Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/cad244-3995-4d41-886b-ac463e221974/1/iK7PunQojeSuraD5LAYJKGPCHKw.roa
File:                     iK7PunQojeSuraD5LAYJKGPCHKw.roa (raw, json)
Hash identifier:          f+YQjTXFARubTX6im5EPFfdoSfeA/HszHKSONPeqG9U=
Subject key identifier:   88:AE:CF:BA:74:28:8D:E4:AE:AD:A0:F9:2C:06:09:28:63:C2:1C:AC
Certificate issuer:       /CN=8d7dcb363d9ac34bdc9b6980f2686dd219d50257
Certificate serial:       01856F4B4E938EA0C8ACB698D23112197386
Authority key identifier: 8D:7D:CB:36:3D:9A:C3:4B:DC:9B:69:80:F2:68:6D:D2:19:D5:02:57
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/jX3LNj2aw0vcm2mA8mht0hnVAlc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/96/cad244-3995-4d41-886b-ac463e221974/1/iK7PunQojeSuraD5LAYJKGPCHKw.roa
Signing time:             Sun 01 Jan 2023 21:44:44 +0000
ROA not before:           Sun 01 Jan 2023 21:44:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     198239
IP address blocks:        185.198.76.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:30:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:4b:4e:93:8e:a0:c8:ac:b6:98:d2:31:12:19:73:86
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8d7dcb363d9ac34bdc9b6980f2686dd219d50257
        Validity
            Not Before: Jan  1 21:44:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=88aecfba74288de4aeada0f92c06092863c21cac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:5f:8b:0a:c9:9f:ad:b6:d9:aa:cc:ae:47:3e:
                    2e:cd:bf:e8:f4:1e:cb:ee:29:59:7f:eb:e3:4e:d1:
                    72:1a:e1:56:2f:14:44:96:4a:47:12:a4:c6:c4:14:
                    a2:2b:e2:5c:9e:89:44:67:43:cd:e3:57:b2:31:b4:
                    eb:d6:15:55:e7:c7:22:ab:60:ca:28:a8:59:87:89:
                    4e:1c:50:b1:61:bc:3d:6f:52:ea:ca:c2:c1:33:f0:
                    36:3e:7e:9b:da:e6:ed:3a:60:18:dd:15:9f:0a:31:
                    da:47:4a:1c:00:75:51:ca:08:52:fc:f4:d3:b0:c0:
                    17:9e:98:a7:3e:a4:66:f7:0f:1a:08:43:9d:fb:75:
                    db:fc:69:ad:8d:05:4a:42:c2:89:88:28:16:8d:95:
                    2a:f2:33:04:73:16:27:23:b1:b2:d9:77:50:2c:07:
                    1d:3e:4e:d7:f9:7f:97:10:30:fb:ea:33:94:ff:e4:
                    cb:a9:28:71:ac:cc:f6:33:51:a7:21:36:7e:86:a6:
                    ae:b8:e5:e7:7c:24:c9:13:2f:f2:95:18:00:6f:a1:
                    9d:2c:d0:ab:3b:c8:f4:bc:bd:5b:0c:56:df:68:c5:
                    c7:14:a8:dd:9a:6e:a8:73:e2:ea:37:fe:5b:9e:e3:
                    06:51:13:16:af:2f:5a:df:25:1f:57:66:48:91:3a:
                    26:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:AE:CF:BA:74:28:8D:E4:AE:AD:A0:F9:2C:06:09:28:63:C2:1C:AC
            X509v3 Authority Key Identifier:
                keyid:8D:7D:CB:36:3D:9A:C3:4B:DC:9B:69:80:F2:68:6D:D2:19:D5:02:57

