Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/qvrNgSYGfPhVnqR7L0rwddcPIH4.roa
File:                     qvrNgSYGfPhVnqR7L0rwddcPIH4.roa (raw, json)
Hash identifier:          8M9lnJ7HD9JbzE33OdP11rw4qUVsus4ImFDjawMDJf8=
Subject key identifier:   AA:FA:CD:81:26:06:7C:F8:55:9E:A4:7B:2F:4A:F0:75:D7:0F:20:7E
Certificate issuer:       /CN=a254a9f3a266513ddc6935d8be022e7e5230ea10
Certificate serial:       01856CAF4213E25A56A852D857727408C72B
Authority key identifier: A2:54:A9:F3:A2:66:51:3D:DC:69:35:D8:BE:02:2E:7E:52:30:EA:10
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/olSp86JmUT3caTXYvgIuflIw6hA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/qvrNgSYGfPhVnqR7L0rwddcPIH4.roa
Signing time:             Sun 01 Jan 2023 09:35:02 +0000
ROA not before:           Sun 01 Jan 2023 09:35:02 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209989
IP address blocks:        185.216.211.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:32:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:af:42:13:e2:5a:56:a8:52:d8:57:72:74:08:c7:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a254a9f3a266513ddc6935d8be022e7e5230ea10
        Validity
            Not Before: Jan  1 09:35:02 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=aafacd8126067cf8559ea47b2f4af075d70f207e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:f3:55:dd:63:83:c4:ba:56:01:ea:0e:5a:18:
                    42:83:e6:ff:c3:53:50:2d:2b:69:86:01:b8:ed:3a:
                    c0:95:ae:05:fd:8d:bd:ca:1f:06:b5:82:46:c0:d3:
                    ad:3e:0e:b6:72:f4:89:67:3c:06:9b:14:29:fd:b5:
                    d3:db:1c:f8:d3:84:72:35:65:07:a2:e3:57:b2:a9:
                    ff:30:95:d5:49:b4:07:c5:9c:55:b1:56:30:a8:47:
                    98:6d:33:63:a4:3e:19:c7:da:c6:f6:08:d7:db:0e:
                    8a:ed:1a:9e:98:f4:0c:72:31:60:c9:74:55:79:c2:
                    7a:c4:8f:15:5f:db:3b:db:9f:a1:2b:77:3f:c7:8c:
                    2b:96:59:91:6a:ed:13:cd:87:09:10:e1:a1:be:f7:
                    02:15:ce:ec:d1:ab:1e:cf:61:63:51:a1:72:bb:5f:
                    ce:f1:6d:a1:dc:3e:33:2f:9c:0a:3e:7c:8b:0b:89:
                    29:58:4a:6a:b5:4f:5d:65:b1:25:a2:ea:6e:6c:59:
                    36:23:82:9a:d0:79:ec:df:c2:c5:70:89:83:54:33:
                    fa:05:88:e9:b5:09:98:94:c9:4d:77:31:73:34:c6:
                    0c:d1:c8:49:7f:c8:1e:3a:cd:81:27:3d:5b:25:ff:
                    57:4c:e6:9f:5a:2c:5b:65:82:c5:af:d2:4f:59:08:
                    be:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:FA:CD:81:26:06:7C:F8:55:9E:A4:7B:2F:4A:F0:75:D7:0F:20:7E
            X509v3 Authority Key Identifier:
                keyid:A2:54:A9:F3:A2:66:51:3D:DC:69:35:D8:BE:02:2E:7E:52:30:EA:10

