Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/B1DGe8ttbb-NmwQ30PDmvFH6Eno.roa
File:                     B1DGe8ttbb-NmwQ30PDmvFH6Eno.roa (raw, json)
Hash identifier:          3GbY5KyXwrVgGhm6SJRDUgUkdZwiZvrg+lMIK2DpJsA=
Subject key identifier:   07:50:C6:7B:CB:6D:6D:BF:8D:9B:04:37:D0:F0:E6:BC:51:FA:12:7A
Certificate issuer:       /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial:       0185710C4346704D655A95E18E644D34CD77
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/B1DGe8ttbb-NmwQ30PDmvFH6Eno.roa
Signing time:             Mon 02 Jan 2023 05:55:07 +0000
ROA not before:           Mon 02 Jan 2023 05:55:07 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211641
IP address blocks:        185.109.20.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:32:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:0c:43:46:70:4d:65:5a:95:e1:8e:64:4d:34:cd:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
        Validity
            Not Before: Jan  2 05:55:07 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0750c67bcb6d6dbf8d9b0437d0f0e6bc51fa127a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:f9:c2:36:93:bc:17:fb:1a:37:74:ce:55:3c:
                    b6:4c:7f:f2:48:c4:a1:37:f1:52:ef:24:8b:5a:93:
                    90:d4:73:29:4e:1a:28:54:03:8f:25:c7:b4:7e:27:
                    1c:d6:fb:8b:1c:44:e4:15:af:e9:a2:f1:64:86:7a:
                    f0:5c:80:da:03:f8:56:41:d1:a7:d6:a4:9d:ab:d7:
                    4c:91:50:8e:d6:63:e1:ca:79:af:2f:7d:71:f8:e1:
                    d3:30:67:02:f6:49:8b:0a:bc:eb:41:d1:3d:19:2b:
                    5a:cc:f6:aa:86:af:1e:9b:af:3c:cb:f7:4e:05:8d:
                    43:c8:82:28:f7:3e:70:06:90:e3:86:4e:ab:05:47:
                    f1:89:42:2c:65:59:d0:f5:03:0a:0b:c3:f1:ea:c7:
                    78:ca:11:84:5a:d0:35:df:ee:c3:05:85:91:6c:bf:
                    47:df:38:fb:81:ef:6e:d8:22:6f:80:98:04:1d:7e:
                    87:2f:37:47:be:7f:b8:66:47:68:8c:b6:c8:43:9e:
                    66:31:c1:c4:88:50:d4:aa:74:90:17:8e:b8:71:ba:
                    5c:07:fb:f6:b9:47:8c:ec:ca:10:50:c0:a4:70:47:
                    f8:aa:e2:93:5e:6a:89:ab:23:ab:80:ad:59:4b:d1:
                    6e:e3:6f:8f:6d:3b:71:12:8b:b5:ab:18:fa:ee:b8:
                    cd:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:50:C6:7B:CB:6D:6D:BF:8D:9B:04:37:D0:F0:E6:BC:51:FA:12:7A
            X509v3 Authority Key Identifier:
                keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/B1DGe8ttbb-NmwQ30PDmvFH6Eno.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.109.20.0/24

    Signature Algorithm: sha256WithRSAEncryption
         34:e4:d2:05:4b:5b:36:84:c7:cc:bf:80:0a:37:76:33:4f:e4:
         0d:9f:98:d9:b3:b4:69:49:d2:37:39:35:0d:fa:13:44:63:e0:
         71:af:11:a9:4c:1e:bf:88:e4:e4:06:77:ed:6d:2f:33:81:68:
         62:bb:f6:c3:18:60:44:f9:56:40:a9:12:0d:2e:e8:ba:c9:bf:
         42:ef:78:b8:89:e1:90:86:ac:f0:e3:77:fe:f6:0f:50:64:87:
         a4:5d:4c:00:5c:01:3c:96:74:5e:60:f4:3f:06:af:41:b2:57:
         00:59:b3:ce:93:88:95:9d:aa:64:36:fd:47:b9:8b:88:4e:64:
         6a:28:04:e6:7b:c0:85:3f:08:b7:98:32:b0:7f:ea:00:d7:b4:
         e7:6e:a4:64:7e:0e:b3:ce:da:5c:7e:69:3d:41:b1:47:57:14:
         33:63:ae:bd:7c:34:8a:da:52:3c:87:ad:ef:85:47:7f:cb:c3:
         ea:da:3a:70:0c:e8:00:ad:d2:ca:93:a4:7b:75:d7:9b:0b:e2:
         77:92:b9:dc:39:cc:a7:1d:1c:64:2c:ad:da:60:81:60:60:fd:
         4d:13:73:93:29:c1:3d:e5:e2:a1:ec:ed:55:be:6d:35:f7:5f:
         c0:78:e3:c0:5f:6c:9d:d8:b8:63:c2:e3:42:b4:40:20:1a:25:
         92:6e:b0:30
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxDENGcE1lWpXhjmRNNM13MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjMwMTAyMDU1NTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzUwYzY3YmNiNmQ2ZGJmOGQ5YjA0MzdkMGYwZTZiYzUxZmExMjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/nCNpO8F/saN3TOVTy2TH/ySMSh
N/FS7ySLWpOQ1HMpThooVAOPJce0ficc1vuLHETkFa/povFkhnrwXIDaA/hWQdGn
1qSdq9dMkVCO1mPhynmvL31x+OHTMGcC9kmLCrzrQdE9GStazPaqhq8em688y/dO
BY1DyIIo9z5wBpDjhk6rBUfxiUIsZVnQ9QMKC8Px6sd4yhGEWtA13+7DBYWRbL9H
3zj7ge9u2CJvgJgEHX6HLzdHvn+4ZkdojLbIQ55mMcHEiFDUqnSQF464cbpcB/v2
uUeM7MoQUMCkcEf4quKTXmqJqyOrgK1ZS9Fu42+PbTtxEou1qxj67rjNoQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAdQxnvLbW2/jZsEN9Dw5rxR+hJ6MB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvQjFER2U4dHRiYi1ObXdRMzBQRG12Rkg2RW5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuW0UMA0G
CSqGSIb3DQEBCwUAA4IBAQA05NIFS1s2hMfMv4AKN3YzT+QNn5jZs7RpSdI3OTUN
+hNEY+BxrxGpTB6/iOTkBnftbS8zgWhiu/bDGGBE+VZAqRINLui6yb9C73i4ieGQ
hqzw43f+9g9QZIekXUwAXAE8lnReYPQ/Bq9BslcAWbPOk4iVnapkNv1HuYuITmRq
KATme8CFPwi3mDKwf+oA17TnbqRkfg6zztpcfmk9QbFHVxQzY669fDSK2lI8h63v
hUd/y8Pq2jpwDOgArdLKk6R7ddebC+J3krncOcynHRxkLK3aYIFgYP1NE3OTKcE9
5eKh7O1Vvm0191/AeOPAX2yd2LhjwuNCtEAgGiWSbrAw
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:08 2024 by rpki-client on console-ams.rpki-client.org