Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/e66913-8f5f-47ef-a730-32c1b2cee593/1/2NjWE2MoDNot3r92k9ujF_V1SWc.roa
File:                     2NjWE2MoDNot3r92k9ujF_V1SWc.roa (raw, json)
Hash identifier:          hRHdnydilYWi1Ov0zoeRn/jBTuAUwyJI2QjLLWVgc4E=
Subject key identifier:   D8:D8:D6:13:63:28:0C:DA:2D:DE:BF:76:93:DB:A3:17:F5:75:49:67
Certificate issuer:       /CN=658c0c499a8e69d9795f4bd0b5bf1682b1f00f9a
Certificate serial:       018BB111366881C0902783DBC112713C9D57
Authority key identifier: 65:8C:0C:49:9A:8E:69:D9:79:5F:4B:D0:B5:BF:16:82:B1:F0:0F:9A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZYwMSZqOadl5X0vQtb8WgrHwD5o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/47/e66913-8f5f-47ef-a730-32c1b2cee593/1/2NjWE2MoDNot3r92k9ujF_V1SWc.roa
Signing time:             Wed 08 Nov 2023 22:32:57 +0000
ROA not before:           Wed 08 Nov 2023 22:32:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     205147
IP address blocks:        185.8.97.0/24 maxlen: 24
                          185.8.98.0/24 maxlen: 24
                          185.8.96.0/24 maxlen: 24
                          185.8.96.0/22 maxlen: 24
                          185.8.99.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:33:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:b1:11:36:68:81:c0:90:27:83:db:c1:12:71:3c:9d:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=658c0c499a8e69d9795f4bd0b5bf1682b1f00f9a
        Validity
            Not Before: Nov  8 22:32:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d8d8d61363280cda2ddebf7693dba317f5754967
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:75:cf:7f:8b:11:86:bf:e4:f7:21:f7:a4:a8:
                    d1:ae:5a:f4:7f:35:59:1f:5b:a1:91:b2:9e:e1:b6:
                    b4:2d:4f:69:e7:98:15:6f:b2:d3:af:8d:28:b6:bd:
                    11:e1:ad:96:c1:fc:70:41:90:b3:b9:49:3f:b7:d4:
                    ce:d7:40:1d:e7:60:75:1c:00:e8:65:e5:64:c9:56:
                    a6:63:5a:bc:33:d3:a1:35:ff:28:cb:18:b0:66:87:
                    2f:23:76:ee:af:6d:e3:79:98:35:26:a2:3d:56:75:
                    40:f1:de:07:92:0c:0d:b0:ed:47:e8:a8:f4:51:63:
                    a2:07:4c:84:bf:8f:5d:e3:23:3a:7f:0c:50:06:a1:
                    c2:a4:b2:3a:23:01:b2:e3:80:98:95:de:e0:7f:c0:
                    4b:64:e4:1d:23:9c:3b:2f:82:62:71:8b:5c:91:12:
                    80:a7:22:69:e1:6b:95:7c:5f:3a:61:81:27:46:14:
                    e9:fc:08:56:89:42:7d:cd:50:9a:8a:35:af:de:bd:
                    6d:ab:ad:f4:37:67:5b:62:86:0f:39:27:96:48:e7:
                    fc:04:30:9a:be:bd:cc:c7:7d:dd:29:8d:a7:89:4f:
                    19:61:92:79:db:e6:fb:40:2f:0a:1a:e5:ab:8f:e6:
                    50:84:eb:40:5a:6b:84:f6:62:08:72:e5:47:44:58:
                    88:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:D8:D6:13:63:28:0C:DA:2D:DE:BF:76:93:DB:A3:17:F5:75:49:67
            X509v3 Authority Key Identifier:
                keyid:65:8C:0C:49:9A:8E:69:D9:79:5F:4B:D0:B5:BF:16:82:B1:F0:0F:9A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZYwMSZqOadl5X0vQtb8WgrHwD5o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/e66913-8f5f-47ef-a730-32c1b2cee593/1/2NjWE2MoDNot3r92k9ujF_V1SWc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/47/e66913-8f5f-47ef-a730-32c1b2cee593/1/ZYwMSZqOadl5X0vQtb8WgrHwD5o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.8.96.0/22

    Signature Algorithm: sha256WithRSAEncryption
         32:69:11:f6:9a:21:e8:c7:e6:cd:c9:ec:a0:a9:a9:a4:fa:a8:
         3d:46:16:9d:13:ba:50:9e:b2:b8:5d:fb:cb:ae:0a:77:b3:bb:
         15:7f:40:65:cf:e6:13:49:5b:a1:c0:d9:27:bd:49:67:b3:d3:
         83:13:0c:99:bc:c2:37:fe:16:e7:64:ae:95:23:56:06:66:c3:
         83:b8:5e:75:63:27:c5:3e:25:fc:07:45:18:4f:99:1b:8b:7e:
         51:b1:07:bd:cd:f4:c0:74:b5:91:4d:32:fa:e3:ca:fc:18:a1:
         27:2a:20:13:86:df:39:56:f6:63:62:ca:6e:c3:01:a9:11:f8:
         0c:37:6a:28:5f:bb:e3:9a:8a:a9:a5:43:e2:55:3c:2a:e7:4b:
         98:7b:b4:ee:ec:89:b1:50:15:8e:32:5b:20:60:1d:73:cd:71:
         bf:a4:d7:97:66:cf:05:09:da:82:7c:5c:62:29:45:8e:f3:2a:
         46:de:76:7e:7f:55:10:41:82:83:82:69:12:09:3a:fe:29:d6:
         4a:36:78:28:aa:84:40:86:38:5a:3b:c9:79:c2:5f:16:bc:9b:
         53:5c:2c:08:c8:83:82:fa:17:ee:c7:1d:c7:e9:ae:5a:1f:28:
         b9:53:98:67:63:1c:21:47:72:5f:f6:b7:fc:99:42:96:f6:39:
         d1:05:21:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYuxETZogcCQJ4PbwRJxPJ1XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1OGMwYzQ5OWE4ZTY5ZDk3OTVmNGJkMGI1YmYxNjgyYjFm
MDBmOWEwHhcNMjMxMTA4MjIzMjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGQ4ZDYxMzYzMjgwY2RhMmRkZWJmNzY5M2RiYTMxN2Y1NzU0OTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgHXPf4sRhr/k9yH3pKjRrlr0fzVZ
H1uhkbKe4ba0LU9p55gVb7LTr40otr0R4a2WwfxwQZCzuUk/t9TO10Ad52B1HADo
ZeVkyVamY1q8M9OhNf8oyxiwZocvI3bur23jeZg1JqI9VnVA8d4HkgwNsO1H6Kj0
UWOiB0yEv49d4yM6fwxQBqHCpLI6IwGy44CYld7gf8BLZOQdI5w7L4JicYtckRKA
pyJp4WuVfF86YYEnRhTp/AhWiUJ9zVCaijWv3r1tq630N2dbYoYPOSeWSOf8BDCa
vr3Mx33dKY2niU8ZYZJ52+b7QC8KGuWrj+ZQhOtAWmuE9mIIcuVHRFiIEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNjY1hNjKAzaLd6/dpPboxf1dUlnMB8GA1UdIwQY
MBaAFGWMDEmajmnZeV9L0LW/FoKx8A+aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWll3TVNacU9hZGw1WDB2UXRiOFdnckh3RDVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9lNjY5MTMtOGY1Zi00N2VmLWE3MzAt
MzJjMWIyY2VlNTkzLzEvMk5qV0UyTW9ETm90M3I5Mms5dWpGX1YxU1djLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9lNjY5MTMtOGY1Zi00N2VmLWE3MzAtMzJjMWIyY2VlNTkz
LzEvWll3TVNacU9hZGw1WDB2UXRiOFdnckh3RDVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuQhgMA0G
CSqGSIb3DQEBCwUAA4IBAQAyaRH2miHox+bNyeygqamk+qg9RhadE7pQnrK4XfvL
rgp3s7sVf0Blz+YTSVuhwNknvUlns9ODEwyZvMI3/hbnZK6VI1YGZsODuF51YyfF
PiX8B0UYT5kbi35RsQe9zfTAdLWRTTL648r8GKEnKiATht85VvZjYspuwwGpEfgM
N2ooX7vjmoqppUPiVTwq50uYe7Tu7ImxUBWOMlsgYB1zzXG/pNeXZs8FCdqCfFxi
KUWO8ypG3nZ+f1UQQYKDgmkSCTr+KdZKNngoqoRAhjhaO8l5wl8WvJtTXCwIyIOC
+hfuxx3H6a5aHyi5U5hnYxwhR3Jf9rf8mUKW9jnRBSG0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:50 2024 by rpki-client on console-fra.rpki-client.org