Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/oZbLenx3iZKvHe9oLDc8_Az5ChA.roa
File:                     oZbLenx3iZKvHe9oLDc8_Az5ChA.roa (raw, json)
Hash identifier:          Yw3wTVqRsouYXTGQbLFHc7yaLQjpKU6Z/OsK8wkwMZs=
Subject key identifier:   A1:96:CB:7A:7C:77:89:92:AF:1D:EF:68:2C:37:3C:FC:0C:F9:0A:10
Certificate issuer:       /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial:       018CC6B7AD8303D76E896369C808AAC02E51
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/oZbLenx3iZKvHe9oLDc8_Az5ChA.roa
Signing time:             Mon 01 Jan 2024 20:29:35 +0000
ROA not before:           Mon 01 Jan 2024 20:29:35 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     9123
IP address blocks:        185.196.117.0/24 maxlen: 24
                          185.68.22.0/24 maxlen: 24
                          85.209.8.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 31 Jan 2024 17:01:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:b7:ad:83:03:d7:6e:89:63:69:c8:08:aa:c0:2e:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
        Validity
            Not Before: Jan  1 20:29:35 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=a196cb7a7c778992af1def682c373cfc0cf90a10
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:af:44:08:db:e7:a3:27:41:8c:2e:d0:41:6a:
                    2b:ab:22:b3:0b:6e:e3:40:fc:aa:b3:3a:23:52:18:
                    51:6e:dd:2e:db:7e:ae:6e:60:56:e7:cf:ac:b3:26:
                    d2:c3:05:05:01:45:44:0a:38:ff:e1:79:23:f5:d5:
                    4f:8b:f6:e2:53:03:cd:2a:4e:c1:08:72:d2:e0:70:
                    3b:99:c5:19:fb:89:dc:4a:c3:44:4c:f4:89:a1:26:
                    ec:4e:a9:3a:c7:1b:a2:70:1c:a5:72:5e:e4:48:74:
                    a6:33:fe:4c:31:dd:d6:d9:dd:45:4f:d6:ca:a1:e8:
                    10:c6:df:e3:d9:e4:a4:b6:22:9a:10:82:24:e1:59:
                    e9:c0:d6:bc:cd:51:16:ff:85:8d:bf:88:02:4a:f9:
                    59:3a:9f:6f:2f:db:a5:30:74:4e:3d:e8:ef:06:5f:
                    13:c1:43:7d:09:9e:ee:e5:c5:64:f0:d1:d0:f1:f9:
                    49:70:49:25:f5:d7:ca:20:92:99:f9:53:00:ac:dc:
                    86:ce:9b:34:95:73:ec:87:6c:f3:74:b5:37:83:f7:
                    c0:5b:3d:0b:f3:0a:97:e2:aa:62:cf:66:ec:18:be:
                    06:1a:61:01:0f:6f:9f:4e:80:cb:c5:77:61:17:f3:
                    2a:65:9a:4f:7d:6b:f1:3b:d7:3d:f9:df:6b:1a:59:
                    ed:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:96:CB:7A:7C:77:89:92:AF:1D:EF:68:2C:37:3C:FC:0C:F9:0A:10
            X509v3 Authority Key Identifier:
                keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/oZbLenx3iZKvHe9oLDc8_Az5ChA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.209.8.0/24
                  185.68.22.0/24
                  185.196.117.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8f:a5:31:52:e2:f6:6b:b6:35:6e:89:3b:6d:06:b9:71:91:01:
         dd:94:8e:90:82:5d:d3:dd:3a:e7:4c:86:c3:3e:60:91:c6:13:
         03:67:25:73:4d:5a:07:81:f7:00:ff:e2:ce:0c:be:73:8a:fa:
         3e:75:28:e7:9a:74:4e:0a:12:cf:eb:66:a0:65:0f:13:53:2c:
         04:de:61:f3:e7:34:18:e8:10:74:c6:42:9a:5c:8d:e9:b9:e1:
         17:98:31:9e:95:06:16:c9:c7:64:43:c9:92:90:15:36:10:7f:
         7e:02:27:4e:5e:41:dc:9b:75:d2:67:8e:1c:a8:4f:5e:06:ef:
         d6:3a:b2:9e:25:cf:ac:9e:de:68:e0:a6:e6:41:83:23:4f:98:
         97:3d:8a:c6:e4:7c:6f:cf:ee:95:bd:d0:3c:16:8d:c3:ad:4c:
         05:3f:a4:82:2b:4c:d7:32:a4:e5:32:ff:db:6c:a1:a1:36:e1:
         bb:a4:83:43:7d:0f:7c:98:e9:1d:3f:d4:57:df:75:44:96:1c:
         bd:3e:47:40:1c:67:e7:5a:78:9b:a7:81:86:cf:bb:31:b9:86:
         fb:95:29:db:c3:bc:a6:ce:3e:bc:6e:98:b9:33:57:3c:0f:b4:
         ca:05:87:4c:63:72:01:fa:65:23:e3:b3:03:0e:f0:be:5c:4a:
         fd:50:4a:c5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzGt62DA9duiWNpyAiqwC5RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjQwMTAxMjAyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTk2Y2I3YTdjNzc4OTkyYWYxZGVmNjgyYzM3M2NmYzBjZjkwYTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwq9ECNvnoydBjC7QQWorqyKzC27j
QPyqszojUhhRbt0u236ubmBW58+ssybSwwUFAUVECjj/4Xkj9dVPi/biUwPNKk7B
CHLS4HA7mcUZ+4ncSsNETPSJoSbsTqk6xxuicBylcl7kSHSmM/5MMd3W2d1FT9bK
oegQxt/j2eSktiKaEIIk4VnpwNa8zVEW/4WNv4gCSvlZOp9vL9ulMHROPejvBl8T
wUN9CZ7u5cVk8NHQ8flJcEkl9dfKIJKZ+VMArNyGzps0lXPsh2zzdLU3g/fAWz0L
8wqX4qpiz2bsGL4GGmEBD2+fToDLxXdhF/MqZZpPfWvxO9c9+d9rGlnt/wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKGWy3p8d4mSrx3vaCw3PPwM+QoQMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvb1piTGVueDNpWkt2SGU5b0xEYzhfQXo1Q2hBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVdEIAwQA
uUQWAwQAucR1MA0GCSqGSIb3DQEBCwUAA4IBAQCPpTFS4vZrtjVuiTttBrlxkQHd
lI6Qgl3T3TrnTIbDPmCRxhMDZyVzTVoHgfcA/+LODL5zivo+dSjnmnROChLP62ag
ZQ8TUywE3mHz5zQY6BB0xkKaXI3pueEXmDGelQYWycdkQ8mSkBU2EH9+AidOXkHc
m3XSZ44cqE9eBu/WOrKeJc+snt5o4KbmQYMjT5iXPYrG5Hxvz+6VvdA8Fo3DrUwF
P6SCK0zXMqTlMv/bbKGhNuG7pINDfQ98mOkdP9RX33VElhy9PkdAHGfnWnibp4GG
z7sxuYb7lSnbw7ymzj68bpi5M1c8D7TKBYdMY3IB+mUj47MDDvC+XEr9UErF
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:04 2024 by rpki-client on console-ams.rpki-client.org