Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/ea71a0-6941-4276-9589-8124bd949b0e/1/CqJiXiYUwEwD_17-WBoIqRpoyD8.roa
File:                     CqJiXiYUwEwD_17-WBoIqRpoyD8.roa (raw, json)
Hash identifier:          02dYp2Iuyk5fH+l48Vc2jX18pYfnIg/IC6oJnK2/6iU=
Subject key identifier:   0A:A2:62:5E:26:14:C0:4C:03:FF:5E:FE:58:1A:08:A9:1A:68:C8:3F
Certificate issuer:       /CN=01d50b9807150da396322b9d4dcfc0d2fb2b6520
Certificate serial:       018C1A1E48E60228E4E9119298880C3AD06A
Authority key identifier: 01:D5:0B:98:07:15:0D:A3:96:32:2B:9D:4D:CF:C0:D2:FB:2B:65:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AdULmAcVDaOWMiudTc_A0vsrZSA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/93/ea71a0-6941-4276-9589-8124bd949b0e/1/CqJiXiYUwEwD_17-WBoIqRpoyD8.roa
Signing time:             Wed 29 Nov 2023 08:07:21 +0000
ROA not before:           Wed 29 Nov 2023 08:07:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211109
IP address blocks:        85.209.236.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 16:30:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:1a:1e:48:e6:02:28:e4:e9:11:92:98:88:0c:3a:d0:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=01d50b9807150da396322b9d4dcfc0d2fb2b6520
        Validity
            Not Before: Nov 29 08:07:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0aa2625e2614c04c03ff5efe581a08a91a68c83f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:b5:69:1b:45:58:07:20:14:7f:4d:ac:fb:ea:
                    8d:d4:f9:62:6a:fd:4e:f5:4b:c1:47:28:58:0c:ee:
                    b2:cc:e7:56:7c:e4:15:2c:40:45:d6:49:0d:fa:52:
                    15:c6:f0:eb:4c:0a:6a:c5:c6:d9:7e:4f:62:ce:fc:
                    36:76:1a:72:0d:d0:65:40:d4:a9:9a:4e:73:2c:bd:
                    6e:71:45:41:2d:6e:7f:89:d1:10:42:43:4d:ab:a7:
                    2c:c9:c1:6e:f7:f9:3c:c5:9e:59:35:82:56:4c:7a:
                    76:88:20:e8:d3:95:74:fe:21:9e:32:f4:e3:ac:67:
                    c2:16:de:2c:71:88:05:ce:21:db:8c:28:35:bd:ce:
                    4d:bf:5e:0d:86:21:60:a0:bd:57:ac:ba:11:d9:3d:
                    db:1c:4e:43:d3:44:a0:98:ac:d2:c8:34:fa:61:55:
                    9c:e5:f8:0a:98:97:18:a1:92:0a:e9:ce:3d:eb:0f:
                    20:32:f8:37:27:89:8d:06:48:63:27:ee:e6:1e:78:
                    c0:89:ec:22:4b:44:6f:05:a9:e9:81:b8:ec:bb:ee:
                    8e:82:8f:5e:10:d8:2b:79:3e:50:75:b0:59:68:9c:
                    65:69:bc:7c:b9:50:14:4b:bd:a3:06:9e:69:64:de:
                    9f:9f:a1:a7:22:48:95:b3:0a:ab:3d:59:3e:2e:e0:
                    d6:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:A2:62:5E:26:14:C0:4C:03:FF:5E:FE:58:1A:08:A9:1A:68:C8:3F
            X509v3 Authority Key Identifier:
                keyid:01:D5:0B:98:07:15:0D:A3:96:32:2B:9D:4D:CF:C0:D2:FB:2B:65:20

