Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/95a5e6-5583-4cce-86e9-e230462fc57b/1/sfRxsrhjlHTXnB_pBtBpLV6_75k.roa
File:                     sfRxsrhjlHTXnB_pBtBpLV6_75k.roa (raw, json)
Hash identifier:          IWwgt2CWbtZnf3wUe6Ptj+3o23JqlMW+OqcGMfc7JkI=
Subject key identifier:   B1:F4:71:B2:B8:63:94:74:D7:9C:1F:E9:06:D0:69:2D:5E:BF:EF:99
Certificate issuer:       /CN=cc977e9d52afbc47799d3975fcee8ac51ca0cf6a
Certificate serial:       018571A7BC2875CA440CA90B3AEBAF24DB9B
Authority key identifier: CC:97:7E:9D:52:AF:BC:47:79:9D:39:75:FC:EE:8A:C5:1C:A0:CF:6A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zJd-nVKvvEd5nTl1_O6KxRygz2o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/95a5e6-5583-4cce-86e9-e230462fc57b/1/sfRxsrhjlHTXnB_pBtBpLV6_75k.roa
Signing time:             Mon 02 Jan 2023 08:44:56 +0000
ROA not before:           Mon 02 Jan 2023 08:44:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     396982
IP address blocks:        85.208.98.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:31:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:a7:bc:28:75:ca:44:0c:a9:0b:3a:eb:af:24:db:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cc977e9d52afbc47799d3975fcee8ac51ca0cf6a
        Validity
            Not Before: Jan  2 08:44:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b1f471b2b8639474d79c1fe906d0692d5ebfef99
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:13:c0:65:43:26:6b:54:47:30:12:83:55:3f:
                    63:b6:37:31:24:a4:9b:08:b3:d0:01:c8:f1:96:d7:
                    ac:15:8f:fe:9e:81:9d:b4:6b:56:5c:36:1d:2d:1e:
                    e4:08:5a:d7:c7:da:16:ea:c3:23:db:41:9e:64:b4:
                    ef:a7:54:52:10:f2:16:17:87:b3:2f:56:24:87:3f:
                    b2:42:c7:2b:07:27:5e:9d:ee:43:30:90:e6:b5:6c:
                    5c:76:ed:bb:e1:95:1e:53:6e:19:5a:63:89:0b:c9:
                    f2:0d:1d:ac:d0:cb:27:0b:0e:e4:13:35:3a:e8:05:
                    8f:7d:51:48:4d:d8:bd:98:e0:75:84:ea:9b:03:74:
                    97:f3:e5:b1:c4:c3:d1:47:34:11:21:21:63:41:b2:
                    89:7d:69:db:a6:ee:6e:cf:f3:cc:c8:9d:69:c7:15:
                    3e:c1:66:30:d9:5e:2e:91:84:23:77:14:fe:60:42:
                    8c:ac:a8:2f:ef:02:15:23:82:55:48:f5:a3:6b:47:
                    55:97:b6:c1:48:2d:ba:41:10:88:c4:94:e7:87:f6:
                    18:41:80:37:80:f4:4f:4c:de:88:c8:1b:cb:56:2c:
                    cb:d4:09:ce:bd:bb:bb:63:b0:e7:ca:a5:f2:77:24:
                    79:4e:fc:84:a9:41:6d:31:32:20:9e:b8:e9:89:4b:
                    97:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:F4:71:B2:B8:63:94:74:D7:9C:1F:E9:06:D0:69:2D:5E:BF:EF:99
            X509v3 Authority Key Identifier:
