Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/af1f64-c35f-47e8-87c9-8a11b4719d82/1/7xWhwY84puVBHSoqnQhna0ZcrsA.roa
File:                     7xWhwY84puVBHSoqnQhna0ZcrsA.roa (raw, json)
Hash identifier:          mumTnxjvrLsJ9iiC5p6A/BWX/5yJZw2hTWDQrR8pTdc=
Subject key identifier:   EF:15:A1:C1:8F:38:A6:E5:41:1D:2A:2A:9D:08:67:6B:46:5C:AE:C0
Certificate issuer:       /CN=f8ad543624f8d3281ec970458ee752f10a424529
Certificate serial:       018B5BC0AEC202151DCD831C7EC47511B865
Authority key identifier: F8:AD:54:36:24:F8:D3:28:1E:C9:70:45:8E:E7:52:F1:0A:42:45:29
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-K1UNiT40ygeyXBFjudS8QpCRSk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/20/af1f64-c35f-47e8-87c9-8a11b4719d82/1/7xWhwY84puVBHSoqnQhna0ZcrsA.roa
Signing time:             Mon 23 Oct 2023 08:57:16 +0000
ROA not before:           Mon 23 Oct 2023 08:57:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     39455
IP address blocks:        185.85.36.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:31:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:5b:c0:ae:c2:02:15:1d:cd:83:1c:7e:c4:75:11:b8:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f8ad543624f8d3281ec970458ee752f10a424529
        Validity
            Not Before: Oct 23 08:57:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ef15a1c18f38a6e5411d2a2a9d08676b465caec0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:5b:60:3d:8e:5e:9e:6c:04:ab:65:3b:ae:15:
                    7b:d2:44:4b:6b:a7:34:d5:14:84:4f:d3:8d:00:86:
                    78:39:27:bc:f2:34:20:11:00:88:43:26:7c:38:98:
                    11:da:a0:6d:36:94:40:75:23:16:89:ea:d7:f6:ad:
                    8c:08:af:fd:5f:19:b3:90:ab:d4:f0:40:01:80:53:
                    6b:a4:2f:5b:14:f7:1f:17:7d:f2:92:7d:20:9a:87:
                    2a:79:91:2a:ca:7d:f7:ce:92:bd:16:99:3f:08:d0:
                    dd:d7:90:a9:99:5b:1d:99:b3:21:59:0a:b4:82:99:
                    77:bf:5c:be:b6:07:12:c9:c7:4b:a0:5f:0f:53:4c:
                    c6:cf:84:e7:f2:51:d9:0e:28:00:77:d5:0d:dc:c4:
                    23:e4:da:17:67:d4:d9:75:ca:b9:01:db:f3:48:72:
                    2a:cb:82:00:f8:e0:ce:28:b2:15:85:34:1a:b0:0e:
                    c5:e8:f4:33:df:93:73:1d:d4:a3:86:bc:3f:0d:27:
                    fc:0f:91:2d:06:1c:52:9b:ef:30:f0:dc:b3:01:c5:
                    2b:36:b2:db:d7:65:9e:c8:0f:bf:89:93:18:36:3c:
                    88:17:90:58:40:a2:c7:32:ee:06:5d:44:73:e2:6f:
                    54:2b:16:0f:58:57:0a:83:85:fc:9a:d1:8c:46:12:
                    27:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:15:A1:C1:8F:38:A6:E5:41:1D:2A:2A:9D:08:67:6B:46:5C:AE:C0
            X509v3 Authority Key Identifier:
                keyid:F8:AD:54:36:24:F8:D3:28:1E:C9:70:45:8E:E7:52:F1:0A:42:45:29

