Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/da8cb1-1bfc-43fd-a0d2-d624496ddcc8/1/mYIecrEn6XVm1B-_sW5Pj7SCBow.roa
File:                     mYIecrEn6XVm1B-_sW5Pj7SCBow.roa (raw, json)
Hash identifier:          QUEYwJ800tADDvTa0/HyPYHamYrNK4XGMH9gl3XID3M=
Subject key identifier:   99:82:1E:72:B1:27:E9:75:66:D4:1F:BF:B1:6E:4F:8F:B4:82:06:8C
Certificate issuer:       /CN=a647893fb5b348e68a66d55a28f278cbf3931df4
Certificate serial:       018C39985977ED979317D8E11F2C7D350DA0
Authority key identifier: A6:47:89:3F:B5:B3:48:E6:8A:66:D5:5A:28:F2:78:CB:F3:93:1D:F4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pkeJP7WzSOaKZtVaKPJ4y_OTHfQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/63/da8cb1-1bfc-43fd-a0d2-d624496ddcc8/1/mYIecrEn6XVm1B-_sW5Pj7SCBow.roa
Signing time:             Tue 05 Dec 2023 10:48:54 +0000
ROA not before:           Tue 05 Dec 2023 10:48:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     14618
IP address blocks:        185.207.134.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:30:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:39:98:59:77:ed:97:93:17:d8:e1:1f:2c:7d:35:0d:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a647893fb5b348e68a66d55a28f278cbf3931df4
        Validity
            Not Before: Dec  5 10:48:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=99821e72b127e97566d41fbfb16e4f8fb482068c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:e5:9c:c6:12:54:9d:b9:0b:97:cf:08:e1:6e:
                    cf:5c:d2:e9:85:97:74:75:af:03:24:20:7d:01:e7:
                    f3:b5:93:16:52:49:32:ed:bf:7f:31:c6:48:07:dd:
                    fc:b1:6d:1b:08:a6:fe:54:3c:70:43:1a:18:bc:65:
                    e6:40:44:20:20:28:d7:7c:72:50:29:d0:38:51:0e:
                    eb:89:63:6a:82:1c:63:2b:71:58:89:5a:3b:58:9d:
                    23:6b:63:81:cb:d7:f4:98:f9:9a:6c:9d:eb:49:14:
                    d8:fd:b0:1f:44:ee:26:34:9d:20:00:06:e1:00:a5:
                    76:04:1d:7d:fd:9c:ea:b9:e4:87:09:35:82:f1:92:
                    d5:bd:15:83:b3:5e:ff:b4:d0:ae:e2:1e:22:b2:a6:
                    e7:09:cb:40:9c:8e:2c:dc:31:b7:cf:8f:d9:d0:6d:
                    c2:dc:32:3f:b4:c1:7b:33:dc:56:ef:32:78:49:45:
                    eb:62:51:e2:19:26:f6:e7:f0:a1:23:4e:3b:99:6d:
                    cd:fb:db:12:f7:0b:35:d3:a6:2e:31:f0:5f:51:ec:
                    54:02:5f:c9:79:9d:1c:ef:73:88:09:e6:cc:9c:65:
                    58:eb:e4:88:95:57:20:72:05:4f:ca:da:45:81:72:
                    20:cd:ac:22:80:6e:f8:25:bc:59:eb:0f:09:50:22:
                    9c:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:82:1E:72:B1:27:E9:75:66:D4:1F:BF:B1:6E:4F:8F:B4:82:06:8C
            X509v3 Authority Key Identifier:
                keyid:A6:47:89:3F:B5:B3:48:E6:8A:66:D5:5A:28:F2:78:CB:F3:93:1D:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pkeJP7WzSOaKZtVaKPJ4y_OTHfQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/da8cb1-1bfc-43fd-a0d2-d624496ddcc8/1/mYIecrEn6XVm1B-_sW5Pj7SCBow.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/63/da8cb1-1bfc-43fd-a0d2-d624496ddcc8/1/pkeJP7WzSOaKZtVaKPJ4y_OTHfQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.207.134.0/24

    Signature Algorithm: sha256WithRSAEncryption
         22:78:3a:77:b0:33:a5:c0:d9:3b:70:d6:55:a5:45:cc:d6:af:
         a7:d7:a7:ac:3f:98:5e:1f:28:1e:db:5b:b7:52:1a:6a:c2:2c:
         24:9c:22:6e:52:9e:a1:9b:a1:be:76:73:25:c4:ce:c9:23:19:
         b8:ec:37:7f:2e:15:82:fa:41:ee:1f:4e:ed:75:ae:cf:ed:ba:
         41:9e:d7:4a:28:b5:de:af:08:de:e6:03:4a:ca:05:e7:b2:05:
         7f:05:7a:8f:cf:22:46:a3:59:78:1a:20:57:59:68:7f:f1:2c:
         b8:be:cd:f2:d3:15:5b:f5:5d:04:48:5b:19:7d:37:9c:61:e0:
         d1:cc:be:02:f7:51:2d:59:ba:b4:b5:79:3b:1f:0f:23:aa:eb:
         48:dc:4a:20:44:7d:01:5a:68:4a:30:07:9f:c7:a4:5d:4f:ea:
         60:4f:5a:e5:a9:a0:b6:26:02:17:eb:74:f7:7f:4d:7c:9f:f0:
         4f:d9:99:ce:76:09:9f:55:b8:1a:96:21:42:11:dd:b3:57:78:
         6a:5a:72:d1:75:82:65:a6:2b:c3:bc:79:f2:a2:43:26:19:5c:
         54:e2:13:06:c1:6d:59:9a:2f:ca:6e:a2:01:1a:90:91:49:81:
         56:76:36:67:55:d4:46:4d:36:f8:c3:bb:30:84:ce:75:01:b5:
         63:9b:35:bf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYw5mFl37ZeTF9jhHyx9NQ2gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2NDc4OTNmYjViMzQ4ZTY4YTY2ZDU1YTI4ZjI3OGNiZjM5
MzFkZjQwHhcNMjMxMjA1MTA0ODU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTgyMWU3MmIxMjdlOTc1NjZkNDFmYmZiMTZlNGY4ZmI0ODIwNjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiuWcxhJUnbkLl88I4W7PXNLphZd0
da8DJCB9AefztZMWUkky7b9/McZIB938sW0bCKb+VDxwQxoYvGXmQEQgICjXfHJQ
KdA4UQ7riWNqghxjK3FYiVo7WJ0ja2OBy9f0mPmabJ3rSRTY/bAfRO4mNJ0gAAbh
AKV2BB19/ZzqueSHCTWC8ZLVvRWDs17/tNCu4h4isqbnCctAnI4s3DG3z4/Z0G3C
3DI/tMF7M9xW7zJ4SUXrYlHiGSb25/ChI047mW3N+9sS9ws106YuMfBfUexUAl/J
eZ0c73OICebMnGVY6+SIlVcgcgVPytpFgXIgzawigG74JbxZ6w8JUCKcjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJmCHnKxJ+l1ZtQfv7FuT4+0ggaMMB8GA1UdIwQY
MBaAFKZHiT+1s0jmimbVWijyeMvzkx30MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGtlSlA3V3pTT2FLWnRWYUtQSjR5X09USGZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9kYThjYjEtMWJmYy00M2ZkLWEwZDIt
ZDYyNDQ5NmRkY2M4LzEvbVlJZWNyRW42WFZtMUItX3NXNVBqN1NDQm93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My9kYThjYjEtMWJmYy00M2ZkLWEwZDItZDYyNDQ5NmRkY2M4
LzEvcGtlSlA3V3pTT2FLWnRWYUtQSjR5X09USGZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuc+GMA0G
CSqGSIb3DQEBCwUAA4IBAQAieDp3sDOlwNk7cNZVpUXM1q+n16esP5heHyge21u3
UhpqwiwknCJuUp6hm6G+dnMlxM7JIxm47Dd/LhWC+kHuH07tda7P7bpBntdKKLXe
rwje5gNKygXnsgV/BXqPzyJGo1l4GiBXWWh/8Sy4vs3y0xVb9V0ESFsZfTecYeDR
zL4C91EtWbq0tXk7Hw8jqutI3EogRH0BWmhKMAefx6RdT+pgT1rlqaC2JgIX63T3
f018n/BP2ZnOdgmfVbgaliFCEd2zV3hqWnLRdYJlpivDvHnyokMmGVxU4hMGwW1Z
mi/KbqIBGpCRSYFWdjZnVdRGTTb4w7swhM51AbVjmzW/
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:41 2024 by rpki-client on console-ams.rpki-client.org