Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/910633-de46-4ae2-a15a-29c87c8d8335/1/dpo3tMdk7XPlvBqW1ehOZtDrxNQ.roa
File:                     dpo3tMdk7XPlvBqW1ehOZtDrxNQ.roa (raw, json)
Hash identifier:          Hz7yz5PxHJ91O6eKtspVm71t+UmzZoAwJneu/0VnGdo=
Subject key identifier:   76:9A:37:B4:C7:64:ED:73:E5:BC:1A:96:D5:E8:4E:66:D0:EB:C4:D4
Certificate issuer:       /CN=3cabc3dde8f16cf6d918a40f1682ca41be4d0a41
Certificate serial:       018572A7F0D4D87BAFDBBFB9D24F8885C7F9
Authority key identifier: 3C:AB:C3:DD:E8:F1:6C:F6:D9:18:A4:0F:16:82:CA:41:BE:4D:0A:41
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PKvD3ejxbPbZGKQPFoLKQb5NCkE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/74/910633-de46-4ae2-a15a-29c87c8d8335/1/dpo3tMdk7XPlvBqW1ehOZtDrxNQ.roa
Signing time:             Mon 02 Jan 2023 13:24:46 +0000
ROA not before:           Mon 02 Jan 2023 13:24:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     12984
IP address blocks:        185.118.80.0/22 maxlen: 22
                          2a06:9280::/29 maxlen: 29

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:31:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:a7:f0:d4:d8:7b:af:db:bf:b9:d2:4f:88:85:c7:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3cabc3dde8f16cf6d918a40f1682ca41be4d0a41
        Validity
            Not Before: Jan  2 13:24:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=769a37b4c764ed73e5bc1a96d5e84e66d0ebc4d4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:c4:6f:ba:f8:ed:27:b8:64:59:8f:c6:c8:d1:
                    94:77:91:dd:11:99:a6:21:f0:80:85:0e:ef:37:9c:
                    0e:b1:16:46:a2:42:7d:8a:a9:2b:f7:cb:14:3a:ef:
                    a0:3c:b6:8e:33:b3:ad:7c:d9:42:88:4f:ed:ed:75:
                    e5:b8:7f:ed:a4:e1:a1:b5:83:e9:a5:4c:05:27:fd:
                    ef:ce:44:61:93:29:d9:80:b2:37:23:56:10:2f:c8:
                    b7:de:4f:3c:77:0c:7c:c3:e6:e5:2e:18:32:86:6a:
                    b7:53:6b:1a:dd:e6:37:15:ef:25:92:5b:bc:4d:aa:
                    37:c3:ad:d8:1e:54:51:51:23:09:8c:89:21:eb:a5:
                    0b:cf:85:29:99:11:ab:74:aa:f7:d8:68:38:7c:b9:
                    d3:00:0f:54:bb:c3:55:a2:ea:f6:b4:b2:da:13:a2:
                    9e:25:df:f2:ec:66:c8:5c:af:b0:f6:05:7b:c8:e7:
                    a6:75:ea:97:fb:7b:2b:a4:f7:b0:56:98:99:0c:d3:
                    d4:b5:72:76:11:af:78:1d:9b:ab:3e:12:1c:f3:d7:
                    94:1e:cd:30:4e:20:b8:c8:87:98:48:04:8d:e0:32:
                    99:2f:53:62:19:f1:c5:f3:24:b7:23:d1:25:7d:0d:
                    2c:ba:fe:ef:7a:06:da:eb:35:41:7e:c1:e8:1c:ae:
                    bb:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:9A:37:B4:C7:64:ED:73:E5:BC:1A:96:D5:E8:4E:66:D0:EB:C4:D4
            X509v3 Authority Key Identifier:
                keyid:3C:AB:C3:DD:E8:F1:6C:F6:D9:18:A4:0F:16:82:CA:41:BE:4D:0A:41

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PKvD3ejxbPbZGKQPFoLKQb5NCkE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/910633-de46-4ae2-a15a-29c87c8d8335/1/dpo3tMdk7XPlvBqW1ehOZtDrxNQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/74/910633-de46-4ae2-a15a-29c87c8d8335/1/PKvD3ejxbPbZGKQPFoLKQb5NCkE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.118.80.0/22
                IPv6:
                  2a06:9280::/29

