Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/aQggKv34e6nYcz5-hGy2C2aKkfs.roa
File:                     aQggKv34e6nYcz5-hGy2C2aKkfs.roa (raw, json)
Hash identifier:          XXMYLy3LEI/w371808xfzOgH9P+gzoqT+tEZMXEvnwY=
Subject key identifier:   69:08:20:2A:FD:F8:7B:A9:D8:73:3E:7E:84:6C:B6:0B:66:8A:91:FB
Certificate issuer:       /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial:       0189303645DA4C38D28C4442C1A3EDFD6261
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/aQggKv34e6nYcz5-hGy2C2aKkfs.roa
Signing time:             Fri 07 Jul 2023 11:56:50 +0000
ROA not before:           Fri 07 Jul 2023 11:56:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     13830
IP address blocks:        85.208.104.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 07 Oct 2023 10:33:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:30:36:45:da:4c:38:d2:8c:44:42:c1:a3:ed:fd:62:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
        Validity
            Not Before: Jul  7 11:56:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6908202afdf87ba9d8733e7e846cb60b668a91fb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:bc:e5:bd:a8:11:10:46:9c:93:26:c0:7b:47:
                    6d:40:75:72:ec:95:9f:ec:f0:98:1f:bf:29:a1:2e:
                    7e:3e:49:a2:78:9a:ed:2d:3f:86:35:6d:d1:4f:87:
                    d6:e2:05:44:56:cc:4e:bc:c3:91:2b:b6:a3:7d:79:
                    1d:b6:19:ab:a1:04:b6:3f:05:0e:0e:6c:77:44:e8:
                    14:d6:d2:23:cb:f8:92:59:65:cf:41:72:ad:6c:42:
                    5b:75:ad:6c:f3:8e:cc:49:74:55:7f:3e:c2:fa:f6:
                    ec:22:97:bc:51:ae:7d:3c:5b:ae:be:71:dc:b4:52:
                    9b:25:35:ef:30:4f:2e:49:60:a6:09:c9:2f:86:cc:
                    92:ff:ae:a9:79:64:40:d0:18:dd:ba:6b:cf:e3:51:
                    97:f1:88:67:a6:48:34:9b:4a:45:d2:6f:a6:53:ea:
                    32:91:cd:99:fe:b2:0f:c1:7f:4a:a6:3b:3b:de:3e:
                    ad:d0:1f:f4:d2:ac:5c:32:91:c1:c7:bc:5a:93:c4:
                    66:01:1c:97:7d:70:c1:8f:6f:a0:19:b6:a1:fd:ac:
                    17:f1:2b:ac:4a:49:3f:bc:3a:90:9f:e9:43:e3:6f:
                    26:76:2d:a1:bd:6e:14:bd:21:fc:2f:a4:e8:87:fc:
                    4f:87:17:05:6b:e5:a0:6a:ec:55:34:cd:e4:15:10:
                    0c:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:08:20:2A:FD:F8:7B:A9:D8:73:3E:7E:84:6C:B6:0B:66:8A:91:FB
            X509v3 Authority Key Identifier:
                keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/aQggKv34e6nYcz5-hGy2C2aKkfs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.208.104.0/24

    Signature Algorithm: sha256WithRSAEncryption
         04:1b:60:a4:2d:4a:02:12:dc:20:66:17:8f:2b:cc:5c:54:e9:
         77:0f:f2:37:68:5e:ad:bf:05:b3:be:36:b8:c2:b0:ff:92:b4:
         12:e8:ec:64:4d:40:c7:cb:51:b1:80:b4:94:06:40:64:5b:36:
         8c:3a:de:6d:fd:89:36:ff:57:87:12:31:76:4f:e4:16:52:c0:
         fd:28:38:62:69:4a:4c:4b:80:8c:c1:26:f0:5e:b5:48:dc:1d:
         37:a4:ad:46:cf:d1:32:ab:d1:7e:af:94:db:96:58:b5:93:3e:
         02:54:d6:65:76:bc:a9:15:f3:7c:2a:74:1e:e3:6e:f0:70:0b:
         7f:47:d0:bc:a5:7b:37:17:e9:f7:29:d7:c4:c8:fa:30:6b:1f:
         87:25:3e:cf:f5:42:e4:9b:a5:32:70:ae:75:80:60:1e:e8:a0:
         32:df:e0:e3:37:fe:61:ea:68:91:9d:75:1f:ee:7f:e1:24:a5:
         91:3d:d2:27:02:e6:0b:b8:ef:16:31:50:36:94:83:6b:91:53:
         4f:1c:6d:47:ff:c1:0e:d3:62:af:b8:77:e9:ef:43:ed:ee:4f:
         d9:0c:aa:bb:5f:e1:4c:5e:e6:b4:da:21:7a:b7:c8:da:4c:6b:
         86:db:9a:be:10:c8:a3:08:67:3f:58:d2:41:3b:4b:bc:d2:06:
         af:17:41:3c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYkwNkXaTDjSjERCwaPt/WJhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjMwNzA3MTE1NjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTA4MjAyYWZkZjg3YmE5ZDg3MzNlN2U4NDZjYjYwYjY2OGE5MWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArLzlvagREEackybAe0dtQHVy7JWf
7PCYH78poS5+PkmieJrtLT+GNW3RT4fW4gVEVsxOvMORK7ajfXkdthmroQS2PwUO
Dmx3ROgU1tIjy/iSWWXPQXKtbEJbda1s847MSXRVfz7C+vbsIpe8Ua59PFuuvnHc
tFKbJTXvME8uSWCmCckvhsyS/66peWRA0BjdumvP41GX8Yhnpkg0m0pF0m+mU+oy
kc2Z/rIPwX9Kpjs73j6t0B/00qxcMpHBx7xak8RmARyXfXDBj2+gGbah/awX8Sus
Skk/vDqQn+lD428mdi2hvW4UvSH8L6Toh/xPhxcFa+WgauxVNM3kFRAMoQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGkIICr9+Hup2HM+foRstgtmipH7MB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvYVFnZ0t2MzRlNm5ZY3o1LWhHeTJDMmFLa2ZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVdBoMA0G
CSqGSIb3DQEBCwUAA4IBAQAEG2CkLUoCEtwgZhePK8xcVOl3D/I3aF6tvwWzvja4
wrD/krQS6OxkTUDHy1GxgLSUBkBkWzaMOt5t/Yk2/1eHEjF2T+QWUsD9KDhiaUpM
S4CMwSbwXrVI3B03pK1Gz9Eyq9F+r5Tblli1kz4CVNZldrypFfN8KnQe427wcAt/
R9C8pXs3F+n3KdfEyPowax+HJT7P9ULkm6UycK51gGAe6KAy3+DjN/5h6miRnXUf
7n/hJKWRPdInAuYLuO8WMVA2lINrkVNPHG1H/8EO02KvuHfp70Pt7k/ZDKq7X+FM
Xua02iF6t8jaTGuG25q+EMijCGc/WNJBO0u80gavF0E8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:20 2024 by rpki-client on console-ams.rpki-client.org