Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/0b647f-a6e5-46f3-b99c-b09b9385d727/1/i1Qs15GQJ5WVR7vShn6RGBRy7Ew.roa
File:                     i1Qs15GQJ5WVR7vShn6RGBRy7Ew.roa (raw, json)
Hash identifier:          ibqhYH5TOY6NNgdk3qwvzeVu4BUaNi6ogZ36Zkr1sXI=
Subject key identifier:   8B:54:2C:D7:91:90:27:95:95:47:BB:D2:86:7E:91:18:14:72:EC:4C
Certificate issuer:       /CN=27d04843c4f3a4e76694db3cfbf9be3a9b67c699
Certificate serial:       01856F1DADEC49187411F137F67E9CF6BBCE
Authority key identifier: 27:D0:48:43:C4:F3:A4:E7:66:94:DB:3C:FB:F9:BE:3A:9B:67:C6:99
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/J9BIQ8TzpOdmlNs8-_m-Optnxpk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/0b647f-a6e5-46f3-b99c-b09b9385d727/1/i1Qs15GQJ5WVR7vShn6RGBRy7Ew.roa
Signing time:             Sun 01 Jan 2023 20:54:54 +0000
ROA not before:           Sun 01 Jan 2023 20:54:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211326
IP address blocks:        185.134.82.0/24 maxlen: 24
                          185.134.82.0/23 maxlen: 23
                          185.134.80.0/22 maxlen: 22
                          185.134.81.0/24 maxlen: 24
                          185.134.83.0/24 maxlen: 24
                          185.134.80.0/23 maxlen: 23
                          185.134.80.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:29:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:1d:ad:ec:49:18:74:11:f1:37:f6:7e:9c:f6:bb:ce
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=27d04843c4f3a4e76694db3cfbf9be3a9b67c699
        Validity
            Not Before: Jan  1 20:54:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8b542cd7919027959547bbd2867e91181472ec4c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:3f:75:90:de:e7:ca:03:5c:65:1e:b8:d2:ff:
                    a2:c1:12:67:5b:d8:b6:35:4e:ba:96:4e:5b:ae:02:
                    d5:ba:a3:0f:7e:e5:4a:83:d3:b8:85:81:c8:aa:ba:
                    05:55:09:3c:ec:68:c9:c1:6a:56:71:a6:95:41:cb:
                    dc:c9:22:5b:7b:8c:a1:34:d0:ae:f9:53:32:0f:e3:
                    10:a2:8a:a5:c4:aa:e5:55:be:22:79:40:8f:d0:9b:
                    e2:b4:08:09:36:70:16:3f:66:9c:e7:c8:d6:b6:bb:
                    dc:9a:ae:38:39:bb:ad:54:37:54:93:fc:e7:c5:88:
                    d2:1a:a1:78:2c:bd:93:f5:f7:e4:63:43:a6:4b:18:
                    c8:5b:71:1c:b5:f7:32:6a:82:fd:82:60:26:d3:b9:
                    12:37:cf:61:da:f5:18:8c:bd:05:67:e5:fd:bd:5c:
                    1a:7f:0d:57:cc:bd:0c:9d:23:99:26:c8:af:9c:be:
                    dd:fa:7b:fd:49:6c:8a:73:e7:29:ce:04:d8:4d:b4:
                    83:2d:45:03:3d:94:5c:65:90:02:82:42:85:5f:cf:
                    aa:02:1d:92:36:f6:f8:1e:84:b5:24:81:f5:84:9b:
                    d7:d3:b6:1d:86:9a:fe:14:a1:dd:67:b1:aa:41:21:
                    83:30:0e:0b:0a:d7:94:50:a3:59:eb:32:fc:7c:69:
                    3a:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:54:2C:D7:91:90:27:95:95:47:BB:D2:86:7E:91:18:14:72:EC:4C
            X509v3 Authority Key Identifier:
                keyid:27:D0:48:43:C4:F3:A4:E7:66:94:DB:3C:FB:F9:BE:3A:9B:67:C6:99

