Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/358416-2752-4159-add6-cc3fb351e336/1/c1oJn-YT6M5IKmJqyZCW098vXaE.roa
File:                     c1oJn-YT6M5IKmJqyZCW098vXaE.roa (raw, json)
Hash identifier:          UWjb0nCZXs+oK+qFN6e+zNBDzphWRda+HRbz7yog1+o=
Subject key identifier:   73:5A:09:9F:E6:13:E8:CE:48:2A:62:6A:C9:90:96:D3:DF:2F:5D:A1
Certificate issuer:       /CN=059b86f99e2d6bde14fa8799de71ce41b98020b9
Certificate serial:       0188BE19D2E2617B4E154BD7CE7C4AA7FF4D
Authority key identifier: 05:9B:86:F9:9E:2D:6B:DE:14:FA:87:99:DE:71:CE:41:B9:80:20:B9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BZuG-Z4ta94U-oeZ3nHOQbmAILk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/29/358416-2752-4159-add6-cc3fb351e336/1/c1oJn-YT6M5IKmJqyZCW098vXaE.roa
Signing time:             Thu 15 Jun 2023 08:09:03 +0000
ROA not before:           Thu 15 Jun 2023 08:09:03 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     206077
IP address blocks:        185.253.146.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:be:19:d2:e2:61:7b:4e:15:4b:d7:ce:7c:4a:a7:ff:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=059b86f99e2d6bde14fa8799de71ce41b98020b9
        Validity
            Not Before: Jun 15 08:09:03 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=735a099fe613e8ce482a626ac99096d3df2f5da1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f7:57:e5:08:4a:a2:a7:2d:6d:e5:e3:73:19:4f:
                    ac:f4:94:cb:9d:09:06:f5:69:a1:58:94:af:f4:8f:
                    df:0c:b7:c1:e4:e9:e6:9f:e0:53:d5:de:df:95:d6:
                    fc:f9:9c:6b:8d:a1:35:7b:01:13:4e:8a:7b:3c:36:
                    0b:48:48:ed:5f:14:3e:66:76:1c:33:a3:e1:c2:2e:
                    8a:4d:5c:1e:c4:0c:57:09:2a:da:b8:84:56:c3:8d:
                    75:92:c2:b4:e6:28:92:6e:f3:6b:88:87:54:71:59:
                    c1:9b:24:61:93:6c:fb:f2:de:3f:eb:5c:ca:61:95:
                    16:8c:50:05:fe:23:3e:8e:47:f4:3e:32:5c:5b:eb:
                    04:ae:a8:64:ad:83:00:44:7a:92:e2:38:c3:29:81:
                    9e:dc:96:e8:05:3b:bf:f0:9c:b4:ce:d3:9f:f9:44:
                    8b:e1:8b:6b:2b:35:ca:56:90:48:c8:73:10:ad:41:
                    ba:b4:5b:64:da:4e:05:f6:b9:98:99:b7:2c:7d:0f:
                    5d:81:a7:8d:3b:d3:fd:bb:0b:1c:81:61:87:46:23:
                    b2:ef:5d:c9:3c:a5:dc:00:5b:3a:13:a3:59:ff:27:
                    78:12:47:e9:8c:d1:fc:28:ce:02:7e:bc:70:db:93:
                    51:67:03:4f:4a:5f:09:ec:c6:ff:b3:00:7b:fa:e6:
                    13:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:5A:09:9F:E6:13:E8:CE:48:2A:62:6A:C9:90:96:D3:DF:2F:5D:A1
            X509v3 Authority Key Identifier:
                keyid:05:9B:86:F9:9E:2D:6B:DE:14:FA:87:99:DE:71:CE:41:B9:80:20:B9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZuG-Z4ta94U-oeZ3nHOQbmAILk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/358416-2752-4159-add6-cc3fb351e336/1/c1oJn-YT6M5IKmJqyZCW098vXaE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/29/358416-2752-4159-add6-cc3fb351e336/1/BZuG-Z4ta94U-oeZ3nHOQbmAILk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.253.146.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7a:86:70:84:e5:7c:99:54:57:25:d0:be:a9:d1:54:78:3f:87:
         d1:89:cb:2b:7a:8d:e4:58:0c:45:2c:28:f2:4f:26:b9:9d:a5:
         38:db:94:17:70:eb:f4:e4:1d:aa:32:40:97:83:67:ee:6c:aa:
         c8:a0:a5:86:01:54:de:ad:83:19:d2:26:22:6f:5f:0c:06:f3:
         cf:7c:5e:36:28:14:c9:eb:84:30:cb:5c:95:91:3a:af:10:3a:
         7a:4c:ca:02:9a:fe:4a:3b:6a:f7:5b:1f:0b:57:fd:74:55:87:
         c4:4a:c2:6a:22:7d:e0:eb:24:ac:9c:98:ae:c8:0f:c1:57:69:
         dd:d8:00:78:82:e2:af:3a:7c:b0:86:d2:48:94:93:e8:fe:b0:
         17:93:00:f5:23:ba:a2:b8:3e:7d:91:f8:4e:ae:1a:c1:6d:cc:
         97:c7:34:61:2f:75:24:af:dc:26:09:82:52:06:db:f9:2b:bc:
         9e:60:1e:85:5a:5e:ce:3e:24:2d:8b:29:27:95:db:6f:37:ee:
         f4:da:f9:f4:0a:dc:98:f4:dc:11:3c:f2:ca:8b:cf:7d:d4:df:
         50:8a:b6:4e:0e:2f:1f:5c:38:e2:a4:c9:70:b0:99:da:a3:ac:
         0c:a3:39:79:a6:38:eb:34:e6:75:3f:96:6b:c9:54:64:5b:a7:
         e7:82:b2:69
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYi+GdLiYXtOFUvXznxKp/9NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OWI4NmY5OWUyZDZiZGUxNGZhODc5OWRlNzFjZTQxYjk4
MDIwYjkwHhcNMjMwNjE1MDgwOTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzVhMDk5ZmU2MTNlOGNlNDgyYTYyNmFjOTkwOTZkM2RmMmY1ZGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA91flCEqipy1t5eNzGU+s9JTLnQkG
9WmhWJSv9I/fDLfB5Onmn+BT1d7fldb8+ZxrjaE1ewETTop7PDYLSEjtXxQ+ZnYc
M6Phwi6KTVwexAxXCSrauIRWw411ksK05iiSbvNriIdUcVnBmyRhk2z78t4/61zK
YZUWjFAF/iM+jkf0PjJcW+sErqhkrYMARHqS4jjDKYGe3JboBTu/8Jy0ztOf+USL
4YtrKzXKVpBIyHMQrUG6tFtk2k4F9rmYmbcsfQ9dgaeNO9P9uwscgWGHRiOy713J
PKXcAFs6E6NZ/yd4EkfpjNH8KM4Cfrxw25NRZwNPSl8J7Mb/swB7+uYTAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHNaCZ/mE+jOSCpiasmQltPfL12hMB8GA1UdIwQY
MBaAFAWbhvmeLWveFPqHmd5xzkG5gCC5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlp1Ry1aNHRhOTRVLW9lWjNuSE9RYm1BSUxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8zNTg0MTYtMjc1Mi00MTU5LWFkZDYt
Y2MzZmIzNTFlMzM2LzEvYzFvSm4tWVQ2TTVJS21KcXlaQ1cwOTh2WGFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8zNTg0MTYtMjc1Mi00MTU5LWFkZDYtY2MzZmIzNTFlMzM2
LzEvQlp1Ry1aNHRhOTRVLW9lWjNuSE9RYm1BSUxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuf2SMA0G
CSqGSIb3DQEBCwUAA4IBAQB6hnCE5XyZVFcl0L6p0VR4P4fRicsreo3kWAxFLCjy
Tya5naU425QXcOv05B2qMkCXg2fubKrIoKWGAVTerYMZ0iYib18MBvPPfF42KBTJ
64Qwy1yVkTqvEDp6TMoCmv5KO2r3Wx8LV/10VYfESsJqIn3g6ySsnJiuyA/BV2nd
2AB4guKvOnywhtJIlJPo/rAXkwD1I7qiuD59kfhOrhrBbcyXxzRhL3Ukr9wmCYJS
Btv5K7yeYB6FWl7OPiQtiyknldtvN+702vn0CtyY9NwRPPLKi8991N9QirZODi8f
XDjipMlwsJnao6wMozl5pjjrNOZ1P5ZryVRkW6fngrJp
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:39 2024 by rpki-client on console-ams.rpki-client.org