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/olSp86JmUT3caTXYvgIuflIw6hA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/qvrNgSYGfPhVnqR7L0rwddcPIH4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/olSp86JmUT3caTXYvgIuflIw6hA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.216.211.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5b:50:4c:1e:32:57:82:2c:42:3d:fb:ed:bf:67:a0:4f:63:8a:
         28:d9:89:cb:1f:84:aa:36:32:79:fa:ee:0f:dd:28:39:d6:9d:
         55:ce:89:a1:da:fd:68:db:62:2b:4a:77:5d:0c:f4:d8:44:23:
         36:e0:8f:b8:d2:6e:f4:b0:ca:a3:51:45:42:c5:cf:3a:f9:45:
         43:67:6e:86:31:e1:7c:ef:7e:ee:d3:4f:05:b8:06:69:d3:9f:
         ed:22:4d:ea:38:46:f4:d4:a7:62:20:6b:b5:70:0f:6a:80:c5:
         82:f3:ab:26:69:e5:d4:0d:5c:fc:ac:14:7f:a0:5c:7d:a0:a0:
         3d:bf:42:87:2d:b7:5a:04:3f:0a:34:45:2c:ea:4c:52:9e:e4:
         19:d6:46:38:c2:69:86:c7:fe:f5:2d:0a:14:47:da:20:a0:30:
         7c:d0:5a:fa:ca:8a:b4:52:2e:df:81:03:78:13:02:26:3e:97:
         33:7b:46:4a:c7:a7:a0:bb:f2:d9:bc:64:2a:32:45:6b:ec:45:
         f7:0a:e8:fe:86:ad:cf:2b:55:4e:2b:6b:1d:f4:19:1f:4a:3c:
         13:ff:f9:71:cf:69:66:7e:92:38:39:6d:45:25:90:cc:a5:d4:
         03:cf:f9:3b:17:fb:52:82:7d:21:ab:08:92:57:67:32:36:27:
         98:1e:0a:c1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsr0IT4lpWqFLYV3J0CMcrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyNTRhOWYzYTI2NjUxM2RkYzY5MzVkOGJlMDIyZTdlNTIz
MGVhMTAwHhcNMjMwMTAxMDkzNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWZhY2Q4MTI2MDY3Y2Y4NTU5ZWE0N2IyZjRhZjA3NWQ3MGYyMDdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnvNV3WODxLpWAeoOWhhCg+b/w1NQ
LStphgG47TrAla4F/Y29yh8GtYJGwNOtPg62cvSJZzwGmxQp/bXT2xz404RyNWUH
ouNXsqn/MJXVSbQHxZxVsVYwqEeYbTNjpD4Zx9rG9gjX2w6K7RqemPQMcjFgyXRV
ecJ6xI8VX9s725+hK3c/x4wrllmRau0TzYcJEOGhvvcCFc7s0asez2FjUaFyu1/O
8W2h3D4zL5wKPnyLC4kpWEpqtU9dZbEloupubFk2I4Ka0Hns38LFcImDVDP6BYjp
tQmYlMlNdzFzNMYM0chJf8geOs2BJz1bJf9XTOafWixbZYLFr9JPWQi+BQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKr6zYEmBnz4VZ6key9K8HXXDyB+MB8GA1UdIwQY
MBaAFKJUqfOiZlE93Gk12L4CLn5SMOoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2xTcDg2Sm1VVDNjYVRYWXZnSXVmbEl3NmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iNjAzNzMtODE4ZS00MGE5LTkzMTkt
YWRkZjBlMTg0OWViLzEvcXZyTmdTWUdmUGhWbnFSN0wwcndkZGNQSUg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9iNjAzNzMtODE4ZS00MGE5LTkzMTktYWRkZjBlMTg0OWVi
LzEvb2xTcDg2Sm1VVDNjYVRYWXZnSXVmbEl3NmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudjTMA0G
CSqGSIb3DQEBCwUAA4IBAQBbUEweMleCLEI9++2/Z6BPY4oo2YnLH4SqNjJ5+u4P
3Sg51p1Vzomh2v1o22IrSnddDPTYRCM24I+40m70sMqjUUVCxc86+UVDZ26GMeF8
737u008FuAZp05/tIk3qOEb01KdiIGu1cA9qgMWC86smaeXUDVz8rBR/oFx9oKA9
v0KHLbdaBD8KNEUs6kxSnuQZ1kY4wmmGx/71LQoUR9ogoDB80Fr6yoq0Ui7fgQN4
EwImPpcze0ZKx6egu/LZvGQqMkVr7EX3Cuj+hq3PK1VOK2sd9BkfSjwT//lxz2lm
fpI4OW1FJZDMpdQDz/k7F/tSgn0hqwiSV2cyNieYHgrB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:50 2024 by rpki-client on console-fra.rpki-client.org