Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/02bdf0-bf29-4dae-b19b-86a5518e2d52/1/IVEEmHKrmd_VtnnEBvFb2XYU2rY.roa
File:                     IVEEmHKrmd_VtnnEBvFb2XYU2rY.roa (raw, json)
Hash identifier:          wSq8treE03r365FBmST1A+TMJyYq/C5jshN3JT0DjMY=
Subject key identifier:   21:51:04:98:72:AB:99:DF:D5:B6:79:C4:06:F1:5B:D9:76:14:DA:B6
Certificate issuer:       /CN=5dde4b3b82f209b701ae340cf53b974078f16a9f
Certificate serial:       018CC8DF6CF2ADE72C6D86B33610775BBF3E
Authority key identifier: 5D:DE:4B:3B:82:F2:09:B7:01:AE:34:0C:F5:3B:97:40:78:F1:6A:9F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Xd5LO4LyCbcBrjQM9TuXQHjxap8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9f/02bdf0-bf29-4dae-b19b-86a5518e2d52/1/IVEEmHKrmd_VtnnEBvFb2XYU2rY.roa
Signing time:             Tue 02 Jan 2024 06:32:14 +0000
ROA not before:           Tue 02 Jan 2024 06:32:14 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     25780
IP address blocks:        185.206.168.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Sat 09 Mar 2024 01:28:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c8:df:6c:f2:ad:e7:2c:6d:86:b3:36:10:77:5b:bf:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5dde4b3b82f209b701ae340cf53b974078f16a9f
        Validity
            Not Before: Jan  2 06:32:14 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=2151049872ab99dfd5b679c406f15bd97614dab6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:ef:63:d1:07:f9:c3:6c:4e:5a:f9:53:2e:71:
                    b3:2e:f3:dd:fa:5b:49:c6:bf:8f:29:9e:6d:7a:af:
                    93:86:26:61:43:23:8f:7f:72:df:fd:87:db:ca:e0:
                    14:bd:66:c7:d9:d8:1e:d0:10:96:34:3d:d7:22:e5:
                    b1:90:76:f4:6d:cf:ae:11:cf:d4:1f:b6:9e:f1:5d:
                    a4:2b:d5:ab:8d:a4:45:90:7e:c6:6c:41:e0:0f:5e:
                    5a:75:52:0c:d9:2a:a9:5c:aa:b0:c6:62:2e:bf:56:
                    04:4e:d9:c0:42:b5:ba:de:9e:4c:18:68:8b:d6:34:
                    8e:3d:e5:cf:ee:e3:01:fc:ef:4d:89:d6:89:d0:1a:
                    a3:2a:48:f4:39:66:50:bb:69:3f:3f:c8:d1:c6:ab:
                    41:2f:27:a5:a1:fd:a1:8e:ac:4a:92:eb:8a:cf:ec:
                    09:a2:c4:0a:f5:eb:dd:9f:a5:0b:69:74:15:33:2e:
                    22:cc:22:6e:ee:07:29:09:24:72:51:a0:12:61:c1:
                    62:c8:a6:9b:f3:bb:7b:6a:89:fa:5d:04:1e:e0:17:
                    1b:ff:36:69:20:e3:12:86:30:f5:78:31:51:3c:a2:
                    69:ed:f9:55:3b:44:bc:d9:0d:32:03:e1:08:2c:83:
                    fd:80:7d:22:a2:47:f5:c0:3e:0e:ec:7f:9f:39:d5:
                    fa:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:51:04:98:72:AB:99:DF:D5:B6:79:C4:06:F1:5B:D9:76:14:DA:B6
            X509v3 Authority Key Identifier:
                keyid:5D:DE:4B:3B:82:F2:09:B7:01:AE:34:0C:F5:3B:97:40:78:F1:6A:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xd5LO4LyCbcBrjQM9TuXQHjxap8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/02bdf0-bf29-4dae-b19b-86a5518e2d52/1/IVEEmHKrmd_VtnnEBvFb2XYU2rY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/02bdf0-bf29-4dae-b19b-86a5518e2d52/1/Xd5LO4LyCbcBrjQM9TuXQHjxap8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.206.168.0/22

    Signature Algorithm: sha256WithRSAEncryption
         54:76:e9:6d:a8:8c:fe:a8:51:fe:9b:a6:6b:90:e9:cd:e6:65:
         5a:69:27:7a:b2:41:c3:3e:f4:5a:c0:29:34:0f:cf:c1:85:11:
         bc:ca:d4:2d:42:82:3e:03:3b:86:4f:80:8c:20:00:be:7a:50:
         b3:48:41:e6:c6:1a:c3:72:7c:8b:f8:d1:66:0e:6e:23:a3:fb:
         e7:89:9f:43:ed:d4:78:07:9e:16:f5:49:05:c2:dc:90:24:b5:
         f3:ec:43:49:fb:d4:4c:4a:19:69:41:5b:45:7f:8b:b7:2e:e0:
         d4:41:96:c8:13:c7:10:8d:3f:a7:8c:f9:67:23:28:56:ae:6d:
         db:cd:f5:a7:59:59:72:56:6f:a9:f7:81:d6:cf:2a:63:c4:54:
         32:e2:f3:5c:bb:49:07:7f:fa:59:dd:4a:cb:e9:4c:74:a6:49:
         83:05:f4:02:b0:e2:79:79:37:45:39:8d:7a:39:0d:d1:9e:2c:
         3e:c3:2f:16:31:b8:22:7b:3c:a8:05:a9:e6:82:57:1c:28:81:
         e8:7a:35:4e:e1:7d:b3:69:5d:28:bd:18:59:73:c4:54:8e:6e:
         65:ea:ce:19:90:dd:a1:09:5e:98:3c:df:f8:14:90:5a:ef:2d:
         52:71:5c:96:11:f5:97:c5:44:6e:3e:3f:94:1e:16:52:d2:e4:
         7a:a7:f6:be
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI32zyrecsbYazNhB3W78+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZGU0YjNiODJmMjA5YjcwMWFlMzQwY2Y1M2I5NzQwNzhm
MTZhOWYwHhcNMjQwMTAyMDYzMjE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTUxMDQ5ODcyYWI5OWRmZDViNjc5YzQwNmYxNWJkOTc2MTRkYWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAge9j0Qf5w2xOWvlTLnGzLvPd+ltJ
xr+PKZ5teq+ThiZhQyOPf3Lf/YfbyuAUvWbH2dge0BCWND3XIuWxkHb0bc+uEc/U
H7ae8V2kK9WrjaRFkH7GbEHgD15adVIM2SqpXKqwxmIuv1YETtnAQrW63p5MGGiL
1jSOPeXP7uMB/O9NidaJ0BqjKkj0OWZQu2k/P8jRxqtBLyelof2hjqxKkuuKz+wJ
osQK9evdn6ULaXQVMy4izCJu7gcpCSRyUaASYcFiyKab87t7aon6XQQe4Bcb/zZp
IOMShjD1eDFRPKJp7flVO0S82Q0yA+EILIP9gH0iokf1wD4O7H+fOdX6GQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCFRBJhyq5nf1bZ5xAbxW9l2FNq2MB8GA1UdIwQY
MBaAFF3eSzuC8gm3Aa40DPU7l0B48WqfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGQ1TE80THlDYmNCcmpRTTlUdVhRSGp4YXA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi8wMmJkZjAtYmYyOS00ZGFlLWIxOWIt
ODZhNTUxOGUyZDUyLzEvSVZFRW1IS3JtZF9WdG5uRUJ2RmIyWFlVMnJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi8wMmJkZjAtYmYyOS00ZGFlLWIxOWItODZhNTUxOGUyZDUy
LzEvWGQ1TE80THlDYmNCcmpRTTlUdVhRSGp4YXA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuc6oMA0G
CSqGSIb3DQEBCwUAA4IBAQBUdultqIz+qFH+m6ZrkOnN5mVaaSd6skHDPvRawCk0
D8/BhRG8ytQtQoI+AzuGT4CMIAC+elCzSEHmxhrDcnyL+NFmDm4jo/vniZ9D7dR4
B54W9UkFwtyQJLXz7ENJ+9RMShlpQVtFf4u3LuDUQZbIE8cQjT+njPlnIyhWrm3b
zfWnWVlyVm+p94HWzypjxFQy4vNcu0kHf/pZ3UrL6Ux0pkmDBfQCsOJ5eTdFOY16
OQ3Rniw+wy8WMbgiezyoBanmglccKIHoejVO4X2zaV0ovRhZc8RUjm5l6s4ZkN2h
CV6YPN/4FJBa7y1ScVyWEfWXxURuPj+UHhZS0uR6p/a+
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:29 2024 by rpki-client on console-ams.rpki-client.org