Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/a0d674-87b6-4318-bed2-267547ea1e35/1/Dc2mu5FqiVBJtU_Pv5Z44iVjGCg.roa
File:                     Dc2mu5FqiVBJtU_Pv5Z44iVjGCg.roa (raw, json)
Hash identifier:          l9L/5+LPih4s7j5U9LdqHmFVY0UsriI2vB8UF3J3lbk=
Subject key identifier:   0D:CD:A6:BB:91:6A:89:50:49:B5:4F:CF:BF:96:78:E2:25:63:18:28
Certificate issuer:       /CN=28b0ff7998ca8854ce7c475a972ed1d52a5c60cd
Certificate serial:       01856C53A84E1E09B76DF5E8A8E95D7D0380
Authority key identifier: 28:B0:FF:79:98:CA:88:54:CE:7C:47:5A:97:2E:D1:D5:2A:5C:60:CD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KLD_eZjKiFTOfEdaly7R1SpcYM0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8e/a0d674-87b6-4318-bed2-267547ea1e35/1/Dc2mu5FqiVBJtU_Pv5Z44iVjGCg.roa
Signing time:             Sun 01 Jan 2023 07:54:59 +0000
ROA not before:           Sun 01 Jan 2023 07:54:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     14618
IP address blocks:        185.119.223.0/24 maxlen: 24
                          185.119.221.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:30:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:53:a8:4e:1e:09:b7:6d:f5:e8:a8:e9:5d:7d:03:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=28b0ff7998ca8854ce7c475a972ed1d52a5c60cd
        Validity
            Not Before: Jan  1 07:54:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0dcda6bb916a895049b54fcfbf9678e225631828
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:5b:cf:a4:0c:a7:7e:4c:98:27:05:7e:f7:82:
                    28:8b:d5:5e:dd:ff:36:e0:05:46:b1:dd:57:6e:24:
                    f5:fe:52:2e:77:5d:08:73:a9:e5:d0:c8:84:38:fa:
                    ac:96:71:12:f5:1b:ea:7c:9d:cc:d2:1f:b3:c2:4b:
                    62:de:0b:6f:0b:aa:27:2a:89:aa:dd:cb:8a:66:d4:
                    3d:1d:80:cc:b1:64:e6:4f:a3:21:fd:95:d8:ef:49:
                    3e:ef:0e:ca:93:bd:b1:d0:3a:24:da:ee:43:f4:79:
                    b3:11:ff:12:a7:40:67:03:82:bc:5c:6b:87:dc:73:
                    2b:ed:9d:d2:f2:a5:2f:65:4a:70:45:e3:c1:e4:c0:
                    b7:de:8e:5b:9f:6c:b2:63:43:3a:a7:43:a5:05:88:
                    75:59:5a:c7:f3:cb:12:8b:fa:b2:6d:3c:ad:57:58:
                    14:b8:7b:dd:d3:2e:52:cc:ad:02:c8:51:db:85:07:
                    7e:fa:c7:ab:87:1e:34:91:8d:62:56:a7:c4:b2:1e:
                    45:1c:bf:93:00:a1:4f:b9:32:63:13:f2:a2:4b:80:
                    22:e5:7f:10:60:b3:16:38:66:06:cc:55:0a:3e:b3:
                    97:7a:6e:86:0d:c4:2f:42:33:ca:37:fd:b5:b7:25:
                    89:3e:14:51:30:ff:20:bc:48:d3:13:d4:0e:07:c1:
                    02:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:CD:A6:BB:91:6A:89:50:49:B5:4F:CF:BF:96:78:E2:25:63:18:28
            X509v3 Authority Key Identifier:
                keyid:28:B0:FF:79:98:CA:88:54:CE:7C:47:5A:97:2E:D1:D5:2A:5C:60:CD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KLD_eZjKiFTOfEdaly7R1SpcYM0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/a0d674-87b6-4318-bed2-267547ea1e35/1/Dc2mu5FqiVBJtU_Pv5Z44iVjGCg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/a0d674-87b6-4318-bed2-267547ea1e35/1/KLD_eZjKiFTOfEdaly7R1SpcYM0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.119.221.0/24
                  185.119.223.0/24

    Signature Algorithm: sha256WithRSAEncryption
         39:d8:03:4b:b8:28:88:2b:25:c5:ab:5e:38:39:71:f9:98:8c:
         5b:3b:5f:56:4b:42:ba:a7:65:df:2d:94:b2:4f:79:57:e6:54:
         7f:83:14:60:ae:46:45:c8:37:12:d1:15:c0:a3:12:02:b7:8c:
         93:17:7c:90:01:b9:ad:55:5f:c9:0c:a8:63:84:86:a6:15:b4:
         5a:f1:20:ee:9a:d4:2a:db:98:79:c8:20:78:eb:ae:b5:74:65:
         92:85:41:93:3d:73:6c:26:e8:b3:1c:a2:cc:37:36:29:c8:4f:
         07:6a:98:69:b7:d1:f0:53:dc:af:68:23:84:a3:ba:44:10:e7:
         3e:cb:9d:c7:35:c8:c1:38:cc:09:b5:0c:01:9b:cf:18:86:a6:
         45:1a:e8:89:b4:0a:70:e2:83:ae:c1:26:0a:99:50:31:94:e8:
         0a:71:f2:6a:81:95:c8:f5:47:0c:00:ea:a8:f5:65:de:63:0d:
         0b:a2:73:48:a4:07:92:59:d0:ea:f5:e7:e0:79:75:0c:50:5f:
         ea:a4:b9:ce:f4:cc:24:5c:02:4e:38:96:0f:e5:7f:8e:54:9c:
         8f:24:5b:e8:2e:b0:4b:52:c4:16:ee:1a:2c:b1:c4:a3:e5:d3:
         1d:0c:1a:f9:fd:51:60:48:48:18:9f:44:1b:ce:17:1d:82:d0:
         39:96:8d:43
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVsU6hOHgm3bfXoqOldfQOAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4YjBmZjc5OThjYTg4NTRjZTdjNDc1YTk3MmVkMWQ1MmE1
YzYwY2QwHhcNMjMwMTAxMDc1NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGNkYTZiYjkxNmE4OTUwNDliNTRmY2ZiZjk2NzhlMjI1NjMxODI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs1vPpAynfkyYJwV+94Ioi9Ve3f82
4AVGsd1XbiT1/lIud10Ic6nl0MiEOPqslnES9RvqfJ3M0h+zwkti3gtvC6onKomq
3cuKZtQ9HYDMsWTmT6Mh/ZXY70k+7w7Kk72x0Dok2u5D9HmzEf8Sp0BnA4K8XGuH
3HMr7Z3S8qUvZUpwRePB5MC33o5bn2yyY0M6p0OlBYh1WVrH88sSi/qybTytV1gU
uHvd0y5SzK0CyFHbhQd++serhx40kY1iVqfEsh5FHL+TAKFPuTJjE/KiS4Ai5X8Q
YLMWOGYGzFUKPrOXem6GDcQvQjPKN/21tyWJPhRRMP8gvEjTE9QOB8ECZwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFA3NpruRaolQSbVPz7+WeOIlYxgoMB8GA1UdIwQY
MBaAFCiw/3mYyohUznxHWpcu0dUqXGDNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0xEX2VaaktpRlRPZkVkYWx5N1IxU3BjWU0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9hMGQ2NzQtODdiNi00MzE4LWJlZDIt
MjY3NTQ3ZWExZTM1LzEvRGMybXU1RnFpVkJKdFVfUHY1WjQ0aVZqR0NnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9hMGQ2NzQtODdiNi00MzE4LWJlZDItMjY3NTQ3ZWExZTM1
LzEvS0xEX2VaaktpRlRPZkVkYWx5N1IxU3BjWU0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuXfdAwQA
uXffMA0GCSqGSIb3DQEBCwUAA4IBAQA52ANLuCiIKyXFq144OXH5mIxbO19WS0K6
p2XfLZSyT3lX5lR/gxRgrkZFyDcS0RXAoxICt4yTF3yQAbmtVV/JDKhjhIamFbRa
8SDumtQq25h5yCB46661dGWShUGTPXNsJuizHKLMNzYpyE8Haphpt9HwU9yvaCOE
o7pEEOc+y53HNcjBOMwJtQwBm88YhqZFGuiJtApw4oOuwSYKmVAxlOgKcfJqgZXI
9UcMAOqo9WXeYw0LonNIpAeSWdDq9efgeXUMUF/qpLnO9MwkXAJOOJYP5X+OVJyP
JFvoLrBLUsQW7hosscSj5dMdDBr5/VFgSEgYn0QbzhcdgtA5lo1D
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:22 2024 by rpki-client on console-ams.rpki-client.org