Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/9d17bb-6d16-4e6d-be2d-371fc5c80950/1/IVXO8_5IOTaeDC2LRt3U2J_qxVQ.roa
File:                     IVXO8_5IOTaeDC2LRt3U2J_qxVQ.roa (raw, json)
Hash identifier:          0zBWHDtdM6UaZVyK28hZyXUePf3XjgKIgSxF0F3TuYs=
Subject key identifier:   21:55:CE:F3:FE:48:39:36:9E:0C:2D:8B:46:DD:D4:D8:9F:EA:C5:54
Certificate issuer:       /CN=9cac4f61f468b72002ab25f112e52011ed782cce
Certificate serial:       01856C4129BE2BEAE308C914CE2B81BA444D
Authority key identifier: 9C:AC:4F:61:F4:68:B7:20:02:AB:25:F1:12:E5:20:11:ED:78:2C:CE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nKxPYfRotyACqyXxEuUgEe14LM4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/92/9d17bb-6d16-4e6d-be2d-371fc5c80950/1/IVXO8_5IOTaeDC2LRt3U2J_qxVQ.roa
Signing time:             Sun 01 Jan 2023 07:34:47 +0000
ROA not before:           Sun 01 Jan 2023 07:34:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     39050
IP address blocks:        185.224.214.0/24 maxlen: 24
                          2a10:9880::/29 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:29:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:41:29:be:2b:ea:e3:08:c9:14:ce:2b:81:ba:44:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9cac4f61f468b72002ab25f112e52011ed782cce
        Validity
            Not Before: Jan  1 07:34:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2155cef3fe4839369e0c2d8b46ddd4d89feac554
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:69:e4:8b:03:8f:ad:66:28:eb:68:a6:92:78:
                    17:7d:6f:7e:47:4a:aa:9d:26:41:fd:9f:44:c1:ce:
                    1e:df:e2:2b:79:84:db:a4:bb:76:0b:35:f3:8a:be:
                    e6:dc:6e:af:7c:8d:b9:58:15:e5:8e:84:5d:18:71:
                    a9:68:ca:af:1f:1b:74:a1:5b:6d:0b:65:fa:ec:cc:
                    92:50:ab:05:a8:86:ed:4b:5e:f9:d9:5a:a8:36:dc:
                    3c:d5:e7:f5:a7:a1:53:26:ac:63:06:d8:3e:46:51:
                    ac:e7:d9:45:ae:50:7f:c9:5c:bb:09:23:32:32:8a:
                    c6:bb:94:ef:2b:35:d0:95:7a:ab:d3:dc:de:36:08:
                    a2:9a:e3:12:32:d3:07:9e:f0:04:5a:44:7a:c5:dc:
                    2c:36:e5:3b:8d:0c:93:ae:16:c1:a4:07:2a:fd:64:
                    f6:18:40:bf:28:c2:ee:c8:b4:1d:6a:5e:89:6b:db:
                    41:fc:b8:51:01:d6:ea:40:02:c3:44:ce:36:7d:9e:
                    1b:ec:59:4e:71:9d:80:14:f3:8c:7d:04:58:03:b4:
                    35:0e:1c:db:06:0f:8d:c4:22:85:12:54:4e:cc:a2:
                    94:5a:46:45:9c:ea:ba:9a:04:2f:70:dc:c1:3b:dd:
                    31:b2:b2:15:55:fb:d8:07:19:eb:e4:f0:3b:38:6a:
                    ad:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:55:CE:F3:FE:48:39:36:9E:0C:2D:8B:46:DD:D4:D8:9F:EA:C5:54
            X509v3 Authority Key Identifier:
                keyid:9C:AC:4F:61:F4:68:B7:20:02:AB:25:F1:12:E5:20:11:ED:78:2C:CE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nKxPYfRotyACqyXxEuUgEe14LM4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/9d17bb-6d16-4e6d-be2d-371fc5c80950/1/IVXO8_5IOTaeDC2LRt3U2J_qxVQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/92/9d17bb-6d16-4e6d-be2d-371fc5c80950/1/nKxPYfRotyACqyXxEuUgEe14LM4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.224.214.0/24
