Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/Pt0IvK91CgWWGIMGbky24Qq7z7Q.roa
File:                     Pt0IvK91CgWWGIMGbky24Qq7z7Q.roa (raw, json)
Hash identifier:          rIDFKSJ/1hsaXWtnaUDua5OmCciusndy5mTshpebAio=
Subject key identifier:   3E:DD:08:BC:AF:75:0A:05:96:18:83:06:6E:4C:B6:E1:0A:BB:CF:B4
Certificate issuer:       /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial:       018B8B1FC1261CAD6EE1A8561BEC9995C3DC
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/Pt0IvK91CgWWGIMGbky24Qq7z7Q.roa
Signing time:             Wed 01 Nov 2023 13:43:15 +0000
ROA not before:           Wed 01 Nov 2023 13:43:15 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     9123
IP address blocks:        185.68.22.0/24 maxlen: 24
                          85.209.8.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 21 Nov 2023 06:42:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:8b:1f:c1:26:1c:ad:6e:e1:a8:56:1b:ec:99:95:c3:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
        Validity
            Not Before: Nov  1 13:43:15 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3edd08bcaf750a05961883066e4cb6e10abbcfb4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:d6:70:9f:58:65:6a:bd:b2:be:11:21:9d:95:
                    e6:72:35:3b:36:68:0e:a7:68:48:69:1d:a6:4b:8e:
                    2b:a8:bd:bd:23:30:ad:ce:a8:7c:e0:a7:eb:dc:c3:
                    dd:ff:b9:81:33:46:70:1c:72:17:22:9c:96:70:3e:
                    5e:c8:0c:4e:54:6e:18:a9:89:fb:3a:19:f9:3c:50:
                    60:eb:4f:25:e1:dc:0c:6d:2b:a7:7d:01:8c:19:41:
                    db:ee:2a:2a:80:2a:44:89:a4:71:6c:ec:bb:66:fa:
                    41:2d:67:6d:34:e6:82:d2:0e:bb:b6:9c:8c:6c:ab:
                    bc:4e:a9:0b:15:35:fe:ee:ac:91:98:32:05:ce:c6:
                    e1:c0:fd:2c:9a:da:ab:b5:e0:7e:07:d0:96:36:8c:
                    68:09:f8:f6:95:cc:42:68:b2:5a:85:35:f4:e1:10:
                    9b:1d:7d:1e:9e:18:a1:16:dd:41:d2:0f:5f:16:39:
                    dd:b8:78:e2:39:c2:a1:4d:8c:30:cf:2e:06:8d:3b:
                    26:66:c9:20:5d:39:b3:1c:fb:38:a2:6f:9d:83:fd:
                    d8:1b:db:c1:77:53:4f:b6:f2:0a:0e:cd:2b:d6:66:
                    80:d7:4c:ba:c4:28:be:0b:28:13:bf:9a:bc:20:7a:
                    57:c7:b8:7e:a9:2b:c0:39:9b:11:77:b8:05:3a:5b:
                    78:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:DD:08:BC:AF:75:0A:05:96:18:83:06:6E:4C:B6:E1:0A:BB:CF:B4
            X509v3 Authority Key Identifier:
                keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/Pt0IvK91CgWWGIMGbky24Qq7z7Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.209.8.0/24
                  185.68.22.0/24

    Signature Algorithm: sha256WithRSAEncryption
         62:57:66:0e:89:b6:c1:a7:2b:57:1f:ff:0e:2c:7b:08:ee:9c:
         b3:f6:90:7f:bb:16:87:de:7a:cb:88:c8:44:4d:08:ad:2b:80:
         ad:c3:d2:0d:f0:9d:06:9e:1a:4e:51:84:df:fa:88:00:ed:ed:
         82:75:eb:de:b5:3d:7f:3d:15:5f:1c:e2:df:71:70:95:b3:c6:
         8c:77:ff:e8:9a:3d:3f:8d:6c:3f:3f:83:fd:93:3c:21:06:e6:
         2b:7b:8e:2d:0c:9e:32:3c:3f:58:60:49:bf:4e:d6:5a:74:19:
         b6:4d:94:09:9c:07:f3:59:3b:b3:0d:ed:c2:cc:3b:3e:20:34:
         2b:98:31:ce:ba:b8:1e:a8:58:84:72:8c:87:19:28:4f:0d:10:
         89:dd:e4:bb:13:85:04:0b:c2:d2:36:ab:26:3d:19:9a:5c:33:
         50:bf:bf:a6:d6:47:8c:99:65:8b:f7:a6:31:94:f9:a9:e5:2e:
         90:a5:05:38:e2:34:ad:c6:65:6f:f3:b1:0b:da:da:d3:b4:29:
         0d:d5:3f:ce:e6:b2:01:5d:2a:6b:ab:23:ac:96:ab:34:0f:f8:
         0f:cf:b9:87:b0:65:d3:b2:59:55:26:7a:37:62:11:fb:cb:32:
         8d:fb:4f:81:c7:82:1c:19:5c:a0:2c:06:be:0a:57:6c:38:61:
         0f:9e:4d:19
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYuLH8EmHK1u4ahWG+yZlcPcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjMxMTAxMTM0MzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWRkMDhiY2FmNzUwYTA1OTYxODgzMDY2ZTRjYjZlMTBhYmJjZmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj9Zwn1hlar2yvhEhnZXmcjU7NmgO
p2hIaR2mS44rqL29IzCtzqh84Kfr3MPd/7mBM0ZwHHIXIpyWcD5eyAxOVG4YqYn7
Ohn5PFBg608l4dwMbSunfQGMGUHb7ioqgCpEiaRxbOy7ZvpBLWdtNOaC0g67tpyM
bKu8TqkLFTX+7qyRmDIFzsbhwP0smtqrteB+B9CWNoxoCfj2lcxCaLJahTX04RCb
HX0enhihFt1B0g9fFjnduHjiOcKhTYwwzy4GjTsmZskgXTmzHPs4om+dg/3YG9vB
d1NPtvIKDs0r1maA10y6xCi+CygTv5q8IHpXx7h+qSvAOZsRd7gFOlt4lQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFD7dCLyvdQoFlhiDBm5MtuEKu8+0MB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvUHQwSXZLOTFDZ1dXR0lNR2JreTI0UXE3ejdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVdEIAwQA
uUQWMA0GCSqGSIb3DQEBCwUAA4IBAQBiV2YOibbBpytXH/8OLHsI7pyz9pB/uxaH
3nrLiMhETQitK4Ctw9IN8J0GnhpOUYTf+ogA7e2CdevetT1/PRVfHOLfcXCVs8aM
d//omj0/jWw/P4P9kzwhBuYre44tDJ4yPD9YYEm/TtZadBm2TZQJnAfzWTuzDe3C
zDs+IDQrmDHOurgeqFiEcoyHGShPDRCJ3eS7E4UEC8LSNqsmPRmaXDNQv7+m1keM
mWWL96YxlPmp5S6QpQU44jStxmVv87EL2trTtCkN1T/O5rIBXSprqyOslqs0D/gP
z7mHsGXTsllVJno3YhH7yzKN+0+Bx4IcGVygLAa+CldsOGEPnk0Z
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:04 2024 by rpki-client on console-ams.rpki-client.org