Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9c493b-417b-4af6-9f43-2ff14c218719/1/LStcdLdKWHSKZA4NlNMxxY6xpEg.roa
File:                     LStcdLdKWHSKZA4NlNMxxY6xpEg.roa (raw, json)
Hash identifier:          r9hDPmNAel/8tiquPuL5ENTbdzd03Yq4+EbbaM10As0=
Subject key identifier:   2D:2B:5C:74:B7:4A:58:74:8A:64:0E:0D:94:D3:31:C5:8E:B1:A4:48
Certificate issuer:       /CN=62becc4ba8a4d52498a0d2983a68b61383aa7fd7
Certificate serial:       018CC349603D3E1DEE96F3CDAB4D09AAA333
Authority key identifier: 62:BE:CC:4B:A8:A4:D5:24:98:A0:D2:98:3A:68:B6:13:83:AA:7F:D7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Yr7MS6ik1SSYoNKYOmi2E4Oqf9c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/86/9c493b-417b-4af6-9f43-2ff14c218719/1/LStcdLdKWHSKZA4NlNMxxY6xpEg.roa
Signing time:             Mon 01 Jan 2024 04:30:15 +0000
ROA not before:           Mon 01 Jan 2024 04:30:15 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     399989
IP address blocks:        85.209.204.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Sat 13 Apr 2024 16:29:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:49:60:3d:3e:1d:ee:96:f3:cd:ab:4d:09:aa:a3:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=62becc4ba8a4d52498a0d2983a68b61383aa7fd7
        Validity
            Not Before: Jan  1 04:30:15 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=2d2b5c74b74a58748a640e0d94d331c58eb1a448
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:cc:8d:26:3b:f7:7a:2d:c9:4c:a7:06:51:d6:
                    3c:1c:a9:07:85:a2:11:1f:a0:3a:54:35:90:39:4e:
                    70:b4:6c:1d:fb:62:8f:6c:2d:c5:ee:92:c8:30:c1:
                    52:e3:7f:a6:23:28:1c:3b:3d:08:44:cc:5c:d7:80:
                    4c:30:30:d5:8b:eb:ac:e3:b7:52:7a:86:cd:9e:5a:
                    eb:0b:d3:d7:c9:0b:5f:0c:3d:44:50:dd:05:4f:bc:
                    77:2c:d4:b5:30:03:17:56:c7:0e:36:c4:83:d9:71:
                    24:4d:a2:80:d1:a5:f5:d1:bd:d0:2f:3f:da:09:ee:
                    4e:5f:ef:dc:97:79:c3:2c:e8:0b:eb:78:a4:fc:81:
                    86:43:2f:29:4e:44:dd:f2:45:a9:28:ca:c5:86:e7:
                    65:e1:c9:39:86:2e:32:15:70:e4:7c:c1:82:c4:26:
                    83:db:6c:36:ce:ba:ba:25:9f:7c:26:7d:4b:b1:df:
                    5a:5d:6e:a5:0c:0d:c5:0d:c2:91:95:63:d3:e3:e7:
                    f5:4a:85:df:a2:fe:00:8a:7d:fd:5c:08:ef:b1:67:
                    a8:b9:1f:bc:48:3a:1e:9e:81:ab:d5:d1:c5:f5:96:
                    ff:57:76:43:ae:55:18:3f:f7:27:4c:14:a9:87:bc:
                    5d:cb:27:f6:cb:24:06:8e:cc:b7:da:a8:62:bc:17:
                    18:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:2B:5C:74:B7:4A:58:74:8A:64:0E:0D:94:D3:31:C5:8E:B1:A4:48
            X509v3 Authority Key Identifier:
                keyid:62:BE:CC:4B:A8:A4:D5:24:98:A0:D2:98:3A:68:B6:13:83:AA:7F:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yr7MS6ik1SSYoNKYOmi2E4Oqf9c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9c493b-417b-4af6-9f43-2ff14c218719/1/LStcdLdKWHSKZA4NlNMxxY6xpEg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9c493b-417b-4af6-9f43-2ff14c218719/1/Yr7MS6ik1SSYoNKYOmi2E4Oqf9c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.209.204.0/22

    Signature Algorithm: sha256WithRSAEncryption
         7c:69:79:62:da:a8:ba:48:df:95:96:d3:af:6d:1e:43:5f:f3:
         b1:57:a6:07:b0:2b:9f:fc:9d:04:7c:b8:0e:2a:46:49:59:4e:
         74:1f:5c:bd:c1:fe:7f:ab:86:36:9a:85:cf:c5:7c:de:07:56:
         f7:88:5f:0e:78:6e:1d:c6:3d:37:aa:5e:4e:02:01:46:6b:4d:
         96:97:45:f6:dc:80:f1:37:59:7c:8d:d1:b6:b0:e7:af:7e:12:
         f9:07:09:db:99:78:7d:53:1d:a5:37:e2:e8:6b:26:8d:a9:fd:
         2a:5b:73:9c:99:86:bb:eb:7f:3f:a4:74:ef:ae:04:3d:87:b3:
         2d:ff:a8:36:1e:a5:db:0d:a0:4d:7f:be:3d:6b:9f:f6:e3:f6:
         35:38:7b:ee:4f:7a:73:69:d3:8a:b8:fe:b3:0a:ff:ee:83:76:
         c7:26:b5:57:bf:38:a6:da:30:d4:b8:d3:f8:cd:30:ed:06:e8:
         ee:0d:ec:2c:69:03:9f:9a:c2:2f:97:31:12:82:66:6f:63:d2:
         b3:40:f4:8d:fb:85:e3:47:08:98:b9:12:2d:9d:0b:cc:8c:be:
         17:cc:01:94:e1:a6:cf:e1:f2:ac:04:e1:5d:b3:ff:7b:a4:3d:
         41:60:20:e2:5b:a3:a5:76:12:6e:f0:45:6b:76:ab:8f:e3:e1:
         54:34:78:c1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSWA9Ph3ulvPNq00JqqMzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyYmVjYzRiYThhNGQ1MjQ5OGEwZDI5ODNhNjhiNjEzODNh
YTdmZDcwHhcNMjQwMTAxMDQzMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDJiNWM3NGI3NGE1ODc0OGE2NDBlMGQ5NGQzMzFjNThlYjFhNDQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhsyNJjv3ei3JTKcGUdY8HKkHhaIR
H6A6VDWQOU5wtGwd+2KPbC3F7pLIMMFS43+mIygcOz0IRMxc14BMMDDVi+us47dS
eobNnlrrC9PXyQtfDD1EUN0FT7x3LNS1MAMXVscONsSD2XEkTaKA0aX10b3QLz/a
Ce5OX+/cl3nDLOgL63ik/IGGQy8pTkTd8kWpKMrFhudl4ck5hi4yFXDkfMGCxCaD
22w2zrq6JZ98Jn1Lsd9aXW6lDA3FDcKRlWPT4+f1SoXfov4Ain39XAjvsWeouR+8
SDoenoGr1dHF9Zb/V3ZDrlUYP/cnTBSph7xdyyf2yyQGjsy32qhivBcYwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC0rXHS3Slh0imQODZTTMcWOsaRIMB8GA1UdIwQY
MBaAFGK+zEuopNUkmKDSmDpothODqn/XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXI3TVM2aWsxU1NZb05LWU9taTJFNE9xZjljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85YzQ5M2ItNDE3Yi00YWY2LTlmNDMt
MmZmMTRjMjE4NzE5LzEvTFN0Y2RMZEtXSFNLWkE0TmxOTXh4WTZ4cEVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85YzQ5M2ItNDE3Yi00YWY2LTlmNDMtMmZmMTRjMjE4NzE5
LzEvWXI3TVM2aWsxU1NZb05LWU9taTJFNE9xZjljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVdHMMA0G
CSqGSIb3DQEBCwUAA4IBAQB8aXli2qi6SN+VltOvbR5DX/OxV6YHsCuf/J0EfLgO
KkZJWU50H1y9wf5/q4Y2moXPxXzeB1b3iF8OeG4dxj03ql5OAgFGa02Wl0X23IDx
N1l8jdG2sOevfhL5BwnbmXh9Ux2lN+LoayaNqf0qW3OcmYa7638/pHTvrgQ9h7Mt
/6g2HqXbDaBNf749a5/24/Y1OHvuT3pzadOKuP6zCv/ug3bHJrVXvzim2jDUuNP4
zTDtBujuDewsaQOfmsIvlzESgmZvY9KzQPSN+4XjRwiYuRItnQvMjL4XzAGU4abP
4fKsBOFds/97pD1BYCDiW6OldhJu8EVrdquP4+FUNHjB
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:35 2024 by rpki-client on console-ams.rpki-client.org