Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/d8b009-d923-4bff-a82f-e8b70aa442fd/1/1cNYFxFXzwG6_xU8J071aJDe32k.roa
File:                     1cNYFxFXzwG6_xU8J071aJDe32k.roa (raw, json)
Hash identifier:          T7AI9fTtsb3qUVnF3T1dRH+cXJGFcsgvRxi49TDU2e4=
Subject key identifier:   D5:C3:58:17:11:57:CF:01:BA:FF:15:3C:27:4E:F5:68:90:DE:DF:69
Certificate issuer:       /CN=25a3f511d0095606a525084ae460836dc5d24397
Certificate serial:       01856D81CCB05FCC38BEAD764B85E8F0E9BD
Authority key identifier: 25:A3:F5:11:D0:09:56:06:A5:25:08:4A:E4:60:83:6D:C5:D2:43:97
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/JaP1EdAJVgalJQhK5GCDbcXSQ5c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/37/d8b009-d923-4bff-a82f-e8b70aa442fd/1/1cNYFxFXzwG6_xU8J071aJDe32k.roa
Signing time:             Sun 01 Jan 2023 13:25:01 +0000
ROA not before:           Sun 01 Jan 2023 13:25:01 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60608
IP address blocks:        185.28.122.0/24 maxlen: 24
                          185.28.121.0/24 maxlen: 24
                          185.28.120.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:31:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:81:cc:b0:5f:cc:38:be:ad:76:4b:85:e8:f0:e9:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=25a3f511d0095606a525084ae460836dc5d24397
        Validity
            Not Before: Jan  1 13:25:01 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d5c358171157cf01baff153c274ef56890dedf69
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:16:21:9a:ab:70:d3:a9:d4:ff:f8:59:8d:02:
                    ad:17:78:a4:c2:b2:d7:d6:10:c8:a7:8e:69:22:ca:
                    b7:6d:61:ee:03:92:f6:48:74:29:d5:eb:7d:a2:21:
                    16:fc:47:8a:86:bd:e0:38:81:bd:44:3e:58:97:b3:
                    ae:a4:eb:59:bf:f5:48:07:01:f9:bd:c7:44:d9:84:
                    f5:27:b3:ac:38:77:93:89:9e:d1:9e:6d:2c:5f:b6:
                    18:17:95:ac:be:e0:88:8b:7e:bd:65:e9:f8:9a:e0:
                    96:0a:4a:2e:eb:a3:e9:5c:fe:3b:04:11:c8:b0:17:
                    60:eb:9b:6e:4c:0f:6e:3e:e8:73:a4:11:c8:ad:0b:
                    fd:a7:1f:8c:38:a2:ec:98:b2:3a:2f:d8:51:8a:f3:
                    78:87:e4:93:da:a8:bd:78:ed:d4:ef:21:b7:94:7b:
                    b5:d0:b0:90:3e:ee:f1:a2:e8:10:a8:7e:66:22:c9:
                    9b:6f:3f:bb:4c:49:e5:4e:24:7e:4a:d9:60:2c:99:
                    57:be:ff:06:d9:3d:8d:70:c0:43:68:75:8a:92:e2:
                    93:9f:5e:d2:38:e9:c8:68:e1:71:d5:2b:c3:43:ab:
                    33:fe:23:a7:4d:3a:1f:ed:a8:2e:6c:35:f8:c2:28:
                    16:58:dc:9f:07:00:0e:66:34:3e:46:b3:6e:7f:1b:
                    38:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:C3:58:17:11:57:CF:01:BA:FF:15:3C:27:4E:F5:68:90:DE:DF:69
            X509v3 Authority Key Identifier:
                keyid:25:A3:F5:11:D0:09:56:06:A5:25:08:4A:E4:60:83:6D:C5:D2:43:97

