Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/c84976-d5ea-4e7f-8ed3-a89f81776406/1/u8Qd8hw2kxQmcNoXUseYRAXdUME.roa
File:                     u8Qd8hw2kxQmcNoXUseYRAXdUME.roa (raw, json)
Hash identifier:          IKhrnwszV9WC/idxfMKHrjP1ra4DpNNS1zeKjXR0BpM=
Subject key identifier:   BB:C4:1D:F2:1C:36:93:14:26:70:DA:17:52:C7:98:44:05:DD:50:C1
Certificate issuer:       /CN=f8857ecf441e5ea1d7181fec7e97e6dbc1220fc2
Certificate serial:       018570796E827E3149BC5B61BDB6C5C740E6
Authority key identifier: F8:85:7E:CF:44:1E:5E:A1:D7:18:1F:EC:7E:97:E6:DB:C1:22:0F:C2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-IV-z0QeXqHXGB_sfpfm28EiD8I.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/c84976-d5ea-4e7f-8ed3-a89f81776406/1/u8Qd8hw2kxQmcNoXUseYRAXdUME.roa
Signing time:             Mon 02 Jan 2023 03:14:44 +0000
ROA not before:           Mon 02 Jan 2023 03:14:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     56876
IP address blocks:        193.192.58.0/23 maxlen: 24
                          94.250.192.0/19 maxlen: 24
                          185.137.120.0/22 maxlen: 24
                          176.57.128.0/18 maxlen: 24
                          2a00:e440::/32 maxlen: 64

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:33:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:79:6e:82:7e:31:49:bc:5b:61:bd:b6:c5:c7:40:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f8857ecf441e5ea1d7181fec7e97e6dbc1220fc2
        Validity
            Not Before: Jan  2 03:14:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=bbc41df21c3693142670da1752c7984405dd50c1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:58:b3:a0:9c:13:93:9b:0e:57:5d:22:61:a1:
                    13:b7:af:ce:d1:f7:72:7e:10:e7:a7:2d:21:8e:59:
                    e1:3a:1a:78:fc:4c:84:60:1d:9c:91:65:f7:20:34:
                    4f:9c:88:6f:95:db:b6:d1:ae:33:71:d3:67:0c:0a:
                    ad:27:b6:b9:78:96:f0:be:41:5b:c5:90:f3:49:ec:
                    f6:08:d4:94:a6:6e:39:6f:44:2d:e0:00:34:0f:41:
                    66:48:c6:21:36:2a:89:cf:74:54:23:ac:9e:1e:a2:
                    96:0b:84:3f:3a:00:fc:32:27:56:09:a7:00:51:86:
                    1f:f8:1f:73:35:99:39:c5:9f:cb:e9:cc:05:b2:a2:
                    52:a9:33:8e:79:b0:e3:d6:38:91:cc:c2:9e:4f:63:
                    84:d7:0c:a0:5c:ef:f7:6e:db:53:2c:f3:ec:bf:16:
                    fa:99:9c:c8:58:ff:1a:3c:3c:36:79:ed:03:d4:89:
                    20:1b:4e:ea:87:5e:6d:7d:bb:70:72:ba:cf:02:95:
                    24:62:85:69:35:db:57:20:1e:50:12:1b:4c:e5:48:
                    2c:e2:8e:62:5d:e4:bb:d3:44:f3:ec:2b:25:54:c8:
                    72:4d:f9:53:2f:cc:fe:b0:7e:14:2c:e9:1a:50:c0:
                    e0:e2:10:29:5a:f2:36:ed:65:c6:25:c1:a4:3d:9c:
                    ce:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:C4:1D:F2:1C:36:93:14:26:70:DA:17:52:C7:98:44:05:DD:50:C1
            X509v3 Authority Key Identifier:
                keyid:F8:85:7E:CF:44:1E:5E:A1:D7:18:1F:EC:7E:97:E6:DB:C1:22:0F:C2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-IV-z0QeXqHXGB_sfpfm28EiD8I.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/c84976-d5ea-4e7f-8ed3-a89f81776406/1/u8Qd8hw2kxQmcNoXUseYRAXdUME.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/c84976-d5ea-4e7f-8ed3-a89f81776406/1/1-IV-z0QeXqHXGB_sfpfm28EiD8I.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  94.250.192.0/19