    Signature Algorithm: sha256WithRSAEncryption
         83:8e:5b:7c:90:cf:7d:5a:dd:e3:17:f5:23:07:93:05:2f:35:
         d4:37:c5:03:5e:61:df:83:47:ff:60:7d:6a:13:ae:76:10:a9:
         aa:98:d6:b6:d7:a1:72:10:7c:78:04:72:fd:17:3d:7e:9c:6c:
         20:f2:38:36:48:ae:50:1c:29:50:d1:12:ea:33:d5:96:a2:3d:
         2a:eb:91:52:66:34:14:0f:38:5e:e9:72:47:0e:4f:ce:98:53:
         4b:9c:35:8e:3a:b9:54:d5:a9:86:b5:10:a3:84:df:db:98:99:
         e6:e2:fa:93:9a:dc:e7:fc:ea:37:11:09:0c:7e:48:23:30:db:
         2d:5a:59:7e:d5:4d:2b:69:db:2c:cd:5b:12:08:07:a2:24:3a:
         d7:d3:b7:c0:1b:8a:db:31:12:c2:ad:fc:da:0c:16:2b:e6:41:
         70:12:3d:80:3a:e7:a9:81:12:1f:c0:10:37:72:ea:5a:ac:e4:
         7e:5f:ba:b9:2a:d8:4e:7b:03:89:5a:ca:14:6d:ab:da:56:e9:
         cd:f1:4a:19:5f:4f:a3:57:b3:eb:7b:59:fa:64:49:04:ca:fd:
         c3:84:ee:31:d7:92:20:b5:7a:8e:30:76:33:4e:2d:af:39:47:
         b1:8b:22:d7:a8:fe:fc:41:fe:87:bf:e0:81:ae:b3:e9:b4:e8:
         24:8e:46:c9
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVyp/DU2Huv27+50k+Ihcf5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjYWJjM2RkZThmMTZjZjZkOTE4YTQwZjE2ODJjYTQxYmU0
ZDBhNDEwHhcNMjMwMTAyMTMyNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjlhMzdiNGM3NjRlZDczZTViYzFhOTZkNWU4NGU2NmQwZWJjNGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgcRvuvjtJ7hkWY/GyNGUd5HdEZmm
IfCAhQ7vN5wOsRZGokJ9iqkr98sUOu+gPLaOM7OtfNlCiE/t7XXluH/tpOGhtYPp
pUwFJ/3vzkRhkynZgLI3I1YQL8i33k88dwx8w+blLhgyhmq3U2sa3eY3Fe8lklu8
Tao3w63YHlRRUSMJjIkh66ULz4UpmRGrdKr32Gg4fLnTAA9Uu8NVour2tLLaE6Ke
Jd/y7GbIXK+w9gV7yOemdeqX+3srpPewVpiZDNPUtXJ2Ea94HZurPhIc89eUHs0w
TiC4yIeYSASN4DKZL1NiGfHF8yS3I9ElfQ0suv7vegba6zVBfsHoHK67HQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHaaN7THZO1z5bwaltXoTmbQ68TUMB8GA1UdIwQY
MBaAFDyrw93o8Wz22RikDxaCykG+TQpBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEt2RDNlanhiUGJaR0tRUEZvTEtRYjVOQ2tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC85MTA2MzMtZGU0Ni00YWUyLWExNWEt
MjljODdjOGQ4MzM1LzEvZHBvM3RNZGs3WFBsdkJxVzFlaE9adERyeE5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC85MTA2MzMtZGU0Ni00YWUyLWExNWEtMjljODdjOGQ4MzM1
LzEvUEt2RDNlanhiUGJaR0tRUEZvTEtRYjVOQ2tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuXZQMA0E
AgACMAcDBQMqBpKAMA0GCSqGSIb3DQEBCwUAA4IBAQCDjlt8kM99Wt3jF/UjB5MF
LzXUN8UDXmHfg0f/YH1qE652EKmqmNa216FyEHx4BHL9Fz1+nGwg8jg2SK5QHClQ
0RLqM9WWoj0q65FSZjQUDzhe6XJHDk/OmFNLnDWOOrlU1amGtRCjhN/bmJnm4vqT
mtzn/Oo3EQkMfkgjMNstWll+1U0radsszVsSCAeiJDrX07fAG4rbMRLCrfzaDBYr
5kFwEj2AOuepgRIfwBA3cuparOR+X7q5KthOewOJWsoUbavaVunN8UoZX0+jV7Pr
e1n6ZEkEyv3DhO4x15IgtXqOMHYzTi2vOUexiyLXqP78Qf6Hv+CBrrPptOgkjkbJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:07 2024 by rpki-client on console-fra.rpki-client.org