Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/817c14-b800-4c15-a89e-704f263389e2/1/2nkhlUACyfArl6tuFDgy7s6jLV0.roa
File:                     2nkhlUACyfArl6tuFDgy7s6jLV0.roa (raw, json)
Hash identifier:          j8ooAPtY6VglmL3hDOyGeAcEFhxEX10YhVT4w3SeSqM=
Subject key identifier:   DA:79:21:95:40:02:C9:F0:2B:97:AB:6E:14:38:32:EE:CE:A3:2D:5D
Certificate issuer:       /CN=e73cf9433eb80fe9027084529a25412ddfe5bd01
Certificate serial:       01856C1CB4A33A1C2C972E0522E69EC25C1E
Authority key identifier: E7:3C:F9:43:3E:B8:0F:E9:02:70:84:52:9A:25:41:2D:DF:E5:BD:01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5zz5Qz64D-kCcIRSmiVBLd_lvQE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/76/817c14-b800-4c15-a89e-704f263389e2/1/2nkhlUACyfArl6tuFDgy7s6jLV0.roa
Signing time:             Sun 01 Jan 2023 06:54:58 +0000
ROA not before:           Sun 01 Jan 2023 06:54:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     205112
IP address blocks:        185.232.100.0/22 maxlen: 24
                          2a0c:1700::/29 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:29:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:1c:b4:a3:3a:1c:2c:97:2e:05:22:e6:9e:c2:5c:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e73cf9433eb80fe9027084529a25412ddfe5bd01
        Validity
            Not Before: Jan  1 06:54:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=da7921954002c9f02b97ab6e143832eecea32d5d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:90:0b:47:51:6c:8a:22:5a:a3:c6:91:43:5e:
                    4d:a7:87:13:01:24:77:40:44:4b:42:3a:07:55:e8:
                    4d:31:1d:2a:b2:5b:9c:53:1f:dc:1d:3c:e1:af:4e:
                    bd:d8:d7:22:8f:96:3e:05:d7:a9:5b:65:8f:ea:6e:
                    ac:32:6a:b5:7c:d6:5c:79:27:3f:a7:d1:dc:41:9f:
                    f3:50:6d:7a:01:d3:65:b9:a8:b6:57:74:65:3d:81:
                    ed:db:07:70:42:4c:21:25:1b:a3:30:1f:a2:85:6b:
                    f3:d0:8b:b3:7e:f9:3f:d8:8f:e4:38:ee:23:d8:f2:
                    3e:03:d8:7e:8b:cf:ea:5d:66:f5:c9:17:51:4d:74:
                    f9:4a:18:76:ff:fd:17:d1:fd:4c:6d:83:fc:ed:b9:
                    0b:36:13:ed:df:00:fb:b1:48:03:b1:46:ae:09:57:
                    e4:73:b3:e4:19:3f:2c:29:ea:32:35:4b:47:67:6e:
                    a3:a7:61:8c:d8:b3:2d:f6:ba:88:bd:2b:74:1e:d9:
                    36:8b:7e:83:84:cf:7e:8a:14:83:92:89:bc:50:0b:
                    ef:c5:21:c0:1a:5c:e4:38:61:af:54:c2:31:b9:29:
                    68:aa:25:06:cc:c1:67:60:46:d9:21:93:61:09:97:
                    71:57:75:39:3d:29:3f:59:13:ce:b5:12:b6:f9:ba:
                    6b:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:79:21:95:40:02:C9:F0:2B:97:AB:6E:14:38:32:EE:CE:A3:2D:5D
            X509v3 Authority Key Identifier:
                keyid:E7:3C:F9:43:3E:B8:0F:E9:02:70:84:52:9A:25:41:2D:DF:E5:BD:01