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jX3LNj2aw0vcm2mA8mht0hnVAlc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/cad244-3995-4d41-886b-ac463e221974/1/iK7PunQojeSuraD5LAYJKGPCHKw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/96/cad244-3995-4d41-886b-ac463e221974/1/jX3LNj2aw0vcm2mA8mht0hnVAlc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.198.76.0/23

    Signature Algorithm: sha256WithRSAEncryption
         62:b3:a1:3b:ea:80:f9:b9:62:32:cf:5f:87:53:b4:4a:35:44:
         2e:81:bf:81:22:5f:e9:6b:53:3c:f0:2e:d1:58:37:48:c3:dd:
         e0:91:79:57:df:7a:4b:d9:b4:1d:cc:1a:50:47:e2:21:bf:45:
         c3:55:86:25:e1:a5:13:a7:d3:0a:67:87:b3:bf:ee:e8:6d:1b:
         eb:ee:dd:fb:b6:6d:5b:1e:43:ec:16:51:2b:ce:78:81:d1:b7:
         ff:30:79:6a:bf:f8:2f:6e:ed:42:67:9b:8f:89:a5:f1:ad:0f:
         cf:d8:a6:75:a5:9b:a8:92:19:22:4c:17:45:1d:fd:8b:07:76:
         fa:bd:30:29:18:49:5e:90:9a:be:84:3c:1d:04:7f:9d:3f:4b:
         f4:95:d2:17:9d:be:f8:4d:64:91:cf:44:0f:13:05:ca:09:03:
         d7:6b:e2:7b:e2:88:e2:58:d6:07:0d:2e:5b:ce:dd:49:eb:9e:
         ae:38:25:c4:ef:d5:68:6f:c0:90:61:c8:83:93:ea:d4:1a:d9:
         64:bc:96:3c:f9:e0:6c:33:e8:29:38:8e:ff:3b:d2:e0:74:7a:
         5d:1b:6c:e3:c5:b2:96:7a:5b:b5:97:15:ae:81:97:a4:ec:c2:
         57:f4:1a:2d:eb:ae:1a:35:9e:45:16:5e:c2:a7:a3:76:1e:bd:
         0c:09:7a:e3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvS06TjqDIrLaY0jESGXOGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkN2RjYjM2M2Q5YWMzNGJkYzliNjk4MGYyNjg2ZGQyMTlk
NTAyNTcwHhcNMjMwMTAxMjE0NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGFlY2ZiYTc0Mjg4ZGU0YWVhZGEwZjkyYzA2MDkyODYzYzIxY2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnV+LCsmfrbbZqsyuRz4uzb/o9B7L
7ilZf+vjTtFyGuFWLxRElkpHEqTGxBSiK+JcnolEZ0PN41eyMbTr1hVV58ciq2DK
KKhZh4lOHFCxYbw9b1LqysLBM/A2Pn6b2ubtOmAY3RWfCjHaR0ocAHVRyghS/PTT
sMAXnpinPqRm9w8aCEOd+3Xb/GmtjQVKQsKJiCgWjZUq8jMEcxYnI7Gy2XdQLAcd
Pk7X+X+XEDD76jOU/+TLqShxrMz2M1GnITZ+hqauuOXnfCTJEy/ylRgAb6GdLNCr
O8j0vL1bDFbfaMXHFKjdmm6oc+LqN/5bnuMGURMWry9a3yUfV2ZIkTomcwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIiuz7p0KI3krq2g+SwGCShjwhysMB8GA1UdIwQY
MBaAFI19yzY9msNL3JtpgPJobdIZ1QJXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalgzTE5qMmF3MHZjbTJtQThtaHQwaG5WQWxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni9jYWQyNDQtMzk5NS00ZDQxLTg4NmIt
YWM0NjNlMjIxOTc0LzEvaUs3UHVuUW9qZVN1cmFENUxBWUpLR1BDSEt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni9jYWQyNDQtMzk5NS00ZDQxLTg4NmItYWM0NjNlMjIxOTc0
LzEvalgzTE5qMmF3MHZjbTJtQThtaHQwaG5WQWxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBucZMMA0G
CSqGSIb3DQEBCwUAA4IBAQBis6E76oD5uWIyz1+HU7RKNUQugb+BIl/pa1M88C7R
WDdIw93gkXlX33pL2bQdzBpQR+Ihv0XDVYYl4aUTp9MKZ4ezv+7obRvr7t37tm1b
HkPsFlErzniB0bf/MHlqv/gvbu1CZ5uPiaXxrQ/P2KZ1pZuokhkiTBdFHf2LB3b6
vTApGElekJq+hDwdBH+dP0v0ldIXnb74TWSRz0QPEwXKCQPXa+J74ojiWNYHDS5b
zt1J656uOCXE79Vob8CQYciDk+rUGtlkvJY8+eBsM+gpOI7/O9LgdHpdG2zjxbKW
elu1lxWugZek7MJX9Bot664aNZ5FFl7Cp6N2Hr0MCXrj
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:46 2024 by rpki-client on console-ams.rpki-client.org