Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/t26kiMGuGCE2f_SYrDYyiNX9kjU.roa
File:                     t26kiMGuGCE2f_SYrDYyiNX9kjU.roa (raw, json)
Hash identifier:          69FZtt9DuEdrNLSDqFZ8YN3HfnhMspy3JrFb+kaDMPQ=
Subject key identifier:   B7:6E:A4:88:C1:AE:18:21:36:7F:F4:98:AC:36:32:88:D5:FD:92:35
Certificate issuer:       /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial:       018BD72B3F0C7ABA0CE89476BE13FC2DB8A6
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/t26kiMGuGCE2f_SYrDYyiNX9kjU.roa
Signing time:             Thu 16 Nov 2023 08:06:57 +0000
ROA not before:           Thu 16 Nov 2023 08:06:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     206340
IP address blocks:        185.195.4.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:d7:2b:3f:0c:7a:ba:0c:e8:94:76:be:13:fc:2d:b8:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
        Validity
            Not Before: Nov 16 08:06:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b76ea488c1ae1821367ff498ac363288d5fd9235
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:8e:4f:43:2c:29:1d:70:cb:cc:eb:8a:8f:9b:
                    33:4c:34:1e:e5:29:9c:51:e7:83:31:9b:17:ab:2c:
                    08:04:e9:97:e8:47:d2:0c:07:ca:52:6d:e1:1d:44:
                    27:c4:61:f4:11:16:dc:41:43:0a:98:a8:48:62:e6:
                    35:8c:80:70:27:68:03:c2:90:be:e7:79:8e:fd:71:
                    53:b9:3c:6c:ee:9e:66:ba:ac:ad:cb:84:ef:7c:46:
                    42:d4:e3:e4:6e:1c:e4:bd:d2:51:fd:da:65:b9:ad:
                    7e:57:6c:af:ea:81:00:ce:b6:8f:17:cf:4b:80:82:
                    70:f7:78:6a:c7:b8:7e:31:3f:e1:2a:8b:aa:f3:b3:
                    56:91:6f:3c:89:3d:0f:11:77:75:00:85:82:a5:25:
                    f1:0f:4b:ae:d9:a7:88:57:6d:42:92:ef:cd:90:89:
                    54:51:10:d7:bb:02:ae:37:69:b7:2e:6d:da:59:06:
                    90:42:3c:a0:1d:f9:18:f7:90:36:d5:df:92:d9:4b:
                    aa:cf:3c:45:d1:f2:ac:05:c8:f5:4a:3f:bc:c1:f9:
                    57:74:f6:e1:5f:ae:2f:b3:c9:5e:5b:c7:02:0d:6b:
                    4d:6c:79:cc:a0:16:00:7b:ce:9a:a3:f6:46:85:97:
                    13:3c:40:cf:56:99:84:95:7b:4f:5d:cc:a4:69:e5:
                    11:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:6E:A4:88:C1:AE:18:21:36:7F:F4:98:AC:36:32:88:D5:FD:92:35
            X509v3 Authority Key Identifier:
                keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/t26kiMGuGCE2f_SYrDYyiNX9kjU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.195.4.0/22

    Signature Algorithm: sha256WithRSAEncryption
         4a:e5:0c:27:b0:9c:6f:fe:34:1f:2b:54:c4:e3:41:f5:54:17:
         66:2f:6a:39:c2:bb:55:0d:35:01:fc:6a:5f:d3:4e:67:d4:7c:
         d2:f5:52:82:70:8e:bc:d4:10:cc:fe:55:c2:93:08:9e:59:16:
         fa:ba:be:e8:1a:e5:49:cb:d8:51:a3:66:38:d0:48:ec:3d:47:
         e2:68:4d:b1:92:e1:ea:80:4d:a0:d6:9d:9d:41:a5:39:2c:8d:
         30:c8:19:0f:cb:b8:6d:4b:89:e9:4d:12:87:e1:fa:20:11:d2:
         7a:f2:40:7c:af:a2:2a:89:c1:88:a4:42:53:ba:2a:5d:06:7f:
         ff:b5:93:4a:01:fd:c7:c3:69:2f:86:6e:c5:cc:54:44:75:bc:
         2e:92:7b:15:6a:57:83:c2:af:95:16:27:58:2c:2e:0a:6b:6e:
         d5:4a:cb:e1:5d:59:33:51:0c:09:9b:82:05:42:92:3a:17:fb:
         94:82:68:6a:77:73:63:6b:c2:18:ae:c8:9a:8d:47:ab:71:38:
         52:7d:b8:6a:31:63:32:77:f9:03:9a:d4:9a:b5:86:4e:72:80:
         b4:6a:07:71:bc:2c:07:c5:f2:7d:e5:f7:42:d7:43:9a:fb:69:
         24:8e:64:0b:d1:6d:fa:9d:1d:30:2b:df:3e:16:40:85:91:21:
         07:56:2e:ff
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYvXKz8MeroM6JR2vhP8LbimMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMxMTE2MDgwNjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzZlYTQ4OGMxYWUxODIxMzY3ZmY0OThhYzM2MzI4OGQ1ZmQ5MjM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAio5PQywpHXDLzOuKj5szTDQe5Smc
UeeDMZsXqywIBOmX6EfSDAfKUm3hHUQnxGH0ERbcQUMKmKhIYuY1jIBwJ2gDwpC+
53mO/XFTuTxs7p5muqyty4TvfEZC1OPkbhzkvdJR/dplua1+V2yv6oEAzraPF89L
gIJw93hqx7h+MT/hKouq87NWkW88iT0PEXd1AIWCpSXxD0uu2aeIV21Cku/NkIlU
URDXuwKuN2m3Lm3aWQaQQjygHfkY95A21d+S2UuqzzxF0fKsBcj1Sj+8wflXdPbh
X64vs8leW8cCDWtNbHnMoBYAe86ao/ZGhZcTPEDPVpmElXtPXcykaeURawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLdupIjBrhghNn/0mKw2MojV/ZI1MB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvdDI2a2lNR3VHQ0UyZl9TWXJEWXlpTlg5a2pVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucMEMA0G
CSqGSIb3DQEBCwUAA4IBAQBK5QwnsJxv/jQfK1TE40H1VBdmL2o5wrtVDTUB/Gpf
005n1HzS9VKCcI681BDM/lXCkwieWRb6ur7oGuVJy9hRo2Y40EjsPUfiaE2xkuHq
gE2g1p2dQaU5LI0wyBkPy7htS4npTRKH4fogEdJ68kB8r6IqicGIpEJTuipdBn//
tZNKAf3Hw2kvhm7FzFREdbwuknsValeDwq+VFidYLC4Ka27VSsvhXVkzUQwJm4IF
QpI6F/uUgmhqd3Nja8IYrsiajUercThSfbhqMWMyd/kDmtSatYZOcoC0agdxvCwH
xfJ95fdC10Oa+2kkjmQL0W36nR0wK98+FkCFkSEHVi7/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:42 2024 by rpki-client on console-fra.rpki-client.org