Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/bcbd03-d231-4d33-b3c5-98fa827186a9/1/pEwmGBsXHOUdFvDFX-_Nq0YgwnY.roa
File:                     pEwmGBsXHOUdFvDFX-_Nq0YgwnY.roa (raw, json)
Hash identifier:          O6645N/c5ZEc1MyObBZ2qN/UYv/XXKsn4tX/9uffirw=
Subject key identifier:   A4:4C:26:18:1B:17:1C:E5:1D:16:F0:C5:5F:EF:CD:AB:46:20:C2:76
Certificate issuer:       /CN=162d78249b721b4d2ce8cf6dfcfbc4422213ac9d
Certificate serial:       018572BA886AF7C542EF2E10FEF93FC7A2F2
Authority key identifier: 16:2D:78:24:9B:72:1B:4D:2C:E8:CF:6D:FC:FB:C4:42:22:13:AC:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Fi14JJtyG00s6M9t_PvEQiITrJ0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/91/bcbd03-d231-4d33-b3c5-98fa827186a9/1/pEwmGBsXHOUdFvDFX-_Nq0YgwnY.roa
Signing time:             Mon 02 Jan 2023 13:45:05 +0000
ROA not before:           Mon 02 Jan 2023 13:45:05 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     203944
IP address blocks:        185.118.218.0/23 maxlen: 23
                          185.118.216.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Fri 07 Apr 2023 13:21:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:ba:88:6a:f7:c5:42:ef:2e:10:fe:f9:3f:c7:a2:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=162d78249b721b4d2ce8cf6dfcfbc4422213ac9d
        Validity
            Not Before: Jan  2 13:45:05 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a44c26181b171ce51d16f0c55fefcdab4620c276
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:c0:dc:9e:f0:a1:6b:6e:2f:ea:64:ca:43:b4:
                    f9:05:d2:8e:6e:d9:7c:cb:ef:01:0e:95:e5:09:c5:
                    76:31:16:1c:0c:9f:72:15:ce:4b:46:db:6a:cb:e4:
                    4e:db:af:45:26:0c:70:0d:56:49:b7:44:11:73:60:
                    b4:26:76:2c:01:a3:6a:2c:c5:7f:28:4b:a9:bd:b3:
                    a5:ce:f3:5a:bb:69:4a:f2:9d:df:cb:8c:5e:20:92:
                    43:ed:88:ae:38:ae:9f:f1:a8:b2:a5:14:2d:5d:be:
                    1d:99:eb:16:bc:f5:2c:01:ec:16:90:5d:81:e6:ac:
                    04:92:72:4d:da:da:c4:93:bf:a6:af:81:ab:13:c5:
                    33:80:13:8e:c9:54:87:6a:92:d5:de:75:29:57:75:
                    ce:4b:96:8f:a7:75:ee:f6:8c:d4:ed:13:f1:f1:46:
                    c6:b7:a3:bf:d7:07:e5:fd:7a:a7:4d:e3:33:26:5b:
                    22:54:48:12:0a:3d:11:05:93:f6:c7:8e:c8:7e:8b:
                    7b:a9:6e:d8:65:d2:8e:58:a2:59:3e:46:49:2b:57:
                    2d:a0:80:f9:d9:a3:8d:05:e6:00:ae:4d:5a:fb:a2:
                    47:80:62:0a:69:43:f0:b1:82:c3:25:d6:97:f1:5b:
                    b3:41:36:bd:b6:61:95:91:c8:f5:2b:7b:08:8e:c8:
                    54:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:4C:26:18:1B:17:1C:E5:1D:16:F0:C5:5F:EF:CD:AB:46:20:C2:76
            X509v3 Authority Key Identifier:
                keyid:16:2D:78:24:9B:72:1B:4D:2C:E8:CF:6D:FC:FB:C4:42:22:13:AC:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Fi14JJtyG00s6M9t_PvEQiITrJ0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/bcbd03-d231-4d33-b3c5-98fa827186a9/1/pEwmGBsXHOUdFvDFX-_Nq0YgwnY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/91/bcbd03-d231-4d33-b3c5-98fa827186a9/1/Fi14JJtyG00s6M9t_PvEQiITrJ0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.118.216.0/22

    Signature Algorithm: sha256WithRSAEncryption
         36:af:88:67:eb:40:a5:93:ba:cd:97:49:31:18:9e:51:2f:b6:
         6c:8c:7d:ee:18:6b:7c:ba:15:b4:58:6a:4a:cd:27:02:77:8c:
         3f:3c:cd:e1:29:1b:d6:2d:0d:15:4d:5f:56:e1:e6:e4:0a:6f:
         8a:6e:2e:45:2a:65:23:9a:3f:87:0a:38:c4:6c:5c:32:54:49:
         5a:4e:f3:b8:38:b4:26:98:08:d3:8e:71:3f:e4:e4:94:8c:74:
         3c:aa:c4:ee:cc:27:d1:da:3e:8f:09:ef:a6:bf:41:27:fb:a0:
         01:43:56:c3:8a:ae:f5:a6:d6:a7:a2:18:a9:c5:b0:7a:e4:41:
         54:ca:dc:27:56:f1:b1:7a:d3:d4:79:2a:18:24:06:37:ae:8d:
         c8:38:03:26:17:17:17:7e:0d:8a:35:fc:e1:9d:b0:11:4f:a0:
         16:88:f3:ea:97:a2:f3:b7:64:aa:83:6b:81:69:0e:89:2a:32:
         a4:80:56:18:ff:11:7f:8e:c5:c0:cc:47:25:4b:bc:6f:af:b2:
         be:00:e5:71:38:30:71:8a:f0:e6:2f:f2:da:da:4c:29:d9:85:
         1d:9a:ea:03:3c:a9:21:db:52:d4:75:92:6a:5a:d6:d1:3e:71:
         e9:58:24:13:e5:56:9c:f3:69:60:75:05:c5:26:f2:76:ca:bb:
         53:cb:12:96
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyuohq98VC7y4Q/vk/x6LyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MmQ3ODI0OWI3MjFiNGQyY2U4Y2Y2ZGZjZmJjNDQyMjIx
M2FjOWQwHhcNMjMwMTAyMTM0NTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDRjMjYxODFiMTcxY2U1MWQxNmYwYzU1ZmVmY2RhYjQ2MjBjMjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgcDcnvCha24v6mTKQ7T5BdKObtl8
y+8BDpXlCcV2MRYcDJ9yFc5LRttqy+RO269FJgxwDVZJt0QRc2C0JnYsAaNqLMV/
KEupvbOlzvNau2lK8p3fy4xeIJJD7YiuOK6f8aiypRQtXb4dmesWvPUsAewWkF2B
5qwEknJN2trEk7+mr4GrE8UzgBOOyVSHapLV3nUpV3XOS5aPp3Xu9ozU7RPx8UbG
t6O/1wfl/XqnTeMzJlsiVEgSCj0RBZP2x47Ifot7qW7YZdKOWKJZPkZJK1ctoID5
2aONBeYArk1a+6JHgGIKaUPwsYLDJdaX8VuzQTa9tmGVkcj1K3sIjshUMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKRMJhgbFxzlHRbwxV/vzatGIMJ2MB8GA1UdIwQY
MBaAFBYteCSbchtNLOjPbfz7xEIiE6ydMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmkxNEpKdHlHMDBzNk05dF9QdkVRaUlUckowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9iY2JkMDMtZDIzMS00ZDMzLWIzYzUt
OThmYTgyNzE4NmE5LzEvcEV3bUdCc1hIT1VkRnZERlgtX05xMFlnd25ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9iY2JkMDMtZDIzMS00ZDMzLWIzYzUtOThmYTgyNzE4NmE5
LzEvRmkxNEpKdHlHMDBzNk05dF9QdkVRaUlUckowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXbYMA0G
CSqGSIb3DQEBCwUAA4IBAQA2r4hn60Clk7rNl0kxGJ5RL7ZsjH3uGGt8uhW0WGpK
zScCd4w/PM3hKRvWLQ0VTV9W4ebkCm+Kbi5FKmUjmj+HCjjEbFwyVElaTvO4OLQm
mAjTjnE/5OSUjHQ8qsTuzCfR2j6PCe+mv0En+6ABQ1bDiq71ptanohipxbB65EFU
ytwnVvGxetPUeSoYJAY3ro3IOAMmFxcXfg2KNfzhnbART6AWiPPql6Lzt2Sqg2uB
aQ6JKjKkgFYY/xF/jsXAzEclS7xvr7K+AOVxODBxivDmL/La2kwp2YUdmuoDPKkh
21LUdZJqWtbRPnHpWCQT5Vac82lgdQXFJvJ2yrtTyxKW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:24 2024 by rpki-client on console-fra.rpki-client.org