                IPv6:
                  2a10:9880::/29

    Signature Algorithm: sha256WithRSAEncryption
         42:d2:ea:4a:01:46:70:4a:fb:63:c8:12:dd:22:a7:13:fb:89:
         2e:63:4a:dc:98:6f:3d:e0:83:18:62:91:91:c8:1d:65:3c:5e:
         62:01:6e:ba:db:c8:b6:68:b3:76:09:11:57:e1:77:b8:0d:38:
         d9:73:ef:33:f1:b3:3e:59:53:08:90:ea:80:8d:0d:68:e2:ea:
         92:51:4f:8c:84:75:5d:27:da:be:04:8d:43:5e:00:2d:90:e1:
         f3:20:36:3a:0f:7a:eb:34:89:62:1a:b7:b2:a0:30:ea:77:46:
         20:58:6b:28:0a:df:07:0c:65:c0:b2:f8:0c:1b:5a:d0:fb:c7:
         53:66:9b:9b:40:ea:3f:a5:fe:6d:1a:ec:22:0d:ce:51:c0:33:
         19:df:26:9d:94:e9:60:c2:b2:65:99:8a:95:db:79:8a:e9:f7:
         e9:4a:e7:23:c7:85:df:f7:9f:f4:ac:8a:c9:28:c9:8a:01:8d:
         c1:1d:08:1c:09:f0:55:5e:6d:84:29:7a:83:50:93:18:c4:ac:
         2c:a6:e9:a4:8f:a9:75:5c:0f:fc:cb:cd:40:50:26:9f:76:9e:
         ff:28:08:41:b2:15:3b:8c:36:d6:e6:d6:72:5c:14:fc:98:a6:
         64:ae:85:2a:f4:5b:42:3f:b3:cb:73:21:b2:2b:8a:cd:bc:bd:
         c1:0d:98:09
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVsQSm+K+rjCMkUziuBukRNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljYWM0ZjYxZjQ2OGI3MjAwMmFiMjVmMTEyZTUyMDExZWQ3
ODJjY2UwHhcNMjMwMTAxMDczNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTU1Y2VmM2ZlNDgzOTM2OWUwYzJkOGI0NmRkZDRkODlmZWFjNTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo2nkiwOPrWYo62imkngXfW9+R0qq
nSZB/Z9Ewc4e3+IreYTbpLt2CzXzir7m3G6vfI25WBXljoRdGHGpaMqvHxt0oVtt
C2X67MySUKsFqIbtS1752VqoNtw81ef1p6FTJqxjBtg+RlGs59lFrlB/yVy7CSMy
MorGu5TvKzXQlXqr09zeNgiimuMSMtMHnvAEWkR6xdwsNuU7jQyTrhbBpAcq/WT2
GEC/KMLuyLQdal6Ja9tB/LhRAdbqQALDRM42fZ4b7FlOcZ2AFPOMfQRYA7Q1Dhzb
Bg+NxCKFElROzKKUWkZFnOq6mgQvcNzBO90xsrIVVfvYBxnr5PA7OGqtawIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCFVzvP+SDk2ngwti0bd1Nif6sVUMB8GA1UdIwQY
MBaAFJysT2H0aLcgAqsl8RLlIBHteCzOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkt4UFlmUm90eUFDcXlYeEV1VWdFZTE0TE00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi85ZDE3YmItNmQxNi00ZTZkLWJlMmQt
MzcxZmM1YzgwOTUwLzEvSVZYTzhfNUlPVGFlREMyTFJ0M1UySl9xeFZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi85ZDE3YmItNmQxNi00ZTZkLWJlMmQtMzcxZmM1YzgwOTUw
LzEvbkt4UFlmUm90eUFDcXlYeEV1VWdFZTE0TE00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAueDWMA0E
AgACMAcDBQMqEJiAMA0GCSqGSIb3DQEBCwUAA4IBAQBC0upKAUZwSvtjyBLdIqcT
+4kuY0rcmG894IMYYpGRyB1lPF5iAW6628i2aLN2CRFX4Xe4DTjZc+8z8bM+WVMI
kOqAjQ1o4uqSUU+MhHVdJ9q+BI1DXgAtkOHzIDY6D3rrNIliGreyoDDqd0YgWGso
Ct8HDGXAsvgMG1rQ+8dTZpubQOo/pf5tGuwiDc5RwDMZ3yadlOlgwrJlmYqV23mK
6ffpSucjx4Xf95/0rIrJKMmKAY3BHQgcCfBVXm2EKXqDUJMYxKwspumkj6l1XA/8
y81AUCafdp7/KAhBshU7jDbW5tZyXBT8mKZkroUq9FtCP7PLcyGyK4rNvL3BDZgJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:30 2024 by rpki-client on console-fra.rpki-client.org