Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/0367d0-fa85-4546-b84c-0278c5dc1491/1/RiyJ9Hsm3yPYgjUkE5lyFv1VSmY.roa
File:                     RiyJ9Hsm3yPYgjUkE5lyFv1VSmY.roa (raw, json)
Hash identifier:          TsX9JCmOINhm+8gdjhlOl2Peua1NJUfcjuLpLR+1RxI=
Subject key identifier:   46:2C:89:F4:7B:26:DF:23:D8:82:35:24:13:99:72:16:FD:55:4A:66
Certificate issuer:       /CN=0b8d1bb72791c878550d1b9d8fef564ac3919368
Certificate serial:       018571FA3A78F2C15F30C492F8AC7C300E52
Authority key identifier: 0B:8D:1B:B7:27:91:C8:78:55:0D:1B:9D:8F:EF:56:4A:C3:91:93:68
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/C40btyeRyHhVDRudj-9WSsORk2g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/0367d0-fa85-4546-b84c-0278c5dc1491/1/RiyJ9Hsm3yPYgjUkE5lyFv1VSmY.roa
Signing time:             Mon 02 Jan 2023 10:15:02 +0000
ROA not before:           Mon 02 Jan 2023 10:15:02 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     205588
IP address blocks:        185.213.10.0/24 maxlen: 24
                          185.213.11.0/24 maxlen: 24
                          185.213.8.0/24 maxlen: 24
                          185.213.9.0/24 maxlen: 24
                          2a0d:d580::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:32:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:fa:3a:78:f2:c1:5f:30:c4:92:f8:ac:7c:30:0e:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0b8d1bb72791c878550d1b9d8fef564ac3919368
        Validity
            Not Before: Jan  2 10:15:02 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=462c89f47b26df23d882352413997216fd554a66
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:63:90:fc:5d:21:c7:01:e1:98:9a:ed:c5:d7:
                    dc:aa:70:95:f4:09:34:dc:5f:ae:49:b2:f1:fe:62:
                    23:c5:82:9e:6c:5d:88:f3:b1:03:73:74:10:01:77:
                    e8:39:25:73:a7:05:43:ba:a8:8f:c5:cd:51:72:93:
                    de:b8:70:76:b0:8a:56:78:eb:12:ad:68:fb:1f:1c:
                    ff:b1:56:c0:41:53:04:a6:9b:b8:e7:0d:9d:1d:94:
                    8d:58:5b:36:ff:a5:ae:de:56:6f:34:f6:9a:c6:81:
                    e8:0f:28:06:35:35:e3:e6:d0:f8:23:53:a7:00:99:
                    73:04:52:af:cc:1a:ee:18:41:6b:ec:0c:d9:a1:0a:
                    a7:aa:52:d8:3d:d0:eb:d2:73:39:4f:e4:2d:67:84:
                    d8:dd:b5:c9:1c:d4:be:a6:7f:3b:0d:80:91:ed:ea:
                    54:0a:ed:27:1a:22:d7:bc:84:d8:b8:d1:73:4c:6d:
                    36:38:75:35:35:e2:f6:13:17:56:cf:19:77:99:f0:
                    43:5b:4e:b8:b4:ad:26:af:ec:9f:26:a7:61:a1:6b:
                    36:c1:c8:14:18:f6:1e:65:47:fd:85:05:f2:f8:a7:
                    a2:95:c6:95:f9:da:67:0c:42:59:fd:d7:f5:8a:9f:
                    2e:1f:a7:6f:82:6c:64:93:e1:87:61:e7:4b:8c:e4:
                    ad:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:2C:89:F4:7B:26:DF:23:D8:82:35:24:13:99:72:16:FD:55:4A:66
            X509v3 Authority Key Identifier:
                keyid:0B:8D:1B:B7:27:91:C8:78:55:0D:1B:9D:8F:EF:56:4A:C3:91:93:68

