Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/5c6c9f-691f-4284-b84d-1d367a5f86d4/1/oS85JtD3UrEG3nEjvolQJW4fTIE.roa
File:                     oS85JtD3UrEG3nEjvolQJW4fTIE.roa (raw, json)
Hash identifier:          Fr2aSRSqwWHXzsykbzsFTgZbnwqjyPAVIWKXPgEooFo=
Subject key identifier:   A1:2F:39:26:D0:F7:52:B1:06:DE:71:23:BE:89:50:25:6E:1F:4C:81
Certificate issuer:       /CN=7c6f4c8f3a377f46c5522009678f38d61571c6ca
Certificate serial:       01856FD50B8F430A5F3C8758C3C6CAFE1C4E
Authority key identifier: 7C:6F:4C:8F:3A:37:7F:46:C5:52:20:09:67:8F:38:D6:15:71:C6:CA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fG9Mjzo3f0bFUiAJZ4841hVxxso.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5c/5c6c9f-691f-4284-b84d-1d367a5f86d4/1/oS85JtD3UrEG3nEjvolQJW4fTIE.roa
Signing time:             Mon 02 Jan 2023 00:15:11 +0000
ROA not before:           Mon 02 Jan 2023 00:15:11 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     29080
IP address blocks:        195.68.200.0/23 maxlen: 23
                          195.68.200.0/24 maxlen: 24
                          195.68.201.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:29:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:d5:0b:8f:43:0a:5f:3c:87:58:c3:c6:ca:fe:1c:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7c6f4c8f3a377f46c5522009678f38d61571c6ca
        Validity
            Not Before: Jan  2 00:15:11 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a12f3926d0f752b106de7123be8950256e1f4c81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:e2:be:1e:e3:cb:02:79:2b:5e:fb:b1:99:21:
                    47:11:87:3c:f5:c7:46:0c:0d:90:f2:f6:29:9c:3b:
                    d2:86:0a:5e:56:4b:bf:69:3c:91:ca:94:60:28:7b:
                    dc:12:0e:c0:8c:1a:91:75:3f:75:e6:7b:e4:69:68:
                    66:61:e8:dd:32:cf:8d:2b:a5:f6:0f:5d:d9:e2:57:
                    48:dc:69:bd:5d:b7:bb:92:cd:6f:8b:0f:41:60:b9:
                    90:74:e7:23:98:9f:be:1e:28:54:12:7a:f6:2a:a8:
                    ff:fa:16:27:7b:c4:f4:6a:94:f1:1f:5c:78:be:bb:
                    fe:69:bb:6e:22:92:14:fb:b3:ec:b3:f1:c5:54:5c:
                    2b:97:92:03:ac:53:7f:38:fa:e2:c1:7f:99:e7:5d:
                    9d:22:77:16:c2:22:88:85:93:e1:4e:79:de:df:26:
                    4e:f5:f5:92:01:ff:cc:10:e9:9a:1b:14:86:ec:91:
                    bd:cb:14:7c:d3:94:39:4a:31:56:45:02:10:08:8c:
                    1d:9a:b1:30:a9:6d:61:25:d3:69:5d:a0:4f:48:af:
                    14:2e:42:6b:d3:2c:79:50:3f:90:df:17:24:22:e4:
                    64:9e:b4:5c:a4:c6:4c:a3:e2:72:41:43:11:8c:cf:
                    d5:25:9c:ba:d1:32:ff:b0:73:d2:bf:ee:69:dc:fd:
                    63:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:2F:39:26:D0:F7:52:B1:06:DE:71:23:BE:89:50:25:6E:1F:4C:81
            X509v3 Authority Key Identifier:
                keyid:7C:6F:4C:8F:3A:37:7F:46:C5:52:20:09:67:8F:38:D6:15:71:C6:CA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fG9Mjzo3f0bFUiAJZ4841hVxxso.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/5c6c9f-691f-4284-b84d-1d367a5f86d4/1/oS85JtD3UrEG3nEjvolQJW4fTIE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/5c6c9f-691f-4284-b84d-1d367a5f86d4/1/fG9Mjzo3f0bFUiAJZ4841hVxxso.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.68.200.0/23

    Signature Algorithm: sha256WithRSAEncryption
         36:95:39:1f:90:93:46:14:8e:b0:bf:e0:a6:07:c9:5d:8d:d9:
         b8:83:64:fb:ab:79:a2:35:64:8f:53:bd:78:ca:b8:9b:31:4a:
         0d:1c:8a:5f:34:7d:3e:db:df:0e:a0:b9:47:ec:d2:a1:b1:fc:
         8a:9a:9c:ca:9a:d8:73:88:a7:cb:3e:91:52:bd:8f:88:22:64:
         b6:68:44:46:cd:1e:4e:af:76:c5:92:d1:36:3f:29:77:80:4f:
         5e:29:d5:dc:90:74:f7:63:85:bc:5c:fe:d1:a3:52:0b:51:67:
         41:40:90:3c:a3:cd:80:63:2e:91:75:cc:0a:ed:46:86:19:3e:
         3d:55:ff:c3:67:29:f6:58:df:21:50:35:f8:9b:fe:86:af:fb:
         e9:fc:f4:76:f5:6c:44:2a:38:28:b7:a8:e7:aa:2c:59:6b:65:
         22:8a:59:f9:4e:1a:99:28:58:97:d4:9f:f6:75:aa:66:7c:df:
         d6:99:c8:68:41:6d:a6:f5:a2:d6:2d:61:87:90:c2:69:17:4b:
         71:64:cf:20:1d:79:1c:5a:13:66:ea:15:74:1a:05:a0:bb:0f:
         47:97:a5:10:4d:5e:94:51:a8:40:b5:86:11:fe:58:24:05:d4:
         6c:69:b4:d1:5f:c5:62:be:b8:0a:c0:1f:2a:ad:93:7e:09:46:
         ff:4e:b3:11
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv1QuPQwpfPIdYw8bK/hxOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjNmY0YzhmM2EzNzdmNDZjNTUyMjAwOTY3OGYzOGQ2MTU3
MWM2Y2EwHhcNMjMwMTAyMDAxNTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTJmMzkyNmQwZjc1MmIxMDZkZTcxMjNiZTg5NTAyNTZlMWY0YzgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgeK+HuPLAnkrXvuxmSFHEYc89cdG
DA2Q8vYpnDvShgpeVku/aTyRypRgKHvcEg7AjBqRdT915nvkaWhmYejdMs+NK6X2
D13Z4ldI3Gm9Xbe7ks1viw9BYLmQdOcjmJ++HihUEnr2Kqj/+hYne8T0apTxH1x4
vrv+abtuIpIU+7Pss/HFVFwrl5IDrFN/OPriwX+Z512dIncWwiKIhZPhTnne3yZO
9fWSAf/MEOmaGxSG7JG9yxR805Q5SjFWRQIQCIwdmrEwqW1hJdNpXaBPSK8ULkJr
0yx5UD+Q3xckIuRknrRcpMZMo+JyQUMRjM/VJZy60TL/sHPSv+5p3P1jRwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKEvOSbQ91KxBt5xI76JUCVuH0yBMB8GA1UdIwQY
MBaAFHxvTI86N39GxVIgCWePONYVccbKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkc5TWp6bzNmMGJGVWlBSlo0ODQxaFZ4eHNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy81YzZjOWYtNjkxZi00Mjg0LWI4NGQt
MWQzNjdhNWY4NmQ0LzEvb1M4NUp0RDNVckVHM25FanZvbFFKVzRmVElFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy81YzZjOWYtNjkxZi00Mjg0LWI4NGQtMWQzNjdhNWY4NmQ0
LzEvZkc5TWp6bzNmMGJGVWlBSlo0ODQxaFZ4eHNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw0TIMA0G
CSqGSIb3DQEBCwUAA4IBAQA2lTkfkJNGFI6wv+CmB8ldjdm4g2T7q3miNWSPU714
yribMUoNHIpfNH0+298OoLlH7NKhsfyKmpzKmthziKfLPpFSvY+IImS2aERGzR5O
r3bFktE2Pyl3gE9eKdXckHT3Y4W8XP7Ro1ILUWdBQJA8o82AYy6RdcwK7UaGGT49
Vf/DZyn2WN8hUDX4m/6Gr/vp/PR29WxEKjgot6jnqixZa2Uiiln5ThqZKFiX1J/2
dapmfN/WmchoQW2m9aLWLWGHkMJpF0txZM8gHXkcWhNm6hV0GgWguw9Hl6UQTV6U
UahAtYYR/lgkBdRsabTRX8VivrgKwB8qrZN+CUb/TrMR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:15 2024 by rpki-client on console-fra.rpki-client.org