Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/204268-6078-4b53-94d2-44fde96b8aec/1/Y8LSHMr6Z0V8UczDf2QvkZ8MWqk.roa
File:                     Y8LSHMr6Z0V8UczDf2QvkZ8MWqk.roa (raw, json)
Hash identifier:          zrh252a585pRf/6c2/1hlqZgpRWRiThtCjMGFmTCAJ0=
Subject key identifier:   63:C2:D2:1C:CA:FA:67:45:7C:51:CC:C3:7F:64:2F:91:9F:0C:5A:A9
Certificate issuer:       /CN=856f0c90073afb8ecde7e83409ceabdb93b41a4e
Certificate serial:       018570CBD61BCFDB08824DCDC466F2A9D8E3
Authority key identifier: 85:6F:0C:90:07:3A:FB:8E:CD:E7:E8:34:09:CE:AB:DB:93:B4:1A:4E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hW8MkAc6-47N5-g0Cc6r25O0Gk4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8c/204268-6078-4b53-94d2-44fde96b8aec/1/Y8LSHMr6Z0V8UczDf2QvkZ8MWqk.roa
Signing time:             Mon 02 Jan 2023 04:44:44 +0000
ROA not before:           Mon 02 Jan 2023 04:44:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     24940
IP address blocks:        185.110.95.0/24 maxlen: 32

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:29:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:cb:d6:1b:cf:db:08:82:4d:cd:c4:66:f2:a9:d8:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=856f0c90073afb8ecde7e83409ceabdb93b41a4e
        Validity
            Not Before: Jan  2 04:44:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=63c2d21ccafa67457c51ccc37f642f919f0c5aa9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:b1:57:18:b5:69:93:e6:97:85:e0:c5:0a:ce:
                    90:cf:a7:89:47:bf:5e:c7:0c:2a:69:37:3f:a0:5f:
                    fc:d8:f6:47:f7:27:b8:37:64:ca:96:d3:fd:ce:82:
                    b9:f2:83:a1:e1:a6:b4:b9:ce:a1:3c:fa:5f:ea:61:
                    0b:18:3a:30:bb:9c:6f:29:73:c5:5c:14:69:52:77:
                    3b:13:d9:dd:b1:b0:0d:62:1a:4a:6a:24:c2:82:81:
                    79:bc:8c:41:5b:55:7c:bb:bd:25:14:83:4b:7e:74:
                    86:17:d7:cf:b4:31:5a:3e:43:b5:82:2d:be:5f:51:
                    fc:23:40:92:6f:d8:25:10:28:2a:cf:f1:a3:da:78:
                    a7:43:9e:e6:b0:91:2d:5e:1a:91:0d:3b:80:ab:a5:
                    bc:1d:3b:52:13:65:a7:15:19:4c:94:65:68:b6:a3:
                    2c:75:1e:ab:ef:32:f3:10:c6:70:13:62:73:e6:4f:
                    a6:19:84:ca:d4:2a:5f:86:07:05:10:4b:e5:51:7f:
                    cf:27:fe:14:c9:d8:f9:84:61:14:eb:7c:e8:3c:10:
                    e1:ab:b4:c4:97:1c:a3:c7:29:36:ff:06:d8:d0:3e:
                    89:a7:0d:a2:41:0d:55:70:00:55:43:7a:11:b1:85:
                    f4:4d:62:d7:6e:68:c2:af:de:c5:74:df:67:d0:18:
                    27:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:C2:D2:1C:CA:FA:67:45:7C:51:CC:C3:7F:64:2F:91:9F:0C:5A:A9
            X509v3 Authority Key Identifier:
                keyid:85:6F:0C:90:07:3A:FB:8E:CD:E7:E8:34:09:CE:AB:DB:93:B4:1A:4E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hW8MkAc6-47N5-g0Cc6r25O0Gk4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/204268-6078-4b53-94d2-44fde96b8aec/1/Y8LSHMr6Z0V8UczDf2QvkZ8MWqk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/204268-6078-4b53-94d2-44fde96b8aec/1/hW8MkAc6-47N5-g0Cc6r25O0Gk4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.110.95.0/24

    Signature Algorithm: sha256WithRSAEncryption
         50:21:96:bc:27:dc:ec:f2:67:50:be:58:a6:22:a1:8b:e9:0a:
         b1:59:60:9b:d8:cb:f8:17:8a:00:66:a4:4c:ea:ae:f9:fc:93:
         33:5a:f8:0e:47:9e:2e:fc:2c:64:d3:c5:98:29:32:d1:f3:fe:
         ed:81:8d:dc:8c:e0:22:00:e7:f5:70:c7:63:d9:25:cf:6e:16:
         65:5d:fb:52:76:8a:bb:67:ad:c2:03:b1:03:8e:5c:4c:ce:1e:
         1a:db:82:5f:a1:ca:ea:26:01:c6:f3:90:77:63:2e:36:c8:1b:
         15:84:26:03:04:b4:84:6e:60:7f:bb:59:af:1e:72:61:68:55:
         f2:d2:b5:47:80:cc:c9:b7:d0:db:8a:9f:e1:89:fc:4b:a6:1f:
         12:a2:40:8b:99:f8:da:60:31:b0:4a:f1:7a:5d:59:aa:f6:de:
         7c:bc:e7:d8:66:53:30:3b:a6:0d:1d:5a:63:6e:2a:cd:c0:8e:
         7c:73:56:4c:30:71:6e:e1:b4:bc:5d:8c:4a:cb:b3:f6:ee:be:
         ed:68:4b:26:4d:a6:6d:a7:38:35:21:a0:e1:62:4f:d3:80:cd:
         53:80:d7:eb:6b:a2:44:9e:d4:95:71:09:fd:67:34:b3:73:fa:
         67:93:03:5d:fc:c4:8c:91:c3:d3:6e:19:6f:63:86:b1:e2:a9:
         b9:dd:69:77
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwy9Ybz9sIgk3NxGbyqdjjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NmYwYzkwMDczYWZiOGVjZGU3ZTgzNDA5Y2VhYmRiOTNi
NDFhNGUwHhcNMjMwMTAyMDQ0NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2MyZDIxY2NhZmE2NzQ1N2M1MWNjYzM3ZjY0MmY5MTlmMGM1YWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAibFXGLVpk+aXheDFCs6Qz6eJR79e
xwwqaTc/oF/82PZH9ye4N2TKltP9zoK58oOh4aa0uc6hPPpf6mELGDowu5xvKXPF
XBRpUnc7E9ndsbANYhpKaiTCgoF5vIxBW1V8u70lFINLfnSGF9fPtDFaPkO1gi2+
X1H8I0CSb9glECgqz/Gj2ninQ57msJEtXhqRDTuAq6W8HTtSE2WnFRlMlGVotqMs
dR6r7zLzEMZwE2Jz5k+mGYTK1CpfhgcFEEvlUX/PJ/4Uydj5hGEU63zoPBDhq7TE
lxyjxyk2/wbY0D6Jpw2iQQ1VcABVQ3oRsYX0TWLXbmjCr97FdN9n0BgnmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGPC0hzK+mdFfFHMw39kL5GfDFqpMB8GA1UdIwQY
MBaAFIVvDJAHOvuOzefoNAnOq9uTtBpOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFc4TWtBYzYtNDdONS1nMENjNnIyNU8wR2s0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy8yMDQyNjgtNjA3OC00YjUzLTk0ZDIt
NDRmZGU5NmI4YWVjLzEvWThMU0hNcjZaMFY4VWN6RGYyUXZrWjhNV3FrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy8yMDQyNjgtNjA3OC00YjUzLTk0ZDItNDRmZGU5NmI4YWVj
LzEvaFc4TWtBYzYtNDdONS1nMENjNnIyNU8wR2s0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuW5fMA0G
CSqGSIb3DQEBCwUAA4IBAQBQIZa8J9zs8mdQvlimIqGL6QqxWWCb2Mv4F4oAZqRM
6q75/JMzWvgOR54u/Cxk08WYKTLR8/7tgY3cjOAiAOf1cMdj2SXPbhZlXftSdoq7
Z63CA7EDjlxMzh4a24JfocrqJgHG85B3Yy42yBsVhCYDBLSEbmB/u1mvHnJhaFXy
0rVHgMzJt9Dbip/hifxLph8SokCLmfjaYDGwSvF6XVmq9t58vOfYZlMwO6YNHVpj
birNwI58c1ZMMHFu4bS8XYxKy7P27r7taEsmTaZtpzg1IaDhYk/TgM1TgNfra6JE
ntSVcQn9ZzSzc/pnkwNd/MSMkcPTbhlvY4ax4qm53Wl3
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:56 2024 by rpki-client on console-ams.rpki-client.org