Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/I8PcFqPnEVZMkWnsIiGhCrgR2-c.roa
File:                     I8PcFqPnEVZMkWnsIiGhCrgR2-c.roa (raw, json)
Hash identifier:          NTSUwxIZaISlsY3Oqm0DeACmYfuFul50rMiMa6XDTvc=
Subject key identifier:   23:C3:DC:16:A3:E7:11:56:4C:91:69:EC:22:21:A1:0A:B8:11:DB:E7
Certificate issuer:       /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial:       01889752E3DD0070CF01399F5AED67AC745E
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/I8PcFqPnEVZMkWnsIiGhCrgR2-c.roa
Signing time:             Wed 07 Jun 2023 19:26:11 +0000
ROA not before:           Wed 07 Jun 2023 19:26:11 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     62240
IP address blocks:        185.111.27.0/24 maxlen: 24
                          185.110.131.0/24 maxlen: 24
                          185.110.130.0/24 maxlen: 24
                          185.110.129.0/24 maxlen: 24
                          185.110.128.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 05 Oct 2023 06:23:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:97:52:e3:dd:00:70:cf:01:39:9f:5a:ed:67:ac:74:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
        Validity
            Not Before: Jun  7 19:26:11 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=23c3dc16a3e711564c9169ec2221a10ab811dbe7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:d2:ba:64:bd:ec:f2:0d:ed:1a:f8:06:f1:0e:
                    b2:83:27:88:73:74:3d:5c:7e:44:87:e7:5a:a7:60:
                    ab:68:97:12:38:97:9c:15:cc:c1:fe:2a:ed:99:5c:
                    20:23:b0:e1:88:7e:4f:fa:37:0a:ce:7e:b3:49:88:
                    05:65:cb:4e:a5:6e:7c:d8:b9:05:77:7b:a2:26:17:
                    cb:f3:2e:b8:98:1e:51:4d:82:a2:0e:a7:a0:ed:10:
                    7a:ec:36:29:c8:5a:66:ed:bc:df:8c:f3:e0:b9:23:
                    4a:56:92:ad:fa:d1:1c:f9:64:98:6d:01:3b:c5:d8:
                    83:ef:40:54:f0:ba:8b:f9:bc:f2:0d:1d:2d:82:12:
                    cd:86:1c:b2:17:57:27:fc:1a:91:e3:1d:2d:ab:50:
                    43:af:4c:06:e1:16:1f:19:a0:e1:b3:04:96:f8:a3:
                    54:e1:13:c1:90:e2:c3:68:d6:6d:4f:8f:e9:b9:b8:
                    ec:05:be:47:ba:78:df:98:98:5a:10:a3:14:e0:e7:
                    3d:b4:56:1d:5a:80:ff:66:ca:71:75:fc:7b:c7:e4:
                    78:0c:fc:89:8b:d7:aa:32:b6:8f:18:f5:c4:71:89:
                    ff:74:72:2e:ef:90:5d:24:ff:73:d0:c2:23:f9:82:
                    bd:1c:cb:87:ea:8a:7f:c3:3e:cb:d9:ec:01:bf:c9:
                    8e:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:C3:DC:16:A3:E7:11:56:4C:91:69:EC:22:21:A1:0A:B8:11:DB:E7
            X509v3 Authority Key Identifier:
                keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/I8PcFqPnEVZMkWnsIiGhCrgR2-c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.110.128.0/22
                  185.111.27.0/24

    Signature Algorithm: sha256WithRSAEncryption
         97:f7:d2:a2:01:de:1b:46:c5:bf:67:60:17:aa:37:48:96:9d:
         8b:86:73:c3:73:a2:1c:f4:b2:3d:5b:fb:c5:5d:8a:39:0d:0b:
         90:29:a0:11:cc:a0:d6:3f:a0:ac:b4:b1:51:4a:45:bd:20:ae:
         05:a7:c6:4c:74:8f:01:b9:75:9d:c7:96:29:d7:19:e5:f5:6b:
         83:c6:6d:bc:f5:7d:5a:85:a0:dc:f5:24:99:ef:a1:64:79:46:
         39:fc:b8:3c:3f:0f:08:7d:6d:1d:83:5d:b2:7f:3c:a1:d1:af:
         e8:16:b1:62:41:35:63:34:50:17:5e:89:00:9c:ba:24:ec:b6:
         af:27:38:a4:ba:d4:69:0d:d6:6a:47:9c:59:18:6d:5f:c3:98:
         c3:89:b9:37:93:a2:04:36:c9:5b:c4:f1:ec:39:60:aa:6e:d6:
         b7:d8:ac:c0:af:2d:8d:24:6a:85:7c:41:aa:25:e8:23:cb:a7:
         33:af:73:51:96:1b:be:17:b0:de:54:c4:fa:f6:9e:b9:64:e4:
         35:be:b2:62:f1:6d:a0:ee:36:46:c6:e6:b7:87:f9:10:89:ff:
         32:8b:d5:3e:35:9b:7c:85:3d:cb:60:73:c2:d8:3b:89:8d:cb:
         48:5a:ad:fd:75:6b:b3:ab:37:db:aa:e0:4b:a8:8c:ca:67:2f:
         2a:b7:43:48
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYiXUuPdAHDPATmfWu1nrHReMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjMwNjA3MTkyNjExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2MzZGMxNmEzZTcxMTU2NGM5MTY5ZWMyMjIxYTEwYWI4MTFkYmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5dK6ZL3s8g3tGvgG8Q6ygyeIc3Q9
XH5Eh+dap2CraJcSOJecFczB/irtmVwgI7DhiH5P+jcKzn6zSYgFZctOpW582LkF
d3uiJhfL8y64mB5RTYKiDqeg7RB67DYpyFpm7bzfjPPguSNKVpKt+tEc+WSYbQE7
xdiD70BU8LqL+bzyDR0tghLNhhyyF1cn/BqR4x0tq1BDr0wG4RYfGaDhswSW+KNU
4RPBkOLDaNZtT4/pubjsBb5HunjfmJhaEKMU4Oc9tFYdWoD/Zspxdfx7x+R4DPyJ
i9eqMraPGPXEcYn/dHIu75BdJP9z0MIj+YK9HMuH6op/wz7L2ewBv8mOpwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCPD3Baj5xFWTJFp7CIhoQq4EdvnMB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvSThQY0ZxUG5FVlpNa1duc0lpR2hDcmdSMi1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuW6AAwQA
uW8bMA0GCSqGSIb3DQEBCwUAA4IBAQCX99KiAd4bRsW/Z2AXqjdIlp2LhnPDc6Ic
9LI9W/vFXYo5DQuQKaARzKDWP6CstLFRSkW9IK4Fp8ZMdI8BuXWdx5Yp1xnl9WuD
xm289X1ahaDc9SSZ76FkeUY5/Lg8Pw8IfW0dg12yfzyh0a/oFrFiQTVjNFAXXokA
nLok7LavJzikutRpDdZqR5xZGG1fw5jDibk3k6IENslbxPHsOWCqbta32KzAry2N
JGqFfEGqJegjy6czr3NRlhu+F7DeVMT69p65ZOQ1vrJi8W2g7jZGxua3h/kQif8y
i9U+NZt8hT3LYHPC2DuJjctIWq39dWuzqzfbquBLqIzKZy8qt0NI
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:59 2024 by rpki-client on console-fra.rpki-client.org