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J9BIQ8TzpOdmlNs8-_m-Optnxpk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/0b647f-a6e5-46f3-b99c-b09b9385d727/1/i1Qs15GQJ5WVR7vShn6RGBRy7Ew.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/0b647f-a6e5-46f3-b99c-b09b9385d727/1/J9BIQ8TzpOdmlNs8-_m-Optnxpk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.134.80.0/22

    Signature Algorithm: sha256WithRSAEncryption
         9d:bb:d6:13:8a:75:79:0a:a5:53:1c:ff:7d:66:7b:34:4c:a7:
         43:33:21:21:f7:7a:14:8b:a0:e3:7b:22:61:fd:09:ca:d2:53:
         fa:19:2c:c9:70:49:5d:77:06:45:e1:68:2a:69:c0:fd:15:ff:
         d0:e0:1d:f6:81:84:31:11:5d:0e:98:39:8b:ce:fc:8a:94:f7:
         3b:4d:17:72:05:56:fc:32:4d:38:09:dd:be:cf:c5:00:f3:0c:
         35:24:f5:7a:b5:dd:d1:58:34:85:15:d5:24:46:01:50:80:f2:
         8e:37:99:da:14:17:94:f4:f6:76:a9:69:eb:1d:3d:bf:62:7d:
         95:f4:9c:90:c5:6c:b6:aa:9e:60:28:51:8f:69:f1:40:4b:16:
         ab:2c:b6:fa:3e:f6:d9:49:ef:14:87:6f:4e:99:32:9d:42:8d:
         dd:ec:4d:cc:d4:66:20:3f:e3:24:2a:87:10:7b:77:1a:a9:da:
         01:24:e5:e4:bc:ad:42:51:e7:cd:b1:11:12:55:13:c7:bb:12:
         6d:fa:6d:11:9c:4f:a0:c0:0e:ac:a0:51:18:5a:e1:1f:1c:f9:
         4b:7b:63:96:32:9d:fa:82:86:50:32:32:33:40:2c:b1:75:eb:
         1b:03:2d:8b:d9:08:03:40:5d:19:99:d4:fe:7c:5a:61:9c:60:
         b9:c8:0b:bc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvHa3sSRh0EfE39n6c9rvOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3ZDA0ODQzYzRmM2E0ZTc2Njk0ZGIzY2ZiZjliZTNhOWI2
N2M2OTkwHhcNMjMwMTAxMjA1NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjU0MmNkNzkxOTAyNzk1OTU0N2JiZDI4NjdlOTExODE0NzJlYzRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsT91kN7nygNcZR640v+iwRJnW9i2
NU66lk5brgLVuqMPfuVKg9O4hYHIqroFVQk87GjJwWpWcaaVQcvcySJbe4yhNNCu
+VMyD+MQooqlxKrlVb4ieUCP0JvitAgJNnAWP2ac58jWtrvcmq44ObutVDdUk/zn
xYjSGqF4LL2T9ffkY0OmSxjIW3EctfcyaoL9gmAm07kSN89h2vUYjL0FZ+X9vVwa
fw1XzL0MnSOZJsivnL7d+nv9SWyKc+cpzgTYTbSDLUUDPZRcZZACgkKFX8+qAh2S
Nvb4HoS1JIH1hJvX07Ydhpr+FKHdZ7GqQSGDMA4LCteUUKNZ6zL8fGk69wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFItULNeRkCeVlUe70oZ+kRgUcuxMMB8GA1UdIwQY
MBaAFCfQSEPE86TnZpTbPPv5vjqbZ8aZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjlCSVE4VHpwT2RtbE5zOC1fbS1PcHRueHBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy8wYjY0N2YtYTZlNS00NmYzLWI5OWMt
YjA5YjkzODVkNzI3LzEvaTFRczE1R1FKNVdWUjd2U2huNlJHQlJ5N0V3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy8wYjY0N2YtYTZlNS00NmYzLWI5OWMtYjA5YjkzODVkNzI3
LzEvSjlCSVE4VHpwT2RtbE5zOC1fbS1PcHRueHBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYZQMA0G
CSqGSIb3DQEBCwUAA4IBAQCdu9YTinV5CqVTHP99Zns0TKdDMyEh93oUi6DjeyJh
/QnK0lP6GSzJcElddwZF4WgqacD9Ff/Q4B32gYQxEV0OmDmLzvyKlPc7TRdyBVb8
Mk04Cd2+z8UA8ww1JPV6td3RWDSFFdUkRgFQgPKON5naFBeU9PZ2qWnrHT2/Yn2V
9JyQxWy2qp5gKFGPafFASxarLLb6PvbZSe8Uh29OmTKdQo3d7E3M1GYgP+MkKocQ
e3caqdoBJOXkvK1CUefNsRESVRPHuxJt+m0RnE+gwA6soFEYWuEfHPlLe2OWMp36
goZQMjIzQCyxdesbAy2L2QgDQF0ZmdT+fFphnGC5yAu8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:11 2024 by rpki-client on console-fra.rpki-client.org