Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/105e23-6ce6-4ce0-93fa-bf6e97ddd079/1/_8uYwwry6JUXTc5sIdJlyh85rLg.roa
File:                     _8uYwwry6JUXTc5sIdJlyh85rLg.roa (raw, json)
Hash identifier:          BTbORrSur7AjSHESXAA3kbVdJgQty11MwXE/wMSoMro=
Subject key identifier:   FF:CB:98:C3:0A:F2:E8:95:17:4D:CE:6C:21:D2:65:CA:1F:39:AC:B8
Certificate issuer:       /CN=617cd8d48b5d15667bf131396d4a6c59d7d167c0
Certificate serial:       01856ED4B06A2568724E1DA890CF7879E040
Authority key identifier: 61:7C:D8:D4:8B:5D:15:66:7B:F1:31:39:6D:4A:6C:59:D7:D1:67:C0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YXzY1ItdFWZ78TE5bUpsWdfRZ8A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4c/105e23-6ce6-4ce0-93fa-bf6e97ddd079/1/_8uYwwry6JUXTc5sIdJlyh85rLg.roa
Signing time:             Sun 01 Jan 2023 19:35:10 +0000
ROA not before:           Sun 01 Jan 2023 19:35:10 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211316
IP address blocks:        147.12.16.0/20 maxlen: 24
                          185.101.196.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:29:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:d4:b0:6a:25:68:72:4e:1d:a8:90:cf:78:79:e0:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=617cd8d48b5d15667bf131396d4a6c59d7d167c0
        Validity
            Not Before: Jan  1 19:35:10 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ffcb98c30af2e895174dce6c21d265ca1f39acb8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:fe:e8:85:1b:56:74:7d:90:6f:cd:d4:b9:91:
                    31:fe:f0:e8:f1:c6:30:ee:0f:a9:89:ec:a2:ad:b2:
                    83:7c:41:7e:fe:fa:b3:fb:d3:28:17:17:20:2f:38:
                    46:83:32:36:ea:5b:9e:af:b4:e2:54:cd:1d:0f:b8:
                    68:5e:e4:6c:d4:48:a7:a1:9c:1a:8c:a3:44:0f:8a:
                    a4:bc:71:26:de:28:ff:f3:96:e5:f6:c7:ba:43:0c:
                    56:08:ed:1f:d2:a9:6d:68:6f:b6:75:f8:23:f4:bf:
                    ac:72:8b:bf:5f:c6:2a:ee:ee:55:a6:6a:0d:9e:36:
                    a1:30:b2:dc:b9:b2:20:ca:04:72:bd:01:95:a7:b3:
                    ab:3e:9f:c6:ff:f1:09:21:0d:c8:de:19:c4:27:48:
                    a3:e4:23:a3:4c:95:04:ba:0e:c6:9e:1c:40:ab:bc:
                    fe:8b:6b:bf:c8:c0:ff:3f:98:7b:cf:f8:12:b0:45:
                    d0:1c:fd:1c:29:d7:15:a6:16:0e:10:0c:50:54:5b:
                    91:21:f6:f3:8a:d4:e8:f8:c3:29:26:93:e9:3c:89:
                    9c:fe:c1:7b:2f:ea:a4:83:ed:8b:9a:0d:ea:f2:00:
                    b7:fb:5a:08:24:0e:32:68:81:39:4a:6e:08:bf:81:
                    06:19:94:26:2e:42:da:72:aa:ba:42:81:51:8b:c0:
                    c4:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:CB:98:C3:0A:F2:E8:95:17:4D:CE:6C:21:D2:65:CA:1F:39:AC:B8
            X509v3 Authority Key Identifier:
