Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/8kFXQVz_nuclHBzsJHDHPW3mJWQ.roa
File:                     8kFXQVz_nuclHBzsJHDHPW3mJWQ.roa (raw, json)
Hash identifier:          Hf+m/2G/sZsuzUR3p4YHmEaG8kVghgFSpSAxEJSPREg=
Subject key identifier:   F2:41:57:41:5C:FF:9E:E7:25:1C:1C:EC:24:70:C7:3D:6D:E6:25:64
Certificate issuer:       /CN=18101772248996b87d90840c2d27d62549458173
Certificate serial:       018AF6BDBA7198501F8EE395FD63D4DDE00C
Authority key identifier: 18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/8kFXQVz_nuclHBzsJHDHPW3mJWQ.roa
Signing time:             Tue 03 Oct 2023 18:12:23 +0000
ROA not before:           Tue 03 Oct 2023 18:12:23 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        185.81.28.0/22 maxlen: 24
                          188.64.108.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Fri 06 Oct 2023 17:57:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:f6:bd:ba:71:98:50:1f:8e:e3:95:fd:63:d4:dd:e0:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18101772248996b87d90840c2d27d62549458173
        Validity
            Not Before: Oct  3 18:12:23 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f24157415cff9ee7251c1cec2470c73d6de62564
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:45:f4:e3:55:2f:a5:6a:c7:3b:88:89:22:e8:
                    93:43:eb:66:9e:a2:11:ec:1f:11:3d:68:01:c8:11:
                    36:1e:10:eb:c1:59:b4:b3:a4:4a:cc:fa:1f:a2:5e:
                    26:b6:d1:ba:46:86:e0:12:64:27:68:26:ee:f4:5d:
                    6d:9f:40:26:6c:f8:28:ba:a3:3c:f1:32:82:92:cd:
                    3c:c8:77:f6:72:51:3e:a6:f3:b9:4a:a8:e6:0f:e7:
                    5c:db:f7:07:08:ed:43:b3:d3:4e:70:b4:d7:ba:43:
                    ea:52:42:7d:ac:ae:18:e1:99:60:57:1e:fe:f6:7c:
                    f4:cb:48:41:34:43:8a:75:ca:92:4d:49:13:0a:f4:
                    95:38:65:c4:53:3e:cf:f7:2f:00:29:aa:25:2e:23:
                    c7:8d:73:f4:b8:d2:ea:59:33:2b:78:65:38:3e:4c:
                    d8:d6:9e:54:12:9b:45:67:55:92:c3:6f:6b:2a:2a:
                    1a:fb:db:30:20:94:c9:58:89:6c:b3:d3:2c:21:4a:
                    fb:20:af:82:8f:27:dc:2d:c4:3a:24:1b:d1:08:3a:
                    a2:bd:00:e4:cf:d1:f5:c9:36:33:3b:16:af:2d:81:
                    8a:aa:a7:5f:1a:83:70:8b:c4:22:52:6c:60:47:79:
                    c6:77:39:43:86:22:7f:67:a1:80:83:73:57:29:bd:
                    f7:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:41:57:41:5C:FF:9E:E7:25:1C:1C:EC:24:70:C7:3D:6D:E6:25:64
            X509v3 Authority Key Identifier:
                keyid:18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/8kFXQVz_nuclHBzsJHDHPW3mJWQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/GBAXciSJlrh9kIQMLSfWJUlFgXM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.81.28.0/22
