Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/05b3d1-116f-4d60-a176-56bbe38f7407/1/Iwy27MHWmDYl4lkT9aCZue9HLHk.roa
File:                     Iwy27MHWmDYl4lkT9aCZue9HLHk.roa (raw, json)
Hash identifier:          hyahO4czaAsMcAsyeYwKpWT5FwqbEUXWwsrQp8LTx7E=
Subject key identifier:   23:0C:B6:EC:C1:D6:98:36:25:E2:59:13:F5:A0:99:B9:EF:47:2C:79
Certificate issuer:       /CN=ff4705a363dc1d8d0ea51c9b9a1ecbd3807bd054
Certificate serial:       0185702703E76D1CC36DE440291635058010
Authority key identifier: FF:47:05:A3:63:DC:1D:8D:0E:A5:1C:9B:9A:1E:CB:D3:80:7B:D0:54
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_0cFo2PcHY0OpRybmh7L04B70FQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/05b3d1-116f-4d60-a176-56bbe38f7407/1/Iwy27MHWmDYl4lkT9aCZue9HLHk.roa
Signing time:             Mon 02 Jan 2023 01:44:43 +0000
ROA not before:           Mon 02 Jan 2023 01:44:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207044
IP address blocks:        185.12.157.0/24 maxlen: 24
                          185.12.156.0/23 maxlen: 24
                          185.12.156.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 09 Jul 2023 07:52:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:27:03:e7:6d:1c:c3:6d:e4:40:29:16:35:05:80:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ff4705a363dc1d8d0ea51c9b9a1ecbd3807bd054
        Validity
            Not Before: Jan  2 01:44:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=230cb6ecc1d6983625e25913f5a099b9ef472c79
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:ab:57:6d:1a:b1:79:f3:eb:77:63:f9:d4:7d:
                    33:93:63:46:50:b7:2c:5b:c3:85:e5:58:54:5d:f0:
                    fa:54:67:e2:3c:2a:68:57:03:90:81:25:f4:44:b2:
                    a9:c3:c4:c7:68:9f:7d:6c:f8:bf:0a:b4:fb:a8:8b:
                    7a:92:ec:6f:88:35:99:64:3f:8a:56:10:9b:34:93:
                    fa:e3:a8:0a:2d:65:ec:3a:aa:fb:b4:6c:12:09:24:
                    7c:78:b5:bd:a1:4d:c2:1c:f6:19:ae:aa:cc:8a:76:
                    09:f5:73:16:7c:b0:b3:59:14:ef:92:68:55:08:02:
                    0f:bb:3e:ef:71:f2:de:e4:e0:4a:09:9d:27:b4:db:
                    c5:ca:ef:aa:2a:89:4c:af:96:b1:a9:f1:aa:df:3c:
                    c3:bd:44:bc:7d:40:29:5e:98:15:d8:ea:84:20:62:
                    75:e0:43:db:3c:83:b7:07:21:7c:e1:59:94:f7:8e:
                    7f:d9:d8:6b:f2:0c:5f:a9:8b:ad:10:e4:93:56:80:
                    74:95:36:5f:70:df:14:f8:ef:94:2c:60:42:48:e9:
                    eb:dc:09:8f:02:d2:f6:c5:3e:55:62:3c:80:af:9a:
                    61:ce:11:d8:cf:82:ec:92:10:19:7e:6f:ca:f8:0e:
                    9e:54:70:63:cc:6b:11:04:3c:6c:79:4f:ad:70:3f:
                    26:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:0C:B6:EC:C1:D6:98:36:25:E2:59:13:F5:A0:99:B9:EF:47:2C:79
            X509v3 Authority Key Identifier:
                keyid:FF:47:05:A3:63:DC:1D:8D:0E:A5:1C:9B:9A:1E:CB:D3:80:7B:D0:54

