Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/0fcd8e-1034-4a75-a070-699f3cd850fa/1/l1828dTCWnFllOpYOJ-s8mzy_-A.roa
File:                     l1828dTCWnFllOpYOJ-s8mzy_-A.roa (raw, json)
Hash identifier:          yhnsHZ603SY3NlGP/857CqbSraJpo9MP0SJ+x1wBQg0=
Subject key identifier:   97:5F:36:F1:D4:C2:5A:71:65:94:EA:58:38:9F:AC:F2:6C:F2:FF:E0
Certificate issuer:       /CN=8b2e0d184ff553375c847c38d4dfcdcde1219fd3
Certificate serial:       01856F0B418AE38F77E7C2E86BA1158679CE
Authority key identifier: 8B:2E:0D:18:4F:F5:53:37:5C:84:7C:38:D4:DF:CD:CD:E1:21:9F:D3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iy4NGE_1UzdchHw41N_NzeEhn9M.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/0fcd8e-1034-4a75-a070-699f3cd850fa/1/l1828dTCWnFllOpYOJ-s8mzy_-A.roa
Signing time:             Sun 01 Jan 2023 20:34:46 +0000
ROA not before:           Sun 01 Jan 2023 20:34:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     203226
IP address blocks:        185.14.98.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 00:29:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:0b:41:8a:e3:8f:77:e7:c2:e8:6b:a1:15:86:79:ce
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8b2e0d184ff553375c847c38d4dfcdcde1219fd3
        Validity
            Not Before: Jan  1 20:34:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=975f36f1d4c25a716594ea58389facf26cf2ffe0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:78:6c:22:8f:5f:bc:f2:29:f4:ed:ad:fa:43:
                    62:7c:3f:b9:f1:32:94:31:48:ad:fa:f0:2e:9e:c2:
                    4a:0f:c4:e3:c5:46:5f:30:0d:54:9b:e3:e3:7c:44:
                    95:79:80:e0:fe:21:c8:28:71:5b:c2:cc:e6:f8:cc:
                    54:72:17:aa:ed:5c:b0:78:f6:b4:4e:ee:94:08:c4:
                    fa:a6:0f:00:79:e0:30:fb:6e:10:b1:1a:1e:b9:0b:
                    45:c8:3c:09:b2:c1:b3:5c:85:c7:86:b6:8a:79:9b:
                    5d:4a:c3:e0:79:61:c8:4f:dd:62:40:a9:68:4d:9d:
                    72:74:d3:ff:1d:d8:15:73:5e:18:7a:49:d8:b1:c7:
                    ad:33:94:12:a4:64:e4:12:aa:1e:96:ab:2b:ed:fa:
                    02:2e:3d:1b:da:45:bd:58:82:84:b0:d7:71:e6:97:
                    5d:fd:81:a1:55:52:ca:4d:e5:bb:16:d1:88:f7:49:
                    f9:0e:49:32:c2:d6:f2:e2:a1:a6:69:26:ed:64:16:
                    e8:34:0b:06:c2:f6:2e:59:d2:cc:43:5d:00:fc:88:
                    c1:02:ff:27:45:eb:bc:ad:d3:ec:cf:0f:55:9d:3b:
                    99:ac:df:03:52:3d:a5:a0:0a:bf:f8:d0:d0:7b:9d:
                    96:53:83:a5:5b:75:ae:ec:9c:84:eb:9c:df:90:6f:
                    49:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:5F:36:F1:D4:C2:5A:71:65:94:EA:58:38:9F:AC:F2:6C:F2:FF:E0
            X509v3 Authority Key Identifier:
