Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/0BSs8lx2HctIKtKi-CxVWsmlkyk.roa
File:                     0BSs8lx2HctIKtKi-CxVWsmlkyk.roa (raw, json)
Hash identifier:          KM9rOzdZeTwZaGNfctZTdr/Acg0X1M5xGinltX2qDX8=
Subject key identifier:   D0:14:AC:F2:5C:76:1D:CB:48:2A:D2:A2:F8:2C:55:5A:C9:A5:93:29
Certificate issuer:       /CN=0551605b675ece4e0fce7175ae31a93fa8272ba6
Certificate serial:       018A2895CD99D80912AD472EF1700C87459C
Authority key identifier: 05:51:60:5B:67:5E:CE:4E:0F:CE:71:75:AE:31:A9:3F:A8:27:2B:A6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BVFgW2dezk4PznF1rjGpP6gnK6Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/0BSs8lx2HctIKtKi-CxVWsmlkyk.roa
Signing time:             Thu 24 Aug 2023 17:27:00 +0000
ROA not before:           Thu 24 Aug 2023 17:27:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     5065
IP address blocks:        85.208.44.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Thu 14 Sep 2023 06:57:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:28:95:cd:99:d8:09:12:ad:47:2e:f1:70:0c:87:45:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0551605b675ece4e0fce7175ae31a93fa8272ba6
        Validity
            Not Before: Aug 24 17:27:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d014acf25c761dcb482ad2a2f82c555ac9a59329
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:f1:71:8e:9e:3c:13:4a:ea:36:ad:5c:40:0a:
                    a0:c8:a5:9e:8b:21:22:e6:95:f9:8d:a2:c9:2a:3c:
                    1a:93:cb:04:0e:2b:1b:f7:34:98:da:4a:73:0d:ac:
                    10:16:a5:63:2b:2a:e0:c5:8d:aa:e7:ed:63:33:89:
                    4f:47:87:e8:fe:79:5e:97:cb:e0:c8:84:f4:0a:fe:
                    9d:e3:0f:7d:44:2c:e0:45:1f:df:5c:96:05:d0:b1:
                    3b:05:bc:d1:46:cd:a4:fa:8e:ad:89:9e:8c:bb:db:
                    5d:10:2c:29:b1:96:dd:86:78:de:67:a8:8d:af:02:
                    e8:9e:ec:74:8b:6b:0a:78:3d:00:08:c8:ea:db:92:
                    4e:81:78:05:df:5a:a1:3c:4e:bb:50:c1:35:43:0c:
                    6b:55:da:f9:b5:ce:28:8f:f4:2d:1e:ce:f6:0f:d3:
                    12:14:e3:b3:4c:66:e4:04:d7:c1:be:4c:46:e9:7e:
                    72:bf:8b:b7:bb:e3:ca:78:05:64:36:90:ff:ee:52:
                    e1:65:2f:dc:c2:ba:8e:33:e5:f3:d1:3b:da:f8:65:
                    13:98:6e:64:2d:3c:af:25:13:b6:09:f7:d8:e8:e9:
                    9c:8b:5a:96:bf:d9:63:7f:13:26:75:17:79:af:88:
                    3e:f1:87:06:48:e2:d8:e6:cd:75:71:40:b9:b2:3b:
                    7c:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:14:AC:F2:5C:76:1D:CB:48:2A:D2:A2:F8:2C:55:5A:C9:A5:93:29
            X509v3 Authority Key Identifier:
                keyid:05:51:60:5B:67:5E:CE:4E:0F:CE:71:75:AE:31:A9:3F:A8:27:2B:A6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BVFgW2dezk4PznF1rjGpP6gnK6Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/0BSs8lx2HctIKtKi-CxVWsmlkyk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/BVFgW2dezk4PznF1rjGpP6gnK6Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.208.44.0/23