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AdULmAcVDaOWMiudTc_A0vsrZSA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/ea71a0-6941-4276-9589-8124bd949b0e/1/CqJiXiYUwEwD_17-WBoIqRpoyD8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/93/ea71a0-6941-4276-9589-8124bd949b0e/1/AdULmAcVDaOWMiudTc_A0vsrZSA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.209.236.0/22

    Signature Algorithm: sha256WithRSAEncryption
         17:58:51:87:e8:a0:a4:19:69:f1:2e:0e:b3:e5:21:d6:3a:4c:
         6a:85:0a:35:1e:4d:04:ad:fe:de:56:80:65:3e:cb:fa:4e:2a:
         70:f0:81:72:85:c9:d5:24:b0:92:60:8e:8f:82:2c:be:ad:37:
         b0:a2:71:d1:8d:2f:65:b2:63:6d:5e:a3:2d:56:7d:86:8c:40:
         30:07:44:bc:45:e6:0b:1f:7b:03:4e:9e:29:88:49:3a:9d:d5:
         03:54:d2:93:b8:76:f9:bc:b9:70:87:c6:50:a5:d0:16:92:f9:
         6a:a5:84:3e:06:75:87:9f:78:dc:ac:2e:c4:4e:e9:e1:50:cb:
         56:0a:0f:b9:04:5e:2f:f7:2b:cc:fa:d4:80:a9:1d:ad:28:ef:
         eb:0b:9f:04:80:d5:73:0a:39:26:69:63:ca:83:c8:63:db:4a:
         b4:69:54:66:dd:59:bc:8d:0f:db:74:01:60:ce:88:2e:ae:1c:
         15:c2:a0:68:d8:30:78:99:6a:1f:fc:c8:5d:ec:f6:07:95:9a:
         e5:e7:07:56:6d:ba:1b:3d:97:ae:f5:0c:28:0b:45:b3:25:ab:
         15:e9:0d:e6:02:9c:f6:89:6c:e6:d8:03:ed:0a:45:44:6d:eb:
         8c:8f:91:a9:c5:60:71:17:a2:05:9e:f2:df:e0:6f:a6:64:73:
         d2:a6:93:f9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYwaHkjmAijk6RGSmIgMOtBqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxZDUwYjk4MDcxNTBkYTM5NjMyMmI5ZDRkY2ZjMGQyZmIy
YjY1MjAwHhcNMjMxMTI5MDgwNzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWEyNjI1ZTI2MTRjMDRjMDNmZjVlZmU1ODFhMDhhOTFhNjhjODNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnrVpG0VYByAUf02s++qN1Pliav1O
9UvBRyhYDO6yzOdWfOQVLEBF1kkN+lIVxvDrTApqxcbZfk9izvw2dhpyDdBlQNSp
mk5zLL1ucUVBLW5/idEQQkNNq6csycFu9/k8xZ5ZNYJWTHp2iCDo05V0/iGeMvTj
rGfCFt4scYgFziHbjCg1vc5Nv14NhiFgoL1XrLoR2T3bHE5D00SgmKzSyDT6YVWc
5fgKmJcYoZIK6c496w8gMvg3J4mNBkhjJ+7mHnjAiewiS0RvBanpgbjsu+6Ogo9e
ENgreT5QdbBZaJxlabx8uVAUS72jBp5pZN6fn6GnIkiVswqrPVk+LuDWIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAqiYl4mFMBMA/9e/lgaCKkaaMg/MB8GA1UdIwQY
MBaAFAHVC5gHFQ2jljIrnU3PwNL7K2UgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWRVTG1BY1ZEYU9XTWl1ZFRjX0EwdnNyWlNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My9lYTcxYTAtNjk0MS00Mjc2LTk1ODkt
ODEyNGJkOTQ5YjBlLzEvQ3FKaVhpWVV3RXdEXzE3LVdCb0lxUnBveUQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My9lYTcxYTAtNjk0MS00Mjc2LTk1ODktODEyNGJkOTQ5YjBl
LzEvQWRVTG1BY1ZEYU9XTWl1ZFRjX0EwdnNyWlNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVdHsMA0G
CSqGSIb3DQEBCwUAA4IBAQAXWFGH6KCkGWnxLg6z5SHWOkxqhQo1Hk0Erf7eVoBl
Psv6Tipw8IFyhcnVJLCSYI6Pgiy+rTewonHRjS9lsmNtXqMtVn2GjEAwB0S8ReYL
H3sDTp4piEk6ndUDVNKTuHb5vLlwh8ZQpdAWkvlqpYQ+BnWHn3jcrC7ETunhUMtW
Cg+5BF4v9yvM+tSAqR2tKO/rC58EgNVzCjkmaWPKg8hj20q0aVRm3Vm8jQ/bdAFg
zogurhwVwqBo2DB4mWof/Mhd7PYHlZrl5wdWbbobPZeu9QwoC0WzJasV6Q3mApz2
iWzm2APtCkVEbeuMj5GpxWBxF6IFnvLf4G+mZHPSppP5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:38 2024 by rpki-client on console-fra.rpki-client.org