Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/6453c4-6687-4ef9-9fdc-a88bb7805b09/1/8ycqH4tm4g3OBEAGTBAk-UT3-pQ.roa
File:                     8ycqH4tm4g3OBEAGTBAk-UT3-pQ.roa (raw, json)
Hash identifier:          Ds9nNQ8aykygqyy0Z1eUzfC0JzfQcsyFclMBndMe9Oo=
Subject key identifier:   F3:27:2A:1F:8B:66:E2:0D:CE:04:40:06:4C:10:24:F9:44:F7:FA:94
Certificate issuer:       /CN=d2ef46a4134194e72423d572a1b66d4a9d2e4c13
Certificate serial:       0185727A166E0BED562F7E05AF9565BD665D
Authority key identifier: D2:EF:46:A4:13:41:94:E7:24:23:D5:72:A1:B6:6D:4A:9D:2E:4C:13
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0u9GpBNBlOckI9VyobZtSp0uTBM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/61/6453c4-6687-4ef9-9fdc-a88bb7805b09/1/8ycqH4tm4g3OBEAGTBAk-UT3-pQ.roa
Signing time:             Mon 02 Jan 2023 12:34:41 +0000
ROA not before:           Mon 02 Jan 2023 12:34:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     202629
IP address blocks:        185.235.28.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Thu 08 Jun 2023 11:34:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:7a:16:6e:0b:ed:56:2f:7e:05:af:95:65:bd:66:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d2ef46a4134194e72423d572a1b66d4a9d2e4c13
        Validity
            Not Before: Jan  2 12:34:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f3272a1f8b66e20dce0440064c1024f944f7fa94
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:ad:0b:8c:d6:d2:d7:cb:ac:54:91:2c:97:45:
                    0c:b3:c9:b0:93:72:c8:70:f4:1b:a2:2f:77:72:13:
                    06:eb:d4:b4:6c:f2:bc:8b:57:c4:ae:02:7f:de:24:
                    63:1e:38:eb:52:6a:ed:0e:13:e4:35:84:55:b2:d3:
                    e3:73:81:49:60:77:21:0f:49:a2:77:90:b0:e1:54:
                    7f:99:2b:80:54:a4:f5:24:f7:f5:22:bc:2d:1c:f6:
                    3c:79:d6:2f:6a:8e:c0:11:d1:85:a1:ac:8b:91:bb:
                    ac:53:40:0e:3a:01:cb:b3:c2:ab:de:20:a0:8c:ba:
                    34:d0:de:af:ce:71:2d:51:95:fe:94:09:6b:4e:65:
                    09:eb:72:65:00:18:59:3d:c8:14:3d:7b:2c:35:06:
                    78:2f:fe:6c:fa:e7:99:a8:70:a5:b5:33:93:e3:84:
                    be:28:61:88:7e:33:89:56:a7:74:d5:0a:dc:75:81:
                    e8:d4:ca:d0:9b:82:4e:3a:67:03:03:63:c0:28:1c:
                    72:86:a5:a3:6d:c3:e5:52:54:e3:33:6a:10:df:ef:
                    25:63:d2:bd:7c:a1:9f:44:13:af:3b:7e:51:a3:97:
                    99:72:8e:be:d1:7e:1d:95:47:d4:f6:db:86:32:45:
                    35:99:bc:dc:08:29:5f:ee:49:f7:de:7c:61:9a:ca:
                    b2:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:27:2A:1F:8B:66:E2:0D:CE:04:40:06:4C:10:24:F9:44:F7:FA:94
            X509v3 Authority Key Identifier:
                keyid:D2:EF:46:A4:13:41:94:E7:24:23:D5:72:A1:B6:6D:4A:9D:2E:4C:13

