Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/f9ce9b-9059-49c5-a36d-a731ea51b20d/1/sI8krhtduLeDUnF-nTcNDUik7RU.roa
File:                     sI8krhtduLeDUnF-nTcNDUik7RU.roa (raw, json)
Hash identifier:          ZTWGZszVDkE0GnYwUUJiTu3DHPIimtDk0AoowEXVtTM=
Subject key identifier:   B0:8F:24:AE:1B:5D:B8:B7:83:52:71:7E:9D:37:0D:0D:48:A4:ED:15
Certificate issuer:       /CN=4ba3fcdd87f456430cccb2d8638e6148cd3a12ec
Certificate serial:       01857343B17100FBB3077B3D5072D0CFA874
Authority key identifier: 4B:A3:FC:DD:87:F4:56:43:0C:CC:B2:D8:63:8E:61:48:CD:3A:12:EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/S6P83Yf0VkMMzLLYY45hSM06Euw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9e/f9ce9b-9059-49c5-a36d-a731ea51b20d/1/sI8krhtduLeDUnF-nTcNDUik7RU.roa
Signing time:             Mon 02 Jan 2023 16:14:54 +0000
ROA not before:           Mon 02 Jan 2023 16:14:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     205718
IP address blocks:        185.231.116.0/22 maxlen: 22
                          2a09:c740::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:29:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:43:b1:71:00:fb:b3:07:7b:3d:50:72:d0:cf:a8:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4ba3fcdd87f456430cccb2d8638e6148cd3a12ec
        Validity
            Not Before: Jan  2 16:14:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b08f24ae1b5db8b78352717e9d370d0d48a4ed15
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:85:6f:d3:63:11:e3:02:22:3d:a6:ca:1b:91:
                    09:27:c8:b3:bf:db:c4:51:33:17:c2:2c:6d:18:f5:
                    ab:03:4e:8a:65:d2:15:fa:07:2f:38:fc:de:f6:ad:
                    ac:8b:52:ae:55:11:2b:5e:fc:0f:44:41:94:f5:79:
                    81:3b:18:36:6c:1d:2a:df:6d:e0:28:c2:f8:6a:6c:
                    e8:53:40:33:b2:9e:d8:f4:88:f4:23:62:f7:e4:eb:
                    07:c6:1a:80:8f:81:93:db:6c:43:b3:6b:be:55:88:
                    6b:40:1a:12:2d:24:7a:0a:f5:98:6a:28:63:dd:35:
                    71:7b:64:0d:5c:08:b5:bd:cc:32:3a:a2:26:4d:95:
                    3a:ba:39:87:96:2a:3b:34:0e:4d:73:d4:0b:6f:f5:
                    9e:3f:04:5d:eb:3a:b7:02:2c:bc:11:da:ac:b0:e9:
                    09:ab:00:a6:83:d5:b0:56:ca:f8:eb:ae:97:3d:f3:
                    9c:4c:9d:82:3d:84:56:ef:f5:97:0a:79:75:0e:4f:
                    0e:6e:25:a9:96:ee:2d:bd:12:56:03:a9:3f:dc:c2:
                    4b:96:47:86:0c:65:be:84:fc:3f:e4:23:2f:f1:82:
                    c5:5a:11:de:ee:4a:6f:60:49:59:b5:c8:fa:d1:66:
                    25:13:d2:15:d4:da:9b:f8:84:81:18:c7:48:1f:67:
                    fd:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:8F:24:AE:1B:5D:B8:B7:83:52:71:7E:9D:37:0D:0D:48:A4:ED:15
            X509v3 Authority Key Identifier:
                keyid:4B:A3:FC:DD:87:F4:56:43:0C:CC:B2:D8:63:8E:61:48:CD:3A:12:EC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S6P83Yf0VkMMzLLYY45hSM06Euw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f9ce9b-9059-49c5-a36d-a731ea51b20d/1/sI8krhtduLeDUnF-nTcNDUik7RU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f9ce9b-9059-49c5-a36d-a731ea51b20d/1/S6P83Yf0VkMMzLLYY45hSM06Euw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.231.116.0/22