                keyid:61:7C:D8:D4:8B:5D:15:66:7B:F1:31:39:6D:4A:6C:59:D7:D1:67:C0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YXzY1ItdFWZ78TE5bUpsWdfRZ8A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/105e23-6ce6-4ce0-93fa-bf6e97ddd079/1/_8uYwwry6JUXTc5sIdJlyh85rLg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/105e23-6ce6-4ce0-93fa-bf6e97ddd079/1/YXzY1ItdFWZ78TE5bUpsWdfRZ8A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  147.12.16.0/20
                  185.101.196.0/22

    Signature Algorithm: sha256WithRSAEncryption
         5d:c5:af:e7:29:16:41:13:10:bb:79:09:1e:18:3a:6e:a4:90:
         4d:9c:45:69:0b:85:95:44:2a:f2:52:13:db:19:39:39:15:87:
         ee:cc:1c:de:cd:8c:89:42:9e:56:c2:08:b6:ed:5d:73:26:8c:
         90:c7:34:75:33:f1:07:17:c8:76:48:b5:36:46:ad:63:b8:f9:
         28:56:d0:91:9d:9c:8e:3c:66:31:c7:98:f6:55:1f:84:ac:f5:
         98:2b:34:5a:d7:6a:ca:fb:58:47:35:1d:cd:72:25:c1:69:80:
         0d:89:db:26:8c:83:f3:8f:99:8a:01:5c:95:97:49:c4:87:91:
         dd:61:7f:10:04:5f:50:80:1e:c0:1d:00:4a:7f:75:40:af:94:
         81:a8:71:58:4a:39:9b:86:78:f6:cc:c6:74:93:81:54:87:63:
         90:60:ce:e1:21:7f:38:d1:9d:66:b4:3c:4d:c3:4e:ae:b3:b7:
         6a:1f:a7:fb:9f:57:ec:cf:0a:e7:09:71:77:60:32:78:53:f6:
         4a:fc:cc:50:7b:f3:8a:9f:33:b5:bb:f8:f1:e4:23:71:13:db:
         75:5c:61:6d:e6:46:4d:9b:67:35:cb:a4:80:f1:74:cc:2b:85:
         b3:bc:38:3a:a5:48:2d:24:9d:ab:e4:5b:93:ea:aa:eb:dd:c9:
         f3:8c:45:61
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVu1LBqJWhyTh2okM94eeBAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxN2NkOGQ0OGI1ZDE1NjY3YmYxMzEzOTZkNGE2YzU5ZDdk
MTY3YzAwHhcNMjMwMTAxMTkzNTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmNiOThjMzBhZjJlODk1MTc0ZGNlNmMyMWQyNjVjYTFmMzlhY2I4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq/7ohRtWdH2Qb83UuZEx/vDo8cYw
7g+pieyirbKDfEF+/vqz+9MoFxcgLzhGgzI26luer7TiVM0dD7hoXuRs1EinoZwa
jKNED4qkvHEm3ij/85bl9se6QwxWCO0f0qltaG+2dfgj9L+scou/X8Yq7u5VpmoN
njahMLLcubIgygRyvQGVp7OrPp/G//EJIQ3I3hnEJ0ij5COjTJUEug7GnhxAq7z+
i2u/yMD/P5h7z/gSsEXQHP0cKdcVphYOEAxQVFuRIfbzitTo+MMpJpPpPImc/sF7
L+qkg+2Lmg3q8gC3+1oIJA4yaIE5Sm4Iv4EGGZQmLkLacqq6QoFRi8DExQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFP/LmMMK8uiVF03ObCHSZcofOay4MB8GA1UdIwQY
MBaAFGF82NSLXRVme/ExOW1KbFnX0WfAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVh6WTFJdGRGV1o3OFRFNWJVcHNXZGZSWjhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8xMDVlMjMtNmNlNi00Y2UwLTkzZmEt
YmY2ZTk3ZGRkMDc5LzEvXzh1WXd3cnk2SlVYVGM1c0lkSmx5aDg1ckxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8xMDVlMjMtNmNlNi00Y2UwLTkzZmEtYmY2ZTk3ZGRkMDc5
LzEvWVh6WTFJdGRGV1o3OFRFNWJVcHNXZGZSWjhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEkwwQAwQC
uWXEMA0GCSqGSIb3DQEBCwUAA4IBAQBdxa/nKRZBExC7eQkeGDpupJBNnEVpC4WV
RCryUhPbGTk5FYfuzBzezYyJQp5Wwgi27V1zJoyQxzR1M/EHF8h2SLU2Rq1juPko
VtCRnZyOPGYxx5j2VR+ErPWYKzRa12rK+1hHNR3NciXBaYANidsmjIPzj5mKAVyV
l0nEh5HdYX8QBF9QgB7AHQBKf3VAr5SBqHFYSjmbhnj2zMZ0k4FUh2OQYM7hIX84
0Z1mtDxNw06us7dqH6f7n1fszwrnCXF3YDJ4U/ZK/MxQe/OKnzO1u/jx5CNxE9t1
XGFt5kZNm2c1y6SA8XTMK4WzvDg6pUgtJJ2r5FuT6qrr3cnzjEVh
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:20 2024 by rpki-client on console-ams.rpki-client.org