Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/e0184d-64d0-4a15-a277-7ce809353b18/1/0cGmuomtkGvgJ5QVYki5Uw4KLr4.roa
File:                     0cGmuomtkGvgJ5QVYki5Uw4KLr4.roa (raw, json)
Hash identifier:          D83wpyowIDifadsivLY4cB1YQubZ3BP9550iy6rhR/Y=
Subject key identifier:   D1:C1:A6:BA:89:AD:90:6B:E0:27:94:15:62:48:B9:53:0E:0A:2E:BE
Certificate issuer:       /CN=80ef67a3dc3d71845e9b1555cff5ad31bb423a94
Certificate serial:       01856F0B509EDC1FF00DCC083B0D6815A150
Authority key identifier: 80:EF:67:A3:DC:3D:71:84:5E:9B:15:55:CF:F5:AD:31:BB:42:3A:94
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gO9no9w9cYRemxVVz_WtMbtCOpQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/68/e0184d-64d0-4a15-a277-7ce809353b18/1/0cGmuomtkGvgJ5QVYki5Uw4KLr4.roa
Signing time:             Sun 01 Jan 2023 20:34:50 +0000
ROA not before:           Sun 01 Jan 2023 20:34:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     206711
IP address blocks:        185.176.36.0/22 maxlen: 22
                          2a07:ee00::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:29:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:0b:50:9e:dc:1f:f0:0d:cc:08:3b:0d:68:15:a1:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=80ef67a3dc3d71845e9b1555cff5ad31bb423a94
        Validity
            Not Before: Jan  1 20:34:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d1c1a6ba89ad906be02794156248b9530e0a2ebe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:08:4f:f5:5d:f2:9a:ce:b0:73:56:4d:e0:aa:
                    c3:3a:53:d7:71:30:cb:8f:0e:09:7d:bb:89:19:2f:
                    bc:ee:de:1d:f9:27:ad:bc:00:8b:ef:6c:03:d6:70:
                    e0:98:ee:cc:2b:d2:59:ad:33:54:20:87:83:ac:d3:
                    b6:ff:da:88:ac:23:8c:21:21:97:8b:24:04:80:d4:
                    f1:e9:d7:c7:07:4d:87:73:a6:55:74:6c:a4:b4:e2:
                    fb:63:ec:e4:af:31:98:2b:12:e6:1a:ef:d4:4f:6b:
                    63:4a:75:39:70:33:de:fe:29:bb:9b:4e:a3:dc:e6:
                    cb:8d:96:14:5e:9c:6a:c3:99:9f:5c:65:fc:aa:e0:
                    fc:e1:1e:02:79:bd:d1:a3:4c:65:6d:03:2d:25:f3:
                    cf:70:b0:91:a7:07:d4:9f:cf:3c:6b:98:4e:bc:53:
                    22:78:d6:83:bf:ac:00:58:9a:87:1f:57:3b:4b:f6:
                    38:54:26:4f:d2:27:a7:05:48:41:61:80:39:3e:f3:
                    c3:51:b5:68:bd:cc:4b:34:dd:16:1f:9a:da:c8:58:
                    8c:11:69:94:45:5c:9f:17:48:e0:9d:d9:6b:7c:30:
                    9c:a4:9a:9f:43:8a:a5:d0:be:d8:26:de:09:20:6e:
                    38:ae:c2:19:df:74:23:ec:aa:c4:03:86:ed:9d:92:
                    df:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:C1:A6:BA:89:AD:90:6B:E0:27:94:15:62:48:B9:53:0E:0A:2E:BE
            X509v3 Authority Key Identifier:
                keyid:80:EF:67:A3:DC:3D:71:84:5E:9B:15:55:CF:F5:AD:31:BB:42:3A:94

