Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/3f8cca-6b1d-4ae6-bc2a-f42e7c45935a/1/mem4axclHr4eejhLM83NK2VBNz0.roa
File:                     mem4axclHr4eejhLM83NK2VBNz0.roa (raw, json)
Hash identifier:          DWRk+fk7Escha+K5yjxGVjiodfr8UaxZfaOC7nePaxs=
Subject key identifier:   99:E9:B8:6B:17:25:1E:BE:1E:7A:38:4B:33:CD:CD:2B:65:41:37:3D
Certificate issuer:       /CN=bb0a13a1c9e1dd84ede43283490be78387754a94
Certificate serial:       0185715E486166EAF3EE9FB11E36807C0554
Authority key identifier: BB:0A:13:A1:C9:E1:DD:84:ED:E4:32:83:49:0B:E7:83:87:75:4A:94
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uwoTocnh3YTt5DKDSQvng4d1SpQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/57/3f8cca-6b1d-4ae6-bc2a-f42e7c45935a/1/mem4axclHr4eejhLM83NK2VBNz0.roa
Signing time:             Mon 02 Jan 2023 07:24:42 +0000
ROA not before:           Mon 02 Jan 2023 07:24:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     208642
IP address blocks:        185.202.244.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:29:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:5e:48:61:66:ea:f3:ee:9f:b1:1e:36:80:7c:05:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bb0a13a1c9e1dd84ede43283490be78387754a94
        Validity
            Not Before: Jan  2 07:24:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=99e9b86b17251ebe1e7a384b33cdcd2b6541373d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:78:7e:f2:97:38:c4:e5:a7:dd:23:9d:1f:8a:
                    a8:0a:6f:67:81:95:24:9c:35:a4:9a:9b:50:b0:92:
                    58:c8:54:93:a9:d9:77:ac:d3:ff:02:10:74:4b:e3:
                    ce:7a:19:02:ae:4d:2c:1d:20:02:83:3d:e5:ee:20:
                    80:77:f9:a4:b2:ee:5a:8f:f0:a4:1b:e8:50:db:36:
                    d4:5e:9f:b9:28:f3:ae:c8:c4:ed:16:a5:9b:11:41:
                    8a:55:b0:95:3a:62:13:f4:80:89:35:14:f9:d3:f9:
                    47:ec:e3:b1:2f:2e:25:9f:56:25:13:0e:60:79:33:
                    7d:12:87:0d:ca:35:7d:64:00:91:e6:44:d0:77:59:
                    42:17:af:b6:9c:d6:20:6b:4a:a6:3b:34:cd:1a:cc:
                    19:40:83:dc:c5:ae:4f:5d:37:c3:60:56:1c:9a:09:
                    24:d5:50:fb:38:8b:75:58:c5:2c:16:9d:57:48:c7:
                    cb:64:56:6c:50:7a:6e:2e:ba:3b:5f:4c:63:e9:f4:
                    ab:87:a3:e3:0c:3b:28:ef:08:c1:78:b9:4f:8c:48:
                    e4:d9:01:87:e1:24:0a:ca:0e:32:13:a0:bb:6b:1b:
                    d1:21:8e:f2:86:92:83:35:9e:bb:57:ea:6a:e4:59:
                    b4:24:9e:0b:ae:bb:1d:0f:e6:85:ef:fe:e9:64:47:
                    6b:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:E9:B8:6B:17:25:1E:BE:1E:7A:38:4B:33:CD:CD:2B:65:41:37:3D
            X509v3 Authority Key Identifier:
                keyid:BB:0A:13:A1:C9:E1:DD:84:ED:E4:32:83:49:0B:E7:83:87:75:4A:94

