Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/ec67db-c7a1-48a6-ab94-60b93595bac9/1/GuuGdbzA8hBOlyIdxRPR3XAkqzA.roa
File:                     GuuGdbzA8hBOlyIdxRPR3XAkqzA.roa (raw, json)
Hash identifier:          b+COSwMeoqzjiWqt/o1J0ZuSA/q0uhfks0Xf+EahsKM=
Subject key identifier:   1A:EB:86:75:BC:C0:F2:10:4E:97:22:1D:C5:13:D1:DD:70:24:AB:30
Certificate issuer:       /CN=854c0db0065844d9594dfe8dd8efd77ed1e493f8
Certificate serial:       01856F149E3FECBCCC32D5CC1D874BF48DD0
Authority key identifier: 85:4C:0D:B0:06:58:44:D9:59:4D:FE:8D:D8:EF:D7:7E:D1:E4:93:F8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hUwNsAZYRNlZTf6N2O_XftHkk_g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1c/ec67db-c7a1-48a6-ab94-60b93595bac9/1/GuuGdbzA8hBOlyIdxRPR3XAkqzA.roa
Signing time:             Sun 01 Jan 2023 20:45:00 +0000
ROA not before:           Sun 01 Jan 2023 20:45:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61062
IP address blocks:        185.247.196.0/22 maxlen: 24
                          2a0d:cb80::/29 maxlen: 48

Validation:               Failed, certificate revoked on Thu 17 Aug 2023 09:21:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:14:9e:3f:ec:bc:cc:32:d5:cc:1d:87:4b:f4:8d:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=854c0db0065844d9594dfe8dd8efd77ed1e493f8
        Validity
            Not Before: Jan  1 20:45:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1aeb8675bcc0f2104e97221dc513d1dd7024ab30
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:45:ae:ab:e1:b6:e6:88:e9:3a:f9:a5:eb:77:
                    d3:4e:64:12:c6:21:bd:db:ca:e4:b3:d6:48:44:35:
                    84:19:44:70:62:76:5e:7d:c1:38:5b:68:ed:c0:77:
                    bd:22:ab:34:73:7e:95:70:19:8d:b6:a7:33:52:e6:
                    fc:dc:3f:0b:a5:40:37:27:2d:d9:af:24:cf:fc:60:
                    1e:d0:0c:32:21:d9:67:9a:de:e6:0c:61:3d:52:fc:
                    96:97:af:89:99:3c:ca:da:51:61:c8:a9:91:90:1c:
                    36:24:7a:54:57:e8:43:9a:7c:21:f7:09:4d:ee:6a:
                    cb:5a:70:ca:22:12:d4:66:f5:e9:9e:6e:1d:dd:35:
                    b9:97:d2:30:03:2e:c3:b1:5e:d5:3d:13:19:b2:e8:
                    06:6f:8c:17:46:56:bf:b1:95:9d:dc:be:26:57:d6:
                    81:ce:53:f2:91:c9:1b:0d:70:57:d2:2f:3f:f8:46:
                    70:a7:76:24:29:4c:a0:14:e7:cf:f8:4c:22:c0:d6:
                    fd:c8:d1:77:d8:72:08:21:32:21:5a:ff:25:32:c2:
                    cb:54:76:96:ea:21:32:c0:43:c4:7d:67:0e:17:1a:
                    12:ab:6e:6e:81:8e:e1:aa:5d:32:f0:73:f7:64:94:
                    4f:e4:97:a2:9c:77:7d:04:9f:b0:1b:2c:f6:08:49:
                    f7:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:EB:86:75:BC:C0:F2:10:4E:97:22:1D:C5:13:D1:DD:70:24:AB:30
            X509v3 Authority Key Identifier:
                keyid:85:4C:0D:B0:06:58:44:D9:59:4D:FE:8D:D8:EF:D7:7E:D1:E4:93:F8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hUwNsAZYRNlZTf6N2O_XftHkk_g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/ec67db-c7a1-48a6-ab94-60b93595bac9/1/GuuGdbzA8hBOlyIdxRPR3XAkqzA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/ec67db-c7a1-48a6-ab94-60b93595bac9/1/hUwNsAZYRNlZTf6N2O_XftHkk_g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.247.196.0/22
                IPv6:
                  2a0d:cb80::/29

    Signature Algorithm: sha256WithRSAEncryption
         17:cd:80:4b:4c:dc:6d:23:69:f1:a0:16:5e:28:a9:03:c2:1f:
         81:d7:43:0e:22:09:fd:1e:e8:a2:5e:7b:ed:c0:98:92:f6:26:
         2f:35:8d:35:6b:ea:6d:71:be:10:9b:82:17:93:91:a8:26:7a:
         02:71:7b:12:a6:de:1a:35:90:4e:64:25:cb:8b:6b:63:30:7f:
         f5:4a:18:a6:61:b5:e8:f3:a6:c1:76:52:46:37:e0:5b:74:38:
         60:b9:7b:fc:e6:c1:f1:df:cd:6b:aa:55:f5:a9:57:49:24:b3:
         15:9d:82:74:e1:db:0d:3b:72:53:dc:b4:58:9e:01:c9:80:40:
         83:51:72:13:0b:53:b9:6a:46:79:52:f3:40:df:54:42:05:77:
         7e:c6:d3:8e:e6:bf:8c:86:bc:df:da:16:2e:85:22:71:51:93:
         53:63:6f:9b:06:cb:43:ec:d0:95:70:ac:a8:c5:fb:e6:8b:8e:
         02:bd:22:ac:1d:f6:d5:0b:1d:ce:9e:d8:1b:ca:6c:bb:ab:ca:
         cd:46:df:9e:cf:65:51:4b:92:bf:fb:2e:5d:42:03:39:09:b6:
         d5:69:21:ec:49:53:e3:8f:1e:db:b5:af:2d:62:ee:ad:1e:99:
         12:67:9c:c3:ea:cd:18:30:65:7b:3d:e1:20:f3:1e:03:15:e3:
         ca:91:06:4f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvFJ4/7LzMMtXMHYdL9I3QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NGMwZGIwMDY1ODQ0ZDk1OTRkZmU4ZGQ4ZWZkNzdlZDFl
NDkzZjgwHhcNMjMwMTAxMjA0NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWViODY3NWJjYzBmMjEwNGU5NzIyMWRjNTEzZDFkZDcwMjRhYjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm0Wuq+G25ojpOvml63fTTmQSxiG9
28rks9ZIRDWEGURwYnZefcE4W2jtwHe9Iqs0c36VcBmNtqczUub83D8LpUA3Jy3Z
ryTP/GAe0AwyIdlnmt7mDGE9UvyWl6+JmTzK2lFhyKmRkBw2JHpUV+hDmnwh9wlN
7mrLWnDKIhLUZvXpnm4d3TW5l9IwAy7DsV7VPRMZsugGb4wXRla/sZWd3L4mV9aB
zlPykckbDXBX0i8/+EZwp3YkKUygFOfP+EwiwNb9yNF32HIIITIhWv8lMsLLVHaW
6iEywEPEfWcOFxoSq25ugY7hql0y8HP3ZJRP5JeinHd9BJ+wGyz2CEn3mwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBrrhnW8wPIQTpciHcUT0d1wJKswMB8GA1UdIwQY
MBaAFIVMDbAGWETZWU3+jdjv137R5JP4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFV3TnNBWllSTmxaVGY2TjJPX1hmdEhra19nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9lYzY3ZGItYzdhMS00OGE2LWFiOTQt
NjBiOTM1OTViYWM5LzEvR3V1R2RiekE4aEJPbHlJZHhSUFIzWEFrcXpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9lYzY3ZGItYzdhMS00OGE2LWFiOTQtNjBiOTM1OTViYWM5
LzEvaFV3TnNBWllSTmxaVGY2TjJPX1hmdEhra19nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuffEMA0E
AgACMAcDBQMqDcuAMA0GCSqGSIb3DQEBCwUAA4IBAQAXzYBLTNxtI2nxoBZeKKkD
wh+B10MOIgn9HuiiXnvtwJiS9iYvNY01a+ptcb4Qm4IXk5GoJnoCcXsSpt4aNZBO
ZCXLi2tjMH/1ShimYbXo86bBdlJGN+BbdDhguXv85sHx381rqlX1qVdJJLMVnYJ0
4dsNO3JT3LRYngHJgECDUXITC1O5akZ5UvNA31RCBXd+xtOO5r+Mhrzf2hYuhSJx
UZNTY2+bBstD7NCVcKyoxfvmi44CvSKsHfbVCx3Ontgbymy7q8rNRt+ez2VRS5K/
+y5dQgM5CbbVaSHsSVPjjx7bta8tYu6tHpkSZ5zD6s0YMGV7PeEg8x4DFePKkQZP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:38 2024 by rpki-client on console-fra.rpki-client.org