Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/7d0353-3a62-4c39-bd3a-c3a3521e8f70/1/m7XfBTVkHYwoROJZVwkhax4LxrY.roa
File:                     m7XfBTVkHYwoROJZVwkhax4LxrY.roa (raw, json)
Hash identifier:          Q0wSxWp59/TisLqUZDIXoV0eEMbUvolPYuE9/0qNxtw=
Subject key identifier:   9B:B5:DF:05:35:64:1D:8C:28:44:E2:59:57:09:21:6B:1E:0B:C6:B6
Certificate issuer:       /CN=523881993cf0db674e89db5815e6f189a6c60d1f
Certificate serial:       01856DE67EB6DC2A811864214CFFAB79265C
Authority key identifier: 52:38:81:99:3C:F0:DB:67:4E:89:DB:58:15:E6:F1:89:A6:C6:0D:1F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UjiBmTzw22dOidtYFebxiabGDR8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7f/7d0353-3a62-4c39-bd3a-c3a3521e8f70/1/m7XfBTVkHYwoROJZVwkhax4LxrY.roa
Signing time:             Sun 01 Jan 2023 15:15:00 +0000
ROA not before:           Sun 01 Jan 2023 15:15:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     206234
IP address blocks:        185.192.121.0/24 maxlen: 24
                          185.192.120.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:29:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:e6:7e:b6:dc:2a:81:18:64:21:4c:ff:ab:79:26:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=523881993cf0db674e89db5815e6f189a6c60d1f
        Validity
            Not Before: Jan  1 15:15:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9bb5df0535641d8c2844e2595709216b1e0bc6b6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:81:94:50:1e:91:c0:ec:71:4d:bd:48:b0:af:
                    27:96:3a:95:5c:7a:2b:b0:1d:3a:0b:cd:fc:dc:57:
                    a6:ac:71:41:7d:a9:9d:bc:b1:ea:6b:63:da:a5:48:
                    92:91:07:d9:5b:b3:df:a2:cc:d0:64:49:4b:27:5a:
                    0c:6b:73:18:ef:f0:cc:42:fe:a1:56:99:e8:93:b7:
                    f2:12:bb:1f:f6:0e:92:ca:de:ee:6f:50:36:76:bf:
                    22:a8:dd:60:43:fe:71:41:69:14:66:1d:73:4e:21:
                    e9:a2:92:8a:58:42:0d:f0:4b:7c:77:a0:f2:26:fe:
                    e9:96:b3:c2:ad:30:82:1c:17:09:1f:30:4f:ae:c2:
                    4b:c4:3d:03:c3:c1:28:52:f2:4d:55:a1:b0:02:5e:
                    1d:ef:28:e4:58:4b:6a:37:67:9f:0b:30:5a:a3:67:
                    37:60:1f:43:6e:4d:f9:2d:0c:9f:e8:af:67:67:a8:
                    e3:eb:34:29:93:48:d4:d2:de:0b:7a:ff:5e:a8:14:
                    71:ed:c9:0a:d4:1a:59:fc:cd:32:da:15:dd:99:08:
                    6e:fe:1f:dd:35:9e:a5:db:69:82:e4:a8:1a:65:eb:
                    ed:22:6c:87:da:aa:47:fb:c4:b9:c3:58:5a:41:58:
                    ba:a4:47:ed:24:22:ce:23:7f:f0:4f:7b:c3:87:1f:
                    c4:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:B5:DF:05:35:64:1D:8C:28:44:E2:59:57:09:21:6B:1E:0B:C6:B6
            X509v3 Authority Key Identifier:
