Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/657197-c628-48b1-956d-effe955a5d64/1/8oEeQ5QLE1QzIm8B84tMDKbECrA.roa
File:                     8oEeQ5QLE1QzIm8B84tMDKbECrA.roa (raw, json)
Hash identifier:          wHnwQJA60JBmqKFjyD1sxwzzMXCbhA+dbSkvcICE/J4=
Subject key identifier:   F2:81:1E:43:94:0B:13:54:33:22:6F:01:F3:8B:4C:0C:A6:C4:0A:B0
Certificate issuer:       /CN=c1e8b88f1e30573a0e20e479d5ba00b4e91827b6
Certificate serial:       018CC8019C78E183C6E492FDB14D1A99CEBA
Authority key identifier: C1:E8:B8:8F:1E:30:57:3A:0E:20:E4:79:D5:BA:00:B4:E9:18:27:B6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/wei4jx4wVzoOIOR51boAtOkYJ7Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/50/657197-c628-48b1-956d-effe955a5d64/1/8oEeQ5QLE1QzIm8B84tMDKbECrA.roa
Signing time:             Tue 02 Jan 2024 02:29:57 +0000
ROA not before:           Tue 02 Jan 2024 02:29:57 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     31317
IP address blocks:        185.170.244.0/22 maxlen: 32
                          2a0a:b900::/29 maxlen: 29

Validation:               Failed, certificate revoked on Thu 18 Jul 2024 08:23:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:01:9c:78:e1:83:c6:e4:92:fd:b1:4d:1a:99:ce:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c1e8b88f1e30573a0e20e479d5ba00b4e91827b6
        Validity
            Not Before: Jan  2 02:29:57 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=f2811e43940b135433226f01f38b4c0ca6c40ab0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:78:ff:1d:6d:21:7a:bf:00:ad:51:09:70:83:
                    1d:7d:93:9e:3b:55:ab:ff:ae:05:dd:f8:49:a8:aa:
                    d2:b6:2d:8f:fa:b0:97:50:2e:01:62:0f:40:22:09:
                    dd:5e:be:83:d7:d6:d8:1e:4d:77:cf:de:2f:2e:00:
                    14:bb:1c:ae:39:a9:cf:3b:9a:63:ae:41:d7:60:c1:
                    ab:86:12:e7:48:a4:93:0f:8d:54:d9:c1:89:4b:09:
                    a6:bb:18:e9:4f:e8:c8:69:16:2d:78:be:ee:34:ab:
                    8f:37:bf:a7:cd:5d:78:73:57:10:1f:d0:ec:37:51:
                    c6:84:6f:2a:11:75:1a:c5:36:70:bd:c8:90:90:96:
                    b5:b5:c8:34:32:e6:b9:21:d8:06:4d:2f:4a:a8:a5:
                    d3:51:6c:51:be:a7:62:49:df:d7:5a:d7:12:c1:08:
                    5c:4e:35:54:53:bc:dc:f1:34:39:90:cc:25:63:f9:
                    4f:67:f9:51:54:51:e7:fd:45:94:0c:ff:5f:2a:e0:
                    c1:1b:88:98:33:72:29:0d:3d:c7:da:07:51:50:e5:
                    37:f5:f6:ea:e0:93:cc:2c:d9:2f:e8:d4:f6:a3:19:
                    75:3a:84:ff:7c:ad:6f:a0:e3:a8:d3:83:61:b4:6f:
                    a2:5a:ce:4b:21:9b:56:4a:2c:93:4f:a9:a4:b5:f1:
                    3a:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:81:1E:43:94:0B:13:54:33:22:6F:01:F3:8B:4C:0C:A6:C4:0A:B0
            X509v3 Authority Key Identifier:
                keyid:C1:E8:B8:8F:1E:30:57:3A:0E:20:E4:79:D5:BA:00:B4:E9:18:27:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wei4jx4wVzoOIOR51boAtOkYJ7Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/657197-c628-48b1-956d-effe955a5d64/1/8oEeQ5QLE1QzIm8B84tMDKbECrA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/50/657197-c628-48b1-956d-effe955a5d64/1/wei4jx4wVzoOIOR51boAtOkYJ7Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.170.244.0/22
                IPv6:
                  2a0a:b900::/29

    Signature Algorithm: sha256WithRSAEncryption
         a0:1c:af:68:9d:3f:f2:5d:28:c1:4c:ef:dd:e9:61:a7:d4:3f:
         9a:1e:26:ae:a9:4d:37:c8:58:36:0f:40:66:37:d4:b7:75:14:
         af:18:fa:fb:82:23:aa:eb:4f:65:99:2f:e3:cd:64:88:ac:05:
         3a:b7:52:c2:4b:52:aa:1f:d4:81:89:77:76:b4:11:3d:91:a7:
         f9:7e:d4:39:24:4a:45:7d:02:96:e3:43:44:70:6f:08:6f:98:
         c5:0b:15:71:e7:8b:fd:f4:0c:58:50:62:24:1e:66:37:a2:b2:
         68:12:a4:83:f8:21:46:b1:92:7c:98:c9:c4:09:49:85:61:b4:
         0a:5c:38:a9:c7:5f:e0:06:38:ee:42:00:6c:7a:cc:30:19:92:
         76:d1:31:9f:37:4d:61:90:d3:d1:ab:f6:f9:f6:9b:db:b4:d7:
         2c:51:9c:35:d2:ad:9f:b9:d8:ac:2f:6e:e1:01:4f:84:cc:fd:
         13:ef:ae:92:2a:22:61:7f:c0:b8:e1:48:cb:87:90:07:60:c3:
         a8:40:87:c0:74:9f:99:1e:32:9c:68:5a:58:44:50:9a:04:37:
         d2:22:20:41:5b:42:da:8a:e2:b2:ff:0d:0d:bf:b8:aa:a7:59:
         1c:8a:d5:ab:db:ba:53:0c:6e:5c:bc:73:78:5d:28:5b:fd:5f:
         e2:5f:f5:ac
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIAZx44YPG5JL9sU0amc66MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxZThiODhmMWUzMDU3M2EwZTIwZTQ3OWQ1YmEwMGI0ZTkx
ODI3YjYwHhcNMjQwMTAyMDIyOTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjgxMWU0Mzk0MGIxMzU0MzMyMjZmMDFmMzhiNGMwY2E2YzQwYWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwXj/HW0her8ArVEJcIMdfZOeO1Wr
/64F3fhJqKrSti2P+rCXUC4BYg9AIgndXr6D19bYHk13z94vLgAUuxyuOanPO5pj
rkHXYMGrhhLnSKSTD41U2cGJSwmmuxjpT+jIaRYteL7uNKuPN7+nzV14c1cQH9Ds
N1HGhG8qEXUaxTZwvciQkJa1tcg0Mua5IdgGTS9KqKXTUWxRvqdiSd/XWtcSwQhc
TjVUU7zc8TQ5kMwlY/lPZ/lRVFHn/UWUDP9fKuDBG4iYM3IpDT3H2gdRUOU39fbq
4JPMLNkv6NT2oxl1OoT/fK1voOOo04NhtG+iWs5LIZtWSiyTT6mktfE6ewIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPKBHkOUCxNUMyJvAfOLTAymxAqwMB8GA1UdIwQY
MBaAFMHouI8eMFc6DiDkedW6ALTpGCe2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2VpNGp4NHdWem9PSU9SNTFib0F0T2tZSjdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC82NTcxOTctYzYyOC00OGIxLTk1NmQt
ZWZmZTk1NWE1ZDY0LzEvOG9FZVE1UUxFMVF6SW04Qjg0dE1ES2JFQ3JBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC82NTcxOTctYzYyOC00OGIxLTk1NmQtZWZmZTk1NWE1ZDY0
LzEvd2VpNGp4NHdWem9PSU9SNTFib0F0T2tZSjdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuar0MA0E
AgACMAcDBQMqCrkAMA0GCSqGSIb3DQEBCwUAA4IBAQCgHK9onT/yXSjBTO/d6WGn
1D+aHiauqU03yFg2D0BmN9S3dRSvGPr7giOq609lmS/jzWSIrAU6t1LCS1KqH9SB
iXd2tBE9kaf5ftQ5JEpFfQKW40NEcG8Ib5jFCxVx54v99AxYUGIkHmY3orJoEqSD
+CFGsZJ8mMnECUmFYbQKXDipx1/gBjjuQgBseswwGZJ20TGfN01hkNPRq/b59pvb
tNcsUZw10q2fudisL27hAU+EzP0T766SKiJhf8C44UjLh5AHYMOoQIfAdJ+ZHjKc
aFpYRFCaBDfSIiBBW0LaiuKy/w0Nv7iqp1kcitWr27pTDG5cvHN4XShb/V/iX/Ws
-----END CERTIFICATE-----
Generated at Thu Jul 18 11:03:18 2024 by rpki-client on console-fra.rpki-client.org