Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/ov97gkW1NLt0ALU6rARtOMmSqQc.roa
File:                     ov97gkW1NLt0ALU6rARtOMmSqQc.roa (raw, json)
Hash identifier:          se0dFXFd4JJuNUz+Nf6zapN4Xo6htVDYmT8uTU+nOFM=
Subject key identifier:   A2:FF:7B:82:45:B5:34:BB:74:00:B5:3A:AC:04:6D:38:C9:92:A9:07
Certificate issuer:       /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial:       0189E39A282FE339A9A249D98C916166FD34
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/ov97gkW1NLt0ALU6rARtOMmSqQc.roa
Signing time:             Fri 11 Aug 2023 07:57:58 +0000
ROA not before:           Fri 11 Aug 2023 07:57:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        85.209.162.0/24 maxlen: 24
                          5.180.49.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 12 Aug 2023 17:11:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:e3:9a:28:2f:e3:39:a9:a2:49:d9:8c:91:61:66:fd:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
        Validity
            Not Before: Aug 11 07:57:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a2ff7b8245b534bb7400b53aac046d38c992a907
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:f8:87:02:db:6a:00:c2:11:d9:c6:05:82:0d:
                    22:2d:f4:06:9d:d8:96:76:1c:ab:5e:16:0f:03:86:
                    14:84:14:7c:6f:87:a5:1a:fc:50:af:d4:35:6d:9a:
                    3a:37:3f:e4:de:42:39:30:38:45:25:76:26:f6:7b:
                    50:61:86:0a:11:de:3d:15:e3:0b:5a:df:9c:8c:d2:
                    5f:44:96:ec:3f:3c:fd:26:fb:c8:81:96:90:60:22:
                    66:ac:c6:7e:de:dc:eb:4a:67:2b:19:99:48:29:05:
                    7d:45:db:98:bd:78:fa:6c:0c:ef:e8:d5:3d:33:c8:
                    d2:27:b9:79:c1:52:45:64:7a:3d:1d:a1:d1:f0:ac:
                    d2:fd:e8:a7:a5:d2:85:31:b3:55:f7:aa:98:5b:d1:
                    1c:38:1f:a8:b3:7c:70:64:58:85:28:a0:92:0c:3d:
                    57:25:49:bf:86:47:8c:85:29:44:f1:f7:f0:b9:7f:
                    46:3d:7f:aa:e1:5b:8c:55:f2:9e:ff:90:43:c2:08:
                    35:d5:23:ad:aa:8f:a8:bc:26:be:20:59:f7:ac:6f:
                    f2:26:99:d9:7a:6e:ad:06:ed:a5:c9:07:85:8e:82:
                    6d:3e:b3:b0:36:83:c6:9e:d5:d0:a7:e4:e8:35:de:
                    eb:5e:ed:d3:97:61:d8:91:36:11:0b:bf:42:44:e1:
                    fe:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:FF:7B:82:45:B5:34:BB:74:00:B5:3A:AC:04:6D:38:C9:92:A9:07
            X509v3 Authority Key Identifier:
                keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/ov97gkW1NLt0ALU6rARtOMmSqQc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.180.49.0/24
                  85.209.162.0/24

    Signature Algorithm: sha256WithRSAEncryption
         50:6a:53:85:1d:c1:1b:44:2a:d5:8e:9c:cf:c8:3d:5a:87:b7:
         63:13:44:99:de:e8:92:fe:3a:ab:6c:6f:51:b7:75:ab:63:f5:
         1b:5d:11:bc:0f:9a:85:1c:31:c9:2d:85:0d:bd:0c:d0:e4:95:
         be:20:1a:f7:91:41:02:e4:b7:37:27:cf:7f:58:2b:14:80:02:
         de:d9:cf:e3:e4:cc:01:61:f6:2a:a5:88:ad:36:f6:99:50:79:
         82:db:24:ae:69:02:67:ec:fa:11:50:6f:c2:4b:f1:b4:19:ad:
         dc:f5:4b:1d:cd:3d:41:73:9a:08:ef:07:b3:34:ee:da:85:2a:
         93:eb:d0:b1:d4:34:83:b2:40:2f:bf:be:eb:76:2f:28:48:d0:
         26:9a:8e:a4:be:44:52:67:46:7d:57:c9:66:d7:66:cb:99:4f:
         2e:45:d7:c5:4f:bd:0c:55:08:55:06:22:11:05:8a:78:91:68:
         4c:88:6b:97:59:9a:dc:25:df:3a:0c:28:0a:ce:ec:a6:e7:5a:
         5e:fc:71:b8:66:40:f0:86:8d:2c:3d:e4:8d:d6:06:3c:78:8e:
         3b:15:54:ae:d2:ae:a3:00:c7:b6:a6:7d:b7:d1:1a:71:be:2f:
         8f:d5:86:6f:9b:77:0c:42:35:df:c7:9f:ac:d8:42:cc:6c:af:
         2d:4b:c6:82
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYnjmigv4zmpoknZjJFhZv00MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjMwODExMDc1NzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmZmN2I4MjQ1YjUzNGJiNzQwMGI1M2FhYzA0NmQzOGM5OTJhOTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqviHAttqAMIR2cYFgg0iLfQGndiW
dhyrXhYPA4YUhBR8b4elGvxQr9Q1bZo6Nz/k3kI5MDhFJXYm9ntQYYYKEd49FeML
Wt+cjNJfRJbsPzz9JvvIgZaQYCJmrMZ+3tzrSmcrGZlIKQV9RduYvXj6bAzv6NU9
M8jSJ7l5wVJFZHo9HaHR8KzS/einpdKFMbNV96qYW9EcOB+os3xwZFiFKKCSDD1X
JUm/hkeMhSlE8ffwuX9GPX+q4VuMVfKe/5BDwgg11SOtqo+ovCa+IFn3rG/yJpnZ
em6tBu2lyQeFjoJtPrOwNoPGntXQp+ToNd7rXu3Tl2HYkTYRC79CROH+FwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKL/e4JFtTS7dAC1OqwEbTjJkqkHMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvb3Y5N2drVzFOTHQwQUxVNnJBUnRPTW1TcVFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABbQxAwQA
VdGiMA0GCSqGSIb3DQEBCwUAA4IBAQBQalOFHcEbRCrVjpzPyD1ah7djE0SZ3uiS
/jqrbG9Rt3WrY/UbXRG8D5qFHDHJLYUNvQzQ5JW+IBr3kUEC5Lc3J89/WCsUgALe
2c/j5MwBYfYqpYitNvaZUHmC2ySuaQJn7PoRUG/CS/G0Ga3c9UsdzT1Bc5oI7wez
NO7ahSqT69Cx1DSDskAvv77rdi8oSNAmmo6kvkRSZ0Z9V8lm12bLmU8uRdfFT70M
VQhVBiIRBYp4kWhMiGuXWZrcJd86DCgKzuym51pe/HG4ZkDwho0sPeSN1gY8eI47
FVSu0q6jAMe2pn230Rpxvi+P1YZvm3cMQjXfx5+s2ELMbK8tS8aC
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:20 2024 by rpki-client on console-ams.rpki-client.org