                keyid:8B:2E:0D:18:4F:F5:53:37:5C:84:7C:38:D4:DF:CD:CD:E1:21:9F:D3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iy4NGE_1UzdchHw41N_NzeEhn9M.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/0fcd8e-1034-4a75-a070-699f3cd850fa/1/l1828dTCWnFllOpYOJ-s8mzy_-A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/0fcd8e-1034-4a75-a070-699f3cd850fa/1/iy4NGE_1UzdchHw41N_NzeEhn9M.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.14.98.0/24

    Signature Algorithm: sha256WithRSAEncryption
         67:1c:6c:10:d3:32:18:0c:d3:c6:a7:81:6f:bd:53:85:24:93:
         c3:92:d6:08:fe:58:3c:f7:ad:9c:3a:71:7e:a9:b4:e0:51:9a:
         f6:d7:7f:cc:50:ce:41:1e:c0:9a:8a:cf:87:6f:f8:17:e6:57:
         f9:0c:88:af:d0:e1:04:b2:b0:23:38:ac:88:59:e4:10:aa:6a:
         47:57:f4:19:1a:e4:07:53:1d:b6:e2:d2:0a:86:6c:97:93:f5:
         14:ad:d7:65:db:fb:ad:33:e6:e5:22:89:88:d1:18:3b:c3:7e:
         31:77:bc:04:98:73:79:5a:93:43:8e:00:e7:5c:aa:d4:c4:06:
         72:51:7b:88:71:81:9f:71:e0:e6:94:af:94:e3:f7:2b:1d:c2:
         f9:77:df:ae:39:ea:e2:94:3a:89:32:93:83:5f:90:62:a2:83:
         d2:c9:f3:fb:79:8b:24:c0:22:7f:53:9e:62:db:cd:7d:11:d9:
         06:4b:1a:4a:4e:dc:ea:cf:f7:ca:05:8f:df:fb:26:38:19:54:
         bd:e1:b4:fe:17:14:91:e1:d0:2e:4b:75:e9:a9:83:67:5c:0e:
         84:5b:2a:bb:24:0f:78:94:ef:30:e2:7b:f2:17:1c:50:f1:a8:
         cf:f5:00:4a:a8:f2:84:02:b8:1b:1d:2e:83:d2:90:2d:61:74:
         a8:76:03:30
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvC0GK449358Loa6EVhnnOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiMmUwZDE4NGZmNTUzMzc1Yzg0N2MzOGQ0ZGZjZGNkZTEy
MTlmZDMwHhcNMjMwMTAxMjAzNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzVmMzZmMWQ0YzI1YTcxNjU5NGVhNTgzODlmYWNmMjZjZjJmZmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuXhsIo9fvPIp9O2t+kNifD+58TKU
MUit+vAunsJKD8TjxUZfMA1Um+PjfESVeYDg/iHIKHFbwszm+MxUcheq7VywePa0
Tu6UCMT6pg8AeeAw+24QsRoeuQtFyDwJssGzXIXHhraKeZtdSsPgeWHIT91iQKlo
TZ1ydNP/HdgVc14YeknYscetM5QSpGTkEqoelqsr7foCLj0b2kW9WIKEsNdx5pdd
/YGhVVLKTeW7FtGI90n5Dkkywtby4qGmaSbtZBboNAsGwvYuWdLMQ10A/IjBAv8n
Reu8rdPszw9VnTuZrN8DUj2loAq/+NDQe52WU4OlW3Wu7JyE65zfkG9JYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJdfNvHUwlpxZZTqWDifrPJs8v/gMB8GA1UdIwQY
MBaAFIsuDRhP9VM3XIR8ONTfzc3hIZ/TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXk0TkdFXzFVemRjaEh3NDFOX056ZUVobjlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy8wZmNkOGUtMTAzNC00YTc1LWEwNzAt
Njk5ZjNjZDg1MGZhLzEvbDE4MjhkVENXbkZsbE9wWU9KLXM4bXp5Xy1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy8wZmNkOGUtMTAzNC00YTc1LWEwNzAtNjk5ZjNjZDg1MGZh
LzEvaXk0TkdFXzFVemRjaEh3NDFOX056ZUVobjlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuQ5iMA0G
CSqGSIb3DQEBCwUAA4IBAQBnHGwQ0zIYDNPGp4FvvVOFJJPDktYI/lg8962cOnF+
qbTgUZr213/MUM5BHsCais+Hb/gX5lf5DIiv0OEEsrAjOKyIWeQQqmpHV/QZGuQH
Ux224tIKhmyXk/UUrddl2/utM+blIomI0Rg7w34xd7wEmHN5WpNDjgDnXKrUxAZy
UXuIcYGfceDmlK+U4/crHcL5d9+uOerilDqJMpODX5BiooPSyfP7eYskwCJ/U55i
2819EdkGSxpKTtzqz/fKBY/f+yY4GVS94bT+FxSR4dAuS3XpqYNnXA6EWyq7JA94
lO8w4nvyFxxQ8ajP9QBKqPKEArgbHS6D0pAtYXSodgMw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:11 2024 by rpki-client on console-fra.rpki-client.org