Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/9ca446-fc5c-4746-b26f-30ce83701b39/1/Iubv774kBsL8wFNqT041JrAtc7g.roa
File:                     Iubv774kBsL8wFNqT041JrAtc7g.roa (raw, json)
Hash identifier:          qlMngkDpZQM0/JHwuo6Ss56ZgmKEke7osn8bEG1p4a8=
Subject key identifier:   22:E6:EF:EF:BE:24:06:C2:FC:C0:53:6A:4F:4E:35:26:B0:2D:73:B8
Certificate issuer:       /CN=3433ae1c60672c7591a8f97d68f79fb2a5ee8da7
Certificate serial:       01857067560AF26A987C106B411F8C4B2528
Authority key identifier: 34:33:AE:1C:60:67:2C:75:91:A8:F9:7D:68:F7:9F:B2:A5:EE:8D:A7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NDOuHGBnLHWRqPl9aPefsqXujac.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/9ca446-fc5c-4746-b26f-30ce83701b39/1/Iubv774kBsL8wFNqT041JrAtc7g.roa
Signing time:             Mon 02 Jan 2023 02:54:58 +0000
ROA not before:           Mon 02 Jan 2023 02:54:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204770
IP address blocks:        185.8.106.0/23 maxlen: 32

Validation:               Failed, certificate revoked on Fri 24 Mar 2023 06:35:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:67:56:0a:f2:6a:98:7c:10:6b:41:1f:8c:4b:25:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3433ae1c60672c7591a8f97d68f79fb2a5ee8da7
        Validity
            Not Before: Jan  2 02:54:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=22e6efefbe2406c2fcc0536a4f4e3526b02d73b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:43:dd:bf:b1:bf:20:79:47:7a:66:56:a2:13:
                    84:32:4c:d8:72:de:aa:dc:c6:e9:c0:99:02:43:d4:
                    59:22:ac:29:1a:ad:1a:fc:5b:ac:64:51:d6:cb:eb:
                    30:4d:f6:00:06:dc:4b:af:85:ba:04:ca:e5:7a:d2:
                    29:0c:23:a6:21:33:33:0e:8f:34:a2:4b:b7:54:c3:
                    1d:bd:78:9c:ee:b7:12:7e:ae:2c:1e:a0:a9:83:68:
                    de:d4:dc:d9:c9:25:50:e1:4f:57:ba:c5:93:35:8e:
                    c1:56:08:5d:36:b1:f4:47:8c:56:31:4e:f4:7a:ca:
                    65:75:cf:8f:e9:7a:d0:43:f5:cc:98:b9:b2:e8:70:
                    44:5b:e3:fc:96:e1:f9:8c:09:3d:0a:a5:8b:d0:bf:
                    98:fd:85:89:2b:a8:45:fb:b0:e1:7d:fa:7c:59:ec:
                    f9:3a:4b:6b:d5:f4:70:6f:4e:65:75:09:9c:27:a8:
                    11:db:3d:f1:70:83:2e:85:05:17:48:83:2a:8e:9a:
                    b3:67:2e:49:55:74:dc:3a:fe:18:4e:c3:bd:49:f9:
                    51:94:e1:04:e7:74:43:58:87:2e:6a:b1:ee:fc:cf:
                    c7:98:65:55:3e:f0:9d:cd:16:7d:76:7f:31:bd:52:
                    8b:8c:2a:45:41:f2:52:5e:10:19:7f:96:2a:2a:b4:
                    e1:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:E6:EF:EF:BE:24:06:C2:FC:C0:53:6A:4F:4E:35:26:B0:2D:73:B8
            X509v3 Authority Key Identifier:
