Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/07eac7-4d52-46d9-ba44-8945860d5238/1/2Ymdgb5y9OTAh_6L87tXtKzSxPQ.roa
File:                     2Ymdgb5y9OTAh_6L87tXtKzSxPQ.roa (raw, json)
Hash identifier:          8Gbc0BnaJgl+oIrpffomC3AdmyqQNYT5wP4FBePW3eA=
Subject key identifier:   D9:89:9D:81:BE:72:F4:E4:C0:87:FE:8B:F3:BB:57:B4:AC:D2:C4:F4
Certificate issuer:       /CN=44ceb61e71a619f2314e9d9846ec67bc88a1244c
Certificate serial:       018A113472B6388730667D51AE56AFC6BD33
Authority key identifier: 44:CE:B6:1E:71:A6:19:F2:31:4E:9D:98:46:EC:67:BC:88:A1:24:4C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RM62HnGmGfIxTp2YRuxnvIihJEw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/81/07eac7-4d52-46d9-ba44-8945860d5238/1/2Ymdgb5y9OTAh_6L87tXtKzSxPQ.roa
Signing time:             Sun 20 Aug 2023 04:29:24 +0000
ROA not before:           Sun 20 Aug 2023 04:29:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211510
IP address blocks:        85.193.191.0/24 maxlen: 24
                          85.193.190.0/24 maxlen: 24
                          185.54.211.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:33:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:11:34:72:b6:38:87:30:66:7d:51:ae:56:af:c6:bd:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=44ceb61e71a619f2314e9d9846ec67bc88a1244c
        Validity
            Not Before: Aug 20 04:29:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d9899d81be72f4e4c087fe8bf3bb57b4acd2c4f4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:fa:0f:17:c4:6b:b0:c1:54:4e:5e:f3:b8:eb:
                    8d:e3:8d:b4:a3:ab:3e:a2:8c:c4:28:4c:f8:bb:b3:
                    77:2b:96:4a:09:b6:ba:0c:f1:c6:07:35:bd:f5:02:
                    9a:2a:c4:e6:d8:6d:81:37:7f:31:90:9e:69:17:20:
                    47:24:13:dc:f2:e8:ba:ca:52:c9:67:ed:ed:fd:f4:
                    68:d7:be:82:22:90:71:a9:1c:6f:cd:ce:41:d4:e6:
                    b9:ba:60:c9:80:c9:2b:ad:2a:d4:41:67:35:36:5c:
                    7c:a5:4a:cd:a5:a1:c8:10:6b:dc:3e:78:62:03:bc:
                    6d:bc:6e:cf:fd:0c:80:38:45:81:5f:23:78:cb:ad:
                    1a:3f:88:b3:1c:48:97:fc:e6:3e:ab:e2:e5:1d:f9:
                    c6:77:09:6d:1b:67:44:34:ca:6c:43:18:50:e5:f8:
                    b0:8a:5b:9b:06:53:cd:a4:b3:54:fd:2d:14:e3:b2:
                    3e:f6:93:6d:66:4f:53:d7:d4:70:39:29:80:90:4f:
                    e7:2f:5f:a4:d3:e8:a5:52:72:f0:ca:72:f6:86:12:
                    9e:14:c0:95:4a:e6:62:4d:c7:44:83:de:a0:a7:91:
                    b6:07:10:c2:89:df:d7:41:22:f7:8b:a7:58:55:f1:
                    54:8f:96:99:a4:42:75:98:9b:65:81:83:9c:6d:13:
                    9b:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:89:9D:81:BE:72:F4:E4:C0:87:FE:8B:F3:BB:57:B4:AC:D2:C4:F4
            X509v3 Authority Key Identifier:
                keyid:44:CE:B6:1E:71:A6:19:F2:31:4E:9D:98:46:EC:67:BC:88:A1:24:4C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RM62HnGmGfIxTp2YRuxnvIihJEw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/07eac7-4d52-46d9-ba44-8945860d5238/1/2Ymdgb5y9OTAh_6L87tXtKzSxPQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/81/07eac7-4d52-46d9-ba44-8945860d5238/1/RM62HnGmGfIxTp2YRuxnvIihJEw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.193.190.0/23
                  185.54.211.0/24

    Signature Algorithm: sha256WithRSAEncryption
         02:11:59:8b:6d:4b:4d:30:6d:d8:bf:92:cd:55:0a:ea:ae:1c:
         2f:90:2a:6c:3f:3b:69:3b:29:f3:a5:92:23:76:c3:25:7c:0f:
         4b:59:c0:73:c3:06:8e:74:9b:0d:f7:8b:c9:38:c9:be:15:2e:
         54:51:fa:b8:56:f2:6b:de:c6:82:ba:1e:e5:fa:7f:41:4f:3e:
         45:a2:75:b7:9c:29:0f:76:4c:0f:69:88:1a:0a:be:1b:2b:f9:
         f0:22:3d:d2:9b:5c:10:7e:d0:73:69:be:e1:33:42:80:7d:9b:
         b7:5e:f0:b9:87:f5:d6:55:31:0f:dc:cb:23:e4:81:ec:ef:0d:
         2c:22:11:e5:66:a5:4b:18:94:50:17:ab:01:a0:f4:97:cd:e2:
         c7:8e:e7:60:77:5a:ec:4e:5a:0a:01:42:3e:75:7e:ff:48:ee:
         7f:56:ef:c6:9e:d2:4a:d7:22:e6:8e:b5:fb:38:d8:8b:af:4c:
         c5:7c:46:8a:34:69:e2:73:8f:60:91:53:c3:1d:51:5e:61:a8:
         3d:35:87:3b:26:48:5a:76:73:53:96:1c:f1:77:e6:ab:b8:b8:
         84:b0:ac:1c:4d:63:f6:8e:83:ee:63:81:91:c3:a9:36:53:f4:
         27:b8:87:c9:74:8d:72:ed:9f:90:c8:34:72:bf:bc:61:7c:0a:
         be:cf:0e:82
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYoRNHK2OIcwZn1Rrlavxr0zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0Y2ViNjFlNzFhNjE5ZjIzMTRlOWQ5ODQ2ZWM2N2JjODhh
MTI0NGMwHhcNMjMwODIwMDQyOTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTg5OWQ4MWJlNzJmNGU0YzA4N2ZlOGJmM2JiNTdiNGFjZDJjNGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhPoPF8RrsMFUTl7zuOuN4420o6s+
oozEKEz4u7N3K5ZKCba6DPHGBzW99QKaKsTm2G2BN38xkJ5pFyBHJBPc8ui6ylLJ
Z+3t/fRo176CIpBxqRxvzc5B1Oa5umDJgMkrrSrUQWc1Nlx8pUrNpaHIEGvcPnhi
A7xtvG7P/QyAOEWBXyN4y60aP4izHEiX/OY+q+LlHfnGdwltG2dENMpsQxhQ5fiw
ilubBlPNpLNU/S0U47I+9pNtZk9T19RwOSmAkE/nL1+k0+ilUnLwynL2hhKeFMCV
SuZiTcdEg96gp5G2BxDCid/XQSL3i6dYVfFUj5aZpEJ1mJtlgYOcbROb0QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNmJnYG+cvTkwIf+i/O7V7Ss0sT0MB8GA1UdIwQY
MBaAFETOth5xphnyMU6dmEbsZ7yIoSRMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUk02MkhuR21HZkl4VHAyWVJ1eG52SWloSkV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8wN2VhYzctNGQ1Mi00NmQ5LWJhNDQt
ODk0NTg2MGQ1MjM4LzEvMlltZGdiNXk5T1RBaF82TDg3dFh0S3pTeFBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8wN2VhYzctNGQ1Mi00NmQ5LWJhNDQtODk0NTg2MGQ1MjM4
LzEvUk02MkhuR21HZkl4VHAyWVJ1eG52SWloSkV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBVcG+AwQA
uTbTMA0GCSqGSIb3DQEBCwUAA4IBAQACEVmLbUtNMG3Yv5LNVQrqrhwvkCpsPztp
OynzpZIjdsMlfA9LWcBzwwaOdJsN94vJOMm+FS5UUfq4VvJr3saCuh7l+n9BTz5F
onW3nCkPdkwPaYgaCr4bK/nwIj3Sm1wQftBzab7hM0KAfZu3XvC5h/XWVTEP3Msj
5IHs7w0sIhHlZqVLGJRQF6sBoPSXzeLHjudgd1rsTloKAUI+dX7/SO5/Vu/GntJK
1yLmjrX7ONiLr0zFfEaKNGnic49gkVPDHVFeYag9NYc7JkhadnNTlhzxd+aruLiE
sKwcTWP2joPuY4GRw6k2U/QnuIfJdI1y7Z+QyDRyv7xhfAq+zw6C
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:36 2024 by rpki-client on console-ams.rpki-client.org