    Signature Algorithm: sha256WithRSAEncryption
         12:f2:bf:36:68:87:1e:a7:c3:3d:a6:6d:26:c8:98:80:a4:2f:
         c2:8b:c1:60:21:72:b2:b8:dc:7e:03:12:a7:4e:1a:64:33:d0:
         d4:a2:78:5d:d4:07:5e:a9:11:d4:e3:69:4e:08:3f:da:31:05:
         74:31:7a:26:4e:8e:9d:dc:45:fd:58:43:5f:7c:eb:d6:f9:78:
         a6:46:8a:c7:7c:c1:a0:75:2a:fd:5f:88:e9:19:6d:48:21:d5:
         36:4e:a7:b0:61:83:3f:71:b6:f8:d1:82:55:d4:c5:cc:e9:65:
         d6:18:d9:db:73:ed:f1:13:22:f3:d9:50:74:8c:bb:88:a6:65:
         d3:c8:96:e5:f7:0c:e1:dd:92:14:dd:83:39:4b:55:97:b4:d6:
         17:50:cc:bc:d0:92:15:cd:4e:51:94:80:de:7e:71:53:18:c1:
         04:ec:03:c2:f3:c7:cf:3e:93:81:63:cd:ec:5a:69:0e:4a:92:
         c1:74:91:0c:44:d8:60:95:53:a1:8f:5e:75:e6:c0:71:24:20:
         db:19:e4:ab:9b:fb:af:43:f2:93:c8:e5:47:8f:52:4b:d6:98:
         d3:43:fc:de:20:27:cd:41:08:37:ed:b7:bf:f3:35:0d:de:dd:
         fe:a7:9a:1a:16:ed:01:52:62:5d:99:4b:90:e4:cc:96:7b:61:
         d1:4c:c0:51
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYoolc2Z2AkSrUcu8XAMh0WcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NTE2MDViNjc1ZWNlNGUwZmNlNzE3NWFlMzFhOTNmYTgy
NzJiYTYwHhcNMjMwODI0MTcyNzAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDE0YWNmMjVjNzYxZGNiNDgyYWQyYTJmODJjNTU1YWM5YTU5MzI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlfFxjp48E0rqNq1cQAqgyKWeiyEi
5pX5jaLJKjwak8sEDisb9zSY2kpzDawQFqVjKyrgxY2q5+1jM4lPR4fo/nlel8vg
yIT0Cv6d4w99RCzgRR/fXJYF0LE7BbzRRs2k+o6tiZ6Mu9tdECwpsZbdhnjeZ6iN
rwLonux0i2sKeD0ACMjq25JOgXgF31qhPE67UME1QwxrVdr5tc4oj/QtHs72D9MS
FOOzTGbkBNfBvkxG6X5yv4u3u+PKeAVkNpD/7lLhZS/cwrqOM+Xz0Tva+GUTmG5k
LTyvJRO2CffY6Omci1qWv9ljfxMmdRd5r4g+8YcGSOLY5s11cUC5sjt8lQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNAUrPJcdh3LSCrSovgsVVrJpZMpMB8GA1UdIwQY
MBaAFAVRYFtnXs5OD85xda4xqT+oJyumMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlZGZ1cyZGV6azRQem5GMXJqR3BQNmduSzZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yOGVhNDUtN2QzMC00NmRmLThmMmEt
MDc3OWY0OGVjZWEwLzEvMEJTczhseDJIY3RJS3RLaS1DeFZXc21sa3lrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yOGVhNDUtN2QzMC00NmRmLThmMmEtMDc3OWY0OGVjZWEw
LzEvQlZGZ1cyZGV6azRQem5GMXJqR3BQNmduSzZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBVdAsMA0G
CSqGSIb3DQEBCwUAA4IBAQAS8r82aIcep8M9pm0myJiApC/Ci8FgIXKyuNx+AxKn
ThpkM9DUonhd1AdeqRHU42lOCD/aMQV0MXomTo6d3EX9WENffOvW+XimRorHfMGg
dSr9X4jpGW1IIdU2TqewYYM/cbb40YJV1MXM6WXWGNnbc+3xEyLz2VB0jLuIpmXT
yJbl9wzh3ZIU3YM5S1WXtNYXUMy80JIVzU5RlIDefnFTGMEE7APC88fPPpOBY83s
WmkOSpLBdJEMRNhglVOhj1515sBxJCDbGeSrm/uvQ/KTyOVHj1JL1pjTQ/zeICfN
QQg37be/8zUN3t3+p5oaFu0BUmJdmUuQ5MyWe2HRTMBR
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:23 2024 by rpki-client on console-ams.rpki-client.org