Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/f0e161-a43c-4d31-b65d-d4fed5085392/1/8uCmpdqKGAku7pd586umWgVknwI.roa
File:                     8uCmpdqKGAku7pd586umWgVknwI.roa (raw, json)
Hash identifier:          PmI08mcqeCXWL3cVr96b5eTuIzJDwlkb0ggKBVhj/xQ=
Subject key identifier:   F2:E0:A6:A5:DA:8A:18:09:2E:EE:97:79:F3:AB:A6:5A:05:64:9F:02
Certificate issuer:       /CN=c66dc60d16dfe1649d86c1693e17858c2306387f
Certificate serial:       01856D540D574C8B7A53DA221B73E70882AD
Authority key identifier: C6:6D:C6:0D:16:DF:E1:64:9D:86:C1:69:3E:17:85:8C:23:06:38:7F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/xm3GDRbf4WSdhsFpPheFjCMGOH8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ba/f0e161-a43c-4d31-b65d-d4fed5085392/1/8uCmpdqKGAku7pd586umWgVknwI.roa
Signing time:             Sun 01 Jan 2023 12:35:03 +0000
ROA not before:           Sun 01 Jan 2023 12:35:03 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200569
IP address blocks:        185.99.204.0/22 maxlen: 22
                          2a06:1480::/29 maxlen: 29

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:33:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:54:0d:57:4c:8b:7a:53:da:22:1b:73:e7:08:82:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c66dc60d16dfe1649d86c1693e17858c2306387f
        Validity
            Not Before: Jan  1 12:35:03 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f2e0a6a5da8a18092eee9779f3aba65a05649f02
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:bd:b9:20:47:06:21:75:40:ba:12:ef:8d:ad:
                    d7:d9:1b:17:ac:7e:f8:db:05:cb:e9:4a:eb:13:f6:
                    e1:9c:2b:df:4d:8d:81:65:a0:57:a0:42:70:81:0b:
                    0a:85:5d:84:a1:bd:04:9e:03:cb:15:3e:fc:b8:07:
                    fb:af:6c:79:c0:88:da:01:f4:3e:9b:4e:15:4c:12:
                    41:c2:64:f4:ed:95:6d:8f:5d:e7:8b:a3:e1:20:ae:
                    09:c1:7b:c7:77:0c:c0:e7:d1:3a:10:a5:1b:25:28:
                    19:c6:8f:5b:26:79:a7:b8:58:7d:9b:d2:6f:04:00:
                    09:4e:2b:b0:24:87:e2:4c:eb:ab:1f:0c:e4:f0:73:
                    55:b5:c0:9e:6d:a1:58:32:88:59:56:ed:a8:82:4c:
                    a4:f0:62:f8:0d:4d:2b:67:b8:99:05:7f:ce:f4:84:
                    51:db:3e:a0:58:ee:23:ee:d3:c3:43:ed:ee:29:fb:
                    a6:38:62:c8:ec:af:be:15:fd:4d:0a:ed:2e:9d:cc:
                    f3:f4:7f:66:ac:fe:df:f3:0e:11:cd:f6:63:62:d5:
                    61:76:e5:84:1a:7b:44:86:4a:a3:9c:65:42:c1:f9:
                    c4:b2:04:93:a2:89:3a:f0:55:cf:c2:66:8d:dc:a7:
                    d7:fb:af:41:47:64:3f:9c:f0:0a:92:55:cf:b0:da:
                    33:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:E0:A6:A5:DA:8A:18:09:2E:EE:97:79:F3:AB:A6:5A:05:64:9F:02
            X509v3 Authority Key Identifier:
                keyid:C6:6D:C6:0D:16:DF:E1:64:9D:86:C1:69:3E:17:85:8C:23:06:38:7F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xm3GDRbf4WSdhsFpPheFjCMGOH8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/f0e161-a43c-4d31-b65d-d4fed5085392/1/8uCmpdqKGAku7pd586umWgVknwI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/f0e161-a43c-4d31-b65d-d4fed5085392/1/xm3GDRbf4WSdhsFpPheFjCMGOH8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.99.204.0/22
                IPv6:
                  2a06:1480::/29

    Signature Algorithm: sha256WithRSAEncryption
         93:83:cf:9c:2c:f1:ab:a4:2a:87:72:83:e9:1a:ed:50:00:96:
         d2:5a:4c:77:26:25:2e:31:ab:74:02:cc:49:cb:b5:27:1d:8e:
         5b:e8:78:bb:96:bf:1d:4e:dd:68:7e:0c:eb:a0:48:00:69:e3:
         bf:af:1e:47:f1:a0:cf:cc:b1:a0:ca:5f:74:c3:3a:97:ea:12:
         ca:d2:85:ac:8e:46:6f:b1:4f:c0:cd:76:14:62:20:a7:d3:74:
         45:39:b6:26:1e:fc:8a:1b:e3:0c:01:21:4b:2a:f4:80:4e:f0:
         1e:da:6b:20:f1:b4:9c:77:56:bc:19:13:df:e9:d5:89:14:2e:
         43:9f:2d:ba:8d:c0:ec:c3:28:9d:fe:a2:62:2b:99:fd:db:b1:
         14:72:9b:5d:c7:b3:c6:84:25:e7:cf:7b:57:c2:55:f1:00:35:
         d1:8b:5c:db:de:57:58:16:65:a3:93:43:e8:53:5b:7d:57:b3:
         eb:a8:e9:78:2f:4c:05:21:f0:e4:3b:ef:ee:2a:8d:b0:75:9a:
         c5:5d:a8:5e:bf:f1:47:be:07:5a:87:a0:b0:17:8f:58:ab:13:
         fc:21:fa:f4:c3:1b:00:b0:7e:b7:d3:dd:70:e9:04:63:42:46:
         b8:b4:e0:ce:97:3b:72:af:64:80:81:4c:a5:6e:49:2e:75:30:
         02:1d:68:b4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtVA1XTIt6U9oiG3PnCIKtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NmRjNjBkMTZkZmUxNjQ5ZDg2YzE2OTNlMTc4NThjMjMw
NjM4N2YwHhcNMjMwMTAxMTIzNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmUwYTZhNWRhOGExODA5MmVlZTk3NzlmM2FiYTY1YTA1NjQ5ZjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgr25IEcGIXVAuhLvja3X2RsXrH74
2wXL6UrrE/bhnCvfTY2BZaBXoEJwgQsKhV2Eob0EngPLFT78uAf7r2x5wIjaAfQ+
m04VTBJBwmT07ZVtj13ni6PhIK4JwXvHdwzA59E6EKUbJSgZxo9bJnmnuFh9m9Jv
BAAJTiuwJIfiTOurHwzk8HNVtcCebaFYMohZVu2ogkyk8GL4DU0rZ7iZBX/O9IRR
2z6gWO4j7tPDQ+3uKfumOGLI7K++Ff1NCu0unczz9H9mrP7f8w4RzfZjYtVhduWE
GntEhkqjnGVCwfnEsgSTook68FXPwmaN3KfX+69BR2Q/nPAKklXPsNozNQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPLgpqXaihgJLu6XefOrploFZJ8CMB8GA1UdIwQY
MBaAFMZtxg0W3+FknYbBaT4XhYwjBjh/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG0zR0RSYmY0V1NkaHNGcFBoZUZqQ01HT0g4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9mMGUxNjEtYTQzYy00ZDMxLWI2NWQt
ZDRmZWQ1MDg1MzkyLzEvOHVDbXBkcUtHQWt1N3BkNTg2dW1XZ1ZrbndJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9mMGUxNjEtYTQzYy00ZDMxLWI2NWQtZDRmZWQ1MDg1Mzky
LzEveG0zR0RSYmY0V1NkaHNGcFBoZUZqQ01HT0g4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWPMMA0E
AgACMAcDBQMqBhSAMA0GCSqGSIb3DQEBCwUAA4IBAQCTg8+cLPGrpCqHcoPpGu1Q
AJbSWkx3JiUuMat0AsxJy7UnHY5b6Hi7lr8dTt1ofgzroEgAaeO/rx5H8aDPzLGg
yl90wzqX6hLK0oWsjkZvsU/AzXYUYiCn03RFObYmHvyKG+MMASFLKvSATvAe2msg
8bScd1a8GRPf6dWJFC5Dny26jcDswyid/qJiK5n927EUcptdx7PGhCXnz3tXwlXx
ADXRi1zb3ldYFmWjk0PoU1t9V7PrqOl4L0wFIfDkO+/uKo2wdZrFXahev/FHvgda
h6CwF49YqxP8Ifr0wxsAsH63091w6QRjQka4tODOlztyr2SAgUylbkkudTACHWi0
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:50 2024 by rpki-client on console-ams.rpki-client.org