Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/T_ySfuHLQ5yJAm5LD0dg-LcinKI.roa
File:                     T_ySfuHLQ5yJAm5LD0dg-LcinKI.roa (raw, json)
Hash identifier:          kZgc4WbFqxfV3DySPx0qebiSuY8CJ4RKXozVj1p288s=
Subject key identifier:   4F:FC:92:7E:E1:CB:43:9C:89:02:6E:4B:0F:47:60:F8:B7:22:9C:A2
Certificate issuer:       /CN=18101772248996b87d90840c2d27d62549458173
Certificate serial:       01856F66F653CA0181182C861DABD4D3FA4B
Authority key identifier: 18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/T_ySfuHLQ5yJAm5LD0dg-LcinKI.roa
Signing time:             Sun 01 Jan 2023 22:14:56 +0000
ROA not before:           Sun 01 Jan 2023 22:14:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211585
IP address blocks:        188.64.108.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Wed 10 May 2023 15:14:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:66:f6:53:ca:01:81:18:2c:86:1d:ab:d4:d3:fa:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18101772248996b87d90840c2d27d62549458173
        Validity
            Not Before: Jan  1 22:14:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4ffc927ee1cb439c89026e4b0f4760f8b7229ca2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:bd:c9:c8:8a:25:87:8b:83:7d:74:c9:e6:72:
                    ef:5b:42:2c:3c:20:00:a9:af:ae:7d:4c:97:33:34:
                    91:b1:ae:57:81:c3:77:81:f8:2d:23:92:5e:cf:fb:
                    6e:8d:3f:53:52:8c:0a:44:d0:8d:03:1c:2d:47:6f:
                    52:9b:59:b8:63:c3:ec:0d:02:5c:21:2a:02:a7:58:
                    9d:0f:1c:4a:b6:b0:7f:d0:58:a7:39:81:aa:9b:33:
                    86:cf:ee:cb:d4:c5:db:35:c3:e2:92:e7:98:29:66:
                    f2:e9:08:6f:64:33:a4:4d:0b:d9:ac:5b:ce:d4:5f:
                    92:c1:52:a3:c0:c3:99:1f:73:ff:86:01:c5:01:1a:
                    99:cc:30:0d:04:69:4a:c5:94:1e:98:5c:c8:96:51:
                    92:0e:e2:1a:5a:7e:7c:62:14:c7:68:5d:d5:c6:22:
                    e5:c2:46:2f:dc:39:a0:8c:bb:29:19:59:50:bc:73:
                    f6:9a:0a:be:6f:92:10:e0:12:4d:34:c5:06:93:b0:
                    a2:ed:0c:ae:7b:3b:84:1f:df:8c:8b:fd:96:d1:15:
                    2e:bb:6a:2a:e7:9e:68:89:e7:a4:f5:64:82:9f:d5:
                    c0:e9:4b:73:6f:e4:49:91:93:89:23:38:6d:a7:b6:
                    87:a4:7e:89:dd:68:e9:78:1e:6d:1c:5d:b4:c2:01:
                    ea:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:FC:92:7E:E1:CB:43:9C:89:02:6E:4B:0F:47:60:F8:B7:22:9C:A2
            X509v3 Authority Key Identifier:
                keyid:18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/T_ySfuHLQ5yJAm5LD0dg-LcinKI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/GBAXciSJlrh9kIQMLSfWJUlFgXM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.64.108.0/22

