Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/oCEhHFJjbWKnHQ5Gpa0bvD3_4mM.roa
File:                     oCEhHFJjbWKnHQ5Gpa0bvD3_4mM.roa (raw, json)
Hash identifier:          SrmIOpS87i6vgTY65Z45yjyMeHlja2mhX+8sPucrpz8=
Subject key identifier:   A0:21:21:1C:52:63:6D:62:A7:1D:0E:46:A5:AD:1B:BC:3D:FF:E2:63
Certificate issuer:       /CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
Certificate serial:       018D13D7EF8F7AAEBDBF114E446746CB45DB
Authority key identifier: 5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/oCEhHFJjbWKnHQ5Gpa0bvD3_4mM.roa
Signing time:             Tue 16 Jan 2024 19:55:34 +0000
ROA not before:           Tue 16 Jan 2024 19:55:34 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     212667
IP address blocks:        85.235.81.0/24 maxlen: 24
                          192.109.97.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 21 Jan 2024 19:10:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:13:d7:ef:8f:7a:ae:bd:bf:11:4e:44:67:46:cb:45:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5da3941c27cfe5c234c4bf221ecb2a579b2deaab
        Validity
            Not Before: Jan 16 19:55:34 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=a021211c52636d62a71d0e46a5ad1bbc3dffe263
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:1e:10:eb:a3:be:7b:cc:f9:1a:9d:c5:82:47:
                    a7:2a:b8:14:5a:3f:8f:55:30:e5:c0:03:0b:e8:0c:
                    f7:63:b6:63:03:8f:68:43:b5:1c:97:29:c7:d8:47:
                    da:d1:6b:b0:27:39:84:7f:d3:fe:2e:fc:2e:b3:b8:
                    f5:44:49:ad:63:a3:f4:00:99:6d:1b:d1:d2:85:a7:
                    be:0d:98:eb:de:f3:b6:ec:b5:da:8f:92:27:ea:05:
                    05:9f:85:30:52:e4:35:95:53:45:8d:67:d9:3f:b8:
                    31:81:7e:d9:95:fc:b0:fb:98:f2:04:cb:6e:bf:1d:
                    e5:d1:84:35:6f:79:66:6f:22:2e:a2:5a:5e:ba:96:
                    5b:1e:f9:75:a8:e4:ad:64:5a:01:9f:eb:39:25:f7:
                    f8:bc:03:26:a3:51:27:be:87:10:cb:17:3e:c3:8a:
                    56:65:7f:68:70:0f:8c:64:c1:79:2d:52:64:07:50:
                    fc:ea:a0:de:61:62:cb:98:be:9e:3d:23:48:d7:4e:
                    bf:28:88:f0:31:6f:78:f2:10:82:4c:cd:c4:c7:75:
                    dd:29:31:15:f9:89:7d:d9:cf:57:85:8a:05:89:13:
                    77:d0:fb:08:7c:75:1b:78:ae:62:1b:56:f2:ae:48:
                    fd:87:99:d6:f8:bd:a7:4d:2d:0d:4d:6c:b5:7f:95:
                    4a:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:21:21:1C:52:63:6D:62:A7:1D:0E:46:A5:AD:1B:BC:3D:FF:E2:63
            X509v3 Authority Key Identifier:
                keyid:5D:A3:94:1C:27:CF:E5:C2:34:C4:BF:22:1E:CB:2A:57:9B:2D:EA:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaOUHCfP5cI0xL8iHssqV5st6qs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/oCEhHFJjbWKnHQ5Gpa0bvD3_4mM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/80/30ed3e-c4c4-4de8-b4f1-f11a39f26c3b/1/XaOUHCfP5cI0xL8iHssqV5st6qs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.235.81.0/24
