Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/8aba71-3ba8-4b8d-8eb6-346a3ec1868c/1/y7qB-q10cXnAJ8RUEV2inAqohPs.roa
File:                     y7qB-q10cXnAJ8RUEV2inAqohPs.roa (raw, json)
Hash identifier:          EkBq4hwJm8xucMaVFTgyjSK+PtXkRmFQcFHYRaZp3oc=
Subject key identifier:   CB:BA:81:FA:AD:74:71:79:C0:27:C4:54:11:5D:A2:9C:0A:A8:84:FB
Certificate issuer:       /CN=27e0f7bbbe4031a24ef1b9db196aab0642e84a06
Certificate serial:       0185734CD93394342325B6FB978F8ED03BE3
Authority key identifier: 27:E0:F7:BB:BE:40:31:A2:4E:F1:B9:DB:19:6A:AB:06:42:E8:4A:06
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/J-D3u75AMaJO8bnbGWqrBkLoSgY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/28/8aba71-3ba8-4b8d-8eb6-346a3ec1868c/1/y7qB-q10cXnAJ8RUEV2inAqohPs.roa
Signing time:             Mon 02 Jan 2023 16:24:54 +0000
ROA not before:           Mon 02 Jan 2023 16:24:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211174
IP address blocks:        146.185.94.0/24 maxlen: 24
                          2a04:f340:1000::/40 maxlen: 40

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:4c:d9:33:94:34:23:25:b6:fb:97:8f:8e:d0:3b:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=27e0f7bbbe4031a24ef1b9db196aab0642e84a06
        Validity
            Not Before: Jan  2 16:24:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=cbba81faad747179c027c454115da29c0aa884fb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:c3:4a:1b:47:80:9d:5a:09:13:a3:00:e2:d1:
                    44:b7:22:0e:d1:93:28:c2:ae:cc:30:fc:e6:5d:bc:
                    04:f7:a6:0d:a8:36:25:d4:38:e0:d6:eb:60:de:5f:
                    64:4f:35:86:44:46:2b:9c:2c:c9:c0:b6:3f:f2:65:
                    0b:81:af:a3:6e:6a:d1:08:c9:16:48:57:02:d4:ea:
                    9a:02:e1:26:0c:5c:3b:ab:93:1c:b8:6c:fb:83:25:
                    a8:91:7d:04:dd:11:cf:94:a8:46:4e:6f:c3:30:72:
                    d5:85:bf:b2:93:ad:ac:4f:4d:8c:b1:9e:78:8a:f7:
                    d2:43:55:f2:4a:cb:02:ca:8a:2e:a1:2c:08:f5:66:
                    0b:9d:71:86:62:e3:62:04:0a:1d:4a:ec:d3:38:64:
                    bc:e6:d7:58:d7:02:ea:a2:29:6a:35:ef:f5:cd:0f:
                    54:23:7f:8b:57:c8:fd:79:e4:f4:8a:b2:86:74:bd:
                    6f:78:14:6c:71:0a:31:e1:8f:b1:42:e6:9a:1d:3a:
                    ad:a1:8f:1f:43:1c:9e:a4:a1:aa:26:68:33:b2:fb:
                    db:cd:41:8a:55:f5:fa:61:51:83:45:00:2a:0a:39:
                    72:c0:fa:81:ec:ac:39:15:50:0d:7a:c9:16:a0:c0:
                    e9:40:90:96:87:75:9e:6e:50:59:41:a0:7f:50:4e:
                    54:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:BA:81:FA:AD:74:71:79:C0:27:C4:54:11:5D:A2:9C:0A:A8:84:FB
            X509v3 Authority Key Identifier:
                keyid:27:E0:F7:BB:BE:40:31:A2:4E:F1:B9:DB:19:6A:AB:06:42:E8:4A:06

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J-D3u75AMaJO8bnbGWqrBkLoSgY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/8aba71-3ba8-4b8d-8eb6-346a3ec1868c/1/y7qB-q10cXnAJ8RUEV2inAqohPs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/28/8aba71-3ba8-4b8d-8eb6-346a3ec1868c/1/J-D3u75AMaJO8bnbGWqrBkLoSgY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  146.185.94.0/24
                IPv6:
                  2a04:f340:1000::/40