                keyid:52:38:81:99:3C:F0:DB:67:4E:89:DB:58:15:E6:F1:89:A6:C6:0D:1F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UjiBmTzw22dOidtYFebxiabGDR8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/7d0353-3a62-4c39-bd3a-c3a3521e8f70/1/m7XfBTVkHYwoROJZVwkhax4LxrY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/7d0353-3a62-4c39-bd3a-c3a3521e8f70/1/UjiBmTzw22dOidtYFebxiabGDR8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.192.120.0/23

    Signature Algorithm: sha256WithRSAEncryption
         3a:c0:f2:e7:b4:e6:47:05:a1:18:68:c0:85:0c:45:f7:30:99:
         57:80:72:8f:52:16:b4:f7:1b:f1:bb:52:6e:d4:4e:df:79:d5:
         a7:55:ff:a4:ca:a7:43:9c:34:47:10:30:2c:d5:ed:5d:11:d8:
         e9:b0:93:df:c5:25:c2:0c:68:7a:94:11:ae:06:b0:5d:b5:ee:
         26:db:64:32:3c:a5:ba:d8:f3:7f:ae:95:f6:58:f0:3e:92:52:
         db:a6:9f:6f:71:f8:43:10:6d:e2:d7:32:6f:91:a2:46:a2:91:
         18:f4:b9:8a:f9:e7:c3:93:bf:53:b8:bf:87:45:61:8d:6e:6f:
         06:6c:78:8d:4d:2f:82:ef:f2:75:c9:fb:b1:db:ec:7c:f1:68:
         3c:db:2e:91:13:80:29:5c:f2:b5:53:05:47:26:7e:e7:90:c4:
         1d:6a:26:37:e9:50:28:61:8c:10:e9:f6:8e:13:e9:ca:d3:fa:
         bc:56:a5:33:f7:a8:f7:59:a3:41:c6:e8:b6:31:08:65:71:66:
         02:71:41:3a:1e:9b:46:32:dd:6b:d6:40:d2:f5:aa:90:32:73:
         86:6b:ec:16:40:2f:27:32:fe:84:57:be:20:85:12:00:16:b1:
         32:90:55:60:9f:7c:88:2f:e6:66:5b:66:cd:99:08:79:b7:44:
         45:84:95:f4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVt5n623CqBGGQhTP+reSZcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyMzg4MTk5M2NmMGRiNjc0ZTg5ZGI1ODE1ZTZmMTg5YTZj
NjBkMWYwHhcNMjMwMTAxMTUxNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YmI1ZGYwNTM1NjQxZDhjMjg0NGUyNTk1NzA5MjE2YjFlMGJjNmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr4GUUB6RwOxxTb1IsK8nljqVXHor
sB06C8383FemrHFBfamdvLHqa2PapUiSkQfZW7PfoszQZElLJ1oMa3MY7/DMQv6h
Vpnok7fyErsf9g6Syt7ub1A2dr8iqN1gQ/5xQWkUZh1zTiHpopKKWEIN8Et8d6Dy
Jv7plrPCrTCCHBcJHzBPrsJLxD0Dw8EoUvJNVaGwAl4d7yjkWEtqN2efCzBao2c3
YB9Dbk35LQyf6K9nZ6jj6zQpk0jU0t4Lev9eqBRx7ckK1BpZ/M0y2hXdmQhu/h/d
NZ6l22mC5KgaZevtImyH2qpH+8S5w1haQVi6pEftJCLOI3/wT3vDhx/E+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJu13wU1ZB2MKETiWVcJIWseC8a2MB8GA1UdIwQY
MBaAFFI4gZk88NtnTonbWBXm8Ymmxg0fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWppQm1UencyMmRPaWR0WUZlYnhpYWJHRFI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83ZDAzNTMtM2E2Mi00YzM5LWJkM2Et
YzNhMzUyMWU4ZjcwLzEvbTdYZkJUVmtIWXdvUk9KWlZ3a2hheDRMeHJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi83ZDAzNTMtM2E2Mi00YzM5LWJkM2EtYzNhMzUyMWU4Zjcw
LzEvVWppQm1UencyMmRPaWR0WUZlYnhpYWJHRFI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBucB4MA0G
CSqGSIb3DQEBCwUAA4IBAQA6wPLntOZHBaEYaMCFDEX3MJlXgHKPUha09xvxu1Ju
1E7fedWnVf+kyqdDnDRHEDAs1e1dEdjpsJPfxSXCDGh6lBGuBrBdte4m22QyPKW6
2PN/rpX2WPA+klLbpp9vcfhDEG3i1zJvkaJGopEY9LmK+efDk79TuL+HRWGNbm8G
bHiNTS+C7/J1yfux2+x88Wg82y6RE4ApXPK1UwVHJn7nkMQdaiY36VAoYYwQ6faO
E+nK0/q8VqUz96j3WaNBxui2MQhlcWYCcUE6HptGMt1r1kDS9aqQMnOGa+wWQC8n
Mv6EV74ghRIAFrEykFVgn3yIL+ZmW2bNmQh5t0RFhJX0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:38 2024 by rpki-client on console-fra.rpki-client.org