                  188.64.108.0/22

    Signature Algorithm: sha256WithRSAEncryption
         a6:0b:85:40:95:a4:9d:ea:34:d6:78:b6:9d:d4:72:59:3f:03:
         1a:6e:91:95:88:ad:22:d8:a3:25:b6:a0:ed:d4:a4:01:1a:2c:
         74:e0:a0:78:5e:53:d5:f3:9a:fe:e2:4a:93:03:a6:6c:c0:3c:
         68:ef:b1:9e:10:54:19:81:93:d6:ee:a0:22:be:e5:c0:fb:a1:
         61:2c:3e:33:f1:81:69:78:10:ba:88:8a:33:13:6d:c6:ee:62:
         69:66:20:80:3d:ff:7b:c0:01:a1:30:73:37:04:ef:85:20:f7:
         6e:9d:d0:c0:94:84:3f:75:67:98:36:77:89:35:38:99:a9:5a:
         94:c4:90:71:ce:9a:cc:a4:db:c1:5b:b0:77:c5:b0:a1:bf:b3:
         9f:a7:23:94:ce:b4:c6:65:a5:c4:3c:d4:8d:72:6d:29:3a:4e:
         82:9e:70:16:9a:31:c2:5b:c4:d2:96:3c:d6:cd:3e:a7:2a:a0:
         b4:88:7a:13:94:71:87:6b:34:c6:22:e6:10:ac:bf:70:c1:18:
         43:a2:3b:20:80:e4:cb:58:e1:d5:5d:5b:41:e6:6a:06:4b:29:
         ba:c3:2f:5b:6d:cf:7a:77:61:67:79:1c:db:e6:f7:0b:8f:ae:
         d4:d9:71:4a:13:25:20:40:84:c6:5f:29:f0:7c:e1:8b:04:9e:
         d6:68:92:19
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYr2vbpxmFAfjuOV/WPU3eAMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4MTAxNzcyMjQ4OTk2Yjg3ZDkwODQwYzJkMjdkNjI1NDk0
NTgxNzMwHhcNMjMxMDAzMTgxMjIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjQxNTc0MTVjZmY5ZWU3MjUxYzFjZWMyNDcwYzczZDZkZTYyNTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkkX041UvpWrHO4iJIuiTQ+tmnqIR
7B8RPWgByBE2HhDrwVm0s6RKzPofol4mttG6RobgEmQnaCbu9F1tn0AmbPgouqM8
8TKCks08yHf2clE+pvO5SqjmD+dc2/cHCO1Ds9NOcLTXukPqUkJ9rK4Y4ZlgVx7+
9nz0y0hBNEOKdcqSTUkTCvSVOGXEUz7P9y8AKaolLiPHjXP0uNLqWTMreGU4PkzY
1p5UEptFZ1WSw29rKioa+9swIJTJWIlss9MsIUr7IK+CjyfcLcQ6JBvRCDqivQDk
z9H1yTYzOxavLYGKqqdfGoNwi8QiUmxgR3nGdzlDhiJ/Z6GAg3NXKb334QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPJBV0Fc/57nJRwc7CRwxz1t5iVkMB8GA1UdIwQY
MBaAFBgQF3IkiZa4fZCEDC0n1iVJRYFzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0JBWGNpU0pscmg5a0lRTUxTZldKVWxGZ1hNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8yMGE1YTUtMGJhMi00MDUyLWJlYjQt
M2NjODVhZDNjMTkwLzEvOGtGWFFWel9udWNsSEJ6c0pIREhQVzNtSldRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8yMGE1YTUtMGJhMi00MDUyLWJlYjQtM2NjODVhZDNjMTkw
LzEvR0JBWGNpU0pscmg5a0lRTUxTZldKVWxGZ1hNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuVEcAwQC
vEBsMA0GCSqGSIb3DQEBCwUAA4IBAQCmC4VAlaSd6jTWeLad1HJZPwMabpGViK0i
2KMltqDt1KQBGix04KB4XlPV85r+4kqTA6ZswDxo77GeEFQZgZPW7qAivuXA+6Fh
LD4z8YFpeBC6iIozE23G7mJpZiCAPf97wAGhMHM3BO+FIPdundDAlIQ/dWeYNneJ
NTiZqVqUxJBxzprMpNvBW7B3xbChv7OfpyOUzrTGZaXEPNSNcm0pOk6CnnAWmjHC
W8TSljzWzT6nKqC0iHoTlHGHazTGIuYQrL9wwRhDojsggOTLWOHVXVtB5moGSym6
wy9bbc96d2FneRzb5vcLj67U2XFKEyUgQITGXynwfOGLBJ7WaJIZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:59 2024 by rpki-client on console-fra.rpki-client.org