Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/2bf00b-bfbc-4f6b-a13e-f10f73a9ecb3/1/DjQzS-kQI1P23RZwc4ln4HItpGo.roa
File:                     DjQzS-kQI1P23RZwc4ln4HItpGo.roa (raw, json)
Hash identifier:          pVbN3RYzL17I+BlRjlZEF4eKiyttmgxgSkq6JTQDYp8=
Subject key identifier:   0E:34:33:4B:E9:10:23:53:F6:DD:16:70:73:89:67:E0:72:2D:A4:6A
Certificate issuer:       /CN=36b55fb34d29f962545132a025b52644fdffbf6f
Certificate serial:       01856F8B72C3222DA786B9120E56203DD5E8
Authority key identifier: 36:B5:5F:B3:4D:29:F9:62:54:51:32:A0:25:B5:26:44:FD:FF:BF:6F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NrVfs00p-WJUUTKgJbUmRP3_v28.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5c/2bf00b-bfbc-4f6b-a13e-f10f73a9ecb3/1/DjQzS-kQI1P23RZwc4ln4HItpGo.roa
Signing time:             Sun 01 Jan 2023 22:54:47 +0000
ROA not before:           Sun 01 Jan 2023 22:54:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        185.206.123.0/24 maxlen: 24
                          2a10:ca00:4::/48 maxlen: 48
                          2a10:ca00:2::/48 maxlen: 48
                          2a10:ca00:3::/48 maxlen: 48
                          2a10:ca00:1::/48 maxlen: 48

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:8b:72:c3:22:2d:a7:86:b9:12:0e:56:20:3d:d5:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36b55fb34d29f962545132a025b52644fdffbf6f
        Validity
            Not Before: Jan  1 22:54:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0e34334be9102353f6dd1670738967e0722da46a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:3a:83:18:03:52:a0:a9:bb:16:42:cf:65:34:
                    f7:bf:4b:5a:61:2f:0b:c0:e1:c1:19:ce:25:50:63:
                    38:6a:54:13:4d:19:ac:7b:72:0a:6a:0c:be:57:0b:
                    19:83:bd:40:0c:65:b7:4c:b7:5f:3c:0b:e0:e7:f6:
                    5f:de:93:5a:bf:59:29:8d:84:fb:aa:50:92:7d:cc:
                    48:e9:00:62:93:61:08:fe:52:6d:a8:4d:88:9a:bf:
                    c7:6a:58:19:18:ae:f3:dc:0b:38:19:e9:63:bd:1e:
                    37:bf:ed:21:58:4b:d8:65:80:c5:ad:ad:38:1b:ed:
                    b5:fe:8e:42:26:22:e9:49:15:bf:95:58:1a:4b:ea:
                    7b:bc:0f:fe:0e:c7:5e:3e:d9:bc:45:58:b5:f6:a9:
                    66:28:78:9e:a2:c9:08:56:35:27:2e:68:8f:ef:6e:
                    10:63:75:fb:cb:f4:13:78:3e:f9:7d:6e:54:66:1e:
                    27:c9:aa:ec:31:66:aa:de:6b:7d:36:73:61:51:0f:
                    e1:bb:dc:b0:17:fc:ec:6d:b6:ab:1e:cd:62:45:d3:
                    49:57:ce:3f:61:76:84:d1:e9:bc:85:78:fe:bf:6c:
                    78:e2:fd:00:07:43:34:d8:df:70:71:3f:4d:bd:94:
                    69:cf:1a:e7:72:a3:16:57:cb:e8:d3:6b:49:ff:ff:
                    0f:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:34:33:4B:E9:10:23:53:F6:DD:16:70:73:89:67:E0:72:2D:A4:6A
            X509v3 Authority Key Identifier:
                keyid:36:B5:5F:B3:4D:29:F9:62:54:51:32:A0:25:B5:26:44:FD:FF:BF:6F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NrVfs00p-WJUUTKgJbUmRP3_v28.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/2bf00b-bfbc-4f6b-a13e-f10f73a9ecb3/1/DjQzS-kQI1P23RZwc4ln4HItpGo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/2bf00b-bfbc-4f6b-a13e-f10f73a9ecb3/1/NrVfs00p-WJUUTKgJbUmRP3_v28.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.206.123.0/24
                IPv6:
                  2a10:ca00:1::-2a10:ca00:4:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         27:e5:85:98:65:eb:ac:4c:b2:a3:8d:d1:bd:08:3f:a5:8a:73:
         01:02:22:69:ac:db:09:48:a0:74:1b:c6:5a:3a:d2:89:78:2d:
         9d:b0:9a:39:8a:a5:82:07:05:23:07:ae:1c:ae:7c:80:86:fe:
         9a:7f:6d:3c:e9:80:30:2b:8c:95:3d:d6:a3:64:26:e8:cd:e2:
         78:4d:a1:74:23:80:69:60:d6:0f:58:4c:43:f3:3f:a2:ba:b3:
         c0:91:fd:06:4c:1b:0f:7a:db:a9:b3:8b:45:a3:da:5b:73:e7:
         fc:d2:3c:f7:5b:88:28:33:e0:b4:ea:b3:77:32:dc:27:d0:2d:
         74:18:92:33:b9:71:9b:49:22:37:34:f8:74:d4:83:76:cc:57:
         d2:6c:b0:a8:4d:8b:b5:0f:7f:8d:e8:d9:ce:82:d1:4e:b3:b1:
         3d:91:41:f2:c7:e0:a9:17:0d:ea:68:a3:ad:79:55:1f:ce:c4:
         b0:69:0f:b4:ed:fd:de:fa:11:f6:58:4b:c4:8c:f9:d4:4c:50:
         7a:03:c6:92:3d:9b:af:72:c1:67:8b:2b:cb:61:4a:98:89:8a:
         47:66:32:a8:fb:e6:d9:6f:1d:1a:54:55:c4:7c:f8:06:64:24:
         f7:cc:aa:a9:c6:54:b4:ff:e2:c9:fb:d5:58:8d:07:89:b7:f0:
         6a:35:22:aa
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYVvi3LDIi2nhrkSDlYgPdXoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YjU1ZmIzNGQyOWY5NjI1NDUxMzJhMDI1YjUyNjQ0ZmRm
ZmJmNmYwHhcNMjMwMTAxMjI1NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTM0MzM0YmU5MTAyMzUzZjZkZDE2NzA3Mzg5NjdlMDcyMmRhNDZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlDqDGANSoKm7FkLPZTT3v0taYS8L
wOHBGc4lUGM4alQTTRmse3IKagy+VwsZg71ADGW3TLdfPAvg5/Zf3pNav1kpjYT7
qlCSfcxI6QBik2EI/lJtqE2Imr/HalgZGK7z3As4GeljvR43v+0hWEvYZYDFra04
G+21/o5CJiLpSRW/lVgaS+p7vA/+DsdePtm8RVi19qlmKHieoskIVjUnLmiP724Q
Y3X7y/QTeD75fW5UZh4nyarsMWaq3mt9NnNhUQ/hu9ywF/zsbbarHs1iRdNJV84/
YXaE0em8hXj+v2x44v0AB0M02N9wcT9NvZRpzxrncqMWV8vo02tJ//8P2wIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFA40M0vpECNT9t0WcHOJZ+ByLaRqMB8GA1UdIwQY
MBaAFDa1X7NNKfliVFEyoCW1JkT9/79vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnJWZnMwMHAtV0pVVVRLZ0piVW1SUDNfdjI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy8yYmYwMGItYmZiYy00ZjZiLWExM2Ut
ZjEwZjczYTllY2IzLzEvRGpRelMta1FJMVAyM1Jad2M0bG40SEl0cEdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy8yYmYwMGItYmZiYy00ZjZiLWExM2UtZjEwZjczYTllY2Iz
LzEvTnJWZnMwMHAtV0pVVVRLZ0piVW1SUDNfdjI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAMBAIAATAGAwQAuc57MBoE
AgACMBQwEgMHACoQygAAAQMHACoQygAABDANBgkqhkiG9w0BAQsFAAOCAQEAJ+WF
mGXrrEyyo43RvQg/pYpzAQIiaazbCUigdBvGWjrSiXgtnbCaOYqlggcFIweuHK58
gIb+mn9tPOmAMCuMlT3Wo2Qm6M3ieE2hdCOAaWDWD1hMQ/M/orqzwJH9BkwbD3rb
qbOLRaPaW3Pn/NI891uIKDPgtOqzdzLcJ9AtdBiSM7lxm0kiNzT4dNSDdsxX0myw
qE2LtQ9/jejZzoLRTrOxPZFB8sfgqRcN6mijrXlVH87EsGkPtO393voR9lhLxIz5
1ExQegPGkj2br3LBZ4sry2FKmImKR2YyqPvm2W8dGlRVxHz4BmQk98yqqcZUtP/i
yfvVWI0HibfwajUiqg==
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:21:04 2024 by rpki-client on console-ams.rpki-client.org