                IPv6:
                  2a09:c740::/32

    Signature Algorithm: sha256WithRSAEncryption
         70:42:23:60:97:ed:62:30:70:11:14:cc:ce:61:ea:db:70:80:
         ab:45:f6:62:50:00:f9:d2:1b:fd:12:f5:ab:41:bc:79:13:3a:
         bc:c9:80:f7:77:f1:a3:08:33:75:ab:d4:5a:ee:73:dc:5b:19:
         d1:70:d9:29:6f:bc:60:97:4c:07:a6:fc:24:a1:ce:82:11:de:
         a7:df:40:92:02:f4:9a:59:35:9e:9c:a8:50:e2:14:ce:c0:af:
         b0:a5:ea:ba:29:bf:ba:a0:d6:34:7c:be:f5:7e:c0:38:da:f1:
         b5:3a:a5:83:70:ab:9b:f0:dd:cc:f0:0f:57:06:77:4f:1e:ff:
         74:3f:97:53:ea:9d:3b:29:10:38:db:3e:6a:c5:7f:ec:7e:94:
         75:f8:96:02:2b:ff:ba:db:6d:a6:a2:f4:78:49:c3:f2:e9:bd:
         8c:21:dd:3f:45:02:33:82:78:37:39:44:64:b8:36:46:97:33:
         d6:ea:75:80:a3:e5:d6:ee:86:82:10:45:bd:2e:f6:cb:ab:9f:
         48:c3:c0:ab:00:3a:40:4a:ef:61:ba:47:d7:ff:6f:dc:f5:f8:
         ee:df:98:cf:5a:7d:17:8a:53:86:db:80:aa:1e:30:e3:87:08:
         54:bc:b1:dc:cd:51:d4:a6:dc:b6:c4:cb:72:68:5c:24:d2:70:
         83:79:c9:3e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVzQ7FxAPuzB3s9UHLQz6h0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiYTNmY2RkODdmNDU2NDMwY2NjYjJkODYzOGU2MTQ4Y2Qz
YTEyZWMwHhcNMjMwMTAyMTYxNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDhmMjRhZTFiNWRiOGI3ODM1MjcxN2U5ZDM3MGQwZDQ4YTRlZDE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkYVv02MR4wIiPabKG5EJJ8izv9vE
UTMXwixtGPWrA06KZdIV+gcvOPze9q2si1KuVRErXvwPREGU9XmBOxg2bB0q323g
KML4amzoU0Azsp7Y9Ij0I2L35OsHxhqAj4GT22xDs2u+VYhrQBoSLSR6CvWYaihj
3TVxe2QNXAi1vcwyOqImTZU6ujmHlio7NA5Nc9QLb/WePwRd6zq3Aiy8EdqssOkJ
qwCmg9WwVsr4666XPfOcTJ2CPYRW7/WXCnl1Dk8ObiWplu4tvRJWA6k/3MJLlkeG
DGW+hPw/5CMv8YLFWhHe7kpvYElZtcj60WYlE9IV1Nqb+ISBGMdIH2f9NQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLCPJK4bXbi3g1Jxfp03DQ1IpO0VMB8GA1UdIwQY
MBaAFEuj/N2H9FZDDMyy2GOOYUjNOhLsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzZQODNZZjBWa01NekxMWVk0NWhTTTA2RXV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9mOWNlOWItOTA1OS00OWM1LWEzNmQt
YTczMWVhNTFiMjBkLzEvc0k4a3JodGR1TGVEVW5GLW5UY05EVWlrN1JVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9mOWNlOWItOTA1OS00OWM1LWEzNmQtYTczMWVhNTFiMjBk
LzEvUzZQODNZZjBWa01NekxMWVk0NWhTTTA2RXV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCued0MA0E
AgACMAcDBQAqCcdAMA0GCSqGSIb3DQEBCwUAA4IBAQBwQiNgl+1iMHARFMzOYerb
cICrRfZiUAD50hv9EvWrQbx5Ezq8yYD3d/GjCDN1q9Ra7nPcWxnRcNkpb7xgl0wH
pvwkoc6CEd6n30CSAvSaWTWenKhQ4hTOwK+wpeq6Kb+6oNY0fL71fsA42vG1OqWD
cKub8N3M8A9XBndPHv90P5dT6p07KRA42z5qxX/sfpR1+JYCK/+6222movR4ScPy
6b2MId0/RQIzgng3OURkuDZGlzPW6nWAo+XW7oaCEEW9LvbLq59Iw8CrADpASu9h
ukfX/2/c9fju35jPWn0XilOG24CqHjDjhwhUvLHczVHUpty2xMtyaFwk0nCDeck+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:41:07 2024 by rpki-client on console-fra.rpki-client.org