                keyid:34:33:AE:1C:60:67:2C:75:91:A8:F9:7D:68:F7:9F:B2:A5:EE:8D:A7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NDOuHGBnLHWRqPl9aPefsqXujac.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/9ca446-fc5c-4746-b26f-30ce83701b39/1/Iubv774kBsL8wFNqT041JrAtc7g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/9ca446-fc5c-4746-b26f-30ce83701b39/1/NDOuHGBnLHWRqPl9aPefsqXujac.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.8.106.0/23

    Signature Algorithm: sha256WithRSAEncryption
         01:dd:83:65:d3:90:4b:c9:3a:f9:ba:f0:b2:f4:8c:29:89:ba:
         87:67:df:01:74:8f:b1:76:43:64:62:f8:30:66:68:8f:93:9b:
         ca:6d:a4:e3:cc:f8:7a:27:85:d3:75:6a:2d:67:32:34:a4:66:
         a0:70:d5:d5:8a:1d:1d:b4:89:81:9a:a7:6d:1f:65:0c:c6:7e:
         d9:b0:9d:03:ed:20:b6:35:60:38:54:40:ec:e5:26:3d:20:68:
         0b:2b:09:a7:de:d9:93:66:72:e5:f2:e1:98:f1:8c:0f:f4:26:
         1f:4f:78:ce:82:c9:8c:f3:de:4f:fd:f4:1e:70:f6:2f:d0:5b:
         13:c1:39:02:d3:75:58:63:95:7b:ad:29:58:04:0d:04:e5:7f:
         d9:79:bf:13:b9:80:d2:fc:af:35:a5:b0:83:b9:04:37:19:2a:
         89:ba:68:f6:c9:d2:5f:a0:2c:46:15:7d:07:20:fd:9e:bd:20:
         9a:b2:4f:a6:71:a4:c6:02:f6:fd:f5:a5:ad:55:0c:ae:1e:75:
         86:d0:9f:42:6e:e7:ec:d5:72:37:fc:a3:27:68:70:04:14:5d:
         ac:85:8c:e2:5f:de:d6:21:0b:ed:40:ad:2c:3c:c5:62:f6:3f:
         36:97:65:d3:e5:e2:62:21:20:b4:70:d9:73:ab:19:c0:85:c0:
         2d:3b:49:19
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwZ1YK8mqYfBBrQR+MSyUoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MzNhZTFjNjA2NzJjNzU5MWE4Zjk3ZDY4Zjc5ZmIyYTVl
ZThkYTcwHhcNMjMwMTAyMDI1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmU2ZWZlZmJlMjQwNmMyZmNjMDUzNmE0ZjRlMzUyNmIwMmQ3M2I4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA60Pdv7G/IHlHemZWohOEMkzYct6q
3MbpwJkCQ9RZIqwpGq0a/FusZFHWy+swTfYABtxLr4W6BMrletIpDCOmITMzDo80
oku3VMMdvXic7rcSfq4sHqCpg2je1NzZySVQ4U9XusWTNY7BVghdNrH0R4xWMU70
espldc+P6XrQQ/XMmLmy6HBEW+P8luH5jAk9CqWL0L+Y/YWJK6hF+7Dhffp8Wez5
Oktr1fRwb05ldQmcJ6gR2z3xcIMuhQUXSIMqjpqzZy5JVXTcOv4YTsO9SflRlOEE
53RDWIcuarHu/M/HmGVVPvCdzRZ9dn8xvVKLjCpFQfJSXhAZf5YqKrThywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCLm7+++JAbC/MBTak9ONSawLXO4MB8GA1UdIwQY
MBaAFDQzrhxgZyx1kaj5fWj3n7Kl7o2nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkRPdUhHQm5MSFdScVBsOWFQZWZzcVh1amFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My85Y2E0NDYtZmM1Yy00NzQ2LWIyNmYt
MzBjZTgzNzAxYjM5LzEvSXVidjc3NGtCc0w4d0ZOcVQwNDFKckF0YzdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My85Y2E0NDYtZmM1Yy00NzQ2LWIyNmYtMzBjZTgzNzAxYjM5
LzEvTkRPdUhHQm5MSFdScVBsOWFQZWZzcVh1amFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuQhqMA0G
CSqGSIb3DQEBCwUAA4IBAQAB3YNl05BLyTr5uvCy9IwpibqHZ98BdI+xdkNkYvgw
ZmiPk5vKbaTjzPh6J4XTdWotZzI0pGagcNXVih0dtImBmqdtH2UMxn7ZsJ0D7SC2
NWA4VEDs5SY9IGgLKwmn3tmTZnLl8uGY8YwP9CYfT3jOgsmM895P/fQecPYv0FsT
wTkC03VYY5V7rSlYBA0E5X/Zeb8TuYDS/K81pbCDuQQ3GSqJumj2ydJfoCxGFX0H
IP2evSCask+mcaTGAvb99aWtVQyuHnWG0J9Cbufs1XI3/KMnaHAEFF2shYziX97W
IQvtQK0sPMVi9j82l2XT5eJiISC0cNlzqxnAhcAtO0kZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:13 2024 by rpki-client on console-fra.rpki-client.org