Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/33154b-2941-4f70-8133-d48450521dd9/1/OCev8i621gS8gBDGZ_g_kqtFO_g.roa
File:                     OCev8i621gS8gBDGZ_g_kqtFO_g.roa (raw, json)
Hash identifier:          6DVmUJ4t8czN2Q2R0nhDh5RRhOYXW+TCY6WFuxiO7GM=
Subject key identifier:   38:27:AF:F2:2E:B6:D6:04:BC:80:10:C6:67:F8:3F:92:AB:45:3B:F8
Certificate issuer:       /CN=b2cd035fab18a4b7826144563f60e7898a4ef0f1
Certificate serial:       01856F02327AA5B1AE06F5D89F6D26D92ABF
Authority key identifier: B2:CD:03:5F:AB:18:A4:B7:82:61:44:56:3F:60:E7:89:8A:4E:F0:F1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ss0DX6sYpLeCYURWP2DniYpO8PE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/33154b-2941-4f70-8133-d48450521dd9/1/OCev8i621gS8gBDGZ_g_kqtFO_g.roa
Signing time:             Sun 01 Jan 2023 20:24:53 +0000
ROA not before:           Sun 01 Jan 2023 20:24:53 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212731
IP address blocks:        185.49.230.0/24 maxlen: 24
                          2a10:56c0::/29 maxlen: 29

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:31:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:02:32:7a:a5:b1:ae:06:f5:d8:9f:6d:26:d9:2a:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b2cd035fab18a4b7826144563f60e7898a4ef0f1
        Validity
            Not Before: Jan  1 20:24:53 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3827aff22eb6d604bc8010c667f83f92ab453bf8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:b0:44:11:88:e6:9f:e9:df:65:35:e4:f9:a1:
                    04:f3:52:f2:14:85:85:3f:d6:7a:50:f3:25:09:e5:
                    4a:43:50:9b:fe:55:9e:47:84:4a:a9:e5:47:64:ff:
                    0b:45:e8:c6:02:ec:95:38:5b:c0:71:6d:4b:a8:a7:
                    92:70:58:5c:de:f5:59:3f:98:92:b0:2b:cd:d1:ac:
                    e2:79:fd:db:54:86:af:09:75:25:d2:b6:b0:5d:f4:
                    a0:27:23:ba:92:ec:f6:6f:e7:58:b9:60:07:dd:c9:
                    89:f4:f6:65:17:e9:72:b3:04:5b:b3:30:f7:27:10:
                    ab:b3:be:96:0c:78:d1:14:39:2f:ec:bc:26:3c:01:
                    63:9c:12:54:a3:d1:a8:24:65:63:a8:d3:61:2e:68:
                    12:31:17:ed:78:27:7c:91:a8:a6:7d:f9:23:ac:95:
                    d2:6e:aa:19:be:24:e2:a3:14:b2:b2:e6:69:53:08:
                    67:d5:5e:0a:54:e2:6c:96:54:4c:88:13:1c:29:0d:
                    2d:8c:03:d8:49:26:b1:cc:fb:05:a3:3b:cf:38:76:
                    1a:12:ca:74:58:d7:c3:5f:61:fd:2b:e4:86:86:04:
                    27:a4:c6:3c:d6:94:3a:b2:16:86:5a:f7:3f:30:f0:
                    a1:f1:3e:4c:b6:7d:40:d8:a7:cd:9a:6d:69:3d:c3:
                    36:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:27:AF:F2:2E:B6:D6:04:BC:80:10:C6:67:F8:3F:92:AB:45:3B:F8
            X509v3 Authority Key Identifier:
