Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/L4XOHsuM96mQQjMfd8cXJ20FFf4.roa
File:                     L4XOHsuM96mQQjMfd8cXJ20FFf4.roa (raw, json)
Hash identifier:          AtDchSk9MfrKrwYdq+zCGe9W480by080y9iRNXWxY64=
Subject key identifier:   2F:85:CE:1E:CB:8C:F7:A9:90:42:33:1F:77:C7:17:27:6D:05:15:FE
Certificate issuer:       /CN=835bc9bb547e27788d221bc8bbd5fb02e024480f
Certificate serial:       018571C30B650C87F629B2BB029FD5953D59
Authority key identifier: 83:5B:C9:BB:54:7E:27:78:8D:22:1B:C8:BB:D5:FB:02:E0:24:48:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/L4XOHsuM96mQQjMfd8cXJ20FFf4.roa
Signing time:             Mon 02 Jan 2023 09:14:45 +0000
ROA not before:           Mon 02 Jan 2023 09:14:45 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200639
IP address blocks:        185.186.10.0/24 maxlen: 24
                          185.186.9.0/24 maxlen: 24
                          2a0b:6b84::/32 maxlen: 48

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:c3:0b:65:0c:87:f6:29:b2:bb:02:9f:d5:95:3d:59
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=835bc9bb547e27788d221bc8bbd5fb02e024480f
        Validity
            Not Before: Jan  2 09:14:45 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2f85ce1ecb8cf7a99042331f77c717276d0515fe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:82:d7:36:bb:c4:db:3f:da:32:63:8e:f2:19:
                    61:b6:ce:3a:c8:d7:0c:fb:cb:47:00:a7:f6:d7:ae:
                    da:53:c1:09:35:4c:f8:b8:3d:c0:4a:93:03:35:ee:
                    3c:6e:71:05:20:2e:fd:15:b4:e5:5d:77:bb:6e:b2:
                    4f:bf:af:98:6e:a0:f0:df:fe:89:63:95:f4:1b:93:
                    77:34:90:06:91:41:e9:28:a8:57:3c:51:03:fd:6a:
                    ca:38:9c:7d:23:77:f2:fa:e9:df:86:4d:95:f7:f4:
                    ce:04:84:86:06:4c:c3:b5:d4:8b:b4:9a:1b:0e:c7:
                    c6:dd:da:6f:24:b8:3d:83:00:16:7d:83:bb:06:f5:
                    78:dd:7c:90:70:7a:d3:37:e9:f5:52:c8:24:57:f0:
                    5e:8a:95:7e:7f:dc:78:6f:32:61:23:27:fb:87:fe:
                    c8:0b:75:40:20:55:ba:6d:3c:df:90:2a:8f:0c:90:
                    ea:0b:81:80:53:6a:00:d1:8c:b2:6d:4c:e9:8d:09:
                    cf:9d:96:a0:d3:6b:58:eb:6a:52:09:a4:a5:98:70:
                    c1:62:f5:46:57:76:18:24:2c:ce:1d:44:97:8a:87:
                    da:34:92:f7:35:31:ad:19:e4:36:b3:32:a8:76:57:
                    b5:63:5c:af:de:64:fb:62:de:bd:0f:ca:58:eb:81:
                    24:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:85:CE:1E:CB:8C:F7:A9:90:42:33:1F:77:C7:17:27:6D:05:15:FE
            X509v3 Authority Key Identifier:
                keyid:83:5B:C9:BB:54:7E:27:78:8D:22:1B:C8:BB:D5:FB:02:E0:24:48:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/L4XOHsuM96mQQjMfd8cXJ20FFf4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/g1vJu1R-J3iNIhvIu9X7AuAkSA8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.186.9.0-185.186.10.255
