Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/96d022-ee02-447c-a349-9c933ccd16c7/1/O2oGSVzdLOFwDV0-KMr6i7DSboY.roa
File:                     O2oGSVzdLOFwDV0-KMr6i7DSboY.roa (raw, json)
Hash identifier:          o6DSaiZ8KyVG43hdOwAzUYhjrYX6ey3zlg1P9wYwCSo=
Subject key identifier:   3B:6A:06:49:5C:DD:2C:E1:70:0D:5D:3E:28:CA:FA:8B:B0:D2:6E:86
Certificate issuer:       /CN=485e3ee1c3258175f4ff6d9b559da54c83ec0b4f
Certificate serial:       0185718C2B9DAC9E0E3444EC2C69EE6EA7E0
Authority key identifier: 48:5E:3E:E1:C3:25:81:75:F4:FF:6D:9B:55:9D:A5:4C:83:EC:0B:4F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SF4-4cMlgXX0_22bVZ2lTIPsC08.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/18/96d022-ee02-447c-a349-9c933ccd16c7/1/O2oGSVzdLOFwDV0-KMr6i7DSboY.roa
Signing time:             Mon 02 Jan 2023 08:14:49 +0000
ROA not before:           Mon 02 Jan 2023 08:14:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     20546
IP address blocks:        185.253.204.0/22 maxlen: 24
                          193.16.220.0/24 maxlen: 24
                          91.223.186.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:8c:2b:9d:ac:9e:0e:34:44:ec:2c:69:ee:6e:a7:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=485e3ee1c3258175f4ff6d9b559da54c83ec0b4f
        Validity
            Not Before: Jan  2 08:14:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3b6a06495cdd2ce1700d5d3e28cafa8bb0d26e86
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:20:90:15:d4:57:75:14:f6:60:f4:dc:c8:24:
                    e4:b2:e3:b4:f8:d2:fa:56:d2:bd:14:ea:2a:41:83:
                    36:60:33:97:c4:be:18:9a:92:14:4a:09:00:ee:43:
                    c6:20:51:96:e6:86:e2:59:a4:f3:de:5f:40:22:bf:
                    b2:b8:89:1e:91:c0:6c:c4:b6:9d:31:c7:cb:42:8f:
                    df:e1:66:a9:29:11:c7:71:08:12:74:5b:f5:c3:87:
                    95:08:6f:c2:4d:03:4f:2b:c1:ec:16:19:66:d2:a8:
                    81:69:5a:6b:b6:18:4b:a1:8f:1a:79:9d:6e:19:7a:
                    68:98:3a:74:9f:ac:9b:f8:b6:a9:61:26:ee:53:65:
                    0a:ed:35:12:38:5a:33:3e:e7:a2:2b:c5:cf:53:69:
                    80:cf:30:a2:26:2f:2c:0b:5a:2d:57:da:fd:b6:62:
                    2d:eb:7c:63:73:00:ef:2d:8d:f1:c4:45:31:6e:07:
                    1a:e3:d0:56:eb:cb:28:b6:b9:ed:d9:72:99:e4:23:
                    99:f1:63:65:a9:b3:ed:60:88:9a:0b:b6:96:aa:c3:
                    a6:13:a2:d9:0e:d8:b3:90:71:ce:4c:0d:49:b6:cb:
                    6e:15:80:fe:0d:de:ee:0c:c0:97:73:b0:0f:10:a2:
                    27:65:d6:f2:66:82:99:b6:2e:14:ac:58:13:25:fa:
                    ed:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:6A:06:49:5C:DD:2C:E1:70:0D:5D:3E:28:CA:FA:8B:B0:D2:6E:86
            X509v3 Authority Key Identifier:
                keyid:48:5E:3E:E1:C3:25:81:75:F4:FF:6D:9B:55:9D:A5:4C:83:EC:0B:4F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SF4-4cMlgXX0_22bVZ2lTIPsC08.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/96d022-ee02-447c-a349-9c933ccd16c7/1/O2oGSVzdLOFwDV0-KMr6i7DSboY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/18/96d022-ee02-447c-a349-9c933ccd16c7/1/SF4-4cMlgXX0_22bVZ2lTIPsC08.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.223.186.0/24
