Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/56aee9-996c-438f-bb00-0dfa6b22eff2/1/O5QUPQcwUkjt-jy6VQeGBecwluY.roa
File:                     O5QUPQcwUkjt-jy6VQeGBecwluY.roa (raw, json)
Hash identifier:          UZ/42vHyqYRjlttlgQk4ESpvV5XDlsD6A4BEUKPF+Nw=
Subject key identifier:   3B:94:14:3D:07:30:52:48:ED:FA:3C:BA:55:07:86:05:E7:30:96:E6
Certificate issuer:       /CN=4705d3c6a5b0512682cdfdf363b19a9c567f1f6c
Certificate serial:       0188F30DEF67582CA15C2C100EB8CC971FAD
Authority key identifier: 47:05:D3:C6:A5:B0:51:26:82:CD:FD:F3:63:B1:9A:9C:56:7F:1F:6C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RwXTxqWwUSaCzf3zY7GanFZ_H2w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/36/56aee9-996c-438f-bb00-0dfa6b22eff2/1/O5QUPQcwUkjt-jy6VQeGBecwluY.roa
Signing time:             Sun 25 Jun 2023 14:55:56 +0000
ROA not before:           Sun 25 Jun 2023 14:55:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     138968
IP address blocks:        85.208.212.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:29:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:f3:0d:ef:67:58:2c:a1:5c:2c:10:0e:b8:cc:97:1f:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4705d3c6a5b0512682cdfdf363b19a9c567f1f6c
        Validity
            Not Before: Jun 25 14:55:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3b94143d07305248edfa3cba55078605e73096e6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:35:dc:18:31:65:ec:df:52:3d:da:ef:9c:2e:
                    27:a2:37:35:ad:9b:fb:03:a2:02:57:61:bf:ce:5f:
                    a0:86:47:5d:5b:f7:ea:99:a8:dd:bc:d6:1a:b5:d7:
                    eb:c4:f5:0d:d4:8d:7d:1a:80:ca:1b:1e:b6:24:ed:
                    5e:0b:07:7c:ef:e2:44:9f:aa:c3:9b:7a:72:ea:3d:
                    07:fb:4e:77:00:6e:cc:58:7f:88:17:37:9e:e2:54:
                    1a:a4:e0:36:be:45:bd:16:ee:99:0b:6c:6a:6f:3c:
                    02:d9:91:40:79:43:b1:64:ce:a0:55:ca:d8:a3:3b:
                    90:66:7f:79:74:bf:35:a6:cf:f7:f1:71:a0:7e:48:
                    d0:fe:14:24:c5:dc:3e:9c:3e:56:87:6e:62:9d:46:
                    b8:c9:75:a8:e8:ab:27:d7:71:d9:c2:d2:ff:9a:a5:
                    27:81:eb:9d:48:19:0b:d9:02:fa:2e:9f:e3:11:34:
                    a4:61:26:f1:54:9f:bc:b9:ac:8d:4d:6d:1a:63:96:
                    85:73:07:7c:3d:55:f3:75:d7:9d:93:18:8f:14:a2:
                    01:0c:d5:26:03:a1:26:ac:b5:14:43:fe:1c:e7:34:
                    e2:aa:fc:a5:4c:e7:92:55:c6:0c:b2:d7:43:e5:38:
                    88:82:16:d0:08:49:a5:53:ec:ed:2a:ca:66:7a:b3:
                    bb:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:94:14:3D:07:30:52:48:ED:FA:3C:BA:55:07:86:05:E7:30:96:E6
            X509v3 Authority Key Identifier:
                keyid:47:05:D3:C6:A5:B0:51:26:82:CD:FD:F3:63:B1:9A:9C:56:7F:1F:6C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RwXTxqWwUSaCzf3zY7GanFZ_H2w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/56aee9-996c-438f-bb00-0dfa6b22eff2/1/O5QUPQcwUkjt-jy6VQeGBecwluY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/36/56aee9-996c-438f-bb00-0dfa6b22eff2/1/RwXTxqWwUSaCzf3zY7GanFZ_H2w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.208.212.0/22

    Signature Algorithm: sha256WithRSAEncryption
         0c:f6:06:7d:a2:52:69:bb:2f:7c:cb:a1:a5:6f:94:23:9f:23:
         0b:8b:af:77:9e:be:81:d2:9f:d9:16:4c:df:75:82:87:6f:47:
         cb:ec:e5:81:df:09:c1:64:ab:72:0d:3a:84:25:2c:69:a0:8d:
         c1:5b:c4:a4:16:0a:00:02:28:1a:07:88:f5:cf:87:b7:6a:4a:
         d3:b5:07:4c:40:d9:3f:47:9c:20:20:c6:5c:22:9b:51:ca:34:
         09:ec:ef:a8:aa:0e:61:84:d2:e8:f7:cf:ca:74:e0:25:3d:48:
         9c:df:d7:2b:28:5f:e7:de:a6:db:c3:4e:a6:ca:77:1a:0b:d4:
         d5:f3:cc:9a:ef:a1:03:69:71:7d:2b:86:58:08:64:11:5e:57:
         89:09:cf:15:58:d1:d7:eb:d0:e1:25:4e:24:48:f9:33:6f:ae:
         71:2b:79:22:09:52:56:2b:1d:4d:41:75:54:3a:eb:fc:bb:a1:
         f3:f8:45:aa:6d:8f:d8:cc:4c:a2:f3:26:25:bc:d9:86:2e:17:
         ff:b3:f1:90:c9:10:11:71:56:35:35:8b:b7:bb:c9:0c:18:05:
         6e:d3:d4:34:de:4d:2e:f4:59:40:4a:09:94:49:49:96:7c:08:
         48:17:05:2e:96:13:70:62:e4:28:7c:fd:09:a5:1a:01:1a:d9:
         a2:a9:2c:81
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYjzDe9nWCyhXCwQDrjMlx+tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3MDVkM2M2YTViMDUxMjY4MmNkZmRmMzYzYjE5YTljNTY3
ZjFmNmMwHhcNMjMwNjI1MTQ1NTU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjk0MTQzZDA3MzA1MjQ4ZWRmYTNjYmE1NTA3ODYwNWU3MzA5NmU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmTXcGDFl7N9SPdrvnC4nojc1rZv7
A6ICV2G/zl+ghkddW/fqmajdvNYatdfrxPUN1I19GoDKGx62JO1eCwd87+JEn6rD
m3py6j0H+053AG7MWH+IFzee4lQapOA2vkW9Fu6ZC2xqbzwC2ZFAeUOxZM6gVcrY
ozuQZn95dL81ps/38XGgfkjQ/hQkxdw+nD5Wh25inUa4yXWo6Ksn13HZwtL/mqUn
geudSBkL2QL6Lp/jETSkYSbxVJ+8uayNTW0aY5aFcwd8PVXzddedkxiPFKIBDNUm
A6EmrLUUQ/4c5zTiqvylTOeSVcYMstdD5TiIghbQCEmlU+ztKspmerO7HQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDuUFD0HMFJI7fo8ulUHhgXnMJbmMB8GA1UdIwQY
MBaAFEcF08alsFEmgs3982OxmpxWfx9sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUndYVHhxV3dVU2FDemYzelk3R2FuRlpfSDJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi81NmFlZTktOTk2Yy00MzhmLWJiMDAt
MGRmYTZiMjJlZmYyLzEvTzVRVVBRY3dVa2p0LWp5NlZRZUdCZWN3bHVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi81NmFlZTktOTk2Yy00MzhmLWJiMDAtMGRmYTZiMjJlZmYy
LzEvUndYVHhxV3dVU2FDemYzelk3R2FuRlpfSDJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVdDUMA0G
CSqGSIb3DQEBCwUAA4IBAQAM9gZ9olJpuy98y6Glb5QjnyMLi693nr6B0p/ZFkzf
dYKHb0fL7OWB3wnBZKtyDTqEJSxpoI3BW8SkFgoAAigaB4j1z4e3akrTtQdMQNk/
R5wgIMZcIptRyjQJ7O+oqg5hhNLo98/KdOAlPUic39crKF/n3qbbw06myncaC9TV
88ya76EDaXF9K4ZYCGQRXleJCc8VWNHX69DhJU4kSPkzb65xK3kiCVJWKx1NQXVU
Ouv8u6Hz+EWqbY/YzEyi8yYlvNmGLhf/s/GQyRARcVY1NYu3u8kMGAVu09Q03k0u
9FlASgmUSUmWfAhIFwUulhNwYuQofP0JpRoBGtmiqSyB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:20 2024 by rpki-client on console-fra.rpki-client.org