                IPv6:
                  2a0b:6b84::/32

    Signature Algorithm: sha256WithRSAEncryption
         b3:2e:ec:48:90:77:b2:18:36:80:43:b2:48:ed:73:ae:69:c4:
         94:a6:ec:be:73:86:a9:51:71:9d:30:1d:55:92:45:3d:16:16:
         62:98:b5:7e:5c:b1:07:e9:b8:ad:2b:c4:b6:cf:2d:11:ae:9d:
         8c:ec:0d:32:2c:d5:75:a5:08:ca:a3:df:ae:94:a9:75:ad:b6:
         ea:1c:4c:de:c2:ff:4e:e5:cf:b2:ff:de:49:90:04:dd:93:4d:
         db:b4:4b:c1:a0:03:e2:1d:99:9d:de:36:e0:42:07:fc:96:bc:
         09:27:37:8f:42:ce:57:84:2b:08:90:14:f4:a4:4a:b5:aa:fc:
         6e:2b:2e:aa:80:25:58:33:0f:02:f6:2c:48:2c:bd:2e:6d:d0:
         9b:0d:8d:82:c1:3e:2f:1c:9d:26:f5:fd:ce:8d:0b:9a:1a:e0:
         56:8b:be:23:c8:cb:42:4e:56:39:bd:c6:5b:59:85:c6:75:a3:
         1a:21:bf:8c:7c:df:ee:12:31:c4:d1:28:f3:a9:b7:d8:59:4d:
         30:57:b5:ee:79:07:db:3e:f1:89:a3:fa:d8:82:98:65:68:ef:
         f6:ed:7d:26:a7:6d:92:42:2a:e9:8f:de:4b:ff:08:3c:a2:eb:
         90:e7:c2:ce:e0:a3:7a:d9:ed:5e:2a:55:ed:ab:13:36:7a:ee:
         99:05:3e:2f
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVxwwtlDIf2KbK7Ap/VlT1ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzNWJjOWJiNTQ3ZTI3Nzg4ZDIyMWJjOGJiZDVmYjAyZTAy
NDQ4MGYwHhcNMjMwMTAyMDkxNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjg1Y2UxZWNiOGNmN2E5OTA0MjMzMWY3N2M3MTcyNzZkMDUxNWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3oLXNrvE2z/aMmOO8hlhts46yNcM
+8tHAKf2167aU8EJNUz4uD3ASpMDNe48bnEFIC79FbTlXXe7brJPv6+YbqDw3/6J
Y5X0G5N3NJAGkUHpKKhXPFED/WrKOJx9I3fy+unfhk2V9/TOBISGBkzDtdSLtJob
DsfG3dpvJLg9gwAWfYO7BvV43XyQcHrTN+n1UsgkV/BeipV+f9x4bzJhIyf7h/7I
C3VAIFW6bTzfkCqPDJDqC4GAU2oA0YyybUzpjQnPnZag02tY62pSCaSlmHDBYvVG
V3YYJCzOHUSXiofaNJL3NTGtGeQ2szKodle1Y1yv3mT7Yt69D8pY64EkiQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFC+Fzh7LjPepkEIzH3fHFydtBRX+MB8GA1UdIwQY
MBaAFINbybtUfid4jSIbyLvV+wLgJEgPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzF2SnUxUi1KM2lOSWh2SXU5WDdBdUFrU0E4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC85NjJmYjEtM2RmMC00ZWMyLWI1MGEt
YjM2YTI0ZDM5NDI3LzEvTDRYT0hzdU05Nm1RUWpNZmQ4Y1hKMjBGRmY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC85NjJmYjEtM2RmMC00ZWMyLWI1MGEtYjM2YTI0ZDM5NDI3
LzEvZzF2SnUxUi1KM2lOSWh2SXU5WDdBdUFrU0E4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAC5ugkD
BAC5ugowDQQCAAIwBwMFACoLa4QwDQYJKoZIhvcNAQELBQADggEBALMu7EiQd7IY
NoBDskjtc65pxJSm7L5zhqlRcZ0wHVWSRT0WFmKYtX5csQfpuK0rxLbPLRGunYzs
DTIs1XWlCMqj366UqXWttuocTN7C/07lz7L/3kmQBN2TTdu0S8GgA+IdmZ3eNuBC
B/yWvAknN49CzleEKwiQFPSkSrWq/G4rLqqAJVgzDwL2LEgsvS5t0JsNjYLBPi8c
nSb1/c6NC5oa4FaLviPIy0JOVjm9xltZhcZ1oxohv4x83+4SMcTRKPOpt9hZTTBX
te55B9s+8Ymj+tiCmGVo7/btfSanbZJCKumP3kv/CDyi65Dnws7go3rZ7V4qVe2r
EzZ67pkFPi8=
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:41:02 2024 by rpki-client on console-ams.rpki-client.org