                  185.253.204.0/22
                  193.16.220.0/24

    Signature Algorithm: sha256WithRSAEncryption
         12:82:c1:45:02:ce:6a:d4:b5:1b:a5:3f:6c:a0:30:01:f2:fc:
         9d:44:80:5b:62:19:1c:7e:2f:dc:64:ad:03:a1:5e:41:30:9c:
         59:79:d7:8a:6d:af:35:c8:80:51:cf:c7:1d:30:eb:35:9e:bb:
         de:fd:64:8e:fb:f1:08:b4:f7:46:31:3e:3b:d6:e4:b7:51:e8:
         12:f1:0f:82:ec:95:85:11:a3:b8:7d:db:f9:8a:f7:bb:a4:73:
         15:60:e3:e5:7f:47:a3:44:15:65:01:03:7b:33:93:43:db:5d:
         cc:46:3b:c4:fa:00:01:20:1d:8b:9e:4d:5c:d3:7c:3b:76:f3:
         ee:41:4a:35:95:63:30:3b:4c:48:7f:74:3d:c8:a7:0e:a4:c1:
         3d:78:f2:e3:66:ed:27:0a:ba:4d:62:77:f4:5b:9b:03:b8:c5:
         00:75:a9:5a:b9:08:bb:b8:39:d0:16:00:e2:ce:27:85:d9:ad:
         a4:48:b5:c5:f2:46:a6:2c:da:b6:21:39:dd:17:31:57:62:cb:
         0d:eb:38:c6:f9:6b:73:2b:38:86:52:39:bf:f5:d9:e4:25:85:
         02:b0:0d:f7:e7:b9:bf:9a:be:52:b0:05:a3:b7:94:15:4a:0a:
         26:e7:a2:b2:8f:3f:4a:56:5e:4f:f6:70:00:59:39:f2:f4:7d:
         7e:51:ff:a5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVxjCudrJ4ONETsLGnubqfgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4NWUzZWUxYzMyNTgxNzVmNGZmNmQ5YjU1OWRhNTRjODNl
YzBiNGYwHhcNMjMwMTAyMDgxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjZhMDY0OTVjZGQyY2UxNzAwZDVkM2UyOGNhZmE4YmIwZDI2ZTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiiCQFdRXdRT2YPTcyCTksuO0+NL6
VtK9FOoqQYM2YDOXxL4YmpIUSgkA7kPGIFGW5obiWaTz3l9AIr+yuIkekcBsxLad
McfLQo/f4WapKRHHcQgSdFv1w4eVCG/CTQNPK8HsFhlm0qiBaVprthhLoY8aeZ1u
GXpomDp0n6yb+LapYSbuU2UK7TUSOFozPueiK8XPU2mAzzCiJi8sC1otV9r9tmIt
63xjcwDvLY3xxEUxbgca49BW68sotrnt2XKZ5COZ8WNlqbPtYIiaC7aWqsOmE6LZ
DtizkHHOTA1JtstuFYD+Dd7uDMCXc7APEKInZdbyZoKZti4UrFgTJfrtTQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDtqBklc3SzhcA1dPijK+ouw0m6GMB8GA1UdIwQY
MBaAFEhePuHDJYF19P9tm1WdpUyD7AtPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0Y0LTRjTWxnWFgwXzIyYlZaMmxUSVBzQzA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC85NmQwMjItZWUwMi00NDdjLWEzNDkt
OWM5MzNjY2QxNmM3LzEvTzJvR1NWemRMT0Z3RFYwLUtNcjZpN0RTYm9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC85NmQwMjItZWUwMi00NDdjLWEzNDktOWM5MzNjY2QxNmM3
LzEvU0Y0LTRjTWxnWFgwXzIyYlZaMmxUSVBzQzA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW9+6AwQC
uf3MAwQAwRDcMA0GCSqGSIb3DQEBCwUAA4IBAQASgsFFAs5q1LUbpT9soDAB8vyd
RIBbYhkcfi/cZK0DoV5BMJxZedeKba81yIBRz8cdMOs1nrve/WSO+/EItPdGMT47
1uS3UegS8Q+C7JWFEaO4fdv5ive7pHMVYOPlf0ejRBVlAQN7M5ND213MRjvE+gAB
IB2Lnk1c03w7dvPuQUo1lWMwO0xIf3Q9yKcOpME9ePLjZu0nCrpNYnf0W5sDuMUA
dalauQi7uDnQFgDizieF2a2kSLXF8kamLNq2ITndFzFXYssN6zjG+WtzKziGUjm/
9dnkJYUCsA3357m/mr5SsAWjt5QVSgom56Kyjz9KVl5P9nAAWTny9H1+Uf+l
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:47 2024 by rpki-client on console-ams.rpki-client.org