Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/Otn77dRImP1X8t-86dInmmzV7SU.roa
File:                     Otn77dRImP1X8t-86dInmmzV7SU.roa (raw, json)
Hash identifier:          RAObM2VqIIXZVnKaKzWjRTUce0PMMcaDI5NjPTOEQNU=
Subject key identifier:   3A:D9:FB:ED:D4:48:98:FD:57:F2:DF:BC:E9:D2:27:9A:6C:D5:ED:25
Certificate issuer:       /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial:       018C5C7600CEEF3C31134BD7B60BDBD6A7BE
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/Otn77dRImP1X8t-86dInmmzV7SU.roa
Signing time:             Tue 12 Dec 2023 05:18:06 +0000
ROA not before:           Tue 12 Dec 2023 05:18:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     199393
IP address blocks:        185.101.105.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 00:29:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:5c:76:00:ce:ef:3c:31:13:4b:d7:b6:0b:db:d6:a7:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
        Validity
            Not Before: Dec 12 05:18:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3ad9fbedd44898fd57f2dfbce9d2279a6cd5ed25
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:7b:2a:2b:e3:4e:90:c8:26:28:28:21:d0:c4:
                    17:ab:26:20:2b:5c:9f:a9:2a:24:aa:cc:f2:99:fd:
                    77:2e:c2:35:cd:ab:5c:a6:54:f3:1b:b6:33:21:84:
                    9b:72:d0:2d:fc:f4:b1:2d:b5:40:91:7e:c3:6b:43:
                    7f:80:c3:eb:db:74:68:73:60:1b:b3:a3:18:7c:74:
                    58:60:bf:42:72:4b:5c:3a:19:d0:2f:35:af:2e:3f:
                    73:92:d4:d0:22:07:31:a0:94:af:fb:b1:10:c0:1d:
                    d9:66:e0:b6:65:85:c1:a2:e3:04:f4:4f:4f:66:db:
                    c6:6e:c4:d4:b2:a3:fb:cc:b2:a0:31:b7:3f:c5:3b:
                    ec:b7:5d:66:36:73:18:86:8d:94:60:4f:a0:ea:29:
                    1a:64:56:c3:7e:67:ab:76:48:d8:45:e5:78:a5:ad:
                    38:eb:3b:2e:3a:80:17:6c:4f:33:62:b0:23:6f:7a:
                    b6:f3:5d:d8:57:35:49:40:eb:cd:7d:26:cf:67:98:
                    d9:c5:f0:4e:34:01:09:76:f5:fd:4a:ec:5d:7f:94:
                    c6:d9:ff:f0:d4:48:7b:9f:f7:09:5b:b8:39:da:8a:
                    b9:97:ba:74:1e:24:71:2a:ab:b2:bd:e9:db:b4:89:
                    29:3c:c8:4d:c3:15:cc:49:a5:1b:09:59:48:c3:c9:
                    db:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:D9:FB:ED:D4:48:98:FD:57:F2:DF:BC:E9:D2:27:9A:6C:D5:ED:25
            X509v3 Authority Key Identifier:
                keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/Otn77dRImP1X8t-86dInmmzV7SU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.101.105.0/24

    Signature Algorithm: sha256WithRSAEncryption
         51:8e:c3:13:b9:63:31:80:c9:d9:08:f2:d0:fd:e4:d1:db:52:
         fb:c3:a3:32:3f:50:2c:df:3c:64:ba:84:d7:11:15:83:3e:4b:
         0f:d2:10:a3:9b:4a:1e:2b:b7:33:b2:2c:a3:d6:73:61:2c:52:
         c6:93:3a:17:77:63:5f:63:bd:f1:87:39:fe:f2:45:d6:85:fa:
         9d:7d:ce:85:8d:e1:81:35:dd:7c:5d:0f:7b:ef:9b:fa:cd:4b:
         ee:4a:55:7c:94:30:56:a5:be:d6:77:d7:c9:5d:21:08:5e:21:
         6c:58:f6:9f:76:78:a1:3f:6c:12:4d:8a:fd:9e:92:e7:e4:a0:
         5b:93:14:d0:12:de:bb:54:9e:73:d8:0e:47:72:91:78:ce:c0:
         a3:a3:81:1c:2e:c1:bd:93:69:7d:2b:8f:f1:c6:9c:41:c8:f7:
         20:a8:0a:97:f1:01:cd:c5:a1:8a:11:db:a3:85:f1:2c:99:93:
         61:51:2f:d5:98:37:09:e4:0d:f0:2a:06:44:1c:33:84:46:41:
         c9:a8:0f:d9:56:ea:bd:7c:fd:29:fc:4c:66:d3:eb:b4:4b:5f:
         a1:e3:69:50:75:55:80:18:dd:49:cd:5d:7e:15:36:f5:27:98:
         2b:5a:c8:9e:8b:4a:0c:cd:8c:4e:9e:eb:0f:f8:7a:95:5a:d3:
         03:a2:17:ad
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxcdgDO7zwxE0vXtgvb1qe+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMxMjEyMDUxODA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWQ5ZmJlZGQ0NDg5OGZkNTdmMmRmYmNlOWQyMjc5YTZjZDVlZDI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs3sqK+NOkMgmKCgh0MQXqyYgK1yf
qSokqszymf13LsI1zatcplTzG7YzIYSbctAt/PSxLbVAkX7Da0N/gMPr23Roc2Ab
s6MYfHRYYL9CcktcOhnQLzWvLj9zktTQIgcxoJSv+7EQwB3ZZuC2ZYXBouME9E9P
ZtvGbsTUsqP7zLKgMbc/xTvst11mNnMYho2UYE+g6ikaZFbDfmerdkjYReV4pa04
6zsuOoAXbE8zYrAjb3q2813YVzVJQOvNfSbPZ5jZxfBONAEJdvX9Suxdf5TG2f/w
1Eh7n/cJW7g52oq5l7p0HiRxKquyvenbtIkpPMhNwxXMSaUbCVlIw8nbrQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDrZ++3USJj9V/LfvOnSJ5ps1e0lMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvT3RuNzdkUkltUDFYOHQtODZkSW5tbXpWN1NVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuWVpMA0G
CSqGSIb3DQEBCwUAA4IBAQBRjsMTuWMxgMnZCPLQ/eTR21L7w6MyP1As3zxkuoTX
ERWDPksP0hCjm0oeK7czsiyj1nNhLFLGkzoXd2NfY73xhzn+8kXWhfqdfc6FjeGB
Nd18XQ9775v6zUvuSlV8lDBWpb7Wd9fJXSEIXiFsWPafdnihP2wSTYr9npLn5KBb
kxTQEt67VJ5z2A5HcpF4zsCjo4EcLsG9k2l9K4/xxpxByPcgqAqX8QHNxaGKEduj
hfEsmZNhUS/VmDcJ5A3wKgZEHDOERkHJqA/ZVuq9fP0p/Exm0+u0S1+h42lQdVWA
GN1JzV1+FTb1J5grWsiei0oMzYxOnusP+HqVWtMDohet
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:19 2024 by rpki-client on console-fra.rpki-client.org