Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/Em4xd8ZapkU9559O2tDp-QcmAp0.roa
File:                     Em4xd8ZapkU9559O2tDp-QcmAp0.roa (raw, json)
Hash identifier:          H3hz9Xvtd5352d2Se4WthPBZokmSTn7wZswL8ihDkcY=
Subject key identifier:   12:6E:31:77:C6:5A:A6:45:3D:E7:9F:4E:DA:D0:E9:F9:07:26:02:9D
Certificate issuer:       /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial:       018571A7B0D2F995FADC39A2E5FB79AA8AB1
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/Em4xd8ZapkU9559O2tDp-QcmAp0.roa
Signing time:             Mon 02 Jan 2023 08:44:53 +0000
ROA not before:           Mon 02 Jan 2023 08:44:53 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204421
IP address blocks:        185.212.10.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:a7:b0:d2:f9:95:fa:dc:39:a2:e5:fb:79:aa:8a:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
        Validity
            Not Before: Jan  2 08:44:53 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=126e3177c65aa6453de79f4edad0e9f90726029d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:0f:78:f2:90:28:96:a7:45:55:27:fc:6c:7d:
                    8a:93:52:4f:b2:dc:84:d1:27:25:a5:53:5e:5f:25:
                    ec:b2:03:60:e1:52:7a:85:e8:20:73:3d:b6:d1:00:
                    5a:e0:fd:31:c8:ed:0c:32:8f:12:cb:23:4a:f5:c1:
                    f5:5c:8d:05:e8:84:37:c6:66:3a:37:2a:cc:d3:da:
                    71:9b:f1:51:db:22:47:90:7d:c3:eb:ff:6a:42:9b:
                    60:a8:01:78:fd:4a:78:ee:a5:b5:e7:32:5f:ad:b8:
                    7f:36:08:2d:7c:12:08:7a:26:17:a9:82:f0:0f:3f:
                    58:95:c9:ed:c3:df:80:99:18:5c:56:75:5d:53:a3:
                    cd:26:dd:f2:c3:ad:e2:f0:c1:50:65:c2:66:dd:9a:
                    c6:8e:e0:bf:c9:79:95:30:03:8b:68:df:3f:de:3c:
                    0c:b5:02:3b:d9:14:16:a8:e6:41:4e:17:d8:b6:84:
                    e9:02:9b:32:ec:17:d5:d5:04:85:e5:ab:64:1f:53:
                    25:30:66:7c:06:a6:a6:84:d6:f3:2c:ab:14:66:40:
                    63:e6:7a:4d:01:a0:03:96:bd:1b:43:31:41:3e:4f:
                    5c:d6:14:2b:16:a9:53:41:d5:31:42:64:d5:c1:c2:
                    a6:a6:b7:cf:2f:8f:32:ef:84:49:60:7e:15:bf:79:
                    98:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:6E:31:77:C6:5A:A6:45:3D:E7:9F:4E:DA:D0:E9:F9:07:26:02:9D
            X509v3 Authority Key Identifier:
                keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/Em4xd8ZapkU9559O2tDp-QcmAp0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.212.10.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5d:bd:1e:70:18:c7:62:d5:85:d7:83:c7:b3:f7:05:4f:b8:e2:
         ae:25:9a:99:76:45:35:5f:3a:fe:63:8b:c3:e5:f9:c0:d0:75:
         ac:b8:a5:a9:87:b6:59:ae:84:c0:28:7b:8a:40:30:18:34:d7:
         30:16:d3:b7:61:29:d9:1c:9f:58:8e:ab:f8:34:6c:f2:d1:9a:
         b3:98:c1:d5:aa:fe:03:17:92:8e:87:f2:e8:20:d1:c2:bc:1a:
         29:1f:6f:5b:b4:22:3d:81:5f:15:77:c3:dd:ff:6a:5c:f3:07:
         a0:d8:92:bf:6c:3a:31:09:c5:4f:c6:83:a7:3a:3f:e6:4e:51:
         5a:f3:58:3d:82:a7:dc:84:2f:50:e8:5d:33:d6:cd:66:12:ee:
         97:e7:b5:f4:34:72:c6:81:a0:35:47:ea:b5:dc:1d:db:54:30:
         1f:50:be:1f:34:4d:6d:85:b0:eb:32:17:e8:11:31:7f:1a:ef:
         c8:b9:09:22:81:6b:96:47:f7:60:37:fe:22:03:61:66:d4:c3:
         5e:22:88:d1:2b:09:c4:f6:36:b2:b5:63:b3:87:d2:63:2d:f7:
         35:f9:98:b1:ad:24:4d:74:16:85:f7:bf:2b:f2:2a:c3:d7:07:
         98:3e:c4:43:ac:a6:72:12:a1:b8:26:f8:34:54:87:83:e1:9d:
         57:73:00:57
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxp7DS+ZX63Dmi5ft5qoqxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMwMTAyMDg0NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjZlMzE3N2M2NWFhNjQ1M2RlNzlmNGVkYWQwZTlmOTA3MjYwMjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4w948pAolqdFVSf8bH2Kk1JPstyE
0SclpVNeXyXssgNg4VJ6heggcz220QBa4P0xyO0MMo8SyyNK9cH1XI0F6IQ3xmY6
NyrM09pxm/FR2yJHkH3D6/9qQptgqAF4/Up47qW15zJfrbh/NggtfBIIeiYXqYLw
Dz9Ylcntw9+AmRhcVnVdU6PNJt3yw63i8MFQZcJm3ZrGjuC/yXmVMAOLaN8/3jwM
tQI72RQWqOZBThfYtoTpApsy7BfV1QSF5atkH1MlMGZ8BqamhNbzLKsUZkBj5npN
AaADlr0bQzFBPk9c1hQrFqlTQdUxQmTVwcKmprfPL48y74RJYH4Vv3mYlQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBJuMXfGWqZFPeefTtrQ6fkHJgKdMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvRW00eGQ4WmFwa1U5NTU5TzJ0RHAtUWNtQXAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudQKMA0G
CSqGSIb3DQEBCwUAA4IBAQBdvR5wGMdi1YXXg8ez9wVPuOKuJZqZdkU1Xzr+Y4vD
5fnA0HWsuKWph7ZZroTAKHuKQDAYNNcwFtO3YSnZHJ9Yjqv4NGzy0ZqzmMHVqv4D
F5KOh/LoINHCvBopH29btCI9gV8Vd8Pd/2pc8weg2JK/bDoxCcVPxoOnOj/mTlFa
81g9gqfchC9Q6F0z1s1mEu6X57X0NHLGgaA1R+q13B3bVDAfUL4fNE1thbDrMhfo
ETF/Gu/IuQkigWuWR/dgN/4iA2Fm1MNeIojRKwnE9jaytWOzh9JjLfc1+ZixrSRN
dBaF978r8irD1weYPsRDrKZyEqG4Jvg0VIeD4Z1XcwBX
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:26 2024 by rpki-client on console-ams.rpki-client.org