Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/41e9b0-62e7-4718-b966-1f9ae055646f/1/8-ZiNjED6dnW-nWKU3jf5Z52wOk.roa
File:                     8-ZiNjED6dnW-nWKU3jf5Z52wOk.roa (raw, json)
Hash identifier:          /MZZfPBXr5qAGAm6tfeG8Rz6C0g5hR/TrltuYBhCVs8=
Subject key identifier:   F3:E6:62:36:31:03:E9:D9:D6:FA:75:8A:53:78:DF:E5:9E:76:C0:E9
Certificate issuer:       /CN=8aa1fe9a4c03d015aec974e2d29709a979eb82f1
Certificate serial:       018570707128CE95957BB37F3DB5685AB9A2
Authority key identifier: 8A:A1:FE:9A:4C:03:D0:15:AE:C9:74:E2:D2:97:09:A9:79:EB:82:F1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iqH-mkwD0BWuyXTi0pcJqXnrgvE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bb/41e9b0-62e7-4718-b966-1f9ae055646f/1/8-ZiNjED6dnW-nWKU3jf5Z52wOk.roa
Signing time:             Mon 02 Jan 2023 03:04:55 +0000
ROA not before:           Mon 02 Jan 2023 03:04:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     33309
IP address blocks:        185.241.46.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 00:29:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:70:71:28:ce:95:95:7b:b3:7f:3d:b5:68:5a:b9:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8aa1fe9a4c03d015aec974e2d29709a979eb82f1
        Validity
            Not Before: Jan  2 03:04:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f3e662363103e9d9d6fa758a5378dfe59e76c0e9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:42:40:a5:9b:9d:a5:60:aa:4f:87:fd:46:97:
                    ac:08:1f:59:f6:8b:8e:48:27:7a:0c:77:03:91:f9:
                    82:71:57:db:d0:05:f7:8f:2b:02:4d:6e:57:22:06:
                    11:2e:7e:85:e5:97:a0:e5:92:eb:7c:b2:c8:f5:29:
                    07:d9:9b:53:7b:c8:83:58:4f:93:50:cb:2d:a9:eb:
                    ce:ef:7b:50:c8:9b:25:87:e6:e8:66:fc:50:2b:94:
                    93:f7:c4:28:94:85:5f:75:d4:ce:86:f6:89:c2:11:
                    a6:b9:e5:d6:22:68:18:c2:c0:84:51:c6:99:00:ad:
                    4f:e9:ad:1f:56:0c:7e:95:86:d7:26:85:f7:20:b5:
                    bd:88:65:8c:e9:7e:71:c4:2c:32:6e:90:08:67:b4:
                    87:97:f1:ff:bd:d9:f0:95:60:b4:b8:78:f4:6d:35:
                    0c:ad:87:cc:31:d2:24:29:5c:b9:b8:3c:05:9f:c7:
                    cf:36:ee:47:a6:e8:84:2a:90:68:9b:d9:8a:40:79:
                    1c:8b:84:14:31:f1:25:47:21:34:6c:6b:94:22:7e:
                    21:68:08:80:49:f4:d3:43:b8:3c:05:c2:d8:9c:8e:
                    05:c8:b3:5e:68:4e:04:38:33:5a:74:cb:5c:ce:e5:
                    fc:73:e5:a5:c5:20:d8:1a:6b:73:cc:68:65:ca:43:
                    a8:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:E6:62:36:31:03:E9:D9:D6:FA:75:8A:53:78:DF:E5:9E:76:C0:E9
            X509v3 Authority Key Identifier:
                keyid:8A:A1:FE:9A:4C:03:D0:15:AE:C9:74:E2:D2:97:09:A9:79:EB:82:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iqH-mkwD0BWuyXTi0pcJqXnrgvE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/41e9b0-62e7-4718-b966-1f9ae055646f/1/8-ZiNjED6dnW-nWKU3jf5Z52wOk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/41e9b0-62e7-4718-b966-1f9ae055646f/1/iqH-mkwD0BWuyXTi0pcJqXnrgvE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.241.46.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9e:89:48:ec:fd:b3:e6:9a:54:6f:ed:ba:11:5c:18:29:f3:0f:
         c7:02:71:0e:af:80:cb:17:0f:4b:2e:d1:60:ff:f5:df:60:94:
         ba:01:ef:47:a1:1d:8e:b6:55:d8:33:56:3f:4e:00:b0:04:d4:
         28:bb:fb:4a:3f:aa:db:3e:92:4c:ef:46:cb:29:9d:1b:95:08:
         e1:fa:19:2e:12:02:10:6c:f5:43:e6:8b:a7:1b:17:87:f9:0c:
         b6:f2:e6:45:b5:7f:be:ad:3d:3a:95:4e:a4:69:c2:ac:3f:37:
         b0:8b:f6:7d:ea:bd:a3:48:71:55:f2:24:d0:51:b7:63:b1:d6:
         7b:87:f1:34:c9:a9:ba:43:ed:8f:de:a6:0c:01:3c:59:7d:c6:
         a7:75:58:69:45:64:da:a9:a5:60:55:89:92:a6:d1:a5:f6:77:
         15:e2:ab:72:0b:6b:df:4e:39:92:15:33:64:7b:59:39:01:50:
         dd:0b:0e:9e:1a:2a:2b:b3:ca:b5:91:c0:45:24:d7:96:39:15:
         ca:99:a6:32:52:9f:a9:5d:91:cd:8a:fa:90:8d:29:86:76:4f:
         5d:90:6b:fd:71:95:83:3f:16:dd:c4:c4:f7:3e:7c:69:be:d0:
         bb:bb:4d:43:45:3b:ba:64:9a:1c:58:9c:02:06:9f:a2:ec:34:
         cc:03:31:11
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwcHEozpWVe7N/PbVoWrmiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhYTFmZTlhNGMwM2QwMTVhZWM5NzRlMmQyOTcwOWE5Nzll
YjgyZjEwHhcNMjMwMTAyMDMwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2U2NjIzNjMxMDNlOWQ5ZDZmYTc1OGE1Mzc4ZGZlNTllNzZjMGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjkJApZudpWCqT4f9RpesCB9Z9ouO
SCd6DHcDkfmCcVfb0AX3jysCTW5XIgYRLn6F5Zeg5ZLrfLLI9SkH2ZtTe8iDWE+T
UMstqevO73tQyJslh+boZvxQK5ST98QolIVfddTOhvaJwhGmueXWImgYwsCEUcaZ
AK1P6a0fVgx+lYbXJoX3ILW9iGWM6X5xxCwybpAIZ7SHl/H/vdnwlWC0uHj0bTUM
rYfMMdIkKVy5uDwFn8fPNu5HpuiEKpBom9mKQHkci4QUMfElRyE0bGuUIn4haAiA
SfTTQ7g8BcLYnI4FyLNeaE4EODNadMtczuX8c+WlxSDYGmtzzGhlykOo0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPPmYjYxA+nZ1vp1ilN43+WedsDpMB8GA1UdIwQY
MBaAFIqh/ppMA9AVrsl04tKXCal564LxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXFILW1rd0QwQld1eVhUaTBwY0pxWG5yZ3ZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi80MWU5YjAtNjJlNy00NzE4LWI5NjYt
MWY5YWUwNTU2NDZmLzEvOC1aaU5qRUQ2ZG5XLW5XS1UzamY1WjUyd09rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi80MWU5YjAtNjJlNy00NzE4LWI5NjYtMWY5YWUwNTU2NDZm
LzEvaXFILW1rd0QwQld1eVhUaTBwY0pxWG5yZ3ZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufEuMA0G
CSqGSIb3DQEBCwUAA4IBAQCeiUjs/bPmmlRv7boRXBgp8w/HAnEOr4DLFw9LLtFg
//XfYJS6Ae9HoR2OtlXYM1Y/TgCwBNQou/tKP6rbPpJM70bLKZ0blQjh+hkuEgIQ
bPVD5ounGxeH+Qy28uZFtX++rT06lU6kacKsPzewi/Z96r2jSHFV8iTQUbdjsdZ7
h/E0yam6Q+2P3qYMATxZfcandVhpRWTaqaVgVYmSptGl9ncV4qtyC2vfTjmSFTNk
e1k5AVDdCw6eGiors8q1kcBFJNeWORXKmaYyUp+pXZHNivqQjSmGdk9dkGv9cZWD
PxbdxMT3PnxpvtC7u01DRTu6ZJocWJwCBp+i7DTMAzER
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:35 2024 by rpki-client on console-fra.rpki-client.org