    Signature Algorithm: sha256WithRSAEncryption
         74:23:2c:8c:90:bd:10:5a:54:6c:33:d0:98:c1:d9:54:bf:4e:
         70:2c:bb:b9:c3:89:53:8c:fd:df:01:b1:a3:a2:43:c1:b1:78:
         23:ff:3f:d8:9a:a3:a6:a7:08:fe:0f:b4:83:a7:7d:37:59:e5:
         76:26:bd:c5:bf:32:0c:fe:a6:0a:e4:25:86:d4:ee:cd:d0:8a:
         64:c6:f4:7d:96:52:93:e9:b1:d6:4d:fa:d3:16:af:36:e5:22:
         b6:ea:dd:91:2c:15:f3:97:59:bd:f4:e9:71:a7:c3:6b:2e:ed:
         ab:7f:4f:ff:e9:34:02:61:46:aa:6e:d0:7a:24:69:9c:12:fd:
         18:c8:00:b4:cf:00:88:b9:00:ff:33:a7:bb:84:18:91:bf:cc:
         d0:32:3e:1d:f2:b7:23:e5:3b:25:65:be:67:d2:23:db:b4:ec:
         6a:c4:8a:44:ea:b9:2d:fa:9f:37:83:4f:2e:1a:31:9e:fc:5e:
         36:83:66:02:4e:9e:aa:e9:81:52:a9:0b:81:02:62:90:67:81:
         33:38:65:f8:bf:81:2f:e7:bb:e8:54:02:b7:ed:e9:47:ba:08:
         0c:ca:bc:66:91:1f:1d:3c:ce:3a:71:3f:ec:d6:2b:5b:eb:fe:
         65:a5:42:e4:92:e0:ec:02:af:f1:a8:30:dd:e4:86:55:3b:9c:
         5f:f9:0b:88
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYVzTNkzlDQjJbb7l4+O0DvjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3ZTBmN2JiYmU0MDMxYTI0ZWYxYjlkYjE5NmFhYjA2NDJl
ODRhMDYwHhcNMjMwMTAyMTYyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmJhODFmYWFkNzQ3MTc5YzAyN2M0NTQxMTVkYTI5YzBhYTg4NGZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj8NKG0eAnVoJE6MA4tFEtyIO0ZMo
wq7MMPzmXbwE96YNqDYl1Djg1utg3l9kTzWGREYrnCzJwLY/8mULga+jbmrRCMkW
SFcC1OqaAuEmDFw7q5McuGz7gyWokX0E3RHPlKhGTm/DMHLVhb+yk62sT02MsZ54
ivfSQ1XySssCyoouoSwI9WYLnXGGYuNiBAodSuzTOGS85tdY1wLqoilqNe/1zQ9U
I3+LV8j9eeT0irKGdL1veBRscQox4Y+xQuaaHTqtoY8fQxyepKGqJmgzsvvbzUGK
VfX6YVGDRQAqCjlywPqB7Kw5FVANeskWoMDpQJCWh3WeblBZQaB/UE5UJwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFMu6gfqtdHF5wCfEVBFdopwKqIT7MB8GA1UdIwQY
MBaAFCfg97u+QDGiTvG52xlqqwZC6EoGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSi1EM3U3NUFNYUpPOGJuYkdXcXJCa0xvU2dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC84YWJhNzEtM2JhOC00YjhkLThlYjYt
MzQ2YTNlYzE4NjhjLzEveTdxQi1xMTBjWG5BSjhSVUVWMmluQXFvaFBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC84YWJhNzEtM2JhOC00YjhkLThlYjYtMzQ2YTNlYzE4Njhj
LzEvSi1EM3U3NUFNYUpPOGJuYkdXcXJCa0xvU2dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQAkrleMA4E
AgACMAgDBgAqBPNAEDANBgkqhkiG9w0BAQsFAAOCAQEAdCMsjJC9EFpUbDPQmMHZ
VL9OcCy7ucOJU4z93wGxo6JDwbF4I/8/2JqjpqcI/g+0g6d9N1nldia9xb8yDP6m
CuQlhtTuzdCKZMb0fZZSk+mx1k360xavNuUiturdkSwV85dZvfTpcafDay7tq39P
/+k0AmFGqm7QeiRpnBL9GMgAtM8AiLkA/zOnu4QYkb/M0DI+HfK3I+U7JWW+Z9Ij
27TsasSKROq5LfqfN4NPLhoxnvxeNoNmAk6equmBUqkLgQJikGeBMzhl+L+BL+e7
6FQCt+3pR7oIDMq8ZpEfHTzOOnE/7NYrW+v+ZaVC5JLg7AKv8agw3eSGVTucX/kL
iA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:11 2024 by rpki-client on console-fra.rpki-client.org