Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/b2a2dc-c076-45e1-bec4-2bbf8faa00ca/1/lmCczuwVmoyGt4cIWDn1UN1c6us.roa
File:                     lmCczuwVmoyGt4cIWDn1UN1c6us.roa (raw, json)
Hash identifier:          xjCtxfuG0q+vKyeuVNjkrqlOYDM3wlBwTCWZpvKhRyk=
Subject key identifier:   96:60:9C:CE:EC:15:9A:8C:86:B7:87:08:58:39:F5:50:DD:5C:EA:EB
Certificate issuer:       /CN=8ecf78ba0275d1d3b6492a8e9d610613c0306a17
Certificate serial:       0188918B660ECCD16BBE96F1A914AF4AD88E
Authority key identifier: 8E:CF:78:BA:02:75:D1:D3:B6:49:2A:8E:9D:61:06:13:C0:30:6A:17
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/js94ugJ10dO2SSqOnWEGE8Awahc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ad/b2a2dc-c076-45e1-bec4-2bbf8faa00ca/1/lmCczuwVmoyGt4cIWDn1UN1c6us.roa
Signing time:             Tue 06 Jun 2023 16:30:11 +0000
ROA not before:           Tue 06 Jun 2023 16:30:11 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     14618
IP address blocks:        185.34.191.0/24 maxlen: 24
                          185.34.188.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:30:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:91:8b:66:0e:cc:d1:6b:be:96:f1:a9:14:af:4a:d8:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8ecf78ba0275d1d3b6492a8e9d610613c0306a17
        Validity
            Not Before: Jun  6 16:30:11 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=96609cceec159a8c86b787085839f550dd5ceaeb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:96:cc:c4:09:13:56:4d:ef:de:37:bb:59:eb:
                    40:36:1c:7f:ae:5d:ab:0f:ac:96:57:dd:db:14:92:
                    5d:35:55:cf:b7:15:1f:90:f9:9a:ae:46:c1:5a:f8:
                    85:a2:c1:1c:34:b6:4a:52:8e:9f:02:5c:73:58:72:
                    ba:00:02:8e:ea:f9:2a:4e:58:23:c8:19:38:ee:c7:
                    cf:98:04:57:d9:30:13:f0:47:b8:4b:91:44:92:bf:
                    09:d8:3b:d0:09:ed:72:a3:45:78:c2:2f:47:6a:2a:
                    02:8a:86:a6:d2:55:25:ba:b6:a2:9c:9c:6a:d9:18:
                    d2:bf:5a:d4:ce:f3:d6:f4:7a:c4:8a:bb:59:b6:d3:
                    6c:b1:8a:84:6a:45:98:b9:b1:ad:68:d5:10:8f:de:
                    ce:a5:83:d3:32:c8:89:7c:e1:8d:79:9e:d8:b7:32:
                    d9:2b:b2:89:7c:34:c5:c1:56:56:fc:14:79:44:4a:
                    cb:db:10:c2:9e:26:3c:2e:fe:e2:f5:ee:8c:29:12:
                    82:61:d6:81:ee:d1:7d:71:c1:2b:7e:8c:b4:1f:65:
                    24:ea:96:c6:91:31:5b:0e:32:27:d4:a9:44:e0:a0:
                    35:6c:9b:83:22:25:b9:46:55:a2:41:ba:11:2d:0e:
                    3a:f7:0d:8e:65:e9:f6:9e:cf:1d:b8:0b:4c:a1:d4:
                    0d:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:60:9C:CE:EC:15:9A:8C:86:B7:87:08:58:39:F5:50:DD:5C:EA:EB
            X509v3 Authority Key Identifier:
                keyid:8E:CF:78:BA:02:75:D1:D3:B6:49:2A:8E:9D:61:06:13:C0:30:6A:17