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0u9GpBNBlOckI9VyobZtSp0uTBM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/6453c4-6687-4ef9-9fdc-a88bb7805b09/1/8ycqH4tm4g3OBEAGTBAk-UT3-pQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/61/6453c4-6687-4ef9-9fdc-a88bb7805b09/1/0u9GpBNBlOckI9VyobZtSp0uTBM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.235.28.0/22

    Signature Algorithm: sha256WithRSAEncryption
         c1:e2:59:fb:da:91:0c:5c:07:a5:e2:33:7e:74:d8:47:7a:4a:
         2a:a6:b9:4c:36:b8:a0:94:ee:7c:15:68:e2:ae:da:9b:17:fa:
         8e:8a:10:f3:2d:26:fc:74:83:b3:af:9f:78:65:54:cb:c5:d5:
         7a:34:8d:49:fb:5d:d1:42:d3:81:c0:dd:31:8c:80:20:8e:01:
         2d:00:0e:9e:af:ec:ce:8f:48:f3:ad:d3:5d:54:fb:a1:a7:27:
         f1:4d:0b:59:6d:71:02:84:a8:4f:28:71:07:95:07:48:f8:98:
         91:ec:a9:c1:18:2a:a4:e4:71:92:22:18:28:9b:5f:3e:c0:6b:
         52:21:d9:53:3d:7e:c1:8f:82:f2:58:d5:f5:c8:a9:d4:32:21:
         14:81:f5:72:a2:32:e7:4d:ad:ff:5c:62:4b:2b:5c:b3:9b:2b:
         f1:68:c2:a8:c1:5d:0b:b3:c4:ee:93:df:6b:7c:17:32:2d:cd:
         ea:f2:08:98:fc:7b:71:91:e1:23:d5:a0:a9:10:81:3e:fb:01:
         7b:bf:e7:b4:19:fe:ed:f8:ae:ef:bf:65:11:9c:5a:03:c9:62:
         f9:e9:76:8e:41:9e:4b:48:43:a3:3b:a9:e6:3b:ce:d9:98:cb:
         ba:5a:af:ac:39:ce:7d:e8:e2:40:46:31:50:29:09:81:2b:c2:
         2e:f6:f7:4d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyehZuC+1WL34Fr5VlvWZdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyZWY0NmE0MTM0MTk0ZTcyNDIzZDU3MmExYjY2ZDRhOWQy
ZTRjMTMwHhcNMjMwMTAyMTIzNDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzI3MmExZjhiNjZlMjBkY2UwNDQwMDY0YzEwMjRmOTQ0ZjdmYTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyq0LjNbS18usVJEsl0UMs8mwk3LI
cPQboi93chMG69S0bPK8i1fErgJ/3iRjHjjrUmrtDhPkNYRVstPjc4FJYHchD0mi
d5Cw4VR/mSuAVKT1JPf1IrwtHPY8edYvao7AEdGFoayLkbusU0AOOgHLs8Kr3iCg
jLo00N6vznEtUZX+lAlrTmUJ63JlABhZPcgUPXssNQZ4L/5s+ueZqHCltTOT44S+
KGGIfjOJVqd01QrcdYHo1MrQm4JOOmcDA2PAKBxyhqWjbcPlUlTjM2oQ3+8lY9K9
fKGfRBOvO35Ro5eZco6+0X4dlUfU9tuGMkU1mbzcCClf7kn33nxhmsqy3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPMnKh+LZuINzgRABkwQJPlE9/qUMB8GA1UdIwQY
MBaAFNLvRqQTQZTnJCPVcqG2bUqdLkwTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHU5R3BCTkJsT2NrSTlWeW9iWnRTcDB1VEJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS82NDUzYzQtNjY4Ny00ZWY5LTlmZGMt
YTg4YmI3ODA1YjA5LzEvOHljcUg0dG00ZzNPQkVBR1RCQWstVVQzLXBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS82NDUzYzQtNjY4Ny00ZWY5LTlmZGMtYTg4YmI3ODA1YjA5
LzEvMHU5R3BCTkJsT2NrSTlWeW9iWnRTcDB1VEJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuescMA0G
CSqGSIb3DQEBCwUAA4IBAQDB4ln72pEMXAel4jN+dNhHekoqprlMNriglO58FWji
rtqbF/qOihDzLSb8dIOzr594ZVTLxdV6NI1J+13RQtOBwN0xjIAgjgEtAA6er+zO
j0jzrdNdVPuhpyfxTQtZbXEChKhPKHEHlQdI+JiR7KnBGCqk5HGSIhgom18+wGtS
IdlTPX7Bj4LyWNX1yKnUMiEUgfVyojLnTa3/XGJLK1yzmyvxaMKowV0Ls8Tuk99r
fBcyLc3q8giY/HtxkeEj1aCpEIE++wF7v+e0Gf7t+K7vv2URnFoDyWL56XaOQZ5L
SEOjO6nmO87ZmMu6Wq+sOc596OJARjFQKQmBK8Iu9vdN
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:25 2024 by rpki-client on console-fra.rpki-client.org