Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/d3c8f7-ff8d-42b8-a762-45377418fbb2/1/9sG9BI0-XKxaHYJB3Fnlylo6AbU.roa
File:                     9sG9BI0-XKxaHYJB3Fnlylo6AbU.roa (raw, json)
Hash identifier:          2GpGWqBlfNQSIECqu1MApy+m37YijLNRLgP6YXe2bgE=
Subject key identifier:   F6:C1:BD:04:8D:3E:5C:AC:5A:1D:82:41:DC:59:E5:CA:5A:3A:01:B5
Certificate issuer:       /CN=5c32a925c55f1d4e6e40c10f4e8e019b483c1d50
Certificate serial:       01856D8AF1D1BAA73AF8CFB5E4DDF7CA676D
Authority key identifier: 5C:32:A9:25:C5:5F:1D:4E:6E:40:C1:0F:4E:8E:01:9B:48:3C:1D:50
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XDKpJcVfHU5uQMEPTo4Bm0g8HVA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8f/d3c8f7-ff8d-42b8-a762-45377418fbb2/1/9sG9BI0-XKxaHYJB3Fnlylo6AbU.roa
Signing time:             Sun 01 Jan 2023 13:35:00 +0000
ROA not before:           Sun 01 Jan 2023 13:35:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        185.250.187.0/24 maxlen: 24
                          185.250.186.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:8a:f1:d1:ba:a7:3a:f8:cf:b5:e4:dd:f7:ca:67:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5c32a925c55f1d4e6e40c10f4e8e019b483c1d50
        Validity
            Not Before: Jan  1 13:35:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f6c1bd048d3e5cac5a1d8241dc59e5ca5a3a01b5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:e6:a5:36:5f:34:58:fe:4d:30:e6:9a:a3:89:
                    8d:52:4d:5c:33:3b:16:0d:94:b6:28:f0:82:35:94:
                    11:45:4a:e7:61:41:40:5c:3c:42:24:bd:06:8f:99:
                    99:bd:52:e5:c2:16:d5:28:ca:f0:00:26:c9:f5:61:
                    0b:a3:b5:45:5f:08:6a:08:58:38:4a:54:7a:7b:53:
                    88:38:81:72:6c:3e:62:0f:98:7a:9a:51:35:d4:56:
                    08:ff:ec:21:dd:c7:cd:7e:1d:1a:db:dd:0d:60:a7:
                    e0:d3:95:da:14:c7:62:fa:a9:1a:c2:fd:15:4f:c2:
                    5e:85:47:ee:c7:19:cf:9e:23:08:7a:51:8c:9c:71:
                    5d:f8:ac:ab:12:1d:05:9b:5b:5a:50:06:fe:b2:47:
                    97:9d:3a:1c:fa:38:6b:70:9b:4b:39:b2:d5:01:9e:
                    7f:82:81:5b:4e:6e:1d:bd:24:ee:6f:b8:f1:5b:56:
                    1a:87:50:90:d6:8d:35:6e:90:ac:da:25:7a:a2:ae:
                    65:82:fd:74:3b:29:ba:fe:09:f5:84:7c:11:0b:9f:
                    c9:82:7c:09:6b:d4:88:30:f1:a5:7d:98:7b:26:19:
                    9f:4b:e5:24:78:f3:13:83:9e:04:92:03:ec:42:82:
                    55:b2:11:fa:c6:59:2d:45:0d:07:4b:bb:43:fe:ab:
                    45:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:C1:BD:04:8D:3E:5C:AC:5A:1D:82:41:DC:59:E5:CA:5A:3A:01:B5
            X509v3 Authority Key Identifier:
                keyid:5C:32:A9:25:C5:5F:1D:4E:6E:40:C1:0F:4E:8E:01:9B:48:3C:1D:50

