Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/CN9w6lCCgWoJ1ywJhnXam1YsxEA.roa
File:                     CN9w6lCCgWoJ1ywJhnXam1YsxEA.roa (raw, json)
Hash identifier:          fvAUenF1efktVT4y+z4GvACgPSxN6Ai6tVq5h2vv74M=
Subject key identifier:   08:DF:70:EA:50:82:81:6A:09:D7:2C:09:86:75:DA:9B:56:2C:C4:40
Certificate issuer:       /CN=9e1ba1653fca7c801723ca46ff442e6bac1e91a0
Certificate serial:       018CC9BC4FB4C98E7CD9AE6D7473B1107BFB
Authority key identifier: 9E:1B:A1:65:3F:CA:7C:80:17:23:CA:46:FF:44:2E:6B:AC:1E:91:A0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nhuhZT_KfIAXI8pG_0Qua6wekaA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/CN9w6lCCgWoJ1ywJhnXam1YsxEA.roa
Signing time:             Tue 02 Jan 2024 10:33:30 +0000
ROA not before:           Tue 02 Jan 2024 10:33:30 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     211974
IP address blocks:        185.203.220.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Fri 07 Jun 2024 10:29:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c9:bc:4f:b4:c9:8e:7c:d9:ae:6d:74:73:b1:10:7b:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9e1ba1653fca7c801723ca46ff442e6bac1e91a0
        Validity
            Not Before: Jan  2 10:33:30 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=08df70ea5082816a09d72c098675da9b562cc440
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:a0:74:8b:ad:2d:4b:d7:3f:d5:9e:f5:77:e0:
                    f8:60:1e:49:d9:8c:9e:78:83:ff:a6:90:03:0f:5a:
                    69:5c:f3:26:3b:0b:26:8f:4c:1d:3e:e2:c7:a0:46:
                    fc:9b:23:1e:6a:09:1c:4e:7e:1e:99:26:78:d3:97:
                    1f:c3:96:65:63:15:d0:ed:d0:b7:aa:e5:de:9e:d8:
                    95:2e:94:61:5a:8d:bb:78:c4:84:fd:19:ad:4a:62:
                    e7:09:c0:0e:6c:e5:06:b1:84:92:ce:c5:80:48:41:
                    f5:75:3c:3b:76:eb:73:32:13:8c:e5:91:b0:cc:67:
                    cd:5f:f3:e2:e2:48:07:cf:0b:ab:94:b8:5b:08:5a:
                    8f:33:07:dc:e0:09:e7:61:84:40:29:b6:f2:c2:e8:
                    9e:65:f0:08:bf:e8:a1:d3:97:a6:e5:19:8a:1c:5b:
                    3d:da:b0:09:6e:67:bc:89:f9:8b:11:82:49:71:45:
                    de:1a:e2:58:11:c2:fe:65:ea:55:8e:5e:ad:00:44:
                    0b:81:8e:6a:e7:37:d3:3d:4a:56:20:56:eb:17:67:
                    63:56:03:cf:d6:a2:47:68:33:1a:79:a2:11:cd:15:
                    f2:d3:ff:a8:69:d2:a2:1d:e1:08:1c:a1:a9:4c:f4:
                    ae:c3:f6:52:6b:03:a4:c1:43:b1:85:b3:21:dd:4a:
                    e0:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:DF:70:EA:50:82:81:6A:09:D7:2C:09:86:75:DA:9B:56:2C:C4:40
            X509v3 Authority Key Identifier:
                keyid:9E:1B:A1:65:3F:CA:7C:80:17:23:CA:46:FF:44:2E:6B:AC:1E:91:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nhuhZT_KfIAXI8pG_0Qua6wekaA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/CN9w6lCCgWoJ1ywJhnXam1YsxEA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.203.220.0/22

