Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/0949fc-accd-471f-a9cd-97243e316272/1/RDbvxfJB21ssTv_JYjU_s7vWcLw.roa
File:                     RDbvxfJB21ssTv_JYjU_s7vWcLw.roa (raw, json)
Hash identifier:          YCSkaFEPuaTU97p7vhJueL0lBaArdXgwMOg3LTaJVCg=
Subject key identifier:   44:36:EF:C5:F2:41:DB:5B:2C:4E:FF:C9:62:35:3F:B3:BB:D6:70:BC
Certificate issuer:       /CN=570fb0f1d8b8c198b0dc86158afbcbc529cf16be
Certificate serial:       0189E39DD340B80DC8D5CAF29A306CA19976
Authority key identifier: 57:0F:B0:F1:D8:B8:C1:98:B0:DC:86:15:8A:FB:CB:C5:29:CF:16:BE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Vw-w8di4wZiw3IYVivvLxSnPFr4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/0949fc-accd-471f-a9cd-97243e316272/1/RDbvxfJB21ssTv_JYjU_s7vWcLw.roa
Signing time:             Fri 11 Aug 2023 08:01:58 +0000
ROA not before:           Fri 11 Aug 2023 08:01:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        185.132.186.0/24 maxlen: 24
                          185.132.187.0/24 maxlen: 24
                          93.177.114.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Mon 02 Oct 2023 06:38:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:e3:9d:d3:40:b8:0d:c8:d5:ca:f2:9a:30:6c:a1:99:76
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=570fb0f1d8b8c198b0dc86158afbcbc529cf16be
        Validity
            Not Before: Aug 11 08:01:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4436efc5f241db5b2c4effc962353fb3bbd670bc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:cb:1a:c1:0a:b5:10:73:e9:90:14:85:d9:1f:
                    b4:fe:1c:fb:94:b5:ff:05:d0:16:af:cc:76:37:66:
                    7d:11:4e:3c:a0:a7:db:d2:98:36:71:63:a4:03:c0:
                    44:30:49:96:4a:56:fc:21:d0:e7:4b:15:ab:ab:7c:
                    fb:93:00:e2:f1:11:46:cd:43:a3:b1:88:a6:8f:c2:
                    cf:f2:a5:42:da:c4:b4:46:2c:99:fc:d3:47:e8:6c:
                    b3:90:78:0c:3d:7b:3b:60:f2:2c:48:ca:1c:cb:82:
                    a8:00:66:fa:f2:44:69:dd:eb:85:b0:2f:0d:99:ef:
                    3a:8a:d7:af:6c:45:53:f1:58:fd:bd:e3:f5:c9:e4:
                    e6:40:b7:79:d7:76:7d:da:c3:f4:5f:e9:d2:3c:e2:
                    0c:e7:29:7a:df:fa:c0:95:bb:3c:fa:61:21:d3:35:
                    04:63:27:63:a1:b4:a9:a5:78:74:49:3c:74:83:0d:
                    6d:b8:f8:1e:0e:fa:cc:59:6c:83:1f:df:87:ca:74:
                    9d:10:c4:de:26:75:c6:3a:d9:f5:4c:13:b2:d2:93:
                    12:a2:98:80:7d:73:00:80:13:e4:54:76:37:5d:97:
                    86:8b:21:6a:31:0c:cb:fc:eb:a3:94:83:be:79:c0:
                    20:b2:40:ac:a7:d8:3b:b4:b1:d8:e8:6f:be:7f:c2:
                    2a:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:36:EF:C5:F2:41:DB:5B:2C:4E:FF:C9:62:35:3F:B3:BB:D6:70:BC
            X509v3 Authority Key Identifier:
                keyid:57:0F:B0:F1:D8:B8:C1:98:B0:DC:86:15:8A:FB:CB:C5:29:CF:16:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vw-w8di4wZiw3IYVivvLxSnPFr4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/0949fc-accd-471f-a9cd-97243e316272/1/RDbvxfJB21ssTv_JYjU_s7vWcLw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/0949fc-accd-471f-a9cd-97243e316272/1/Vw-w8di4wZiw3IYVivvLxSnPFr4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  93.177.114.0/23
                  185.132.186.0/23

    Signature Algorithm: sha256WithRSAEncryption
         67:1e:b4:83:43:22:76:29:23:92:da:45:b5:b5:35:f2:a9:a4:
         b3:24:0d:13:88:a9:65:0c:29:6d:b5:30:9d:9c:62:4f:3e:62:
         47:3f:72:86:73:e8:61:83:7c:b0:a5:87:8d:74:38:03:79:c1:
         ae:24:6c:72:b5:3d:13:26:d9:9b:cf:b9:25:67:52:fd:96:8b:
         58:0d:05:89:09:be:b1:db:03:cb:90:6f:6c:9c:42:a3:a5:52:
         5a:78:b7:75:80:dd:d4:56:91:17:da:11:67:32:14:44:98:fd:
         f0:2a:6f:b5:c9:c3:c8:79:25:89:a7:02:2e:57:6a:2e:f8:63:
         5d:e4:cb:e9:6e:8e:70:ae:02:15:54:83:3b:f1:5c:aa:65:e8:
         de:98:98:e7:a4:01:5b:4f:59:8c:01:44:c9:60:0f:d1:ad:21:
         d4:0e:bd:9b:5c:a8:cc:b6:90:02:9a:ea:0a:3a:dd:2d:9b:62:
         13:85:0e:e7:f7:34:c2:0e:d7:64:05:70:eb:2e:18:ba:50:b9:
         55:10:f1:61:d5:90:73:bf:1f:3e:af:c1:28:55:28:4d:b8:b5:
         13:1c:24:bb:08:0b:9c:af:4f:0f:d7:bd:ee:98:bb:1f:e5:6b:
         66:ae:35:b0:08:31:74:17:2b:e6:39:91:ad:ad:5a:8c:4c:93:
         5e:ea:57:f2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYnjndNAuA3I1crymjBsoZl2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3MGZiMGYxZDhiOGMxOThiMGRjODYxNThhZmJjYmM1Mjlj
ZjE2YmUwHhcNMjMwODExMDgwMTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDM2ZWZjNWYyNDFkYjViMmM0ZWZmYzk2MjM1M2ZiM2JiZDY3MGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmssawQq1EHPpkBSF2R+0/hz7lLX/
BdAWr8x2N2Z9EU48oKfb0pg2cWOkA8BEMEmWSlb8IdDnSxWrq3z7kwDi8RFGzUOj
sYimj8LP8qVC2sS0RiyZ/NNH6GyzkHgMPXs7YPIsSMocy4KoAGb68kRp3euFsC8N
me86itevbEVT8Vj9veP1yeTmQLd513Z92sP0X+nSPOIM5yl63/rAlbs8+mEh0zUE
YydjobSppXh0STx0gw1tuPgeDvrMWWyDH9+HynSdEMTeJnXGOtn1TBOy0pMSopiA
fXMAgBPkVHY3XZeGiyFqMQzL/OujlIO+ecAgskCsp9g7tLHY6G++f8Iq4wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEQ278XyQdtbLE7/yWI1P7O71nC8MB8GA1UdIwQY
MBaAFFcPsPHYuMGYsNyGFYr7y8Upzxa+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnctdzhkaTR3Wml3M0lZVml2dkx4U25QRnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS8wOTQ5ZmMtYWNjZC00NzFmLWE5Y2Qt
OTcyNDNlMzE2MjcyLzEvUkRidnhmSkIyMXNzVHZfSllqVV9zN3ZXY0x3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS8wOTQ5ZmMtYWNjZC00NzFmLWE5Y2QtOTcyNDNlMzE2Mjcy
LzEvVnctdzhkaTR3Wml3M0lZVml2dkx4U25QRnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBXbFyAwQB
uYS6MA0GCSqGSIb3DQEBCwUAA4IBAQBnHrSDQyJ2KSOS2kW1tTXyqaSzJA0TiKll
DClttTCdnGJPPmJHP3KGc+hhg3ywpYeNdDgDecGuJGxytT0TJtmbz7klZ1L9lotY
DQWJCb6x2wPLkG9snEKjpVJaeLd1gN3UVpEX2hFnMhREmP3wKm+1ycPIeSWJpwIu
V2ou+GNd5Mvpbo5wrgIVVIM78VyqZejemJjnpAFbT1mMAUTJYA/RrSHUDr2bXKjM
tpACmuoKOt0tm2IThQ7n9zTCDtdkBXDrLhi6ULlVEPFh1ZBzvx8+r8EoVShNuLUT
HCS7CAucr08P173umLsf5WtmrjWwCDF0FyvmOZGtrVqMTJNe6lfy
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:02 2024 by rpki-client on console-ams.rpki-client.org