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/js94ugJ10dO2SSqOnWEGE8Awahc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/b2a2dc-c076-45e1-bec4-2bbf8faa00ca/1/lmCczuwVmoyGt4cIWDn1UN1c6us.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/b2a2dc-c076-45e1-bec4-2bbf8faa00ca/1/js94ugJ10dO2SSqOnWEGE8Awahc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.34.188.0/24
                  185.34.191.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c7:a2:86:26:36:55:1c:c5:84:aa:b1:6b:7d:28:25:2f:67:40:
         d6:19:08:e7:02:15:13:74:f2:68:c2:79:d9:99:31:89:32:a9:
         4e:51:a3:61:79:f5:96:7f:2b:64:19:4a:38:52:a8:f8:d4:5c:
         ef:d2:5f:91:88:01:2c:81:14:dc:b0:fe:40:df:8e:87:6d:ea:
         e7:21:13:0f:51:80:b2:da:24:f1:b9:32:7a:a9:87:aa:c8:2b:
         e7:88:91:12:bf:5f:ad:3c:cc:d6:c4:8a:0a:d0:63:ea:b3:4c:
         02:59:93:01:36:04:77:c2:9c:4d:75:a6:5b:82:2d:19:d8:d8:
         64:03:3d:62:6a:43:72:36:a4:48:88:b8:d1:cf:f1:c5:bf:d8:
         7c:72:8e:2c:32:18:86:06:4d:d0:70:e3:04:1d:1c:16:25:05:
         a5:36:66:29:fa:71:ca:3e:9b:ec:9d:65:3a:9b:11:9e:2d:d1:
         7f:f0:4b:9d:e7:bd:62:45:c3:e5:dc:a8:3d:de:4c:b1:eb:e8:
         7f:44:0c:50:4d:91:d4:64:f3:bd:ba:d6:3e:b6:f9:b5:47:f0:
         b4:a1:08:b5:f1:bf:3a:5b:b7:25:80:e8:f2:3b:ff:5f:d0:78:
         85:34:bc:ed:3f:78:b1:4f:c4:31:cd:24:d3:46:b5:4b:24:63:
         3a:d5:99:e7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYiRi2YOzNFrvpbxqRSvStiOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlY2Y3OGJhMDI3NWQxZDNiNjQ5MmE4ZTlkNjEwNjEzYzAz
MDZhMTcwHhcNMjMwNjA2MTYzMDExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjYwOWNjZWVjMTU5YThjODZiNzg3MDg1ODM5ZjU1MGRkNWNlYWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmpbMxAkTVk3v3je7WetANhx/rl2r
D6yWV93bFJJdNVXPtxUfkPmarkbBWviFosEcNLZKUo6fAlxzWHK6AAKO6vkqTlgj
yBk47sfPmARX2TAT8Ee4S5FEkr8J2DvQCe1yo0V4wi9HaioCioam0lUlurainJxq
2RjSv1rUzvPW9HrEirtZttNssYqEakWYubGtaNUQj97OpYPTMsiJfOGNeZ7YtzLZ
K7KJfDTFwVZW/BR5RErL2xDCniY8Lv7i9e6MKRKCYdaB7tF9ccErfoy0H2Uk6pbG
kTFbDjIn1KlE4KA1bJuDIiW5RlWiQboRLQ469w2OZen2ns8duAtModQNiQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJZgnM7sFZqMhreHCFg59VDdXOrrMB8GA1UdIwQY
MBaAFI7PeLoCddHTtkkqjp1hBhPAMGoXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanM5NHVnSjEwZE8yU1NxT25XRUdFOEF3YWhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9iMmEyZGMtYzA3Ni00NWUxLWJlYzQt
MmJiZjhmYWEwMGNhLzEvbG1DY3p1d1Ztb3lHdDRjSVdEbjFVTjFjNnVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9iMmEyZGMtYzA3Ni00NWUxLWJlYzQtMmJiZjhmYWEwMGNh
LzEvanM5NHVnSjEwZE8yU1NxT25XRUdFOEF3YWhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuSK8AwQA
uSK/MA0GCSqGSIb3DQEBCwUAA4IBAQDHooYmNlUcxYSqsWt9KCUvZ0DWGQjnAhUT
dPJownnZmTGJMqlOUaNhefWWfytkGUo4Uqj41Fzv0l+RiAEsgRTcsP5A346Hbern
IRMPUYCy2iTxuTJ6qYeqyCvniJESv1+tPMzWxIoK0GPqs0wCWZMBNgR3wpxNdaZb
gi0Z2NhkAz1iakNyNqRIiLjRz/HFv9h8co4sMhiGBk3QcOMEHRwWJQWlNmYp+nHK
PpvsnWU6mxGeLdF/8Eud571iRcPl3Kg93kyx6+h/RAxQTZHUZPO9utY+tvm1R/C0
oQi18b86W7clgOjyO/9f0HiFNLztP3ixT8QxzSTTRrVLJGM61Znn
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:14 2024 by rpki-client on console-ams.rpki-client.org