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XDKpJcVfHU5uQMEPTo4Bm0g8HVA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/d3c8f7-ff8d-42b8-a762-45377418fbb2/1/9sG9BI0-XKxaHYJB3Fnlylo6AbU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/d3c8f7-ff8d-42b8-a762-45377418fbb2/1/XDKpJcVfHU5uQMEPTo4Bm0g8HVA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.250.186.0/23

    Signature Algorithm: sha256WithRSAEncryption
         4a:32:0d:a0:6c:09:ca:b8:9f:d6:76:ed:e5:51:bc:d7:fe:23:
         fd:77:b9:18:c0:a5:fc:8c:93:aa:84:b3:c6:c5:7b:c4:32:04:
         e7:b3:62:f7:7f:ce:e7:5d:6d:95:8c:4f:88:79:49:f1:1d:08:
         77:d0:7b:35:a6:59:3b:95:7c:cd:87:0c:4c:e3:46:64:e5:0b:
         2b:b8:bf:31:1a:36:36:56:32:16:7a:14:6e:6a:d3:fa:21:d5:
         f2:74:cd:93:40:08:c6:31:23:86:60:cd:47:38:8d:f6:81:17:
         d0:f2:da:d6:b3:20:a6:e8:31:ef:ac:cf:95:cf:31:99:4c:c5:
         80:33:71:4f:ae:26:2b:fe:f2:4d:19:77:68:4f:3e:0e:e8:98:
         72:f3:69:62:42:40:7e:0c:81:24:54:41:a9:8f:f6:19:00:56:
         38:07:f4:07:f0:8c:ee:a7:61:e4:96:eb:e7:c4:54:5b:34:89:
         f7:90:4a:b7:d3:38:1b:d7:33:5f:18:71:be:bf:20:24:7d:e0:
         9a:13:20:3c:ec:94:06:2e:06:19:1b:66:b7:c7:7c:30:09:4e:
         f1:80:2e:24:80:3c:e4:92:4c:b2:36:3d:cf:ec:cd:78:29:af:
         5d:ca:33:c1:e1:93:4c:f5:96:d8:17:49:7d:4b:de:4d:4d:17:
         da:d3:7e:4e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtivHRuqc6+M+15N33ymdtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjMzJhOTI1YzU1ZjFkNGU2ZTQwYzEwZjRlOGUwMTliNDgz
YzFkNTAwHhcNMjMwMTAxMTMzNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmMxYmQwNDhkM2U1Y2FjNWExZDgyNDFkYzU5ZTVjYTVhM2EwMWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnOalNl80WP5NMOaao4mNUk1cMzsW
DZS2KPCCNZQRRUrnYUFAXDxCJL0Gj5mZvVLlwhbVKMrwACbJ9WELo7VFXwhqCFg4
SlR6e1OIOIFybD5iD5h6mlE11FYI/+wh3cfNfh0a290NYKfg05XaFMdi+qkawv0V
T8JehUfuxxnPniMIelGMnHFd+KyrEh0Fm1taUAb+skeXnToc+jhrcJtLObLVAZ5/
goFbTm4dvSTub7jxW1Yah1CQ1o01bpCs2iV6oq5lgv10Oym6/gn1hHwRC5/JgnwJ
a9SIMPGlfZh7JhmfS+UkePMTg54EkgPsQoJVshH6xlktRQ0HS7tD/qtFKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPbBvQSNPlysWh2CQdxZ5cpaOgG1MB8GA1UdIwQY
MBaAFFwyqSXFXx1ObkDBD06OAZtIPB1QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWERLcEpjVmZIVTV1UU1FUFRvNEJtMGc4SFZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi9kM2M4ZjctZmY4ZC00MmI4LWE3NjIt
NDUzNzc0MThmYmIyLzEvOXNHOUJJMC1YS3hhSFlKQjNGbmx5bG82QWJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi9kM2M4ZjctZmY4ZC00MmI4LWE3NjItNDUzNzc0MThmYmIy
LzEvWERLcEpjVmZIVTV1UU1FUFRvNEJtMGc4SFZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBufq6MA0G
CSqGSIb3DQEBCwUAA4IBAQBKMg2gbAnKuJ/Wdu3lUbzX/iP9d7kYwKX8jJOqhLPG
xXvEMgTns2L3f87nXW2VjE+IeUnxHQh30Hs1plk7lXzNhwxM40Zk5QsruL8xGjY2
VjIWehRuatP6IdXydM2TQAjGMSOGYM1HOI32gRfQ8trWsyCm6DHvrM+VzzGZTMWA
M3FPriYr/vJNGXdoTz4O6Jhy82liQkB+DIEkVEGpj/YZAFY4B/QH8Izup2Hkluvn
xFRbNIn3kEq30zgb1zNfGHG+vyAkfeCaEyA87JQGLgYZG2a3x3wwCU7xgC4kgDzk
kkyyNj3P7M14Ka9dyjPB4ZNM9ZbYF0l9S95NTRfa035O
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:19:34 2024 by rpki-client on console-ams.rpki-client.org