Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/zMI7erB5R9icWfM1Lm6OR9cTFuA.roa
File:                     zMI7erB5R9icWfM1Lm6OR9cTFuA.roa (raw, json)
Hash identifier:          oE3SpEYhyJvTYFecAW/SVjFZvA4lMiGSmksWFLRckXI=
Subject key identifier:   CC:C2:3B:7A:B0:79:47:D8:9C:59:F3:35:2E:6E:8E:47:D7:13:16:E0
Certificate issuer:       /CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad
Certificate serial:       0185720C55093DCFD7874F23F368D5952EB8
Authority key identifier: C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/zMI7erB5R9icWfM1Lm6OR9cTFuA.roa
Signing time:             Mon 02 Jan 2023 10:34:48 +0000
ROA not before:           Mon 02 Jan 2023 10:34:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211826
IP address blocks:        185.225.206.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:0c:55:09:3d:cf:d7:87:4f:23:f3:68:d5:95:2e:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad
        Validity
            Not Before: Jan  2 10:34:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ccc23b7ab07947d89c59f3352e6e8e47d71316e0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:22:2e:5f:80:80:51:f3:44:f6:e0:c7:c4:cb:
                    d4:67:77:e8:23:4a:b0:12:ef:31:57:c8:52:73:c1:
                    08:04:08:b0:44:14:f3:83:32:1e:48:23:7f:c0:21:
                    cf:c2:ba:29:22:54:5a:51:2a:d3:b6:4e:6c:31:76:
                    33:5b:f7:89:9b:62:c9:2a:31:35:62:8a:d0:03:01:
                    5d:b6:b7:8f:d2:48:15:de:64:de:7e:b2:27:18:3e:
                    b7:7b:e4:0a:45:5b:1d:7f:6e:a0:b0:79:7c:ec:00:
                    a7:33:d4:e4:72:79:96:44:48:26:09:e8:21:52:74:
                    bf:b4:d6:f3:06:40:1d:74:26:c7:1d:48:cc:61:94:
                    5a:99:94:0c:44:f1:92:50:e6:fc:df:74:db:e1:f8:
                    2c:17:24:ae:ff:8b:89:dd:f1:ea:f4:5e:8c:45:e7:
                    5e:ae:b6:20:20:b2:5a:2c:8e:36:32:11:a9:11:58:
                    35:47:5a:b8:1b:ee:ae:42:dc:ad:40:24:bc:5f:5d:
                    a0:e8:88:c6:4e:f0:97:ba:dd:d8:6a:30:c8:47:d9:
                    41:04:64:79:cd:42:ae:66:a4:0c:06:00:5f:17:f7:
                    67:f2:cd:c5:f3:de:9e:4b:74:cd:32:b5:44:46:c9:
                    d9:b3:6b:43:5e:41:2d:5f:64:2f:99:43:a6:72:fb:
                    97:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:C2:3B:7A:B0:79:47:D8:9C:59:F3:35:2E:6E:8E:47:D7:13:16:E0
            X509v3 Authority Key Identifier:
                keyid:C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/zMI7erB5R9icWfM1Lm6OR9cTFuA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/xm2dULO4nVHIqiST5-9HAdYlHa0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.225.206.0/24