                keyid:B2:CD:03:5F:AB:18:A4:B7:82:61:44:56:3F:60:E7:89:8A:4E:F0:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ss0DX6sYpLeCYURWP2DniYpO8PE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/33154b-2941-4f70-8133-d48450521dd9/1/OCev8i621gS8gBDGZ_g_kqtFO_g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/33154b-2941-4f70-8133-d48450521dd9/1/ss0DX6sYpLeCYURWP2DniYpO8PE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.49.230.0/24
                IPv6:
                  2a10:56c0::/29

    Signature Algorithm: sha256WithRSAEncryption
         a9:8e:5b:5e:8c:52:d5:5a:14:15:73:24:52:0b:e3:7e:c6:c0:
         1e:73:db:d9:aa:3c:30:0f:d8:02:d6:13:f3:db:89:4c:5f:f5:
         aa:f9:1e:05:c6:96:80:a3:09:55:00:a4:46:c2:eb:92:5b:06:
         de:e6:c7:09:e9:e3:09:61:5f:2a:cc:21:0a:28:a5:c6:52:7c:
         a1:27:f6:43:14:c7:b3:c0:81:7b:08:87:62:80:49:6e:81:2e:
         9b:92:9c:bd:05:89:66:65:0f:4f:e8:cc:b0:20:6a:b8:d7:87:
         7e:b3:59:fe:94:38:31:13:ee:bd:f9:06:2a:00:b4:de:6e:8a:
         66:e8:b0:41:f6:19:a7:03:f1:a2:3c:3a:cd:92:ab:f0:9a:eb:
         f6:c6:86:49:b8:8c:7e:26:af:ec:0f:7e:39:76:7a:27:73:74:
         d4:24:3d:a3:ab:88:ed:d7:97:9b:c6:d2:2b:45:c5:f7:9b:f1:
         29:e7:ba:43:61:0c:7a:98:77:a1:a4:cd:54:8f:37:78:71:90:
         0c:d7:39:64:5e:b1:0d:c8:7b:12:b6:db:49:d3:06:48:af:36:
         ec:27:2a:07:e8:84:35:01:60:4c:ed:6d:06:7b:b9:cf:ee:e7:
         8d:ca:da:56:e6:db:78:3f:01:97:70:ba:6b:13:37:5a:d3:4f:
         0d:cb:b7:45
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvAjJ6pbGuBvXYn20m2Sq/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyY2QwMzVmYWIxOGE0Yjc4MjYxNDQ1NjNmNjBlNzg5OGE0
ZWYwZjEwHhcNMjMwMTAxMjAyNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODI3YWZmMjJlYjZkNjA0YmM4MDEwYzY2N2Y4M2Y5MmFiNDUzYmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmrBEEYjmn+nfZTXk+aEE81LyFIWF
P9Z6UPMlCeVKQ1Cb/lWeR4RKqeVHZP8LRejGAuyVOFvAcW1LqKeScFhc3vVZP5iS
sCvN0azief3bVIavCXUl0rawXfSgJyO6kuz2b+dYuWAH3cmJ9PZlF+lyswRbszD3
JxCrs76WDHjRFDkv7LwmPAFjnBJUo9GoJGVjqNNhLmgSMRfteCd8kaimffkjrJXS
bqoZviTioxSysuZpUwhn1V4KVOJsllRMiBMcKQ0tjAPYSSaxzPsFozvPOHYaEsp0
WNfDX2H9K+SGhgQnpMY81pQ6shaGWvc/MPCh8T5Mtn1A2KfNmm1pPcM2OwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDgnr/IuttYEvIAQxmf4P5KrRTv4MB8GA1UdIwQY
MBaAFLLNA1+rGKS3gmFEVj9g54mKTvDxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3MwRFg2c1lwTGVDWVVSV1AyRG5pWXBPOFBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zMzE1NGItMjk0MS00ZjcwLTgxMzMt
ZDQ4NDUwNTIxZGQ5LzEvT0NldjhpNjIxZ1M4Z0JER1pfZ19rcXRGT19nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zMzE1NGItMjk0MS00ZjcwLTgxMzMtZDQ4NDUwNTIxZGQ5
LzEvc3MwRFg2c1lwTGVDWVVSV1AyRG5pWXBPOFBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuTHmMA0E
AgACMAcDBQMqEFbAMA0GCSqGSIb3DQEBCwUAA4IBAQCpjltejFLVWhQVcyRSC+N+
xsAec9vZqjwwD9gC1hPz24lMX/Wq+R4FxpaAowlVAKRGwuuSWwbe5scJ6eMJYV8q
zCEKKKXGUnyhJ/ZDFMezwIF7CIdigElugS6bkpy9BYlmZQ9P6MywIGq414d+s1n+
lDgxE+69+QYqALTebopm6LBB9hmnA/GiPDrNkqvwmuv2xoZJuIx+Jq/sD345dnon
c3TUJD2jq4jt15ebxtIrRcX3m/Ep57pDYQx6mHehpM1Ujzd4cZAM1zlkXrENyHsS
tttJ0wZIrzbsJyoH6IQ1AWBM7W0Ge7nP7ueNytpW5tt4PwGXcLprEzda008Ny7dF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:47 2024 by rpki-client on console-fra.rpki-client.org