Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/85b40d-e900-4d9f-af05-316c7a9cd6b6/1/8fzuvR_mVqtssT61kXSqCgp-yrY.roa
File:                     8fzuvR_mVqtssT61kXSqCgp-yrY.roa (raw, json)
Hash identifier:          +2yhkB2cpnm6jHNqonpTnUxUyH+f5SmLT3IQPZc0bsY=
Subject key identifier:   F1:FC:EE:BD:1F:E6:56:AB:6C:B1:3E:B5:91:74:AA:0A:0A:7E:CA:B6
Certificate issuer:       /CN=2211f0403e97465a01dd145bc1507be565710d4e
Certificate serial:       018B5E0D5DE1F11C62D6D3918D6FF1D8D0EB
Authority key identifier: 22:11:F0:40:3E:97:46:5A:01:DD:14:5B:C1:50:7B:E5:65:71:0D:4E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IhHwQD6XRloB3RRbwVB75WVxDU4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/79/85b40d-e900-4d9f-af05-316c7a9cd6b6/1/8fzuvR_mVqtssT61kXSqCgp-yrY.roa
Signing time:             Mon 23 Oct 2023 19:40:16 +0000
ROA not before:           Mon 23 Oct 2023 19:40:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     16509
IP address blocks:        185.230.104.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:29:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:5e:0d:5d:e1:f1:1c:62:d6:d3:91:8d:6f:f1:d8:d0:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2211f0403e97465a01dd145bc1507be565710d4e
        Validity
            Not Before: Oct 23 19:40:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f1fceebd1fe656ab6cb13eb59174aa0a0a7ecab6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:96:a6:c2:19:b8:28:36:82:ac:12:dc:33:d2:
                    7f:a4:40:c7:f3:3d:0e:8b:ed:91:e4:27:e1:1f:31:
                    27:88:51:20:ec:ed:c3:52:26:f6:83:50:9c:49:a9:
                    af:09:e3:b8:34:88:65:9f:cf:f5:23:ed:36:a8:be:
                    88:e1:9a:5a:3c:a6:34:bb:ce:5e:f7:26:2c:82:b3:
                    79:60:e6:8a:e3:67:3c:f1:ed:3e:29:bd:04:a0:20:
                    5f:0f:32:61:cb:ed:8f:3e:c2:67:23:e3:07:cf:65:
                    ab:07:23:a6:d7:aa:62:3b:a4:db:90:65:77:37:4b:
                    25:49:6a:5b:58:9c:ea:e8:f4:ed:25:53:19:2f:da:
                    4a:3f:ed:35:8f:52:69:1b:e6:0c:16:d7:2e:44:ac:
                    f6:f2:d0:07:1b:57:38:7c:1b:0d:cc:ec:60:42:04:
                    26:84:a5:8e:99:31:5c:78:0d:23:a0:50:85:4f:bb:
                    6b:09:93:39:b1:5d:5d:fc:7c:5b:de:e6:c8:02:a9:
                    26:07:56:64:da:46:79:65:cc:5e:69:0f:7d:5a:ff:
                    b7:6a:08:bd:52:90:c3:bf:d9:ac:28:eb:19:06:e0:
                    e0:c5:93:01:2b:d6:16:e9:ac:4f:85:30:2d:fb:83:
                    d4:9f:d5:67:eb:97:42:dd:76:30:40:4d:66:ad:f0:
                    ff:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:FC:EE:BD:1F:E6:56:AB:6C:B1:3E:B5:91:74:AA:0A:0A:7E:CA:B6
            X509v3 Authority Key Identifier:
                keyid:22:11:F0:40:3E:97:46:5A:01:DD:14:5B:C1:50:7B:E5:65:71:0D:4E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IhHwQD6XRloB3RRbwVB75WVxDU4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/85b40d-e900-4d9f-af05-316c7a9cd6b6/1/8fzuvR_mVqtssT61kXSqCgp-yrY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/79/85b40d-e900-4d9f-af05-316c7a9cd6b6/1/IhHwQD6XRloB3RRbwVB75WVxDU4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.230.104.0/24

    Signature Algorithm: sha256WithRSAEncryption
         17:13:89:02:d3:32:cf:d4:72:dc:42:e1:9b:66:70:d4:a6:14:
         02:1d:70:9a:e0:6e:84:d8:1e:f7:d9:d2:3d:bd:e8:e3:ae:cf:
         61:ef:83:d4:98:30:80:e9:a2:c8:3d:89:f2:76:60:31:61:12:
         79:44:7b:90:24:5b:dd:a8:86:75:80:1e:0f:f7:a6:73:49:3a:
         ff:ac:74:3e:b9:b9:83:1a:84:f9:9e:0b:db:80:49:ae:ac:6f:
         93:39:34:21:26:90:70:27:49:13:a2:f6:17:be:72:08:b2:b5:
         7d:6f:6f:cf:eb:ed:4f:b2:78:87:f6:29:be:b5:9b:93:7f:0e:
         6f:90:ad:0c:f3:ab:08:77:a0:33:c5:eb:d3:06:54:74:20:5e:
         17:71:48:7b:79:56:f6:cd:66:d4:6b:c7:c1:2f:fe:a6:11:c1:
         37:e7:aa:ed:23:28:71:a6:c4:de:a5:b5:2a:2d:5d:06:75:bc:
         23:db:5b:f2:33:23:08:c9:08:38:38:cd:c4:a1:80:32:60:73:
         bb:45:aa:6c:f8:db:94:c9:5e:24:e4:d2:09:53:26:d5:ac:5f:
         72:23:a0:20:dd:6d:75:f3:9f:de:b7:a4:57:74:19:ab:c1:53:
         76:03:eb:51:35:16:98:1d:e5:d5:ed:10:8d:19:b7:99:be:33:
         38:6f:65:53
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYteDV3h8Rxi1tORjW/x2NDrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMTFmMDQwM2U5NzQ2NWEwMWRkMTQ1YmMxNTA3YmU1NjU3
MTBkNGUwHhcNMjMxMDIzMTk0MDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWZjZWViZDFmZTY1NmFiNmNiMTNlYjU5MTc0YWEwYTBhN2VjYWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJamwhm4KDaCrBLcM9J/pEDH8z0O
i+2R5CfhHzEniFEg7O3DUib2g1CcSamvCeO4NIhln8/1I+02qL6I4ZpaPKY0u85e
9yYsgrN5YOaK42c88e0+Kb0EoCBfDzJhy+2PPsJnI+MHz2WrByOm16piO6TbkGV3
N0slSWpbWJzq6PTtJVMZL9pKP+01j1JpG+YMFtcuRKz28tAHG1c4fBsNzOxgQgQm
hKWOmTFceA0joFCFT7trCZM5sV1d/Hxb3ubIAqkmB1Zk2kZ5ZcxeaQ99Wv+3agi9
UpDDv9msKOsZBuDgxZMBK9YW6axPhTAt+4PUn9Vn65dC3XYwQE1mrfD/xQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPH87r0f5larbLE+tZF0qgoKfsq2MB8GA1UdIwQY
MBaAFCIR8EA+l0ZaAd0UW8FQe+VlcQ1OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWhId1FENlhSbG9CM1JSYndWQjc1V1Z4RFU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS84NWI0MGQtZTkwMC00ZDlmLWFmMDUt
MzE2YzdhOWNkNmI2LzEvOGZ6dXZSX21WcXRzc1Q2MWtYU3FDZ3AteXJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS84NWI0MGQtZTkwMC00ZDlmLWFmMDUtMzE2YzdhOWNkNmI2
LzEvSWhId1FENlhSbG9CM1JSYndWQjc1V1Z4RFU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueZoMA0G
CSqGSIb3DQEBCwUAA4IBAQAXE4kC0zLP1HLcQuGbZnDUphQCHXCa4G6E2B732dI9
vejjrs9h74PUmDCA6aLIPYnydmAxYRJ5RHuQJFvdqIZ1gB4P96ZzSTr/rHQ+ubmD
GoT5ngvbgEmurG+TOTQhJpBwJ0kTovYXvnIIsrV9b2/P6+1PsniH9im+tZuTfw5v
kK0M86sId6AzxevTBlR0IF4XcUh7eVb2zWbUa8fBL/6mEcE356rtIyhxpsTepbUq
LV0Gdbwj21vyMyMIyQg4OM3EoYAyYHO7Raps+NuUyV4k5NIJUybVrF9yI6Ag3W11
85/et6RXdBmrwVN2A+tRNRaYHeXV7RCNGbeZvjM4b2VT
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:59 2024 by rpki-client on console-ams.rpki-client.org