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uwoTocnh3YTt5DKDSQvng4d1SpQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3f8cca-6b1d-4ae6-bc2a-f42e7c45935a/1/mem4axclHr4eejhLM83NK2VBNz0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3f8cca-6b1d-4ae6-bc2a-f42e7c45935a/1/uwoTocnh3YTt5DKDSQvng4d1SpQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.202.244.0/22

    Signature Algorithm: sha256WithRSAEncryption
         3b:a8:04:2a:75:62:44:6c:c6:cb:15:b0:08:ee:53:49:d6:87:
         1f:2a:4b:48:9e:b8:09:8a:0d:ef:89:06:55:28:20:0a:69:4f:
         4f:48:05:aa:a1:98:96:24:d2:f2:aa:38:78:43:ef:6f:a8:8e:
         b5:f0:ec:0d:79:c8:56:29:e1:d9:97:38:fa:ce:62:d9:7b:93:
         ea:aa:b0:2f:2d:29:6d:1d:85:c7:ce:b3:d5:5a:97:d2:25:d4:
         9a:00:0c:5f:0f:b9:47:9f:9c:0e:c5:5b:43:77:a3:e3:f5:12:
         9b:e8:7b:d7:5c:91:aa:ec:1f:3d:0d:24:12:00:29:6c:df:69:
         7b:75:96:f9:2c:5d:ae:fa:a3:0e:8b:cf:d1:1b:22:3d:86:2d:
         d7:aa:1d:74:76:d6:f2:c0:29:a7:d3:2e:9b:f7:4c:46:76:96:
         f5:27:bd:8f:81:c7:6d:10:a3:db:f4:97:e6:e8:5f:18:0f:20:
         c1:68:a0:fd:01:68:f9:c1:8b:da:27:ed:ff:8a:5a:2c:25:a0:
         95:0b:fe:38:df:70:5b:60:ee:16:11:bd:bf:70:4c:9b:f5:ad:
         46:87:5a:cf:44:99:d0:0c:02:d8:69:9f:0f:a0:01:fd:08:14:
         72:9f:8e:59:f7:1b:f0:81:08:58:a5:aa:2d:ba:1d:c6:0a:44:
         44:b8:ab:23
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxXkhhZurz7p+xHjaAfAVUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiMGExM2ExYzllMWRkODRlZGU0MzI4MzQ5MGJlNzgzODc3
NTRhOTQwHhcNMjMwMTAyMDcyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWU5Yjg2YjE3MjUxZWJlMWU3YTM4NGIzM2NkY2QyYjY1NDEzNzNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnHh+8pc4xOWn3SOdH4qoCm9ngZUk
nDWkmptQsJJYyFSTqdl3rNP/AhB0S+POehkCrk0sHSACgz3l7iCAd/mksu5aj/Ck
G+hQ2zbUXp+5KPOuyMTtFqWbEUGKVbCVOmIT9ICJNRT50/lH7OOxLy4ln1YlEw5g
eTN9EocNyjV9ZACR5kTQd1lCF6+2nNYga0qmOzTNGswZQIPcxa5PXTfDYFYcmgkk
1VD7OIt1WMUsFp1XSMfLZFZsUHpuLro7X0xj6fSrh6PjDDso7wjBeLlPjEjk2QGH
4SQKyg4yE6C7axvRIY7yhpKDNZ67V+pq5Fm0JJ4LrrsdD+aF7/7pZEdrfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJnpuGsXJR6+Hno4SzPNzStlQTc9MB8GA1UdIwQY
MBaAFLsKE6HJ4d2E7eQyg0kL54OHdUqUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXdvVG9jbmgzWVR0NURLRFNRdm5nNGQxU3BRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8zZjhjY2EtNmIxZC00YWU2LWJjMmEt
ZjQyZTdjNDU5MzVhLzEvbWVtNGF4Y2xIcjRlZWpoTE04M05LMlZCTnowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8zZjhjY2EtNmIxZC00YWU2LWJjMmEtZjQyZTdjNDU5MzVh
LzEvdXdvVG9jbmgzWVR0NURLRFNRdm5nNGQxU3BRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucr0MA0G
CSqGSIb3DQEBCwUAA4IBAQA7qAQqdWJEbMbLFbAI7lNJ1ocfKktInrgJig3viQZV
KCAKaU9PSAWqoZiWJNLyqjh4Q+9vqI618OwNechWKeHZlzj6zmLZe5PqqrAvLSlt
HYXHzrPVWpfSJdSaAAxfD7lHn5wOxVtDd6Pj9RKb6HvXXJGq7B89DSQSACls32l7
dZb5LF2u+qMOi8/RGyI9hi3Xqh10dtbywCmn0y6b90xGdpb1J72PgcdtEKPb9Jfm
6F8YDyDBaKD9AWj5wYvaJ+3/ilosJaCVC/4433BbYO4WEb2/cEyb9a1Gh1rPRJnQ
DALYaZ8PoAH9CBRyn45Z9xvwgQhYpaotuh3GCkREuKsj
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:38 2024 by rpki-client on console-ams.rpki-client.org