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-K1UNiT40ygeyXBFjudS8QpCRSk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/af1f64-c35f-47e8-87c9-8a11b4719d82/1/7xWhwY84puVBHSoqnQhna0ZcrsA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/20/af1f64-c35f-47e8-87c9-8a11b4719d82/1/1-K1UNiT40ygeyXBFjudS8QpCRSk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.85.36.0/22

    Signature Algorithm: sha256WithRSAEncryption
         90:29:c4:01:f8:ce:9f:fb:b4:5a:71:b6:19:f8:85:30:03:d8:
         20:bc:66:9d:91:8c:33:0b:95:fe:53:3f:9e:4e:1f:4d:10:f2:
         d2:cd:df:cd:69:79:8c:c7:43:b7:06:d9:4b:55:7f:7b:21:5c:
         26:b7:1f:ef:13:5a:87:5b:77:e7:dc:65:1e:0b:bd:29:59:af:
         73:59:1d:7c:3d:2b:c7:90:a0:29:72:bf:7b:48:3a:5c:07:af:
         9e:43:a0:f3:40:1e:61:ec:d1:89:b4:23:86:43:0e:ec:5c:55:
         90:77:9f:f1:31:32:5e:9e:3f:64:60:40:b9:40:ca:77:49:24:
         ad:22:33:40:68:76:2a:da:ec:fa:b5:18:cb:7d:52:bd:12:a6:
         a8:88:a3:a3:c8:ec:7a:da:b3:82:e7:8f:c6:14:f5:40:95:c7:
         e6:65:e9:26:58:ac:83:4a:dc:fe:08:c4:30:03:34:34:ce:49:
         a2:51:3d:e8:84:7b:d1:b3:f0:5b:b2:c2:6b:8c:86:55:47:b0:
         eb:45:18:24:7d:0b:1d:a7:8c:18:a3:68:3e:31:3a:a3:66:01:
         2c:7e:2b:a1:1a:ce:15:3d:ea:1a:0b:64:f5:1f:ea:18:b2:27:
         27:3a:42:21:aa:bd:ec:a4:12:67:2a:5f:b9:da:9b:f1:7f:2b:
         63:5d:67:b3
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYtbwK7CAhUdzYMcfsR1EbhlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4YWQ1NDM2MjRmOGQzMjgxZWM5NzA0NThlZTc1MmYxMGE0
MjQ1MjkwHhcNMjMxMDIzMDg1NzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjE1YTFjMThmMzhhNmU1NDExZDJhMmE5ZDA4Njc2YjQ2NWNhZWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj1tgPY5enmwEq2U7rhV70kRLa6c0
1RSET9ONAIZ4OSe88jQgEQCIQyZ8OJgR2qBtNpRAdSMWierX9q2MCK/9XxmzkKvU
8EABgFNrpC9bFPcfF33ykn0gmocqeZEqyn33zpK9Fpk/CNDd15CpmVsdmbMhWQq0
gpl3v1y+tgcSycdLoF8PU0zGz4Tn8lHZDigAd9UN3MQj5NoXZ9TZdcq5AdvzSHIq
y4IA+ODOKLIVhTQasA7F6PQz35NzHdSjhrw/DSf8D5EtBhxSm+8w8NyzAcUrNrLb
12WeyA+/iZMYNjyIF5BYQKLHMu4GXURz4m9UKxYPWFcKg4X8mtGMRhInJwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFO8VocGPOKblQR0qKp0IZ2tGXK7AMB8GA1UdIwQY
MBaAFPitVDYk+NMoHslwRY7nUvEKQkUpMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1LMVVOaVQ0MHlnZXlYQkZqdWRTOFFwQ1JTay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjAvYWYxZjY0LWMzNWYtNDdlOC04N2M5
LThhMTFiNDcxOWQ4Mi8xLzd4V2h3WTg0cHVWQkhTb3FuUWhuYTBaY3JzQS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMjAvYWYxZjY0LWMzNWYtNDdlOC04N2M5LThhMTFiNDcxOWQ4
Mi8xLzEtSzFVTmlUNDB5Z2V5WEJGanVkUzhRcENSU2suY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAK5VSQw
DQYJKoZIhvcNAQELBQADggEBAJApxAH4zp/7tFpxthn4hTAD2CC8Zp2RjDMLlf5T
P55OH00Q8tLN381peYzHQ7cG2UtVf3shXCa3H+8TWodbd+fcZR4LvSlZr3NZHXw9
K8eQoClyv3tIOlwHr55DoPNAHmHs0Ym0I4ZDDuxcVZB3n/ExMl6eP2RgQLlAyndJ
JK0iM0Bodira7Pq1GMt9Ur0SpqiIo6PI7Hras4Lnj8YU9UCVx+Zl6SZYrINK3P4I
xDADNDTOSaJRPeiEe9Gz8FuywmuMhlVHsOtFGCR9Cx2njBijaD4xOqNmASx+K6Ea
zhU96hoLZPUf6hiyJyc6QiGqveykEmcqX7nam/F/K2NdZ7M=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:44 2024 by rpki-client on console-ams.rpki-client.org