Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/i1zSMQzMq8SpxXunCGdL72Xw7jY.roa
File:                     i1zSMQzMq8SpxXunCGdL72Xw7jY.roa (raw, json)
Hash identifier:          z0u8rchrIxje6D88F3URNt5ngCf9XmzQh10NqCoTpP4=
Subject key identifier:   8B:5C:D2:31:0C:CC:AB:C4:A9:C5:7B:A7:08:67:4B:EF:65:F0:EE:36
Certificate issuer:       /CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
Certificate serial:       0185730393A58FBA864EC82D9889B79346B7
Authority key identifier: D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/i1zSMQzMq8SpxXunCGdL72Xw7jY.roa
Signing time:             Mon 02 Jan 2023 15:04:52 +0000
ROA not before:           Mon 02 Jan 2023 15:04:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211237
IP address blocks:        109.105.198.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 22 Feb 2023 13:16:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:03:93:a5:8f:ba:86:4e:c8:2d:98:89:b7:93:46:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d8c60a0d2d70a9337d0bda56d1ad596ac1f69cda
        Validity
            Not Before: Jan  2 15:04:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8b5cd2310cccabc4a9c57ba708674bef65f0ee36
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:52:26:12:5d:56:69:49:34:43:ed:29:a5:6f:
                    8a:6c:a0:4a:ee:ed:6b:ef:fa:7e:cb:f8:9d:42:4a:
                    cd:23:c4:14:17:66:34:f9:13:d6:a0:e8:e6:aa:a7:
                    74:ff:ad:98:d7:43:c8:b1:69:6c:dd:51:21:79:88:
                    b2:1c:0f:2d:e0:44:41:16:01:f9:8e:62:b2:63:34:
                    55:2a:22:bd:53:26:46:52:2a:18:a5:91:62:e4:ba:
                    12:1f:13:13:c5:ea:0c:03:df:7b:90:40:fc:bd:2c:
                    bf:b6:14:27:22:00:e4:b6:d4:03:4e:e8:e4:cc:8b:
                    77:13:f0:52:4f:de:b2:92:34:71:03:bf:53:cd:99:
                    42:71:03:12:63:0e:c0:a3:cc:20:f6:a1:22:f7:c2:
                    b1:a1:60:33:b5:97:a4:c4:4d:05:9f:a0:d3:8e:ae:
                    88:e1:cd:85:b8:5f:5c:ee:d6:9e:d1:3c:0e:0a:5e:
                    41:2b:ab:ed:8d:ce:b6:87:c5:85:63:10:05:fe:04:
                    87:2b:e9:a9:ce:1e:2f:5b:16:9f:f4:c3:5b:71:14:
                    bf:c2:0f:36:b3:0e:d7:6b:4e:9a:fa:8c:b0:64:3c:
                    d7:5a:2c:6f:68:a7:23:0d:2f:5e:3d:72:d2:59:07:
                    6b:cb:e0:82:4e:96:a7:b5:4a:76:8c:31:c8:6a:2c:
                    fd:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:5C:D2:31:0C:CC:AB:C4:A9:C5:7B:A7:08:67:4B:EF:65:F0:EE:36
            X509v3 Authority Key Identifier:
                keyid:D8:C6:0A:0D:2D:70:A9:33:7D:0B:DA:56:D1:AD:59:6A:C1:F6:9C:DA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2MYKDS1wqTN9C9pW0a1ZasH2nNo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/i1zSMQzMq8SpxXunCGdL72Xw7jY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/24/b51a85-f99f-423f-9fae-dd294c378f6c/1/2MYKDS1wqTN9C9pW0a1ZasH2nNo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  109.105.198.0/24

