Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/047ce4-44ae-4273-94fa-dc634e8aa2a3/1/ffc8rtQWZmak820Kv232rJjHKJ8.roa
File:                     ffc8rtQWZmak820Kv232rJjHKJ8.roa (raw, json)
Hash identifier:          E0vzhrTq576dNiiaXZ63bmlJXeCCCGshsLUSLqmXqng=
Subject key identifier:   7D:F7:3C:AE:D4:16:66:66:A4:F3:6D:0A:BF:6D:F6:AC:98:C7:28:9F
Certificate issuer:       /CN=11efdbd727fb5bd53cec6957a29b47c2c34a834c
Certificate serial:       0185706753A63400AE873B6A45956DB2DCFD
Authority key identifier: 11:EF:DB:D7:27:FB:5B:D5:3C:EC:69:57:A2:9B:47:C2:C3:4A:83:4C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ee_b1yf7W9U87GlXoptHwsNKg0w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9f/047ce4-44ae-4273-94fa-dc634e8aa2a3/1/ffc8rtQWZmak820Kv232rJjHKJ8.roa
Signing time:             Mon 02 Jan 2023 02:54:57 +0000
ROA not before:           Mon 02 Jan 2023 02:54:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     202859
IP address blocks:        185.152.21.0/24 maxlen: 24
                          185.152.22.0/24 maxlen: 24
                          185.152.20.0/24 maxlen: 24
                          185.152.23.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:29:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:67:53:a6:34:00:ae:87:3b:6a:45:95:6d:b2:dc:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=11efdbd727fb5bd53cec6957a29b47c2c34a834c
        Validity
            Not Before: Jan  2 02:54:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7df73caed4166666a4f36d0abf6df6ac98c7289f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:5f:d9:ed:73:95:ef:c4:b6:f7:df:84:d2:12:
                    01:e2:81:21:5e:07:98:d5:73:b5:00:d8:28:97:31:
                    5a:04:4f:3c:a7:83:94:8c:96:a1:34:62:1a:74:f7:
                    75:60:7d:24:df:86:c4:ed:20:32:62:53:22:1b:bb:
                    0e:d5:49:08:c6:71:78:1a:ef:bd:f5:69:b8:f9:b0:
                    10:17:53:22:01:61:ea:38:cd:ba:01:a7:17:2c:c8:
                    8a:65:3d:42:ce:4c:89:76:3f:58:b4:e4:6f:a5:52:
                    31:92:01:b4:d2:4a:24:7c:e3:ff:d3:ee:43:b8:80:
                    d6:3d:3e:fa:b5:17:fb:a9:5e:d4:ed:7d:f2:6c:f2:
                    b0:7c:ef:54:01:c9:95:d9:80:99:a7:b4:af:bf:d3:
                    18:85:ea:2d:72:62:1a:b2:ca:9d:47:12:82:97:96:
                    dd:bb:16:c6:73:58:fa:eb:1f:f7:44:29:be:da:5c:
                    18:37:2b:f2:42:83:7c:14:ed:aa:f3:85:99:32:48:
                    24:c6:88:27:e2:b4:c6:cb:7d:89:af:40:df:a7:58:
                    f6:43:41:7d:6f:ac:fb:0c:b6:9d:72:32:9c:66:4b:
                    49:15:f6:2f:b0:04:ff:7b:ae:b7:35:83:a0:6c:41:
                    b8:af:4d:83:d3:75:1a:5c:ba:d3:b7:a7:64:f3:6a:
                    e0:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:F7:3C:AE:D4:16:66:66:A4:F3:6D:0A:BF:6D:F6:AC:98:C7:28:9F
            X509v3 Authority Key Identifier:
                keyid:11:EF:DB:D7:27:FB:5B:D5:3C:EC:69:57:A2:9B:47:C2:C3:4A:83:4C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ee_b1yf7W9U87GlXoptHwsNKg0w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/047ce4-44ae-4273-94fa-dc634e8aa2a3/1/ffc8rtQWZmak820Kv232rJjHKJ8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/047ce4-44ae-4273-94fa-dc634e8aa2a3/1/Ee_b1yf7W9U87GlXoptHwsNKg0w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.152.20.0/22

    Signature Algorithm: sha256WithRSAEncryption
         16:33:c1:6b:a9:44:d4:ca:f2:60:4e:f9:8d:5d:66:82:8e:cc:
         d8:98:05:28:2e:54:65:d9:95:bb:54:e3:34:44:fb:56:7c:6a:
         a2:16:14:66:f9:34:8e:5d:9c:2b:8e:3b:d4:05:f6:22:55:98:
         d4:ba:37:cd:1b:7d:ab:2f:76:c2:5c:64:c8:2e:0d:4f:be:5d:
         8b:11:06:2d:d9:84:e6:ae:ad:54:a0:02:48:59:45:99:e6:14:
         42:c2:8b:f0:97:18:9c:55:f4:30:5a:26:44:c4:a0:14:0c:95:
         91:2b:ac:a9:64:43:e7:c4:dd:40:48:36:55:f0:c9:c4:a8:56:
         6f:90:9f:93:bb:d4:d5:41:df:ff:9f:c3:63:c8:3c:e6:b9:b7:
         3d:7e:7e:5d:fe:03:f6:39:a9:0d:d9:bc:f4:51:89:f4:e4:fc:
         26:e0:13:84:fe:48:6f:49:1c:58:95:27:0a:b0:7d:d0:ca:d2:
         5b:34:ec:59:a2:62:0a:a3:50:38:31:11:fb:84:23:07:5a:45:
         ce:e1:9f:51:9d:ad:21:99:1d:cc:90:97:2a:bc:10:2c:2f:89:
         e6:f0:26:cb:a3:78:ed:6e:99:13:68:22:5e:24:46:d5:ad:59:
         ce:12:65:ed:dc:75:1c:83:f9:79:e1:ee:a1:b5:4b:0a:be:05:
         68:99:d1:a7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwZ1OmNACuhztqRZVtstz9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExZWZkYmQ3MjdmYjViZDUzY2VjNjk1N2EyOWI0N2MyYzM0
YTgzNGMwHhcNMjMwMTAyMDI1NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGY3M2NhZWQ0MTY2NjY2YTRmMzZkMGFiZjZkZjZhYzk4YzcyODlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjl/Z7XOV78S299+E0hIB4oEhXgeY
1XO1ANgolzFaBE88p4OUjJahNGIadPd1YH0k34bE7SAyYlMiG7sO1UkIxnF4Gu+9
9Wm4+bAQF1MiAWHqOM26AacXLMiKZT1CzkyJdj9YtORvpVIxkgG00kokfOP/0+5D
uIDWPT76tRf7qV7U7X3ybPKwfO9UAcmV2YCZp7Svv9MYheotcmIassqdRxKCl5bd
uxbGc1j66x/3RCm+2lwYNyvyQoN8FO2q84WZMkgkxogn4rTGy32Jr0Dfp1j2Q0F9
b6z7DLadcjKcZktJFfYvsAT/e663NYOgbEG4r02D03UaXLrTt6dk82rgewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH33PK7UFmZmpPNtCr9t9qyYxyifMB8GA1UdIwQY
MBaAFBHv29cn+1vVPOxpV6KbR8LDSoNMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWVfYjF5ZjdXOVU4N0dsWG9wdEh3c05LZzB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi8wNDdjZTQtNDRhZS00MjczLTk0ZmEt
ZGM2MzRlOGFhMmEzLzEvZmZjOHJ0UVdabWFrODIwS3YyMzJySmpIS0o4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi8wNDdjZTQtNDRhZS00MjczLTk0ZmEtZGM2MzRlOGFhMmEz
LzEvRWVfYjF5ZjdXOVU4N0dsWG9wdEh3c05LZzB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZgUMA0G
CSqGSIb3DQEBCwUAA4IBAQAWM8FrqUTUyvJgTvmNXWaCjszYmAUoLlRl2ZW7VOM0
RPtWfGqiFhRm+TSOXZwrjjvUBfYiVZjUujfNG32rL3bCXGTILg1Pvl2LEQYt2YTm
rq1UoAJIWUWZ5hRCwovwlxicVfQwWiZExKAUDJWRK6ypZEPnxN1ASDZV8MnEqFZv
kJ+Tu9TVQd//n8NjyDzmubc9fn5d/gP2OakN2bz0UYn05Pwm4BOE/khvSRxYlScK
sH3QytJbNOxZomIKo1A4MRH7hCMHWkXO4Z9Rna0hmR3MkJcqvBAsL4nm8CbLo3jt
bpkTaCJeJEbVrVnOEmXt3HUcg/l54e6htUsKvgVomdGn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:41:07 2024 by rpki-client on console-fra.rpki-client.org