Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/0fbc5f-7c04-40da-9d5a-0280598f19e3/1/7pOuc4gYp5gW4p_FB5NHGclPcow.roa
File:                     7pOuc4gYp5gW4p_FB5NHGclPcow.roa (raw, json)
Hash identifier:          pZ3ufyCS46x2BkVBkWdOgI6LXgghqD2HFJ1Q0auT1JA=
Subject key identifier:   EE:93:AE:73:88:18:A7:98:16:E2:9F:C5:07:93:47:19:C9:4F:72:8C
Certificate issuer:       /CN=6086314f87635e793bc2e3dbbed66405b8ac6771
Certificate serial:       018572711BFF81124F5E28517C42AE574C95
Authority key identifier: 60:86:31:4F:87:63:5E:79:3B:C2:E3:DB:BE:D6:64:05:B8:AC:67:71
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YIYxT4djXnk7wuPbvtZkBbisZ3E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/0fbc5f-7c04-40da-9d5a-0280598f19e3/1/7pOuc4gYp5gW4p_FB5NHGclPcow.roa
Signing time:             Mon 02 Jan 2023 12:24:53 +0000
ROA not before:           Mon 02 Jan 2023 12:24:53 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204712
IP address blocks:        185.83.192.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:32:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:71:1b:ff:81:12:4f:5e:28:51:7c:42:ae:57:4c:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6086314f87635e793bc2e3dbbed66405b8ac6771
        Validity
            Not Before: Jan  2 12:24:53 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ee93ae738818a79816e29fc507934719c94f728c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:9b:17:76:bd:08:29:1d:88:58:ae:74:d1:79:
                    7f:f6:e2:49:53:3e:85:03:fa:96:3e:dd:99:62:88:
                    34:b6:9d:b5:68:38:86:ed:07:a5:d4:70:ed:65:43:
                    6f:bc:e6:48:88:d1:5d:8c:71:c9:f6:ad:bc:2b:fc:
                    b7:e4:41:8d:ef:85:89:04:60:06:80:75:e3:a5:e1:
                    20:86:24:ce:3d:d0:aa:f7:3e:75:4c:dd:28:78:85:
                    ac:fc:af:30:d9:c2:f8:f9:0c:a7:c2:87:f0:77:02:
                    1b:ac:2b:7c:8b:08:88:b6:d8:ba:00:b0:34:56:81:
                    9d:8c:3b:a5:af:8a:4c:84:17:64:11:6e:ad:c9:b0:
                    2b:ed:61:55:e0:24:51:ae:d2:9e:67:32:21:c0:10:
                    56:26:74:d3:e1:f7:d1:19:dd:1f:c0:c5:7e:23:cd:
                    a5:1e:74:61:91:d9:48:ab:3f:db:86:ea:24:3e:eb:
                    da:2a:de:fa:73:a9:53:a8:2e:18:d2:8d:81:b5:d0:
                    0b:42:7e:e3:65:8b:45:9b:09:e5:3e:9c:19:92:88:
                    38:3f:45:7c:70:5b:72:30:fc:23:14:7d:6e:3f:e9:
                    ea:7c:89:7d:c1:79:51:d7:ff:1a:12:58:f8:35:fc:
                    00:13:fa:d7:08:26:e6:4e:96:82:9f:13:7e:e0:6e:
                    f9:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:93:AE:73:88:18:A7:98:16:E2:9F:C5:07:93:47:19:C9:4F:72:8C
            X509v3 Authority Key Identifier:
                keyid:60:86:31:4F:87:63:5E:79:3B:C2:E3:DB:BE:D6:64:05:B8:AC:67:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YIYxT4djXnk7wuPbvtZkBbisZ3E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0fbc5f-7c04-40da-9d5a-0280598f19e3/1/7pOuc4gYp5gW4p_FB5NHGclPcow.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0fbc5f-7c04-40da-9d5a-0280598f19e3/1/YIYxT4djXnk7wuPbvtZkBbisZ3E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.83.192.0/22

    Signature Algorithm: sha256WithRSAEncryption
         8c:1d:35:c7:47:ff:97:e0:13:2c:f0:6b:17:1f:03:63:9a:e0:
         0d:e6:0b:ef:72:dd:62:7c:b1:dc:6d:22:26:b0:3c:e3:19:3e:
         eb:a2:63:42:f1:2d:91:26:98:e7:6f:d8:4b:9d:f1:cc:1d:04:
         a6:6f:26:cb:90:e3:1e:b7:ad:66:a5:5c:ba:b9:18:87:9e:79:
         ce:d2:ef:5c:4e:d1:18:a0:9e:50:1a:60:d9:6a:44:7c:9a:c1:
         69:fd:55:72:d3:42:9f:a1:9c:89:fd:c7:f6:d8:bf:2b:7b:88:
         f7:7b:e6:5d:18:06:12:53:ce:14:46:96:c9:b1:a0:50:33:a6:
         13:60:9a:ff:d9:04:4f:d2:5c:ce:a2:79:cb:c2:20:6d:df:74:
         b6:cf:61:3f:bd:4c:74:af:5b:ad:a6:36:2c:d5:e7:1a:fd:71:
         e4:ac:fc:10:ad:7e:5e:6c:bc:b1:32:e0:ed:b5:09:4d:86:49:
         c9:5c:2c:77:6c:a0:74:65:a9:cf:72:43:1d:2c:f2:5d:63:9c:
         c7:85:b3:a7:2d:a9:62:9d:88:dc:ba:cf:84:b8:68:5b:62:11:
         cb:86:61:f9:bb:73:50:ee:d5:7f:2d:e4:52:62:2d:d1:ce:43:
         2d:38:3e:08:17:dc:b4:dc:5c:e1:2e:6c:cb:6f:3f:07:36:c9:
         d6:d1:65:2e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVycRv/gRJPXihRfEKuV0yVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwODYzMTRmODc2MzVlNzkzYmMyZTNkYmJlZDY2NDA1Yjhh
YzY3NzEwHhcNMjMwMTAyMTIyNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTkzYWU3Mzg4MThhNzk4MTZlMjlmYzUwNzkzNDcxOWM5NGY3MjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoJsXdr0IKR2IWK500Xl/9uJJUz6F
A/qWPt2ZYog0tp21aDiG7Qel1HDtZUNvvOZIiNFdjHHJ9q28K/y35EGN74WJBGAG
gHXjpeEghiTOPdCq9z51TN0oeIWs/K8w2cL4+QynwofwdwIbrCt8iwiItti6ALA0
VoGdjDulr4pMhBdkEW6tybAr7WFV4CRRrtKeZzIhwBBWJnTT4ffRGd0fwMV+I82l
HnRhkdlIqz/bhuokPuvaKt76c6lTqC4Y0o2BtdALQn7jZYtFmwnlPpwZkog4P0V8
cFtyMPwjFH1uP+nqfIl9wXlR1/8aElj4NfwAE/rXCCbmTpaCnxN+4G75FQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO6TrnOIGKeYFuKfxQeTRxnJT3KMMB8GA1UdIwQY
MBaAFGCGMU+HY155O8Lj277WZAW4rGdxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUlZeFQ0ZGpYbms3d3VQYnZ0WmtCYmlzWjNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8wZmJjNWYtN2MwNC00MGRhLTlkNWEt
MDI4MDU5OGYxOWUzLzEvN3BPdWM0Z1lwNWdXNHBfRkI1TkhHY2xQY293LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8wZmJjNWYtN2MwNC00MGRhLTlkNWEtMDI4MDU5OGYxOWUz
LzEvWUlZeFQ0ZGpYbms3d3VQYnZ0WmtCYmlzWjNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVPAMA0G
CSqGSIb3DQEBCwUAA4IBAQCMHTXHR/+X4BMs8GsXHwNjmuAN5gvvct1ifLHcbSIm
sDzjGT7romNC8S2RJpjnb9hLnfHMHQSmbybLkOMet61mpVy6uRiHnnnO0u9cTtEY
oJ5QGmDZakR8msFp/VVy00KfoZyJ/cf22L8re4j3e+ZdGAYSU84URpbJsaBQM6YT
YJr/2QRP0lzOonnLwiBt33S2z2E/vUx0r1utpjYs1eca/XHkrPwQrX5ebLyxMuDt
tQlNhknJXCx3bKB0ZanPckMdLPJdY5zHhbOnLalinYjcus+EuGhbYhHLhmH5u3NQ
7tV/LeRSYi3RzkMtOD4IF9y03FzhLmzLbz8HNsnW0WUu
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:23 2024 by rpki-client on console-fra.rpki-client.org