Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/odWX88376hjLtaloChl4ptfBZ-w.roa
File:                     odWX88376hjLtaloChl4ptfBZ-w.roa (raw, json)
Hash identifier:          5zhwRVnb3lYu53Kqv3H9+zcEPBDcEM/eY0pz+z5hkNA=
Subject key identifier:   A1:D5:97:F3:CD:FB:EA:18:CB:B5:A9:68:0A:19:78:A6:D7:C1:67:EC
Certificate issuer:       /CN=9e1ba1653fca7c801723ca46ff442e6bac1e91a0
Certificate serial:       01882AACE5A1001ACB478194E64477703F77
Authority key identifier: 9E:1B:A1:65:3F:CA:7C:80:17:23:CA:46:FF:44:2E:6B:AC:1E:91:A0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nhuhZT_KfIAXI8pG_0Qua6wekaA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/odWX88376hjLtaloChl4ptfBZ-w.roa
Signing time:             Wed 17 May 2023 17:05:54 +0000
ROA not before:           Wed 17 May 2023 17:05:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211974
IP address blocks:        185.203.220.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:2a:ac:e5:a1:00:1a:cb:47:81:94:e6:44:77:70:3f:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9e1ba1653fca7c801723ca46ff442e6bac1e91a0
        Validity
            Not Before: May 17 17:05:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a1d597f3cdfbea18cbb5a9680a1978a6d7c167ec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:45:ca:79:8c:1d:d3:91:b7:4a:c3:83:b9:e0:
                    6d:46:d3:d8:ef:76:8a:a4:f3:2e:81:5f:83:a2:70:
                    b9:e6:59:0d:81:58:8c:29:01:fd:9d:9d:54:fd:4a:
                    09:28:77:6e:49:be:44:c8:8d:ca:fa:35:b1:15:b0:
                    c4:98:11:ab:fc:78:4c:29:c5:b8:23:17:76:6e:b6:
                    47:10:fe:01:ef:bd:e1:5b:43:0e:b1:14:7e:e9:cb:
                    8b:64:23:0d:52:83:73:a3:6d:65:f1:b4:95:fe:f4:
                    b1:ac:89:c3:1e:cf:a3:f2:0c:9c:a3:b8:e6:61:0b:
                    31:24:54:72:2f:82:91:97:9e:60:d0:85:58:57:33:
                    68:fb:3c:38:3b:6a:66:71:5c:8b:8b:3f:2b:17:da:
                    18:d8:ac:ef:9c:b5:e2:35:be:55:fe:39:09:48:93:
                    5a:c2:33:ad:15:9b:4d:ce:19:41:f5:67:b5:e8:a9:
                    32:05:80:26:5d:74:6b:da:1d:cf:f0:dd:6b:50:81:
                    a3:0f:42:80:5c:e2:37:d2:59:cf:32:68:5d:c0:c0:
                    fe:ed:d3:f4:7b:82:61:7b:3c:a0:1e:84:5f:a6:4a:
                    46:21:6d:d7:7d:b2:f8:ff:12:f7:c0:08:28:db:7b:
                    97:6d:0c:3a:cb:d0:cd:70:02:f0:e6:43:08:f3:5d:
                    e9:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:D5:97:F3:CD:FB:EA:18:CB:B5:A9:68:0A:19:78:A6:D7:C1:67:EC
            X509v3 Authority Key Identifier:
                keyid:9E:1B:A1:65:3F:CA:7C:80:17:23:CA:46:FF:44:2E:6B:AC:1E:91:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nhuhZT_KfIAXI8pG_0Qua6wekaA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/odWX88376hjLtaloChl4ptfBZ-w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/23/389424-aaba-4491-9fba-fcb43d4f6714/1/nhuhZT_KfIAXI8pG_0Qua6wekaA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.203.220.0/22