    Signature Algorithm: sha256WithRSAEncryption
         82:7e:21:78:c2:f7:8f:f2:7d:e1:b8:ae:27:4d:1d:b2:1d:da:
         24:94:da:f9:86:e8:aa:5a:ea:2d:95:f3:00:22:5f:dc:31:45:
         69:59:6a:3e:ef:87:c7:97:3b:9c:ac:2d:ca:92:9e:8e:01:a8:
         91:04:e7:23:c5:e5:19:f6:43:d7:c1:6b:ca:84:f2:0f:5a:26:
         a9:e8:71:fe:2d:a3:72:78:b1:5a:64:6a:ae:c3:42:1c:31:a3:
         24:2d:9a:ad:2f:87:35:d6:b4:58:8a:65:56:9a:ae:e3:7d:76:
         64:52:90:b9:8d:d2:9f:02:a9:e0:61:48:a1:43:00:75:15:d5:
         fa:4c:68:73:87:97:a4:8d:76:fc:39:e0:ba:39:64:4f:ec:81:
         79:18:2e:fc:47:ca:a3:93:f4:7f:bc:f0:51:d6:f8:c9:ad:a0:
         d5:58:b4:ab:f2:40:67:45:14:13:5f:a1:d1:60:cb:d3:74:d6:
         c9:f5:6e:17:06:e5:10:00:3e:a2:f9:27:4c:29:27:54:ee:a4:
         08:8d:d2:3f:84:7d:5d:db:7d:90:d7:4d:66:2e:2c:30:3b:c9:
         bb:1e:79:5b:95:2f:80:c5:d1:fd:69:1a:80:dc:e2:16:bc:9e:
         01:15:6b:fd:40:a4:26:60:e0:c0:b8:12:ef:3a:fd:7f:4d:bf:
         20:b2:17:5b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzA5Olj7qGTsgtmIm3k0a3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4YzYwYTBkMmQ3MGE5MzM3ZDBiZGE1NmQxYWQ1OTZhYzFm
NjljZGEwHhcNMjMwMTAyMTUwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjVjZDIzMTBjY2NhYmM0YTljNTdiYTcwODY3NGJlZjY1ZjBlZTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoFImEl1WaUk0Q+0ppW+KbKBK7u1r
7/p+y/idQkrNI8QUF2Y0+RPWoOjmqqd0/62Y10PIsWls3VEheYiyHA8t4ERBFgH5
jmKyYzRVKiK9UyZGUioYpZFi5LoSHxMTxeoMA997kED8vSy/thQnIgDkttQDTujk
zIt3E/BST96ykjRxA79TzZlCcQMSYw7Ao8wg9qEi98KxoWAztZekxE0Fn6DTjq6I
4c2FuF9c7tae0TwOCl5BK6vtjc62h8WFYxAF/gSHK+mpzh4vWxaf9MNbcRS/wg82
sw7Xa06a+oywZDzXWixvaKcjDS9ePXLSWQdry+CCTpantUp2jDHIaiz9dwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFItc0jEMzKvEqcV7pwhnS+9l8O42MB8GA1UdIwQY
MBaAFNjGCg0tcKkzfQvaVtGtWWrB9pzaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk1ZS0RTMXdxVE45QzlwVzBhMVphc0gybk5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9iNTFhODUtZjk5Zi00MjNmLTlmYWUt
ZGQyOTRjMzc4ZjZjLzEvaTF6U01Rek1xOFNweFh1bkNHZEw3Mlh3N2pZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9iNTFhODUtZjk5Zi00MjNmLTlmYWUtZGQyOTRjMzc4ZjZj
LzEvMk1ZS0RTMXdxVE45QzlwVzBhMVphc0gybk5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbWnGMA0G
CSqGSIb3DQEBCwUAA4IBAQCCfiF4wveP8n3huK4nTR2yHdoklNr5huiqWuotlfMA
Il/cMUVpWWo+74fHlzucrC3Kkp6OAaiRBOcjxeUZ9kPXwWvKhPIPWiap6HH+LaNy
eLFaZGquw0IcMaMkLZqtL4c11rRYimVWmq7jfXZkUpC5jdKfAqngYUihQwB1FdX6
TGhzh5ekjXb8OeC6OWRP7IF5GC78R8qjk/R/vPBR1vjJraDVWLSr8kBnRRQTX6HR
YMvTdNbJ9W4XBuUQAD6i+SdMKSdU7qQIjdI/hH1d232Q101mLiwwO8m7HnlblS+A
xdH9aRqA3OIWvJ4BFWv9QKQmYODAuBLvOv1/Tb8gshdb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:36 2024 by rpki-client on console-fra.rpki-client.org