                keyid:CC:97:7E:9D:52:AF:BC:47:79:9D:39:75:FC:EE:8A:C5:1C:A0:CF:6A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zJd-nVKvvEd5nTl1_O6KxRygz2o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/95a5e6-5583-4cce-86e9-e230462fc57b/1/sfRxsrhjlHTXnB_pBtBpLV6_75k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/95a5e6-5583-4cce-86e9-e230462fc57b/1/zJd-nVKvvEd5nTl1_O6KxRygz2o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.208.98.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3e:9b:01:e9:eb:85:e2:13:e0:bd:e5:bc:b6:9a:00:90:82:1c:
         85:9c:97:40:eb:25:63:ba:f2:5d:63:58:44:72:a5:9a:c7:c5:
         06:d0:7d:f4:a9:20:7a:56:fa:0c:eb:59:c4:a9:b2:02:cd:be:
         ab:6f:bd:67:d3:a3:4d:70:29:78:47:8e:41:e3:1f:93:8a:d5:
         b1:51:fd:da:5b:c3:6e:d1:ab:ab:58:ab:4a:c3:60:96:25:6f:
         1a:b4:e2:5c:71:cd:e4:ca:8b:2b:2c:be:75:d7:cb:05:82:4c:
         b2:95:85:ff:61:04:b6:5b:55:bf:53:ba:d7:6a:e7:36:10:3c:
         18:4e:c7:cd:13:f2:04:5a:c8:56:f5:71:a0:f7:a7:fb:36:6a:
         53:db:c7:9d:50:cb:3d:c5:e7:75:88:c5:c0:5c:ec:73:65:dc:
         85:a8:c7:e2:72:33:98:46:31:4e:22:b5:e2:a4:2a:33:75:a9:
         c0:52:39:5a:d8:ef:95:62:e4:69:69:a6:e0:9d:22:5c:2c:05:
         23:f4:62:45:1e:c7:cb:ed:81:7b:48:38:e7:3c:34:2f:21:45:
         4f:77:92:08:3b:0c:9e:60:39:54:b9:c7:5b:5e:03:cb:60:c4:
         73:91:4f:84:82:50:a7:58:ec:2a:5f:34:fe:a7:bc:28:36:6a:
         de:9b:59:ce
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxp7wodcpEDKkLOuuvJNubMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjOTc3ZTlkNTJhZmJjNDc3OTlkMzk3NWZjZWU4YWM1MWNh
MGNmNmEwHhcNMjMwMTAyMDg0NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWY0NzFiMmI4NjM5NDc0ZDc5YzFmZTkwNmQwNjkyZDVlYmZlZjk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhRPAZUMma1RHMBKDVT9jtjcxJKSb
CLPQAcjxltesFY/+noGdtGtWXDYdLR7kCFrXx9oW6sMj20GeZLTvp1RSEPIWF4ez
L1Ykhz+yQscrBydene5DMJDmtWxcdu274ZUeU24ZWmOJC8nyDR2s0MsnCw7kEzU6
6AWPfVFITdi9mOB1hOqbA3SX8+WxxMPRRzQRISFjQbKJfWnbpu5uz/PMyJ1pxxU+
wWYw2V4ukYQjdxT+YEKMrKgv7wIVI4JVSPWja0dVl7bBSC26QRCIxJTnh/YYQYA3
gPRPTN6IyBvLVizL1AnOvbu7Y7DnyqXydyR5TvyEqUFtMTIgnrjpiUuX0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLH0cbK4Y5R015wf6QbQaS1ev++ZMB8GA1UdIwQY
MBaAFMyXfp1Sr7xHeZ05dfzuisUcoM9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekpkLW5WS3Z2RWQ1blRsMV9PNkt4UnlnejJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy85NWE1ZTYtNTU4My00Y2NlLTg2ZTkt
ZTIzMDQ2MmZjNTdiLzEvc2ZSeHNyaGpsSFRYbkJfcEJ0QnBMVjZfNzVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy85NWE1ZTYtNTU4My00Y2NlLTg2ZTktZTIzMDQ2MmZjNTdi
LzEvekpkLW5WS3Z2RWQ1blRsMV9PNkt4UnlnejJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVdBiMA0G
CSqGSIb3DQEBCwUAA4IBAQA+mwHp64XiE+C95by2mgCQghyFnJdA6yVjuvJdY1hE
cqWax8UG0H30qSB6VvoM61nEqbICzb6rb71n06NNcCl4R45B4x+TitWxUf3aW8Nu
0aurWKtKw2CWJW8atOJccc3kyosrLL5118sFgkyylYX/YQS2W1W/U7rXauc2EDwY
TsfNE/IEWshW9XGg96f7NmpT28edUMs9xed1iMXAXOxzZdyFqMficjOYRjFOIrXi
pCozdanAUjla2O+VYuRpaabgnSJcLAUj9GJFHsfL7YF7SDjnPDQvIUVPd5IIOwye
YDlUucdbXgPLYMRzkU+EglCnWOwqXzT+p7woNmrem1nO
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:15 2024 by rpki-client on console-ams.rpki-client.org