Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/4e5902-e283-4916-a33c-7226a8845e01/1/tH2o65nYi6yHSMfmZH_BEDzPOT8.roa
File:                     tH2o65nYi6yHSMfmZH_BEDzPOT8.roa (raw, json)
Hash identifier:          ow5j7k7/abcPBF/bXXN3qY6KlCjMASQzR941krOlq6s=
Subject key identifier:   B4:7D:A8:EB:99:D8:8B:AC:87:48:C7:E6:64:7F:C1:10:3C:CF:39:3F
Certificate issuer:       /CN=0f2f8b2b94721e928f6188b5cf15053144dedf8c
Certificate serial:       018C539AC2B9CF0E2F00871ED990AD1DAC6A
Authority key identifier: 0F:2F:8B:2B:94:72:1E:92:8F:61:88:B5:CF:15:05:31:44:DE:DF:8C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Dy-LK5RyHpKPYYi1zxUFMUTe34w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7b/4e5902-e283-4916-a33c-7226a8845e01/1/tH2o65nYi6yHSMfmZH_BEDzPOT8.roa
Signing time:             Sun 10 Dec 2023 12:01:40 +0000
ROA not before:           Sun 10 Dec 2023 12:01:40 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     202777
IP address blocks:        185.235.141.0/24 maxlen: 24
                          2a06:ee80::/29 maxlen: 29

Validation:               Failed, certificate revoked on Wed 20 Dec 2023 18:46:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:53:9a:c2:b9:cf:0e:2f:00:87:1e:d9:90:ad:1d:ac:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0f2f8b2b94721e928f6188b5cf15053144dedf8c
        Validity
            Not Before: Dec 10 12:01:40 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b47da8eb99d88bac8748c7e6647fc1103ccf393f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:b1:78:41:a8:1a:3e:c5:0f:48:d3:c4:40:0e:
                    79:59:7b:ec:e6:1f:ea:7b:21:32:cc:0b:a7:49:0c:
                    77:14:f4:2c:66:81:c8:06:92:e2:6a:92:b6:6c:08:
                    cd:61:eb:21:8d:32:1d:4a:32:52:83:e8:19:4d:d1:
                    15:dd:03:88:ac:0c:27:c0:ee:22:c8:a4:8f:e8:0b:
                    ae:a3:89:b1:bc:60:c4:60:95:d9:71:31:ad:7e:a5:
                    ad:6b:0d:5b:fc:ad:c5:7b:57:92:c0:ac:70:2e:be:
                    af:f2:b5:6d:1d:4f:dc:9b:93:67:fc:83:30:fe:65:
                    88:4d:6c:bb:2f:d9:25:a6:16:8a:d9:fd:3e:cf:e0:
                    10:06:61:1e:6b:6c:64:68:93:1b:76:05:8a:67:32:
                    50:92:2f:1a:51:38:98:8f:26:85:b6:df:fd:bc:b2:
                    dc:68:03:e8:06:f0:d1:ec:4a:c7:dc:83:86:02:f1:
                    5f:ae:ec:55:5b:3b:f0:6c:1a:d0:0b:63:78:31:2e:
                    06:68:53:b8:58:12:cb:78:c6:64:09:54:fb:ff:02:
                    8d:d9:a3:56:5a:ce:7c:67:32:52:6e:aa:a9:39:07:
                    63:84:a1:a3:03:af:90:d9:08:7f:d0:60:8c:b5:59:
                    c0:6e:a7:88:3b:81:18:73:e8:3a:5a:ba:48:7d:27:
                    cd:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:7D:A8:EB:99:D8:8B:AC:87:48:C7:E6:64:7F:C1:10:3C:CF:39:3F
            X509v3 Authority Key Identifier:
                keyid:0F:2F:8B:2B:94:72:1E:92:8F:61:88:B5:CF:15:05:31:44:DE:DF:8C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dy-LK5RyHpKPYYi1zxUFMUTe34w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/4e5902-e283-4916-a33c-7226a8845e01/1/tH2o65nYi6yHSMfmZH_BEDzPOT8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/4e5902-e283-4916-a33c-7226a8845e01/1/Dy-LK5RyHpKPYYi1zxUFMUTe34w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.235.141.0/24
                IPv6:
                  2a06:ee80::/29

    Signature Algorithm: sha256WithRSAEncryption
         ad:48:1b:6d:ff:09:e4:0f:01:fc:8d:cd:cd:c1:17:3a:3d:c5:
         8e:74:61:c8:de:83:eb:8e:fc:b4:11:a1:64:a8:53:bc:85:2f:
         9b:28:1c:f7:7e:12:d7:e8:e9:43:0a:c1:e7:27:71:48:a8:5a:
         48:d2:84:b9:a0:1d:ad:ce:f8:ac:d5:da:d2:24:40:3a:b7:f1:
         4b:bd:e2:c5:63:9c:38:9e:ae:2a:77:1d:c6:8d:96:19:16:9f:
         b7:07:e5:f4:b7:90:32:20:d4:24:c7:2f:af:de:94:25:eb:85:
         e7:16:e0:82:ee:9f:e1:2a:48:8e:a9:17:78:a8:01:d9:60:9c:
         e2:2a:b5:3e:f7:3c:9b:82:c1:3f:92:cc:e7:c3:bd:f9:18:db:
         37:f7:27:0e:33:2e:be:1a:6b:35:9f:6f:48:28:a7:6d:cb:5b:
         07:f4:1a:9c:bd:80:cc:f8:86:ee:ec:0f:e0:fc:e0:66:f0:c3:
         35:12:3d:14:c6:a9:39:a4:4e:68:9f:43:48:dc:65:79:02:9e:
         af:f5:47:8c:95:6a:a8:ab:28:71:ba:7a:2a:46:11:96:fb:13:
         04:3f:ac:18:3f:6c:62:cb:58:4c:bb:ab:2b:1f:10:1a:01:96:
         80:f9:1c:de:d8:1e:85:02:5e:76:c9:e3:d5:76:e3:b6:35:53:
         0f:90:f5:ef
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYxTmsK5zw4vAIce2ZCtHaxqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmMmY4YjJiOTQ3MjFlOTI4ZjYxODhiNWNmMTUwNTMxNDRk
ZWRmOGMwHhcNMjMxMjEwMTIwMTQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDdkYThlYjk5ZDg4YmFjODc0OGM3ZTY2NDdmYzExMDNjY2YzOTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv7F4QagaPsUPSNPEQA55WXvs5h/q
eyEyzAunSQx3FPQsZoHIBpLiapK2bAjNYeshjTIdSjJSg+gZTdEV3QOIrAwnwO4i
yKSP6Auuo4mxvGDEYJXZcTGtfqWtaw1b/K3Fe1eSwKxwLr6v8rVtHU/cm5Nn/IMw
/mWITWy7L9klphaK2f0+z+AQBmEea2xkaJMbdgWKZzJQki8aUTiYjyaFtt/9vLLc
aAPoBvDR7ErH3IOGAvFfruxVWzvwbBrQC2N4MS4GaFO4WBLLeMZkCVT7/wKN2aNW
Ws58ZzJSbqqpOQdjhKGjA6+Q2Qh/0GCMtVnAbqeIO4EYc+g6WrpIfSfNwQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLR9qOuZ2Iush0jH5mR/wRA8zzk/MB8GA1UdIwQY
MBaAFA8viyuUch6Sj2GItc8VBTFE3t+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHktTEs1UnlIcEtQWVlpMXp4VUZNVVRlMzR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi80ZTU5MDItZTI4My00OTE2LWEzM2Mt
NzIyNmE4ODQ1ZTAxLzEvdEgybzY1bllpNnlIU01mbVpIX0JFRHpQT1Q4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi80ZTU5MDItZTI4My00OTE2LWEzM2MtNzIyNmE4ODQ1ZTAx
LzEvRHktTEs1UnlIcEtQWVlpMXp4VUZNVVRlMzR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAueuNMA0E
AgACMAcDBQMqBu6AMA0GCSqGSIb3DQEBCwUAA4IBAQCtSBtt/wnkDwH8jc3NwRc6
PcWOdGHI3oPrjvy0EaFkqFO8hS+bKBz3fhLX6OlDCsHnJ3FIqFpI0oS5oB2tzvis
1drSJEA6t/FLveLFY5w4nq4qdx3GjZYZFp+3B+X0t5AyINQkxy+v3pQl64XnFuCC
7p/hKkiOqRd4qAHZYJziKrU+9zybgsE/ksznw735GNs39ycOMy6+Gms1n29IKKdt
y1sH9BqcvYDM+Ibu7A/g/OBm8MM1Ej0Uxqk5pE5on0NI3GV5Ap6v9UeMlWqoqyhx
unoqRhGW+xMEP6wYP2xiy1hMu6srHxAaAZaA+Rze2B6FAl52yePVduO2NVMPkPXv
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:06 2024 by rpki-client on console-fra.rpki-client.org