alR9yHdWhIBlQBOYo/1
ehiF99ie8FAH98ErYUL1OxTDNSrTDoRmpJSkLbUUSmn7xQCEkZLpyCo0WBg5fSXN
yPPEBT83/0hypUeB/ZDhzSnnqqMZRwVvTR7/cwXiJOZmmgcGi9KigUziLQ7yB5ZH
/CVqodlI+f/2eu9lUEeoRMFPh/7UAl115gL0y+lVvWPJiS7PS9jP+XaGVehqf+Y7
JE5lYZINtOOv0gdBW/W72KvaHYseIX3ZbiDiKmiUD7HT+Hc8yYcIZhIW01QEv3fl
8SStIoV41lLGUszpaK4jOa2Ak0qb3VGNWIideEL1jA0FIXzAuvB9wmjm0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGdTmLQVOcaxFTlST5jN3zFcPcKCMB8GA1UdIwQY
MBaAFDa9Sjgtrivly5izXloEjQO0zL4rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnIxS09DMnVLLVhMbUxOZVdnU05BN1RNdmlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9lNzRmNWYtNzVjNS00YTc1LTk4Yjkt
OWZlY2JkMjVkNDM0LzEvWjFPWXRCVTV4ckVWT1ZKUG1NM2ZNVnc5d29JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9lNzRmNWYtNzVjNS00YTc1LTk4YjktOWZlY2JkMjVkNDM0
LzEvTnIxS09DMnVLLVhMbUxOZVdnU05BN1RNdmlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudPQMA0G
CSqGSIb3DQEBCwUAA4IBAQABuMtwx0mPGCg1rAw2puGV8FotJODiZ2ZBdQwuw5Vm
MUdIqXDNvXY2XWDpGwwhJka/BRS/pX0VmujEjrCaG2VVqYShHFmjOrNLUw/z9ZaF
NqPvo02UmnTyjtcyYpX/gkEJZvV905LoJEzGcJjAPU3TFdDwQ68AJNq6RZ/xh0Ef
DHIgTEwP7pNvg2d6McfjzIZgTtLbEBI572FFmenDRgUk+qOJchYgVSKlYofxIwv6
NkuL+RV0W363Ul2+a2z5dHUXslkb1GgK2Izi+lrI7HMoco2RXuF5f39OHCndMzPk
87Zsdecg8R6GyI193ORgkdXrbVWwjAgnp9aYP6PXBEUq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:48 2024 by rpki-client on console-fra.rpki-client.org