Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/85fa84-5d99-4aa8-8753-5d8ca63681ad/1/asRxHmu0iwsPK2jx4PwT3TwiG8g.roa
File:                     asRxHmu0iwsPK2jx4PwT3TwiG8g.roa (raw, json)
Hash identifier:          0QOJODsTEYDGfmz9ssVzAX/VZ6FTAcHgsBRhXWEUTMg=
Subject key identifier:   6A:C4:71:1E:6B:B4:8B:0B:0F:2B:68:F1:E0:FC:13:DD:3C:22:1B:C8
Certificate issuer:       /CN=7c2380d764a9611dfe2fbc0ce0cc40496ec1e83e
Certificate serial:       01856D2F2E7F69C2B41D0DBFAB24E5970313
Authority key identifier: 7C:23:80:D7:64:A9:61:1D:FE:2F:BC:0C:E0:CC:40:49:6E:C1:E8:3E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fCOA12SpYR3-L7wM4MxASW7B6D4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3c/85fa84-5d99-4aa8-8753-5d8ca63681ad/1/asRxHmu0iwsPK2jx4PwT3TwiG8g.roa
Signing time:             Sun 01 Jan 2023 11:54:46 +0000
ROA not before:           Sun 01 Jan 2023 11:54:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     35478
IP address blocks:        185.26.223.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:31:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:2f:2e:7f:69:c2:b4:1d:0d:bf:ab:24:e5:97:03:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7c2380d764a9611dfe2fbc0ce0cc40496ec1e83e
        Validity
            Not Before: Jan  1 11:54:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6ac4711e6bb48b0b0f2b68f1e0fc13dd3c221bc8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:d9:92:85:49:e1:a7:e7:4b:8e:dd:8e:34:a0:
                    ad:5c:b0:bd:bb:c3:98:5a:5e:66:4c:75:11:08:11:
                    4b:e8:e5:6e:07:66:5e:6c:58:90:28:2e:aa:84:88:
                    7e:14:03:ce:2c:62:d3:e6:38:f1:5a:89:18:ff:11:
                    06:cc:65:3c:2e:c0:b8:75:39:ce:b5:2d:22:51:7f:
                    c5:51:68:28:e7:53:2f:c6:3c:76:03:aa:7c:5e:e6:
                    c8:d0:ed:47:93:37:2f:08:9b:0d:a1:2b:83:bd:7e:
                    e3:43:4b:42:38:c2:44:fa:1f:40:d0:43:51:99:ef:
                    b1:82:fa:e8:10:b2:a4:6a:48:33:fb:10:aa:63:00:
                    77:15:f6:78:00:5d:af:19:ac:06:80:60:a6:a5:ac:
                    f5:d2:04:38:15:cf:53:c3:be:4a:0b:4d:bb:5b:cd:
                    bc:1a:39:a1:39:e0:da:47:64:b4:c2:ac:53:06:0e:
                    92:e3:e1:8b:d3:66:81:74:7a:62:9e:58:05:b6:5f:
                    e5:f1:1e:1b:c2:9d:81:38:b2:b0:32:bc:31:1e:59:
                    3c:f8:a3:bd:f1:c9:69:4e:21:f1:9a:6b:82:c8:27:
                    55:14:44:5b:71:01:e1:76:8b:31:00:02:52:ee:a8:
                    af:74:07:08:86:93:af:1b:22:29:9b:b5:e8:13:f8:
                    e9:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:C4:71:1E:6B:B4:8B:0B:0F:2B:68:F1:E0:FC:13:DD:3C:22:1B:C8
            X509v3 Authority Key Identifier:
                keyid:7C:23:80:D7:64:A9:61:1D:FE:2F:BC:0C:E0:CC:40:49:6E:C1:E8:3E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fCOA12SpYR3-L7wM4MxASW7B6D4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/85fa84-5d99-4aa8-8753-5d8ca63681ad/1/asRxHmu0iwsPK2jx4PwT3TwiG8g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/85fa84-5d99-4aa8-8753-5d8ca63681ad/1/fCOA12SpYR3-L7wM4MxASW7B6D4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.26.223.0/24

    Signature Algorithm: sha256WithRSAEncryption
         20:7e:2b:13:e7:9a:00:68:23:44:ed:6e:36:c6:b3:ee:d7:ca:
         70:c2:0d:a4:d1:42:01:7b:53:ce:b0:0d:f5:18:84:a1:24:ec:
         80:02:7c:ef:a3:b8:4d:f2:22:6e:a3:25:a3:d8:12:04:01:00:
         48:4f:e2:0b:b3:3b:11:69:ff:40:39:46:95:0c:98:b1:8b:f2:
         46:8c:8b:9c:25:0a:a1:b5:05:4a:ed:70:d4:dd:5a:78:60:aa:
         78:b4:84:0a:2c:69:fe:5d:1f:a3:a4:f6:87:ec:b8:da:79:ae:
         ac:e7:16:15:65:99:cc:73:1a:59:98:9b:06:f7:03:95:ba:d7:
         93:8a:6c:d7:dc:3e:0a:04:23:a0:3c:10:2c:17:fe:cf:b0:e0:
         c5:05:cc:18:c7:d3:08:55:4c:38:ae:32:24:3b:de:13:9f:00:
         80:18:1a:41:28:4f:02:31:44:7d:cc:b2:83:ba:cc:be:8c:8e:
         54:bd:8c:1f:b6:5a:8f:f4:47:97:b4:64:fe:ca:2f:f5:99:04:
         95:23:0e:bc:20:bf:00:a6:87:b4:46:89:30:d3:32:4c:1e:df:
         eb:23:84:c5:a7:80:36:dd:f8:da:96:e8:6b:91:ec:a6:6b:61:
         71:e2:36:41:bb:9c:64:38:c4:91:45:bb:a8:19:b3:74:0f:e8:
         97:b5:a9:99
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtLy5/acK0HQ2/qyTllwMTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjMjM4MGQ3NjRhOTYxMWRmZTJmYmMwY2UwY2M0MDQ5NmVj
MWU4M2UwHhcNMjMwMTAxMTE1NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWM0NzExZTZiYjQ4YjBiMGYyYjY4ZjFlMGZjMTNkZDNjMjIxYmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmNmShUnhp+dLjt2ONKCtXLC9u8OY
Wl5mTHURCBFL6OVuB2ZebFiQKC6qhIh+FAPOLGLT5jjxWokY/xEGzGU8LsC4dTnO
tS0iUX/FUWgo51Mvxjx2A6p8XubI0O1HkzcvCJsNoSuDvX7jQ0tCOMJE+h9A0ENR
me+xgvroELKkakgz+xCqYwB3FfZ4AF2vGawGgGCmpaz10gQ4Fc9Tw75KC027W828
GjmhOeDaR2S0wqxTBg6S4+GL02aBdHpinlgFtl/l8R4bwp2BOLKwMrwxHlk8+KO9
8clpTiHxmmuCyCdVFERbcQHhdosxAAJS7qivdAcIhpOvGyIpm7XoE/jpzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGrEcR5rtIsLDyto8eD8E908IhvIMB8GA1UdIwQY
MBaAFHwjgNdkqWEd/i+8DODMQEluweg+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkNPQTEyU3BZUjMtTDd3TTRNeEFTVzdCNkQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy84NWZhODQtNWQ5OS00YWE4LTg3NTMt
NWQ4Y2E2MzY4MWFkLzEvYXNSeEhtdTBpd3NQSzJqeDRQd1QzVHdpRzhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy84NWZhODQtNWQ5OS00YWE4LTg3NTMtNWQ4Y2E2MzY4MWFk
LzEvZkNPQTEyU3BZUjMtTDd3TTRNeEFTVzdCNkQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuRrfMA0G
CSqGSIb3DQEBCwUAA4IBAQAgfisT55oAaCNE7W42xrPu18pwwg2k0UIBe1POsA31
GIShJOyAAnzvo7hN8iJuoyWj2BIEAQBIT+ILszsRaf9AOUaVDJixi/JGjIucJQqh
tQVK7XDU3Vp4YKp4tIQKLGn+XR+jpPaH7Ljaea6s5xYVZZnMcxpZmJsG9wOVuteT
imzX3D4KBCOgPBAsF/7PsODFBcwYx9MIVUw4rjIkO94TnwCAGBpBKE8CMUR9zLKD
usy+jI5UvYwftlqP9EeXtGT+yi/1mQSVIw68IL8Apoe0Rokw0zJMHt/rI4TFp4A2
3fjaluhrkeyma2Fx4jZBu5xkOMSRRbuoGbN0D+iXtamZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:15 2024 by rpki-client on console-fra.rpki-client.org