Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/e4ce7c-ad7b-4006-8e6a-80352d1413d9/1/XXYzhXPOMg2Tz7bO1MXC5pSWoqY.roa
File:                     XXYzhXPOMg2Tz7bO1MXC5pSWoqY.roa (raw, json)
Hash identifier:          gvQO0a/swZLrr78k60yZKc07MSDnxDnddMK//zH2YWc=
Subject key identifier:   5D:76:33:85:73:CE:32:0D:93:CF:B6:CE:D4:C5:C2:E6:94:96:A2:A6
Certificate issuer:       /CN=66927b2b26b5214b9665d8dc85f414709714996c
Certificate serial:       01856CCAF547BB2FBA931264B041385BBE39
Authority key identifier: 66:92:7B:2B:26:B5:21:4B:96:65:D8:DC:85:F4:14:70:97:14:99:6C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ZpJ7Kya1IUuWZdjchfQUcJcUmWw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5f/e4ce7c-ad7b-4006-8e6a-80352d1413d9/1/XXYzhXPOMg2Tz7bO1MXC5pSWoqY.roa
Signing time:             Sun 01 Jan 2023 10:05:18 +0000
ROA not before:           Sun 01 Jan 2023 10:05:18 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212098
IP address blocks:        185.223.163.0/24 maxlen: 24
                          2a10:8c80::/29 maxlen: 32

Validation:               Failed, certificate revoked on Wed 04 Jan 2023 17:04:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:ca:f5:47:bb:2f:ba:93:12:64:b0:41:38:5b:be:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=66927b2b26b5214b9665d8dc85f414709714996c
        Validity
            Not Before: Jan  1 10:05:18 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5d76338573ce320d93cfb6ced4c5c2e69496a2a6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:5e:17:96:f1:e4:f9:02:11:47:2e:71:d6:e3:
                    56:6e:9a:ad:4b:5f:d5:5c:3a:a3:9c:f3:d5:b4:02:
                    f1:78:dc:c8:4e:d5:d8:76:78:5b:65:c9:e5:61:e1:
                    5a:3d:0d:c8:18:b7:3a:fa:de:9e:36:84:94:c1:87:
                    49:d8:b2:69:0f:52:52:6d:5a:62:b8:e8:af:7d:03:
                    42:9c:87:4f:8b:b8:39:57:6c:62:e9:bb:d9:28:6a:
                    0e:d3:de:08:ab:d9:c3:b0:19:a3:4f:0b:4e:d1:09:
                    5f:57:90:78:d1:15:54:fb:36:f3:c4:07:33:4b:2a:
                    b4:81:d4:21:30:c9:1e:1c:60:41:a8:51:e9:e4:f8:
                    ef:c2:98:2b:78:6b:b1:9d:87:a2:57:6c:a1:a1:6a:
                    9c:cc:a9:c0:4c:64:ac:49:65:68:c9:02:cf:22:4e:
                    bd:46:b8:f1:b8:d1:ee:3c:3b:39:61:c8:49:6e:be:
                    f9:9e:86:7a:d6:28:e7:80:35:03:0d:75:8e:cc:b8:
                    a1:f8:07:83:5b:cb:38:34:49:7d:87:7f:68:d5:a7:
                    e6:1a:02:c6:2b:9d:49:37:da:c7:f7:90:34:f0:55:
                    65:d9:78:45:a5:ac:b5:13:e7:41:af:50:d3:f7:f2:
                    2d:98:b1:38:fa:46:e2:4a:e8:48:18:c5:a1:5c:3a:
                    9b:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:76:33:85:73:CE:32:0D:93:CF:B6:CE:D4:C5:C2:E6:94:96:A2:A6
            X509v3 Authority Key Identifier:
                keyid:66:92:7B:2B:26:B5:21:4B:96:65:D8:DC:85:F4:14:70:97:14:99:6C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZpJ7Kya1IUuWZdjchfQUcJcUmWw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/e4ce7c-ad7b-4006-8e6a-80352d1413d9/1/XXYzhXPOMg2Tz7bO1MXC5pSWoqY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/e4ce7c-ad7b-4006-8e6a-80352d1413d9/1/ZpJ7Kya1IUuWZdjchfQUcJcUmWw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.223.163.0/24
                IPv6:
                  2a10:8c80::/29

    Signature Algorithm: sha256WithRSAEncryption
         11:01:0c:ee:13:44:3d:0f:bd:7d:f7:d1:a3:94:85:9f:ff:51:
         25:19:ce:7b:45:53:8b:af:21:e3:96:55:51:a1:03:c7:2b:73:
         f8:9e:70:93:0b:59:8e:aa:c3:31:23:67:fb:92:e7:3e:d7:80:
         35:8c:d1:53:3d:38:0e:e3:c6:67:eb:f3:12:db:a0:9c:28:54:
         16:ee:2a:82:83:a4:51:93:dc:b1:6d:bd:52:8e:0c:43:4c:7d:
         e8:45:23:f2:2d:56:da:27:ca:13:5d:ba:8e:64:64:87:c0:53:
         77:a6:cf:8a:b0:29:1f:7c:8e:92:4c:25:e6:fc:c9:80:3f:77:
         a6:f2:bd:8b:74:e6:2a:c9:32:74:6f:85:87:f6:de:95:68:89:
         06:a2:7e:cb:d3:8d:19:62:8f:c9:fb:7c:0c:29:ae:e8:31:a2:
         87:e6:e4:c4:d2:26:fc:0b:32:4f:5f:01:74:90:9e:d4:bf:c3:
         65:c6:ef:2b:f0:6d:60:e8:13:89:03:3f:5c:e7:15:dd:03:ba:
         27:fa:ce:ea:e5:dc:e9:f3:c0:9b:e3:5f:65:fe:7c:5f:ad:69:
         90:63:e9:45:26:7a:dc:74:69:3f:aa:af:f9:e7:92:a4:32:55:
         0b:53:ac:b7:02:ae:28:9d:d4:2a:ff:ea:95:d2:ef:06:f3:8d:
         93:33:79:70
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVsyvVHuy+6kxJksEE4W745MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2OTI3YjJiMjZiNTIxNGI5NjY1ZDhkYzg1ZjQxNDcwOTcx
NDk5NmMwHhcNMjMwMTAxMTAwNTE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDc2MzM4NTczY2UzMjBkOTNjZmI2Y2VkNGM1YzJlNjk0OTZhMmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgV4XlvHk+QIRRy5x1uNWbpqtS1/V
XDqjnPPVtALxeNzITtXYdnhbZcnlYeFaPQ3IGLc6+t6eNoSUwYdJ2LJpD1JSbVpi
uOivfQNCnIdPi7g5V2xi6bvZKGoO094Iq9nDsBmjTwtO0QlfV5B40RVU+zbzxAcz
Syq0gdQhMMkeHGBBqFHp5PjvwpgreGuxnYeiV2yhoWqczKnATGSsSWVoyQLPIk69
RrjxuNHuPDs5YchJbr75noZ61ijngDUDDXWOzLih+AeDW8s4NEl9h39o1afmGgLG
K51JN9rH95A08FVl2XhFpay1E+dBr1DT9/ItmLE4+kbiSuhIGMWhXDqb4QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFF12M4VzzjINk8+2ztTFwuaUlqKmMB8GA1UdIwQY
MBaAFGaSeysmtSFLlmXY3IX0FHCXFJlsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnBKN0t5YTFJVXVXWmRqY2hmUVVjSmNVbVd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9lNGNlN2MtYWQ3Yi00MDA2LThlNmEt
ODAzNTJkMTQxM2Q5LzEvWFhZemhYUE9NZzJUejdiTzFNWEM1cFNXb3FZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9lNGNlN2MtYWQ3Yi00MDA2LThlNmEtODAzNTJkMTQxM2Q5
LzEvWnBKN0t5YTFJVXVXWmRqY2hmUVVjSmNVbVd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAud+jMA0E
AgACMAcDBQMqEIyAMA0GCSqGSIb3DQEBCwUAA4IBAQARAQzuE0Q9D71999GjlIWf
/1ElGc57RVOLryHjllVRoQPHK3P4nnCTC1mOqsMxI2f7kuc+14A1jNFTPTgO48Zn
6/MS26CcKFQW7iqCg6RRk9yxbb1SjgxDTH3oRSPyLVbaJ8oTXbqOZGSHwFN3ps+K
sCkffI6STCXm/MmAP3em8r2LdOYqyTJ0b4WH9t6VaIkGon7L040ZYo/J+3wMKa7o
MaKH5uTE0ib8CzJPXwF0kJ7Uv8Nlxu8r8G1g6BOJAz9c5xXdA7on+s7q5dzp88Cb
419l/nxfrWmQY+lFJnrcdGk/qq/555KkMlULU6y3Aq4ondQq/+qV0u8G842TM3lw
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:13:42 2024 by rpki-client on console-ams.rpki-client.org