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_0cFo2PcHY0OpRybmh7L04B70FQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/05b3d1-116f-4d60-a176-56bbe38f7407/1/Iwy27MHWmDYl4lkT9aCZue9HLHk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/05b3d1-116f-4d60-a176-56bbe38f7407/1/_0cFo2PcHY0OpRybmh7L04B70FQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.12.156.0/23

    Signature Algorithm: sha256WithRSAEncryption
         6f:a1:bf:98:7c:c2:8c:cb:6e:6b:ef:14:b4:71:5d:70:fd:0d:
         c2:e0:d8:99:7a:3c:c7:f2:8f:af:6c:aa:e7:d4:bf:db:55:2a:
         70:53:57:07:29:e4:b7:7f:27:f4:96:ff:f3:94:36:be:91:ae:
         ae:37:3f:e4:61:33:e4:dc:63:0a:1d:25:43:98:84:6d:ec:e1:
         b8:6a:e5:ce:26:62:1f:e5:20:33:c6:81:eb:06:52:04:74:93:
         8e:45:1f:0d:19:95:3c:81:8e:19:e8:b9:cf:28:10:b3:36:5c:
         8e:71:19:b2:02:1f:72:b6:67:32:89:37:0d:ad:31:9e:c3:bd:
         d8:03:e4:a3:5c:9e:f4:f8:7d:df:a2:5a:27:ef:e2:65:4b:56:
         cc:5f:ee:19:ed:76:0b:8c:6c:fc:ed:6c:b6:e3:cc:e2:86:b8:
         ab:70:cd:d4:66:d2:ba:e4:1b:90:b2:d0:bd:03:2a:9d:85:cc:
         69:f7:fd:a4:38:7f:ce:36:15:20:6b:7f:78:71:af:1f:57:b3:
         62:7d:a5:b8:bf:6e:c7:6b:7a:02:17:5c:12:e4:db:43:e3:42:
         38:dc:a3:21:e0:bc:67:70:ee:ed:7b:87:1e:8a:21:21:ba:15:
         60:82:aa:15:ea:e2:da:eb:9c:28:14:71:32:e5:41:a9:7a:b9:
         c1:5b:9b:11
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwJwPnbRzDbeRAKRY1BYAQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmNDcwNWEzNjNkYzFkOGQwZWE1MWM5YjlhMWVjYmQzODA3
YmQwNTQwHhcNMjMwMTAyMDE0NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzBjYjZlY2MxZDY5ODM2MjVlMjU5MTNmNWEwOTliOWVmNDcyYzc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnKtXbRqxefPrd2P51H0zk2NGULcs
W8OF5VhUXfD6VGfiPCpoVwOQgSX0RLKpw8THaJ99bPi/CrT7qIt6kuxviDWZZD+K
VhCbNJP646gKLWXsOqr7tGwSCSR8eLW9oU3CHPYZrqrMinYJ9XMWfLCzWRTvkmhV
CAIPuz7vcfLe5OBKCZ0ntNvFyu+qKolMr5axqfGq3zzDvUS8fUApXpgV2OqEIGJ1
4EPbPIO3ByF84VmU945/2dhr8gxfqYutEOSTVoB0lTZfcN8U+O+ULGBCSOnr3AmP
AtL2xT5VYjyAr5phzhHYz4LskhAZfm/K+A6eVHBjzGsRBDxseU+tcD8mgQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCMMtuzB1pg2JeJZE/WgmbnvRyx5MB8GA1UdIwQY
MBaAFP9HBaNj3B2NDqUcm5oey9OAe9BUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzBjRm8yUGNIWTBPcFJ5Ym1oN0wwNEI3MEZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8wNWIzZDEtMTE2Zi00ZDYwLWExNzYt
NTZiYmUzOGY3NDA3LzEvSXd5MjdNSFdtRFlsNGxrVDlhQ1p1ZTlITEhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8wNWIzZDEtMTE2Zi00ZDYwLWExNzYtNTZiYmUzOGY3NDA3
LzEvXzBjRm8yUGNIWTBPcFJ5Ym1oN0wwNEI3MEZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuQycMA0G
CSqGSIb3DQEBCwUAA4IBAQBvob+YfMKMy25r7xS0cV1w/Q3C4NiZejzH8o+vbKrn
1L/bVSpwU1cHKeS3fyf0lv/zlDa+ka6uNz/kYTPk3GMKHSVDmIRt7OG4auXOJmIf
5SAzxoHrBlIEdJOORR8NGZU8gY4Z6LnPKBCzNlyOcRmyAh9ytmcyiTcNrTGew73Y
A+SjXJ70+H3folon7+JlS1bMX+4Z7XYLjGz87Wy248zihrircM3UZtK65BuQstC9
Ayqdhcxp9/2kOH/ONhUga394ca8fV7NifaW4v27Ha3oCF1wS5NtD40I43KMh4Lxn
cO7te4ceiiEhuhVggqoV6uLa65woFHEy5UGpernBW5sR
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:21 2024 by rpki-client on console-ams.rpki-client.org