                  176.57.128.0/18
                  185.137.120.0/22
                  193.192.58.0/23
                IPv6:
                  2a00:e440::/32

    Signature Algorithm: sha256WithRSAEncryption
         ac:75:10:73:5b:9d:e9:1b:d6:c4:80:d0:21:c5:53:24:31:11:
         59:58:a0:e2:35:f3:62:fe:0a:17:ff:aa:db:14:d2:65:bc:19:
         1b:e0:2a:50:30:06:ad:cd:b0:94:2f:6e:01:26:3b:c0:8d:b9:
         05:07:9a:53:89:98:63:8e:8d:35:b3:42:97:71:ba:00:b7:7e:
         6a:6b:93:8f:40:a8:03:4d:99:3b:2d:29:06:d5:94:04:1a:1c:
         bd:e0:0e:f8:5e:84:54:4d:b1:f4:ac:a0:35:62:78:b7:c5:48:
         f3:83:59:1f:70:b7:53:19:22:b0:a0:b0:6c:cc:36:e6:6b:f4:
         f2:30:ae:0b:a0:20:e5:0e:20:2a:9f:a2:e9:be:fc:87:20:67:
         b2:78:31:b3:05:fb:3a:4d:42:01:55:e2:b1:11:d6:b2:81:de:
         0b:0b:81:4e:c5:7c:0e:3c:08:7d:db:34:f5:4c:05:0f:6e:bb:
         72:66:5e:39:d9:d9:7f:25:1a:3d:06:d4:32:e8:0b:70:4e:86:
         49:cb:1a:93:47:49:d8:dc:bd:cb:d4:ad:71:c4:6f:d1:36:da:
         28:80:5d:1d:64:8b:dc:be:1d:02:09:68:20:1b:06:ee:3f:18:
         d7:ce:42:6d:1a:51:a8:8a:05:4d:87:04:03:eb:c1:64:e0:72:
         f2:31:e9:8f
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYVweW6CfjFJvFthvbbFx0DmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ODU3ZWNmNDQxZTVlYTFkNzE4MWZlYzdlOTdlNmRiYzEy
MjBmYzIwHhcNMjMwMTAyMDMxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmM0MWRmMjFjMzY5MzE0MjY3MGRhMTc1MmM3OTg0NDA1ZGQ1MGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApVizoJwTk5sOV10iYaETt6/O0fdy
fhDnpy0hjlnhOhp4/EyEYB2ckWX3IDRPnIhvldu20a4zcdNnDAqtJ7a5eJbwvkFb
xZDzSez2CNSUpm45b0Qt4AA0D0FmSMYhNiqJz3RUI6yeHqKWC4Q/OgD8MidWCacA
UYYf+B9zNZk5xZ/L6cwFsqJSqTOOebDj1jiRzMKeT2OE1wygXO/3bttTLPPsvxb6
mZzIWP8aPDw2ee0D1IkgG07qh15tfbtwcrrPApUkYoVpNdtXIB5QEhtM5Ugs4o5i
XeS700Tz7CslVMhyTflTL8z+sH4ULOkaUMDg4hApWvI27WXGJcGkPZzOSQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFLvEHfIcNpMUJnDaF1LHmEQF3VDBMB8GA1UdIwQY
MBaAFPiFfs9EHl6h1xgf7H6X5tvBIg/CMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1JVi16MFFlWHFIWEdCX3NmcGZtMjhFaUQ4SS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmEvYzg0OTc2LWQ1ZWEtNGU3Zi04ZWQz
LWE4OWY4MTc3NjQwNi8xL3U4UWQ4aHcya3hRbWNOb1hVc2VZUkFYZFVNRS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMmEvYzg0OTc2LWQ1ZWEtNGU3Zi04ZWQzLWE4OWY4MTc3NjQw
Ni8xLzEtSVYtejBRZVhxSFhHQl9zZnBmbTI4RWlEOEkuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwQAYIKwYBBQUHAQcBAf8EMTAvMB4EAgABMBgDBAVe+sAD
BAawOYADBAK5iXgDBAHBwDowDQQCAAIwBwMFACoA5EAwDQYJKoZIhvcNAQELBQAD
ggEBAKx1EHNbnekb1sSA0CHFUyQxEVlYoOI182L+Chf/qtsU0mW8GRvgKlAwBq3N
sJQvbgEmO8CNuQUHmlOJmGOOjTWzQpdxugC3fmprk49AqANNmTstKQbVlAQaHL3g
DvhehFRNsfSsoDVieLfFSPODWR9wt1MZIrCgsGzMNuZr9PIwrgugIOUOICqfoum+
/IcgZ7J4MbMF+zpNQgFV4rER1rKB3gsLgU7FfA48CH3bNPVMBQ9uu3JmXjnZ2X8l
Gj0G1DLoC3BOhknLGpNHSdjcvcvUrXHEb9E22iiAXR1ki9y+HQIJaCAbBu4/GNfO
Qm0aUaiKBU2HBAPrwWTgcvIx6Y8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:18 2024 by rpki-client on console-ams.rpki-client.org