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JaP1EdAJVgalJQhK5GCDbcXSQ5c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/d8b009-d923-4bff-a82f-e8b70aa442fd/1/1cNYFxFXzwG6_xU8J071aJDe32k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/37/d8b009-d923-4bff-a82f-e8b70aa442fd/1/JaP1EdAJVgalJQhK5GCDbcXSQ5c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.28.120.0-185.28.122.255

    Signature Algorithm: sha256WithRSAEncryption
         1a:66:5d:3a:86:d1:f5:b1:f4:30:7b:f8:56:16:4e:71:5b:c6:
         5f:e5:31:f5:e0:58:24:bc:62:f6:c5:9a:aa:8c:36:81:39:7e:
         92:2f:72:d0:0f:df:90:1c:cc:91:a6:34:95:df:5e:ea:c5:f2:
         72:c6:2a:e0:6b:44:d3:75:4a:4e:9f:dd:d2:4c:34:78:d8:f4:
         8c:2b:ac:c0:69:74:ec:44:53:71:ed:57:6a:ef:e5:4a:d4:08:
         29:86:4b:d0:5f:31:9e:7d:ff:43:6b:4a:57:09:e9:76:da:fd:
         79:2b:60:e1:04:4f:d7:37:b7:f5:a0:21:97:96:1f:21:57:c2:
         40:fa:2e:0a:56:48:ea:cd:f3:4b:f9:f9:35:24:45:38:e9:b8:
         c9:07:4f:fd:c0:ad:25:73:5c:e2:a8:9f:41:62:56:7b:9e:a1:
         61:50:d1:43:5f:34:78:48:6f:9f:81:f2:ef:2e:2c:93:08:eb:
         e4:4b:97:bb:b6:79:43:c1:4c:d0:cb:a7:66:52:c6:df:a5:3e:
         43:0c:80:13:84:95:f4:3c:9e:e7:2d:27:25:e2:4f:13:b4:91:
         a6:00:56:70:5d:c9:f6:e3:53:95:b2:57:f0:60:3e:06:07:16:
         59:2c:52:cc:b1:94:9c:43:97:65:bd:ab:e8:42:e8:f3:f4:c8:
         e3:f0:71:e7
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVtgcywX8w4vq12S4Xo8Om9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1YTNmNTExZDAwOTU2MDZhNTI1MDg0YWU0NjA4MzZkYzVk
MjQzOTcwHhcNMjMwMTAxMTMyNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWMzNTgxNzExNTdjZjAxYmFmZjE1M2MyNzRlZjU2ODkwZGVkZjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzxYhmqtw06nU//hZjQKtF3ikwrLX
1hDIp45pIsq3bWHuA5L2SHQp1et9oiEW/EeKhr3gOIG9RD5Yl7OupOtZv/VIBwH5
vcdE2YT1J7OsOHeTiZ7Rnm0sX7YYF5WsvuCIi369Zen4muCWCkou66PpXP47BBHI
sBdg65tuTA9uPuhzpBHIrQv9px+MOKLsmLI6L9hRivN4h+ST2qi9eO3U7yG3lHu1
0LCQPu7xougQqH5mIsmbbz+7TEnlTiR+StlgLJlXvv8G2T2NcMBDaHWKkuKTn17S
OOnIaOFx1SvDQ6sz/iOnTTof7agubDX4wigWWNyfBwAOZjQ+RrNufxs4jQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFNXDWBcRV88Buv8VPCdO9WiQ3t9pMB8GA1UdIwQY
MBaAFCWj9RHQCVYGpSUISuRgg23F0kOXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmFQMUVkQUpWZ2FsSlFoSzVHQ0RiY1hTUTVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy9kOGIwMDktZDkyMy00YmZmLWE4MmYt
ZThiNzBhYTQ0MmZkLzEvMWNOWUZ4Rlh6d0c2X3hVOEowNzFhSkRlMzJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy9kOGIwMDktZDkyMy00YmZmLWE4MmYtZThiNzBhYTQ0MmZk
LzEvSmFQMUVkQUpWZ2FsSlFoSzVHQ0RiY1hTUTVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAO5HHgD
BAC5HHowDQYJKoZIhvcNAQELBQADggEBABpmXTqG0fWx9DB7+FYWTnFbxl/lMfXg
WCS8YvbFmqqMNoE5fpIvctAP35AczJGmNJXfXurF8nLGKuBrRNN1Sk6f3dJMNHjY
9IwrrMBpdOxEU3HtV2rv5UrUCCmGS9BfMZ59/0NrSlcJ6Xba/XkrYOEET9c3t/Wg
IZeWHyFXwkD6LgpWSOrN80v5+TUkRTjpuMkHT/3ArSVzXOKon0FiVnueoWFQ0UNf
NHhIb5+B8u8uLJMI6+RLl7u2eUPBTNDLp2ZSxt+lPkMMgBOElfQ8nuctJyXiTxO0
kaYAVnBdyfbjU5WyV/BgPgYHFlksUsyxlJxDl2W9q+hC6PP0yOPwcec=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:15 2024 by rpki-client on console-ams.rpki-client.org