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gO9no9w9cYRemxVVz_WtMbtCOpQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/e0184d-64d0-4a15-a277-7ce809353b18/1/0cGmuomtkGvgJ5QVYki5Uw4KLr4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/68/e0184d-64d0-4a15-a277-7ce809353b18/1/gO9no9w9cYRemxVVz_WtMbtCOpQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.176.36.0/22
                IPv6:
                  2a07:ee00::/32

    Signature Algorithm: sha256WithRSAEncryption
         5f:26:02:d7:57:25:c7:ac:f8:2e:40:65:fb:88:57:62:98:a3:
         db:84:99:d5:11:6c:8b:c7:94:1f:20:00:f9:a8:8f:90:f3:68:
         bc:ed:ae:4f:99:b0:84:1a:17:37:01:28:8a:20:79:87:f2:27:
         7d:b9:39:a0:e4:94:a7:1f:7f:71:ef:ac:f6:93:96:55:69:72:
         13:f6:82:7e:cc:43:02:d0:70:05:30:2f:ea:81:74:3e:f0:58:
         25:75:3c:14:9c:f2:50:c9:2c:35:9c:2d:a2:54:29:8f:9b:a0:
         31:43:93:8f:68:b6:7b:7b:28:31:e9:b8:97:65:02:c6:3d:1d:
         0a:5a:7e:82:6c:7a:57:60:a4:57:13:91:76:88:3f:05:23:5d:
         7f:9e:64:de:a8:04:45:83:a8:a6:27:4c:8b:0f:c5:af:67:c6:
         18:94:f7:ad:00:78:0a:51:23:7d:52:2b:18:32:64:03:26:2c:
         8a:19:5a:cb:55:9e:96:a0:8b:b4:14:7b:46:23:fc:59:c3:db:
         06:51:8f:0c:98:c2:e9:3c:be:a8:5d:72:91:35:a8:eb:2d:9a:
         b5:e9:c0:62:ca:94:1f:39:99:75:00:b5:6a:cd:4c:6f:2c:bc:
         e5:28:31:98:a9:1f:01:b4:16:bf:9b:17:45:2e:e1:7b:ee:e9:
         5e:95:a7:14
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvC1Ce3B/wDcwIOw1oFaFQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwZWY2N2EzZGMzZDcxODQ1ZTliMTU1NWNmZjVhZDMxYmI0
MjNhOTQwHhcNMjMwMTAxMjAzNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWMxYTZiYTg5YWQ5MDZiZTAyNzk0MTU2MjQ4Yjk1MzBlMGEyZWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjwhP9V3yms6wc1ZN4KrDOlPXcTDL
jw4JfbuJGS+87t4d+SetvACL72wD1nDgmO7MK9JZrTNUIIeDrNO2/9qIrCOMISGX
iyQEgNTx6dfHB02Hc6ZVdGyktOL7Y+zkrzGYKxLmGu/UT2tjSnU5cDPe/im7m06j
3ObLjZYUXpxqw5mfXGX8quD84R4Ceb3Ro0xlbQMtJfPPcLCRpwfUn888a5hOvFMi
eNaDv6wAWJqHH1c7S/Y4VCZP0ienBUhBYYA5PvPDUbVovcxLNN0WH5rayFiMEWmU
RVyfF0jgndlrfDCcpJqfQ4ql0L7YJt4JIG44rsIZ33Qj7KrEA4btnZLfCwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNHBprqJrZBr4CeUFWJIuVMOCi6+MB8GA1UdIwQY
MBaAFIDvZ6PcPXGEXpsVVc/1rTG7QjqUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ085bm85dzljWVJlbXhWVnpfV3RNYnRDT3BRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC9lMDE4NGQtNjRkMC00YTE1LWEyNzct
N2NlODA5MzUzYjE4LzEvMGNHbXVvbXRrR3ZnSjVRVllraTVVdzRLTHI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC9lMDE4NGQtNjRkMC00YTE1LWEyNzctN2NlODA5MzUzYjE4
LzEvZ085bm85dzljWVJlbXhWVnpfV3RNYnRDT3BRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCubAkMA0E
AgACMAcDBQAqB+4AMA0GCSqGSIb3DQEBCwUAA4IBAQBfJgLXVyXHrPguQGX7iFdi
mKPbhJnVEWyLx5QfIAD5qI+Q82i87a5PmbCEGhc3ASiKIHmH8id9uTmg5JSnH39x
76z2k5ZVaXIT9oJ+zEMC0HAFMC/qgXQ+8FgldTwUnPJQySw1nC2iVCmPm6AxQ5OP
aLZ7eygx6biXZQLGPR0KWn6CbHpXYKRXE5F2iD8FI11/nmTeqARFg6imJ0yLD8Wv
Z8YYlPetAHgKUSN9UisYMmQDJiyKGVrLVZ6WoIu0FHtGI/xZw9sGUY8MmMLpPL6o
XXKRNajrLZq16cBiypQfOZl1ALVqzUxvLLzlKDGYqR8BtBa/mxdFLuF77ulelacU
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:39 2024 by rpki-client on console-ams.rpki-client.org