    Signature Algorithm: sha256WithRSAEncryption
         6f:af:76:7a:a6:01:72:a0:8f:c2:7f:c6:46:65:b0:8c:f9:65:
         3c:95:17:1e:36:3a:e8:61:88:98:4e:fa:09:3c:f3:11:aa:25:
         c5:6c:7d:a4:77:7a:07:70:4c:81:d0:52:cb:87:27:38:68:62:
         bf:f9:90:4c:48:f8:ab:a0:30:7e:dd:d8:4c:c2:b1:0e:6a:bf:
         89:2a:32:4b:c9:98:c5:a8:fc:f7:bc:8d:ba:e6:58:f0:8c:37:
         0a:e3:a0:c7:65:55:5d:72:a8:75:73:ae:f5:ef:7c:ea:77:28:
         c7:c6:16:64:af:a0:86:f9:6a:94:5e:25:df:4d:49:38:a3:b6:
         e1:91:c9:12:f6:a3:a7:5d:03:d3:cf:07:8f:f9:5c:08:1f:e9:
         4a:a5:19:de:a9:64:53:e4:1d:fa:01:b9:68:8c:f3:cb:2e:5d:
         e7:14:36:17:e6:48:19:5f:ce:26:ee:3d:f6:bd:50:17:b8:8c:
         2e:78:41:2b:dc:d7:ec:05:0b:fb:ac:a3:20:e0:72:5d:b4:d6:
         37:6b:08:4d:2c:ab:df:d8:d0:1f:e6:4c:5e:e6:56:fc:ee:fc:
         6e:cc:d8:32:4f:e3:35:91:75:7d:79:26:74:ce:44:31:31:b9:
         ab:8a:aa:ad:10:e8:6f:8d:90:fb:90:99:15:ef:cc:e3:89:5a:
         cf:34:32:4b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYgqrOWhABrLR4GU5kR3cD93MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllMWJhMTY1M2ZjYTdjODAxNzIzY2E0NmZmNDQyZTZiYWMx
ZTkxYTAwHhcNMjMwNTE3MTcwNTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWQ1OTdmM2NkZmJlYTE4Y2JiNWE5NjgwYTE5NzhhNmQ3YzE2N2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgEXKeYwd05G3SsODueBtRtPY73aK
pPMugV+DonC55lkNgViMKQH9nZ1U/UoJKHduSb5EyI3K+jWxFbDEmBGr/HhMKcW4
Ixd2brZHEP4B773hW0MOsRR+6cuLZCMNUoNzo21l8bSV/vSxrInDHs+j8gyco7jm
YQsxJFRyL4KRl55g0IVYVzNo+zw4O2pmcVyLiz8rF9oY2KzvnLXiNb5V/jkJSJNa
wjOtFZtNzhlB9We16KkyBYAmXXRr2h3P8N1rUIGjD0KAXOI30lnPMmhdwMD+7dP0
e4JhezygHoRfpkpGIW3XfbL4/xL3wAgo23uXbQw6y9DNcALw5kMI813pXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKHVl/PN++oYy7WpaAoZeKbXwWfsMB8GA1UdIwQY
MBaAFJ4boWU/ynyAFyPKRv9ELmusHpGgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmh1aFpUX0tmSUFYSThwR18wUXVhNndla2FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8zODk0MjQtYWFiYS00NDkxLTlmYmEt
ZmNiNDNkNGY2NzE0LzEvb2RXWDg4Mzc2aGpMdGFsb0NobDRwdGZCWi13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy8zODk0MjQtYWFiYS00NDkxLTlmYmEtZmNiNDNkNGY2NzE0
LzEvbmh1aFpUX0tmSUFYSThwR18wUXVhNndla2FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucvcMA0G
CSqGSIb3DQEBCwUAA4IBAQBvr3Z6pgFyoI/Cf8ZGZbCM+WU8lRceNjroYYiYTvoJ
PPMRqiXFbH2kd3oHcEyB0FLLhyc4aGK/+ZBMSPiroDB+3dhMwrEOar+JKjJLyZjF
qPz3vI265ljwjDcK46DHZVVdcqh1c67173zqdyjHxhZkr6CG+WqUXiXfTUk4o7bh
kckS9qOnXQPTzweP+VwIH+lKpRneqWRT5B36AblojPPLLl3nFDYX5kgZX84m7j32
vVAXuIwueEEr3NfsBQv7rKMg4HJdtNY3awhNLKvf2NAf5kxe5lb87vxuzNgyT+M1
kXV9eSZ0zkQxMbmriqqtEOhvjZD7kJkV78zjiVrPNDJL
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:08 2024 by rpki-client on console-ams.rpki-client.org