Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/7090a9-feed-4ea1-8459-ee810b83adcd/1/g7XsnSCdEFf3H8SgmZEdBbZqAhY.roa
File:                     g7XsnSCdEFf3H8SgmZEdBbZqAhY.roa (raw, json)
Hash identifier:          C5ufI9R+3GiQlwunVzccUvmTIH0GFCvhnbWk6wbCdXg=
Subject key identifier:   83:B5:EC:9D:20:9D:10:57:F7:1F:C4:A0:99:91:1D:05:B6:6A:02:16
Certificate issuer:       /CN=4801a5b816158f07a8ca8acb37e97e2f20b06911
Certificate serial:       018573B19D459193F5044A51BB93FD86CED8
Authority key identifier: 48:01:A5:B8:16:15:8F:07:A8:CA:8A:CB:37:E9:7E:2F:20:B0:69:11
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SAGluBYVjweoyorLN-l-LyCwaRE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ba/7090a9-feed-4ea1-8459-ee810b83adcd/1/g7XsnSCdEFf3H8SgmZEdBbZqAhY.roa
Signing time:             Mon 02 Jan 2023 18:14:57 +0000
ROA not before:           Mon 02 Jan 2023 18:14:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     206388
IP address blocks:        185.186.243.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:30:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:b1:9d:45:91:93:f5:04:4a:51:bb:93:fd:86:ce:d8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4801a5b816158f07a8ca8acb37e97e2f20b06911
        Validity
            Not Before: Jan  2 18:14:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=83b5ec9d209d1057f71fc4a099911d05b66a0216
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:c8:80:3b:d6:02:f9:03:64:35:be:52:d6:50:
                    1b:a1:50:2d:70:7e:c2:0d:a1:a9:6f:2d:d6:6a:5a:
                    19:7a:ee:ca:e8:9e:28:0d:44:29:b1:db:3d:99:99:
                    81:d5:2f:8d:65:e3:2c:ed:db:1d:80:37:ef:88:79:
                    8c:4e:d7:31:79:51:ff:1b:7a:0f:16:2d:88:dd:30:
                    36:49:e9:b9:ab:16:74:c9:a7:1b:ec:a3:da:ae:c6:
                    41:0a:1c:a3:fa:7a:b1:e4:00:91:59:36:34:cb:f0:
                    a7:0b:cb:42:6d:a0:f9:3c:78:08:5c:ff:59:f5:87:
                    ab:cb:c2:6e:77:0c:34:79:1d:03:32:fe:6a:a8:b0:
                    d7:7d:09:09:e4:3d:28:cf:d4:24:f7:0a:e7:ce:af:
                    df:dc:c6:7b:e6:72:95:d9:f4:cd:db:ed:6f:ab:ff:
                    64:66:f6:6c:ee:da:58:7f:6c:ec:87:4d:84:eb:d2:
                    b4:24:25:4f:92:7a:46:44:84:cd:30:49:74:2b:f4:
                    10:7b:1e:da:ca:c2:c8:7d:f6:12:81:d6:f1:1d:15:
                    34:41:70:70:91:8f:1a:84:77:6b:ed:e6:cd:f8:da:
                    ef:d1:c6:a0:58:31:7a:b2:bd:fb:a1:27:d8:77:1e:
                    c8:32:8d:8a:05:2f:9b:de:46:37:e3:e9:03:58:1a:
                    ff:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:B5:EC:9D:20:9D:10:57:F7:1F:C4:A0:99:91:1D:05:B6:6A:02:16
            X509v3 Authority Key Identifier:
                keyid:48:01:A5:B8:16:15:8F:07:A8:CA:8A:CB:37:E9:7E:2F:20:B0:69:11