                  192.109.97.0/24

    Signature Algorithm: sha256WithRSAEncryption
         88:fa:0e:81:2e:fc:03:14:7b:9b:30:23:4d:25:66:37:04:89:
         c2:7d:72:03:ff:f4:f5:0b:b3:2d:7a:ad:d6:ce:f7:35:04:eb:
         12:0b:19:02:db:3f:1d:67:5a:35:4b:7d:c4:b3:18:ae:db:10:
         58:ae:17:34:dd:a9:7c:e7:db:99:ae:c8:bd:4a:cf:b2:08:d7:
         7e:e6:44:f4:aa:f9:a1:ba:db:c8:62:2d:ac:3b:71:61:ac:e1:
         22:74:57:60:4a:5e:d6:b2:80:71:4f:6d:37:f2:bb:d3:f6:46:
         8a:22:83:35:ca:14:d8:ad:d2:33:8f:79:b2:d5:42:2b:80:29:
         a4:bf:c9:14:92:60:38:33:30:d0:f7:4d:1f:97:16:ca:23:a3:
         ad:b9:d3:ec:3e:56:c9:c3:9e:08:0e:21:eb:d5:9e:7d:84:1c:
         c2:9d:23:5e:00:17:d9:92:b5:19:1f:ce:2e:70:36:bb:59:95:
         e5:5e:f9:e5:d2:2a:06:1b:b5:84:23:11:03:15:cd:77:11:0a:
         7c:d1:66:f3:ef:f2:e3:7d:b3:d7:eb:e7:c2:1a:ee:1d:a9:48:
         a2:54:43:8b:e8:ac:9a:23:12:21:eb:a8:59:41:3f:f0:55:c5:
         e6:0d:d6:fa:54:25:73:a5:39:8b:05:67:61:30:64:1d:ba:a4:
         16:f9:9a:c0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY0T1++Peq69vxFORGdGy0XbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTM5NDFjMjdjZmU1YzIzNGM0YmYyMjFlY2IyYTU3OWIy
ZGVhYWIwHhcNMjQwMTE2MTk1NTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDIxMjExYzUyNjM2ZDYyYTcxZDBlNDZhNWFkMWJiYzNkZmZlMjYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArR4Q66O+e8z5Gp3FgkenKrgUWj+P
VTDlwAML6Az3Y7ZjA49oQ7UclynH2Efa0WuwJzmEf9P+Lvwus7j1REmtY6P0AJlt
G9HShae+DZjr3vO27LXaj5In6gUFn4UwUuQ1lVNFjWfZP7gxgX7Zlfyw+5jyBMtu
vx3l0YQ1b3lmbyIuolpeupZbHvl1qOStZFoBn+s5Jff4vAMmo1EnvocQyxc+w4pW
ZX9ocA+MZMF5LVJkB1D86qDeYWLLmL6ePSNI106/KIjwMW948hCCTM3Ex3XdKTEV
+Yl92c9XhYoFiRN30PsIfHUbeK5iG1byrkj9h5nW+L2nTS0NTWy1f5VKbQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKAhIRxSY21ipx0ORqWtG7w9/+JjMB8GA1UdIwQY
MBaAFF2jlBwnz+XCNMS/Ih7LKlebLeqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEt
ZjExYTM5ZjI2YzNiLzEvb0NFaEhGSmpiV0tuSFE1R3BhMGJ2RDNfNG1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zMGVkM2UtYzRjNC00ZGU4LWI0ZjEtZjExYTM5ZjI2YzNi
LzEvWGFPVUhDZlA1Y0kweEw4aUhzc3FWNXN0NnFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVetRAwQA
wG1hMA0GCSqGSIb3DQEBCwUAA4IBAQCI+g6BLvwDFHubMCNNJWY3BInCfXID//T1
C7Mteq3Wzvc1BOsSCxkC2z8dZ1o1S33Esxiu2xBYrhc03al859uZrsi9Ss+yCNd+
5kT0qvmhutvIYi2sO3FhrOEidFdgSl7WsoBxT2038rvT9kaKIoM1yhTYrdIzj3my
1UIrgCmkv8kUkmA4MzDQ900flxbKI6OtudPsPlbJw54IDiHr1Z59hBzCnSNeABfZ
krUZH84ucDa7WZXlXvnl0ioGG7WEIxEDFc13EQp80Wbz7/LjfbPX6+fCGu4dqUii
VEOL6KyaIxIh66hZQT/wVcXmDdb6VCVzpTmLBWdhMGQduqQW+ZrA
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:25 2024 by rpki-client on console-ams.rpki-client.org