Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/BHzVo7b9pfurAY6WIqJAZMQesno.roa
File:                     BHzVo7b9pfurAY6WIqJAZMQesno.roa (raw, json)
Hash identifier:          Sclh/3iDynbmt30lf4pjflXA1uclh+orPJn7p4NmuAk=
Subject key identifier:   04:7C:D5:A3:B6:FD:A5:FB:AB:01:8E:96:22:A2:40:64:C4:1E:B2:7A
Certificate issuer:       /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial:       01898954DAB5C91A5DEBEA2E3075E5BBEB2A
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/BHzVo7b9pfurAY6WIqJAZMQesno.roa
Signing time:             Mon 24 Jul 2023 19:16:26 +0000
ROA not before:           Mon 24 Jul 2023 19:16:26 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     57043
IP address blocks:        185.196.117.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:29:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:89:54:da:b5:c9:1a:5d:eb:ea:2e:30:75:e5:bb:eb:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
        Validity
            Not Before: Jul 24 19:16:26 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=047cd5a3b6fda5fbab018e9622a24064c41eb27a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:9b:f3:69:2b:fe:04:c9:d6:6d:9b:6d:83:bf:
                    94:4c:c6:6f:80:bf:75:a5:50:3f:d6:66:73:d7:ec:
                    89:60:69:a6:43:60:f6:91:06:71:93:f5:a0:2f:74:
                    21:b5:db:74:3b:8e:cb:19:9d:4e:4a:be:75:cb:b1:
                    4a:21:6d:a2:fb:61:98:94:ca:c4:eb:64:4d:28:55:
                    f1:dd:9a:41:c3:26:f3:63:51:e5:91:48:d8:14:18:
                    70:cd:29:d5:d9:d1:65:14:65:39:65:f1:5e:ce:f7:
                    bf:94:32:e7:eb:11:2d:68:e5:ec:31:fc:12:50:30:
                    d3:ea:4a:3b:4a:d2:52:b3:d3:81:f2:87:7d:95:83:
                    22:bf:7b:a0:f1:f0:82:4f:1e:1b:fc:9d:51:ee:cd:
                    c0:2f:e1:c0:36:69:0f:42:b9:87:b6:04:3a:f2:c8:
                    69:a3:bc:24:6c:1b:90:c0:a5:22:19:15:69:72:b9:
                    84:d1:b8:37:21:f1:2a:5d:ae:b0:e1:ed:79:1c:c2:
                    3b:82:58:b2:44:14:76:65:73:d9:3b:e1:44:e1:fb:
                    f1:21:37:bd:a1:84:95:e4:dd:f5:f0:9e:59:4e:27:
                    e1:70:d1:86:12:80:1e:f1:0e:a6:c6:af:13:ef:6d:
                    4c:81:91:80:c9:bb:98:04:04:0a:d3:96:9a:2f:49:
                    d5:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:7C:D5:A3:B6:FD:A5:FB:AB:01:8E:96:22:A2:40:64:C4:1E:B2:7A
            X509v3 Authority Key Identifier:
                keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/BHzVo7b9pfurAY6WIqJAZMQesno.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.196.117.0/24

    Signature Algorithm: sha256WithRSAEncryption
         04:c6:87:56:57:ac:d9:09:0c:f3:52:64:6e:af:8d:ff:f2:66:
         a6:ef:df:a8:60:d2:98:8b:99:e9:74:d6:01:ec:ec:67:a8:57:
         99:9b:f8:c0:7b:8b:04:5b:1b:6e:d8:cd:bc:de:77:c9:09:d0:
         ea:a9:c9:8d:08:cc:da:d0:f2:c1:1b:52:c6:91:9e:af:7b:a3:
         ee:23:d5:ad:78:ad:e4:90:c9:9c:81:03:e2:87:2d:95:89:94:
         02:ed:21:d7:66:f1:ac:14:a8:b1:46:26:25:cb:d5:33:8a:10:
         d5:6c:b5:94:90:09:3a:fb:f2:66:7e:1e:9d:7d:0c:69:61:2d:
         c0:72:fb:66:5d:85:b1:5e:4b:61:e6:98:27:9e:6a:4c:6e:a4:
         87:0c:b9:88:09:b7:65:f3:f9:be:fc:9b:68:67:62:04:d2:53:
         5a:d3:15:5f:7a:25:89:8e:d1:e4:bc:d7:6e:61:8c:58:81:ee:
         03:bc:c5:8a:f1:32:f8:39:b9:16:c4:ab:4a:1e:b3:37:4f:cf:
         e7:87:a7:20:5d:39:df:d7:30:0d:ad:4d:0c:e8:92:16:17:0f:
         76:78:09:06:71:ed:3e:06:b6:3e:7d:ff:84:81:24:57:f3:e9:
         8c:07:81:85:7e:8e:59:e4:26:1c:b0:30:41:a9:1a:bb:10:5d:
         02:cd:ac:f2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYmJVNq1yRpd6+ouMHXlu+sqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjMwNzI0MTkxNjI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDdjZDVhM2I2ZmRhNWZiYWIwMThlOTYyMmEyNDA2NGM0MWViMjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlZvzaSv+BMnWbZttg7+UTMZvgL91
pVA/1mZz1+yJYGmmQ2D2kQZxk/WgL3Qhtdt0O47LGZ1OSr51y7FKIW2i+2GYlMrE
62RNKFXx3ZpBwybzY1HlkUjYFBhwzSnV2dFlFGU5ZfFezve/lDLn6xEtaOXsMfwS
UDDT6ko7StJSs9OB8od9lYMiv3ug8fCCTx4b/J1R7s3AL+HANmkPQrmHtgQ68shp
o7wkbBuQwKUiGRVpcrmE0bg3IfEqXa6w4e15HMI7gliyRBR2ZXPZO+FE4fvxITe9
oYSV5N318J5ZTifhcNGGEoAe8Q6mxq8T721MgZGAybuYBAQK05aaL0nVCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAR81aO2/aX7qwGOliKiQGTEHrJ6MB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvQkh6Vm83YjlwZnVyQVk2V0lxSkFaTVFlc25vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAucR1MA0G
CSqGSIb3DQEBCwUAA4IBAQAExodWV6zZCQzzUmRur43/8mam79+oYNKYi5npdNYB
7OxnqFeZm/jAe4sEWxtu2M283nfJCdDqqcmNCMza0PLBG1LGkZ6ve6PuI9WteK3k
kMmcgQPihy2ViZQC7SHXZvGsFKixRiYly9UzihDVbLWUkAk6+/Jmfh6dfQxpYS3A
cvtmXYWxXkth5pgnnmpMbqSHDLmICbdl8/m+/JtoZ2IE0lNa0xVfeiWJjtHkvNdu
YYxYge4DvMWK8TL4ObkWxKtKHrM3T8/nh6cgXTnf1zANrU0M6JIWFw92eAkGce0+
BrY+ff+EgSRX8+mMB4GFfo5Z5CYcsDBBqRq7EF0Czazy
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:04 2024 by rpki-client on console-ams.rpki-client.org