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C40btyeRyHhVDRudj-9WSsORk2g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/0367d0-fa85-4546-b84c-0278c5dc1491/1/RiyJ9Hsm3yPYgjUkE5lyFv1VSmY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/0367d0-fa85-4546-b84c-0278c5dc1491/1/C40btyeRyHhVDRudj-9WSsORk2g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.213.8.0/22
                IPv6:
                  2a0d:d580::/32

    Signature Algorithm: sha256WithRSAEncryption
         2c:2b:cb:dd:09:1c:99:6b:ac:63:59:7d:13:f3:be:5e:76:bc:
         e4:01:22:73:67:4a:8c:73:aa:1a:35:d8:4a:06:36:6e:5c:65:
         36:91:4c:f4:3c:5c:a8:96:1c:c1:d8:9d:39:63:c5:8b:5a:ff:
         03:69:8e:f1:12:00:ac:67:4e:f3:02:31:98:84:f3:1f:d1:00:
         4e:b3:d0:34:1c:dd:21:e7:a0:9a:af:28:07:45:bd:0d:cf:cc:
         a0:de:9f:1d:59:cd:be:49:74:49:0f:eb:59:49:87:4f:8f:ad:
         1b:27:2b:c3:7d:2e:9e:51:ee:69:ae:31:78:99:4a:09:81:17:
         8a:76:79:08:6c:5b:62:3a:16:43:ce:b2:3b:d3:89:90:ed:a0:
         96:5f:da:ef:d9:83:29:63:08:ae:2f:be:60:70:b4:8f:be:fa:
         57:25:a3:36:c4:cb:0f:11:ca:7f:d1:4e:3d:09:5e:8d:cc:7d:
         3a:33:c0:3a:08:a3:1b:a7:b5:6f:6c:5b:c2:76:7f:02:14:f3:
         d5:ce:8a:94:23:e7:5f:72:ee:ac:b6:88:a1:a4:06:7a:9f:50:
         3e:74:7e:e8:57:67:fb:22:73:b5:ac:fa:9a:cf:bb:f4:fe:11:
         18:99:46:8e:ca:be:b4:cc:3b:8c:c0:9a:57:3d:1e:ff:d0:d7:
         1b:a7:5e:e5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVx+jp48sFfMMSS+Kx8MA5SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiOGQxYmI3Mjc5MWM4Nzg1NTBkMWI5ZDhmZWY1NjRhYzM5
MTkzNjgwHhcNMjMwMTAyMTAxNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjJjODlmNDdiMjZkZjIzZDg4MjM1MjQxMzk5NzIxNmZkNTU0YTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA42OQ/F0hxwHhmJrtxdfcqnCV9Ak0
3F+uSbLx/mIjxYKebF2I87EDc3QQAXfoOSVzpwVDuqiPxc1RcpPeuHB2sIpWeOsS
rWj7Hxz/sVbAQVMEppu45w2dHZSNWFs2/6Wu3lZvNPaaxoHoDygGNTXj5tD4I1On
AJlzBFKvzBruGEFr7AzZoQqnqlLYPdDr0nM5T+QtZ4TY3bXJHNS+pn87DYCR7epU
Cu0nGiLXvITYuNFzTG02OHU1NeL2ExdWzxl3mfBDW064tK0mr+yfJqdhoWs2wcgU
GPYeZUf9hQXy+KeilcaV+dpnDEJZ/df1ip8uH6dvgmxkk+GHYedLjOStBwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEYsifR7Jt8j2II1JBOZchb9VUpmMB8GA1UdIwQY
MBaAFAuNG7cnkch4VQ0bnY/vVkrDkZNoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzQwYnR5ZVJ5SGhWRFJ1ZGotOVdTc09SazJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8wMzY3ZDAtZmE4NS00NTQ2LWI4NGMt
MDI3OGM1ZGMxNDkxLzEvUml5SjlIc20zeVBZZ2pVa0U1bHlGdjFWU21ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8wMzY3ZDAtZmE4NS00NTQ2LWI4NGMtMDI3OGM1ZGMxNDkx
LzEvQzQwYnR5ZVJ5SGhWRFJ1ZGotOVdTc09SazJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudUIMA0E
AgACMAcDBQAqDdWAMA0GCSqGSIb3DQEBCwUAA4IBAQAsK8vdCRyZa6xjWX0T875e
drzkASJzZ0qMc6oaNdhKBjZuXGU2kUz0PFyolhzB2J05Y8WLWv8DaY7xEgCsZ07z
AjGYhPMf0QBOs9A0HN0h56CarygHRb0Nz8yg3p8dWc2+SXRJD+tZSYdPj60bJyvD
fS6eUe5prjF4mUoJgReKdnkIbFtiOhZDzrI704mQ7aCWX9rv2YMpYwiuL75gcLSP
vvpXJaM2xMsPEcp/0U49CV6NzH06M8A6CKMbp7VvbFvCdn8CFPPVzoqUI+dfcu6s
toihpAZ6n1A+dH7oV2f7InO1rPqaz7v0/hEYmUaOyr60zDuMwJpXPR7/0Ncbp17l
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:55 2024 by rpki-client on console-fra.rpki-client.org