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAGluBYVjweoyorLN-l-LyCwaRE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/7090a9-feed-4ea1-8459-ee810b83adcd/1/g7XsnSCdEFf3H8SgmZEdBbZqAhY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/7090a9-feed-4ea1-8459-ee810b83adcd/1/SAGluBYVjweoyorLN-l-LyCwaRE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.186.243.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3f:a0:e1:26:18:fe:38:8e:c3:39:6a:71:d5:1e:7a:39:a9:3c:
         5e:35:05:69:75:c3:2a:96:eb:3b:3d:b8:35:eb:35:c6:d3:d6:
         b2:64:2a:3b:8a:70:6c:0e:54:71:1e:f7:b7:bd:e1:d1:13:1e:
         85:0d:80:88:4d:12:66:28:d8:b8:3f:37:54:4d:d0:bc:bf:bc:
         ee:85:08:f4:c3:4f:14:2d:17:a5:93:e5:96:bf:77:a4:2a:84:
         d1:dd:6d:5e:f2:2b:74:ea:66:91:30:f0:30:c3:58:bb:77:b7:
         9b:5f:b4:27:dc:10:c5:cf:06:6b:a2:b2:38:8e:54:d4:66:96:
         94:54:3f:20:da:9d:a3:25:84:73:e3:94:70:eb:66:9b:98:55:
         86:0e:a9:48:6b:01:11:ac:05:b6:3b:4b:32:eb:90:60:81:81:
         59:be:53:65:44:4a:6f:be:08:34:e3:f7:74:cd:74:6d:8b:9a:
         29:cb:ac:84:68:ed:13:41:3e:92:9a:a5:7b:eb:67:9d:86:56:
         2d:61:c9:4c:44:38:8a:00:0d:d2:bf:6d:a3:c7:d3:f9:b1:fe:
         23:21:3e:5c:6d:92:1a:de:96:bf:b1:08:1c:1a:93:6e:a1:34:
         f5:19:1f:08:04:a3:d3:53:12:f3:5f:28:8c:f2:6a:78:4b:45:
         c7:f9:34:8d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzsZ1FkZP1BEpRu5P9hs7YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MDFhNWI4MTYxNThmMDdhOGNhOGFjYjM3ZTk3ZTJmMjBi
MDY5MTEwHhcNMjMwMTAyMTgxNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2I1ZWM5ZDIwOWQxMDU3ZjcxZmM0YTA5OTkxMWQwNWI2NmEwMjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg8iAO9YC+QNkNb5S1lAboVAtcH7C
DaGpby3WaloZeu7K6J4oDUQpsds9mZmB1S+NZeMs7dsdgDfviHmMTtcxeVH/G3oP
Fi2I3TA2Sem5qxZ0yacb7KParsZBChyj+nqx5ACRWTY0y/CnC8tCbaD5PHgIXP9Z
9Yery8Judww0eR0DMv5qqLDXfQkJ5D0oz9Qk9wrnzq/f3MZ75nKV2fTN2+1vq/9k
ZvZs7tpYf2zsh02E69K0JCVPknpGRITNMEl0K/QQex7aysLIffYSgdbxHRU0QXBw
kY8ahHdr7ebN+Nrv0cagWDF6sr37oSfYdx7IMo2KBS+b3kY34+kDWBr/zQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIO17J0gnRBX9x/EoJmRHQW2agIWMB8GA1UdIwQY
MBaAFEgBpbgWFY8HqMqKyzfpfi8gsGkRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0FHbHVCWVZqd2VveW9yTE4tbC1MeUN3YVJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS83MDkwYTktZmVlZC00ZWExLTg0NTkt
ZWU4MTBiODNhZGNkLzEvZzdYc25TQ2RFRmYzSDhTZ21aRWRCYlpxQWhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS83MDkwYTktZmVlZC00ZWExLTg0NTktZWU4MTBiODNhZGNk
LzEvU0FHbHVCWVZqd2VveW9yTE4tbC1MeUN3YVJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAubrzMA0G
CSqGSIb3DQEBCwUAA4IBAQA/oOEmGP44jsM5anHVHno5qTxeNQVpdcMqlus7Pbg1
6zXG09ayZCo7inBsDlRxHve3veHREx6FDYCITRJmKNi4PzdUTdC8v7zuhQj0w08U
LRelk+WWv3ekKoTR3W1e8it06maRMPAww1i7d7ebX7Qn3BDFzwZrorI4jlTUZpaU
VD8g2p2jJYRz45Rw62abmFWGDqlIawERrAW2O0sy65BggYFZvlNlREpvvgg04/d0
zXRti5opy6yEaO0TQT6SmqV762edhlYtYclMRDiKAA3Sv22jx9P5sf4jIT5cbZIa
3pa/sQgcGpNuoTT1GR8IBKPTUxLzXyiM8mp4S0XH+TSN
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:46 2024 by rpki-client on console-ams.rpki-client.org