Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/edcd12-3be2-4629-a559-e72fbddb7746/1/oNQa3NhuJncANY3Sch435KhFHB4.roa
File:                     oNQa3NhuJncANY3Sch435KhFHB4.roa (raw, json)
Hash identifier:          eay0bl1hhHlNARYXj5jtUrTt1kuAoQwiTwfHbA/yc+w=
Subject key identifier:   A0:D4:1A:DC:D8:6E:26:77:00:35:8D:D2:72:1E:37:E4:A8:45:1C:1E
Certificate issuer:       /CN=9705462cbfc8764777e6da31b595d7ccbfe38243
Certificate serial:       018571BA2306248AA90324ED7B275624A36F
Authority key identifier: 97:05:46:2C:BF:C8:76:47:77:E6:DA:31:B5:95:D7:CC:BF:E3:82:43
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lwVGLL_Idkd35toxtZXXzL_jgkM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/edcd12-3be2-4629-a559-e72fbddb7746/1/oNQa3NhuJncANY3Sch435KhFHB4.roa
Signing time:             Mon 02 Jan 2023 09:05:02 +0000
ROA not before:           Mon 02 Jan 2023 09:05:02 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     8758
IP address blocks:        185.96.76.0/22 maxlen: 22
                          2a05:ff80::/29 maxlen: 29

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:34:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:ba:23:06:24:8a:a9:03:24:ed:7b:27:56:24:a3:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9705462cbfc8764777e6da31b595d7ccbfe38243
        Validity
            Not Before: Jan  2 09:05:02 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a0d41adcd86e267700358dd2721e37e4a8451c1e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:9f:03:90:81:0e:a9:6b:91:82:6e:c4:a6:2b:
                    82:6f:d1:48:cd:e5:26:d9:10:11:d5:c1:99:16:83:
                    cc:be:34:40:f3:b9:40:f7:52:72:1c:ad:b6:b9:9a:
                    29:b9:ae:57:ba:ef:47:9a:72:40:7c:a3:d8:48:4f:
                    52:a1:37:0d:cb:50:3c:48:ca:39:eb:34:d9:bc:67:
                    01:21:89:b2:56:92:99:ee:d5:c0:a3:35:09:20:ac:
                    7b:90:23:ca:b1:37:3f:9f:6d:e5:34:a7:40:7e:ff:
                    44:20:83:a7:74:f6:62:6b:93:0d:68:72:91:ee:28:
                    0d:14:f4:b2:4c:a9:d3:e4:61:ad:79:b4:4d:9a:2b:
                    d9:51:a7:88:79:29:db:1e:5a:fa:21:2d:70:2c:3f:
                    49:c8:b3:08:3c:11:aa:4f:5f:31:49:92:d5:f1:31:
                    f6:28:dd:f4:df:95:da:c2:36:fe:60:52:c6:1a:34:
                    bb:33:6c:5a:44:3f:af:ad:86:8d:bc:d2:f0:5f:18:
                    ec:53:0a:91:a8:a4:0c:56:28:12:19:7f:ac:07:3b:
                    0d:04:96:3c:77:45:5c:c8:0a:93:ca:23:80:e8:6d:
                    24:f5:82:bd:ae:fe:98:c2:88:d4:9d:00:21:d3:d2:
                    89:f1:44:19:50:71:87:8b:61:0c:dc:c3:ea:43:03:
                    3f:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:D4:1A:DC:D8:6E:26:77:00:35:8D:D2:72:1E:37:E4:A8:45:1C:1E
            X509v3 Authority Key Identifier:
                keyid:97:05:46:2C:BF:C8:76:47:77:E6:DA:31:B5:95:D7:CC:BF:E3:82:43

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lwVGLL_Idkd35toxtZXXzL_jgkM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/edcd12-3be2-4629-a559-e72fbddb7746/1/oNQa3NhuJncANY3Sch435KhFHB4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/edcd12-3be2-4629-a559-e72fbddb7746/1/lwVGLL_Idkd35toxtZXXzL_jgkM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.96.76.0/22
                IPv6:
                  2a05:ff80::/29