    Signature Algorithm: sha256WithRSAEncryption
         a7:11:5e:40:37:da:0f:d0:d6:04:d1:01:de:b8:15:8a:de:a6:
         b6:ef:3e:44:be:e4:1d:5e:a0:e3:ef:4d:fc:ec:e6:8f:41:be:
         3d:ae:da:3e:a1:20:f1:cc:36:83:c2:e9:4c:41:b2:0a:0f:d3:
         48:00:77:5e:bc:13:5c:37:9e:0f:e7:7a:0a:e6:1c:1f:c4:a0:
         78:28:c6:65:36:76:ed:1d:7d:f0:a6:50:f7:4a:ec:aa:54:02:
         8a:27:dc:c6:f0:78:eb:bb:bd:a3:6d:11:6f:4d:1a:c7:8f:9a:
         d7:5e:66:75:9d:0d:f7:d5:d3:7c:6a:8b:34:b6:4b:36:f2:e5:
         fd:61:19:1e:46:f2:69:a7:4b:75:87:44:c0:7b:35:b1:d4:a3:
         c9:0c:53:12:54:37:0a:d2:40:b4:31:62:7a:ba:c7:f0:56:fa:
         72:c7:e5:e2:5b:a9:9e:6b:e0:e4:57:84:39:db:d4:9f:b3:05:
         0d:bc:f0:25:e7:54:15:f9:d9:34:ee:43:7d:5f:c7:60:85:2f:
         00:10:70:54:fc:b7:a1:ec:c1:14:42:13:8d:8c:8e:1f:dc:ff:
         96:ec:df:de:ff:10:27:cf:5e:19:62:6b:08:0d:3c:d9:7e:60:
         c1:76:16:43:5b:cf:4a:f3:e3:fe:94:62:5f:28:41:53:fd:42:
         bb:a2:e7:be
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvZvZTygGBGCyGHavU0/pLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4MTAxNzcyMjQ4OTk2Yjg3ZDkwODQwYzJkMjdkNjI1NDk0
NTgxNzMwHhcNMjMwMTAxMjIxNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmZjOTI3ZWUxY2I0MzljODkwMjZlNGIwZjQ3NjBmOGI3MjI5Y2EyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv73JyIolh4uDfXTJ5nLvW0IsPCAA
qa+ufUyXMzSRsa5XgcN3gfgtI5Jez/tujT9TUowKRNCNAxwtR29Sm1m4Y8PsDQJc
ISoCp1idDxxKtrB/0FinOYGqmzOGz+7L1MXbNcPikueYKWby6QhvZDOkTQvZrFvO
1F+SwVKjwMOZH3P/hgHFARqZzDANBGlKxZQemFzIllGSDuIaWn58YhTHaF3VxiLl
wkYv3DmgjLspGVlQvHP2mgq+b5IQ4BJNNMUGk7Ci7QyuezuEH9+Mi/2W0RUuu2oq
555oieek9WSCn9XA6Utzb+RJkZOJIzhtp7aHpH6J3WjpeB5tHF20wgHqaQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE/8kn7hy0OciQJuSw9HYPi3IpyiMB8GA1UdIwQY
MBaAFBgQF3IkiZa4fZCEDC0n1iVJRYFzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0JBWGNpU0pscmg5a0lRTUxTZldKVWxGZ1hNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8yMGE1YTUtMGJhMi00MDUyLWJlYjQt
M2NjODVhZDNjMTkwLzEvVF95U2Z1SExRNXlKQW01TEQwZGctTGNpbktJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8yMGE1YTUtMGJhMi00MDUyLWJlYjQtM2NjODVhZDNjMTkw
LzEvR0JBWGNpU0pscmg5a0lRTUxTZldKVWxGZ1hNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCvEBsMA0G
CSqGSIb3DQEBCwUAA4IBAQCnEV5AN9oP0NYE0QHeuBWK3qa27z5EvuQdXqDj7038
7OaPQb49rto+oSDxzDaDwulMQbIKD9NIAHdevBNcN54P53oK5hwfxKB4KMZlNnbt
HX3wplD3SuyqVAKKJ9zG8Hjru72jbRFvTRrHj5rXXmZ1nQ331dN8aos0tks28uX9
YRkeRvJpp0t1h0TAezWx1KPJDFMSVDcK0kC0MWJ6usfwVvpyx+XiW6mea+DkV4Q5
29SfswUNvPAl51QV+dk07kN9X8dghS8AEHBU/Leh7MEUQhONjI4f3P+W7N/e/xAn
z14ZYmsIDTzZfmDBdhZDW89K8+P+lGJfKEFT/UK7oue+
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:38 2024 by rpki-client on console-ams.rpki-client.org