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5zz5Qz64D-kCcIRSmiVBLd_lvQE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/817c14-b800-4c15-a89e-704f263389e2/1/2nkhlUACyfArl6tuFDgy7s6jLV0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/76/817c14-b800-4c15-a89e-704f263389e2/1/5zz5Qz64D-kCcIRSmiVBLd_lvQE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.232.100.0/22
                IPv6:
                  2a0c:1700::/29

    Signature Algorithm: sha256WithRSAEncryption
         18:15:72:4f:af:8c:55:ba:b4:86:30:48:d0:5c:6e:5f:93:41:
         83:da:1b:a7:0c:cb:f7:c5:9a:e3:7b:6e:82:b1:32:8a:df:86:
         e1:92:21:12:86:54:4b:78:ed:44:0c:e3:33:78:e5:c8:05:b6:
         05:f2:42:25:c6:53:53:95:ea:d1:fc:eb:33:b1:2a:b9:6d:04:
         5e:da:d9:73:5c:d6:c9:08:d2:75:83:29:83:dc:e6:f0:bb:46:
         98:c5:51:de:e1:f8:93:8c:d5:ea:6e:5f:da:63:bf:8e:61:1f:
         3a:55:04:89:6a:06:df:d9:d8:80:53:f5:1f:9d:ac:50:bc:81:
         fc:29:3c:cb:67:c2:ba:35:ad:b8:f0:5b:96:6b:50:de:54:3c:
         37:14:b7:cf:9d:fe:76:65:4f:07:e9:a6:e6:0e:41:78:a9:ea:
         61:b1:4a:11:de:ae:d5:a0:02:fd:db:38:ec:60:65:c7:63:21:
         4b:c2:df:9d:f2:f3:6a:76:8d:ce:4e:b7:d1:b2:35:84:cf:81:
         64:65:a6:32:da:57:4f:43:65:25:11:5b:e3:3e:05:0f:d3:8b:
         6e:35:16:cd:3d:41:3c:18:4d:32:6f:c0:fd:cd:aa:47:77:f6:
         f7:18:84:cb:76:5c:11:be:95:dd:ca:26:6c:15:36:cb:12:ec:
         1b:f7:72:94
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVsHLSjOhwsly4FIuaewlweMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3M2NmOTQzM2ViODBmZTkwMjcwODQ1MjlhMjU0MTJkZGZl
NWJkMDEwHhcNMjMwMTAxMDY1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTc5MjE5NTQwMDJjOWYwMmI5N2FiNmUxNDM4MzJlZWNlYTMyZDVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArpALR1FsiiJao8aRQ15Np4cTASR3
QERLQjoHVehNMR0qslucUx/cHTzhr0692Ncij5Y+BdepW2WP6m6sMmq1fNZceSc/
p9HcQZ/zUG16AdNluai2V3RlPYHt2wdwQkwhJRujMB+ihWvz0Iuzfvk/2I/kOO4j
2PI+A9h+i8/qXWb1yRdRTXT5Shh2//0X0f1MbYP87bkLNhPt3wD7sUgDsUauCVfk
c7PkGT8sKeoyNUtHZ26jp2GM2LMt9rqIvSt0Htk2i36DhM9+ihSDkom8UAvvxSHA
GlzkOGGvVMIxuSloqiUGzMFnYEbZIZNhCZdxV3U5PSk/WRPOtRK2+bpr1wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNp5IZVAAsnwK5erbhQ4Mu7Ooy1dMB8GA1UdIwQY
MBaAFOc8+UM+uA/pAnCEUpolQS3f5b0BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXp6NVF6NjRELWtDY0lSU21pVkJMZF9sdlFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni84MTdjMTQtYjgwMC00YzE1LWE4OWUt
NzA0ZjI2MzM4OWUyLzEvMm5raGxVQUN5ZkFybDZ0dUZEZ3k3czZqTFYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni84MTdjMTQtYjgwMC00YzE1LWE4OWUtNzA0ZjI2MzM4OWUy
LzEvNXp6NVF6NjRELWtDY0lSU21pVkJMZF9sdlFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuehkMA0E
AgACMAcDBQMqDBcAMA0GCSqGSIb3DQEBCwUAA4IBAQAYFXJPr4xVurSGMEjQXG5f
k0GD2hunDMv3xZrje26CsTKK34bhkiEShlRLeO1EDOMzeOXIBbYF8kIlxlNTlerR
/OszsSq5bQRe2tlzXNbJCNJ1gymD3Obwu0aYxVHe4fiTjNXqbl/aY7+OYR86VQSJ
agbf2diAU/UfnaxQvIH8KTzLZ8K6Na248FuWa1DeVDw3FLfPnf52ZU8H6abmDkF4
qephsUoR3q7VoAL92zjsYGXHYyFLwt+d8vNqdo3OTrfRsjWEz4FkZaYy2ldPQ2Ul
EVvjPgUP04tuNRbNPUE8GE0yb8D9zapHd/b3GITLdlwRvpXdyiZsFTbLEuwb93KU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:21 2024 by rpki-client on console-fra.rpki-client.org