    Signature Algorithm: sha256WithRSAEncryption
         86:8c:e1:0f:1c:61:c4:3a:52:5c:cc:fc:d1:f6:e8:b0:10:ad:
         c5:fd:ba:6c:72:1f:cb:3a:da:4c:87:03:a0:58:c6:77:6e:71:
         cf:19:7e:b9:cf:d1:58:bd:09:29:89:67:d9:42:24:82:ec:d1:
         49:05:49:7c:5e:7e:9b:93:ad:09:45:13:d5:20:5d:25:c3:00:
         d2:ea:8d:fa:99:d1:1d:94:46:a0:35:4c:32:7f:4c:47:a0:1d:
         4b:e1:01:04:38:46:04:40:62:74:43:5c:4c:78:10:bd:32:67:
         a7:b7:81:4b:37:9f:15:18:24:da:e8:e3:7c:b6:26:fe:a7:3e:
         9f:3f:ca:85:38:ef:26:03:69:59:96:6c:93:b5:b8:4f:45:bd:
         4f:38:e5:62:1b:47:56:ee:09:11:cd:fa:be:7d:b5:3e:f0:96:
         af:7b:fd:81:e8:a5:43:6b:53:32:d4:d7:75:8f:dd:37:0f:46:
         22:26:56:99:5e:56:f5:a9:b4:1d:c9:60:7e:a0:3e:e5:0b:d4:
         1b:6a:48:ec:ea:24:b6:c6:74:c6:28:a3:68:35:46:6c:b8:6f:
         77:8d:e8:77:c9:2a:3c:44:34:a3:32:ff:ab:d4:d1:71:cb:9d:
         6e:d5:cb:f4:fc:27:b7:c0:2f:7e:36:31:e9:83:ee:2d:e5:45:
         36:5d:73:51
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyDFUJPc/Xh08j82jVlS64MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NmQ5ZDUwYjNiODlkNTFjOGFhMjQ5M2U3ZWY0NzAxZDYy
NTFkYWQwHhcNMjMwMTAyMTAzNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2MyM2I3YWIwNzk0N2Q4OWM1OWYzMzUyZTZlOGU0N2Q3MTMxNmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjyIuX4CAUfNE9uDHxMvUZ3foI0qw
Eu8xV8hSc8EIBAiwRBTzgzIeSCN/wCHPwropIlRaUSrTtk5sMXYzW/eJm2LJKjE1
YorQAwFdtreP0kgV3mTefrInGD63e+QKRVsdf26gsHl87ACnM9TkcnmWREgmCegh
UnS/tNbzBkAddCbHHUjMYZRamZQMRPGSUOb833Tb4fgsFySu/4uJ3fHq9F6MRede
rrYgILJaLI42MhGpEVg1R1q4G+6uQtytQCS8X12g6IjGTvCXut3YajDIR9lBBGR5
zUKuZqQMBgBfF/dn8s3F896eS3TNMrVERsnZs2tDXkEtX2QvmUOmcvuXqwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMzCO3qweUfYnFnzNS5ujkfXExbgMB8GA1UdIwQY
MBaAFMZtnVCzuJ1RyKokk+fvRwHWJR2tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG0yZFVMTzRuVkhJcWlTVDUtOUhBZFlsSGEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS80YmI3NGItOGQ2ZC00NTE0LWEzOWMt
YjdjNTc4Yjc0ZTM1LzEvek1JN2VyQjVSOWljV2ZNMUxtNk9SOWNURnVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS80YmI3NGItOGQ2ZC00NTE0LWEzOWMtYjdjNTc4Yjc0ZTM1
LzEveG0yZFVMTzRuVkhJcWlTVDUtOUhBZFlsSGEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueHOMA0G
CSqGSIb3DQEBCwUAA4IBAQCGjOEPHGHEOlJczPzR9uiwEK3F/bpsch/LOtpMhwOg
WMZ3bnHPGX65z9FYvQkpiWfZQiSC7NFJBUl8Xn6bk60JRRPVIF0lwwDS6o36mdEd
lEagNUwyf0xHoB1L4QEEOEYEQGJ0Q1xMeBC9Mment4FLN58VGCTa6ON8tib+pz6f
P8qFOO8mA2lZlmyTtbhPRb1POOViG0dW7gkRzfq+fbU+8Jave/2B6KVDa1My1Nd1
j903D0YiJlaZXlb1qbQdyWB+oD7lC9Qbakjs6iS2xnTGKKNoNUZsuG93jeh3ySo8
RDSjMv+r1NFxy51u1cv0/Ce3wC9+NjHpg+4t5UU2XXNR
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:36 2024 by rpki-client on console-ams.rpki-client.org