    Signature Algorithm: sha256WithRSAEncryption
         5f:e2:77:c3:98:a9:1b:63:7e:f3:76:43:df:9a:42:c6:a9:aa:
         90:74:07:10:db:57:2d:16:39:aa:3e:40:a7:99:c6:f1:44:db:
         e1:9a:c9:5b:db:92:ba:bf:63:66:e7:b7:64:1a:b8:73:37:05:
         6a:6e:24:bd:b0:5d:cf:47:98:66:6d:50:56:8c:56:f9:51:d2:
         23:10:6f:86:4b:7e:f9:3b:2f:ab:db:ca:7c:06:ef:47:81:4e:
         24:76:a4:13:67:07:79:61:53:a3:7c:fd:d5:8e:b8:dc:67:86:
         7a:94:4b:01:c7:6c:e7:b7:1f:2e:c3:19:66:94:35:10:a4:38:
         1b:a4:b0:fb:7b:fd:f8:03:7c:6f:e4:23:86:33:e1:a1:96:da:
         38:9c:f9:43:a9:52:72:e4:9b:9a:14:5e:f5:69:b3:2a:a5:53:
         81:77:50:80:93:f3:c2:b7:f0:22:47:3f:96:24:af:66:7c:ce:
         42:7b:55:e6:11:fa:cb:02:7c:f9:c0:9a:20:6e:1a:60:cc:e3:
         6d:29:ac:5c:d7:d8:af:81:a1:3b:4c:f3:14:d6:8e:62:aa:6a:
         4e:99:65:37:a8:91:d4:24:8d:f5:54:b6:6f:95:b6:c0:46:ea:
         6e:d7:b8:08:c7:0d:18:e5:6d:dc:46:ab:76:40:5c:ab:c3:6c:
         90:47:13:87
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxuiMGJIqpAyTteydWJKNvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3MDU0NjJjYmZjODc2NDc3N2U2ZGEzMWI1OTVkN2NjYmZl
MzgyNDMwHhcNMjMwMTAyMDkwNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGQ0MWFkY2Q4NmUyNjc3MDAzNThkZDI3MjFlMzdlNGE4NDUxYzFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZ8DkIEOqWuRgm7EpiuCb9FIzeUm
2RAR1cGZFoPMvjRA87lA91JyHK22uZopua5Xuu9HmnJAfKPYSE9SoTcNy1A8SMo5
6zTZvGcBIYmyVpKZ7tXAozUJIKx7kCPKsTc/n23lNKdAfv9EIIOndPZia5MNaHKR
7igNFPSyTKnT5GGtebRNmivZUaeIeSnbHlr6IS1wLD9JyLMIPBGqT18xSZLV8TH2
KN3035Xawjb+YFLGGjS7M2xaRD+vrYaNvNLwXxjsUwqRqKQMVigSGX+sBzsNBJY8
d0VcyAqTyiOA6G0k9YK9rv6YwojUnQAh09KJ8UQZUHGHi2EM3MPqQwM/XQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKDUGtzYbiZ3ADWN0nIeN+SoRRweMB8GA1UdIwQY
MBaAFJcFRiy/yHZHd+baMbWV18y/44JDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHdWR0xMX0lka2QzNXRveHRaWFh6TF9qZ2tNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9lZGNkMTItM2JlMi00NjI5LWE1NTkt
ZTcyZmJkZGI3NzQ2LzEvb05RYTNOaHVKbmNBTlkzU2NoNDM1S2hGSEI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9lZGNkMTItM2JlMi00NjI5LWE1NTktZTcyZmJkZGI3NzQ2
LzEvbHdWR0xMX0lka2QzNXRveHRaWFh6TF9qZ2tNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWBMMA0E
AgACMAcDBQMqBf+AMA0GCSqGSIb3DQEBCwUAA4IBAQBf4nfDmKkbY37zdkPfmkLG
qaqQdAcQ21ctFjmqPkCnmcbxRNvhmslb25K6v2Nm57dkGrhzNwVqbiS9sF3PR5hm
bVBWjFb5UdIjEG+GS375Oy+r28p8Bu9HgU4kdqQTZwd5YVOjfP3VjrjcZ4Z6lEsB
x2zntx8uwxlmlDUQpDgbpLD7e/34A3xv5COGM+Ghlto4nPlDqVJy5JuaFF71abMq
pVOBd1CAk/PCt/AiRz+WJK9mfM5Ce1XmEfrLAnz5wJogbhpgzONtKaxc19ivgaE7
TPMU1o5iqmpOmWU3qJHUJI31VLZvlbbARupu17gIxw0Y5W3cRqt2QFyrw2yQRxOH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:45 2024 by rpki-client on console-fra.rpki-client.org