    Signature Algorithm: sha256WithRSAEncryption
         66:b4:cd:09:b5:34:1f:0c:e5:2e:25:98:e4:30:d9:04:5c:b1:
         ea:14:b0:8f:df:e7:71:6f:47:38:50:4f:71:ee:a3:9a:51:68:
         1a:16:97:4b:37:40:56:4a:52:8d:74:04:1b:20:f4:cf:82:76:
         4b:3d:80:bc:68:0b:f1:ad:9e:e5:1c:4a:33:32:e9:03:c5:f8:
         5d:43:70:e4:dc:98:6b:61:0a:b7:93:cb:69:c1:0d:54:39:64:
         ce:d5:56:a5:da:28:ba:ab:64:f7:fc:98:bd:e8:73:c7:8c:87:
         80:b8:c3:1c:ea:e8:a5:f5:eb:be:09:0e:2c:22:a3:c1:b7:95:
         31:f0:b4:7a:10:81:0a:69:e8:c0:9d:2e:d1:2b:86:c6:48:f6:
         48:03:37:e0:56:6f:1a:db:46:52:65:22:d4:d7:96:a8:74:57:
         a4:20:ae:90:f1:4b:83:dc:6a:bf:2d:87:b5:ab:6e:83:96:d3:
         39:2b:f0:5a:a7:8b:59:cc:a1:e3:58:7e:d7:86:ac:dc:32:c3:
         6e:9f:bf:a2:b2:00:66:f0:e1:ff:f7:15:fd:55:43:4f:7a:db:
         70:be:43:6d:4e:98:39:79:ad:da:a5:0b:e1:97:c4:03:e6:d4:
         22:00:eb:59:32:bd:e0:bd:34:15:5d:f5:57:cc:c5:28:e1:d8:
         c0:94:d1:7c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJvE+0yY582a5tdHOxEHv7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllMWJhMTY1M2ZjYTdjODAxNzIzY2E0NmZmNDQyZTZiYWMx
ZTkxYTAwHhcNMjQwMTAyMTAzMzMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGRmNzBlYTUwODI4MTZhMDlkNzJjMDk4Njc1ZGE5YjU2MmNjNDQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwKB0i60tS9c/1Z71d+D4YB5J2Yye
eIP/ppADD1ppXPMmOwsmj0wdPuLHoEb8myMeagkcTn4emSZ405cfw5ZlYxXQ7dC3
quXentiVLpRhWo27eMSE/RmtSmLnCcAObOUGsYSSzsWASEH1dTw7dutzMhOM5ZGw
zGfNX/Pi4kgHzwurlLhbCFqPMwfc4AnnYYRAKbbywuieZfAIv+ih05em5RmKHFs9
2rAJbme8ifmLEYJJcUXeGuJYEcL+ZepVjl6tAEQLgY5q5zfTPUpWIFbrF2djVgPP
1qJHaDMaeaIRzRXy0/+oadKiHeEIHKGpTPSuw/ZSawOkwUOxhbMh3UrgHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAjfcOpQgoFqCdcsCYZ12ptWLMRAMB8GA1UdIwQY
MBaAFJ4boWU/ynyAFyPKRv9ELmusHpGgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmh1aFpUX0tmSUFYSThwR18wUXVhNndla2FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8zODk0MjQtYWFiYS00NDkxLTlmYmEt
ZmNiNDNkNGY2NzE0LzEvQ045dzZsQ0NnV29KMXl3SmhuWGFtMVlzeEVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy8zODk0MjQtYWFiYS00NDkxLTlmYmEtZmNiNDNkNGY2NzE0
LzEvbmh1aFpUX0tmSUFYSThwR18wUXVhNndla2FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucvcMA0G
CSqGSIb3DQEBCwUAA4IBAQBmtM0JtTQfDOUuJZjkMNkEXLHqFLCP3+dxb0c4UE9x
7qOaUWgaFpdLN0BWSlKNdAQbIPTPgnZLPYC8aAvxrZ7lHEozMukDxfhdQ3Dk3Jhr
YQq3k8tpwQ1UOWTO1Val2ii6q2T3/Ji96HPHjIeAuMMc6uil9eu+CQ4sIqPBt5Ux
8LR6EIEKaejAnS7RK4bGSPZIAzfgVm8a20ZSZSLU15aodFekIK6Q8UuD3Gq/LYe1
q26DltM5K/Bap4tZzKHjWH7XhqzcMsNun7+isgBm8OH/9xX9VUNPettwvkNtTpg5
ea3apQvhl8QD5tQiAOtZMr3gvTQVXfVXzMUo4djAlNF8
-----END CERTIFICATE-----
Generated at Fri Jun 7 14:48:47 2024 by rpki-client on console-ams.rpki-client.org