Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/h6znY7PfzKgH13xe-zft4DhL4cM.roa
File:                     h6znY7PfzKgH13xe-zft4DhL4cM.roa (raw, json)
Hash identifier:          ZtzcL4SrGmS+y5lOvLkrlQ+XHRZc8Invbsbsbm2w13g=
Subject key identifier:   87:AC:E7:63:B3:DF:CC:A8:07:D7:7C:5E:FB:37:ED:E0:38:4B:E1:C3
Certificate issuer:       /CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Certificate serial:       018BFDC6BAE969ABB1EBECF14CCF72036730
Authority key identifier: 93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/h6znY7PfzKgH13xe-zft4DhL4cM.roa
Signing time:             Thu 23 Nov 2023 20:02:21 +0000
ROA not before:           Thu 23 Nov 2023 20:02:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211432
IP address blocks:        185.232.167.0/24 maxlen: 24
                          2a0e:2c00::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:29:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:fd:c6:ba:e9:69:ab:b1:eb:ec:f1:4c:cf:72:03:67:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
        Validity
            Not Before: Nov 23 20:02:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=87ace763b3dfcca807d77c5efb37ede0384be1c3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:41:17:1f:03:97:97:f1:bd:a8:3b:a4:66:bb:
                    f9:c7:c3:77:9e:88:f8:23:c9:46:c9:57:b9:92:f3:
                    2d:c9:8b:e2:dd:39:a8:14:23:a5:cc:b1:40:de:2a:
                    6b:aa:74:e3:1c:0d:60:b1:18:0d:40:f0:d3:bf:31:
                    5d:15:42:92:50:57:4a:00:ce:f5:21:a2:6e:c4:c5:
                    90:a5:77:fa:9c:1b:1e:d6:e8:11:55:de:ea:47:c6:
                    91:28:9e:99:0f:51:13:98:3b:00:23:8c:8e:14:2e:
                    b9:84:8d:e6:7b:d4:c5:21:a1:20:f4:52:5f:21:66:
                    f8:47:2c:0f:03:21:d1:00:e5:ac:fb:a5:2a:a0:94:
                    f3:2b:10:ea:c2:b6:1d:3b:8e:a3:f4:9f:db:80:5b:
                    0d:ee:2c:b5:13:1d:de:f5:45:c7:1f:9a:ce:d3:78:
                    c7:46:db:09:7b:5b:82:b5:f7:a6:b6:ae:4d:b6:fa:
                    4f:55:5d:d1:2d:93:75:8d:65:1d:59:60:7d:18:e8:
                    b6:a8:bc:02:d0:f1:fa:a6:1d:05:c6:b6:09:a5:61:
                    88:7f:af:89:4e:bb:45:ac:16:48:78:84:2f:b3:3a:
                    d3:8c:47:2d:c4:32:7d:55:87:89:3e:01:58:4d:d1:
                    3b:92:54:db:c3:3e:93:f2:45:aa:6e:28:e1:4e:58:
                    a0:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:AC:E7:63:B3:DF:CC:A8:07:D7:7C:5E:FB:37:ED:E0:38:4B:E1:C3
            X509v3 Authority Key Identifier:
                keyid:93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/h6znY7PfzKgH13xe-zft4DhL4cM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.232.167.0/24
                IPv6:
                  2a0e:2c00::/29

    Signature Algorithm: sha256WithRSAEncryption
         0f:2a:05:49:3b:4d:a1:60:50:79:8f:7f:8e:ce:08:c2:c5:f2:
         a8:39:1e:c4:56:6c:77:74:df:a8:1f:8b:61:44:49:08:72:c9:
         84:ce:99:1d:66:86:13:44:62:1c:f4:70:c8:f5:63:37:22:ad:
         8e:ba:6e:37:1e:c9:d4:64:b7:a8:4c:27:de:23:0b:4e:36:9c:
         ba:a2:a5:f5:27:34:44:be:31:19:4b:7b:40:14:c8:5a:ed:c2:
         7d:90:92:ef:d9:d0:46:b8:6c:ab:5e:05:a9:4f:8c:36:d9:e7:
         79:68:07:e5:af:59:f7:d1:f2:6d:d9:05:f7:ef:ee:55:09:f9:
         c6:1a:2d:68:52:2e:90:ff:d2:51:1f:4d:cc:82:11:43:39:00:
         5e:ad:59:cf:ce:f0:93:f2:ef:dc:3d:f6:22:2a:3e:8a:f1:06:
         db:08:29:73:d1:18:bd:cc:37:93:b4:8c:82:9c:35:9c:dd:ea:
         ef:be:a2:f9:1b:ee:54:44:11:b9:91:57:81:f1:1e:62:9f:42:
         00:1e:d4:81:0f:8d:71:3a:3d:b6:59:d4:85:67:f1:76:31:3f:
         b3:56:47:f1:a1:9d:e8:9c:e3:f5:46:0c:fa:e2:9b:61:df:99:
         d6:5e:98:fd:15:eb:2d:f0:9f:64:9e:79:c5:2f:c5:7d:f7:49:
         8b:5b:b2:6c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYv9xrrpaaux6+zxTM9yA2cwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjc3ZDdjYjkyNzFjZTM2MTI1NmU5ODMzY2M3YjE0ZmQw
MjNlYmUwHhcNMjMxMTIzMjAwMjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2FjZTc2M2IzZGZjY2E4MDdkNzdjNWVmYjM3ZWRlMDM4NGJlMWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnEEXHwOXl/G9qDukZrv5x8N3noj4
I8lGyVe5kvMtyYvi3TmoFCOlzLFA3iprqnTjHA1gsRgNQPDTvzFdFUKSUFdKAM71
IaJuxMWQpXf6nBse1ugRVd7qR8aRKJ6ZD1ETmDsAI4yOFC65hI3me9TFIaEg9FJf
IWb4RywPAyHRAOWs+6UqoJTzKxDqwrYdO46j9J/bgFsN7iy1Ex3e9UXHH5rO03jH
RtsJe1uCtfemtq5NtvpPVV3RLZN1jWUdWWB9GOi2qLwC0PH6ph0FxrYJpWGIf6+J
TrtFrBZIeIQvszrTjEctxDJ9VYeJPgFYTdE7klTbwz6T8kWqbijhTlig2QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIes52Oz38yoB9d8Xvs37eA4S+HDMB8GA1UdIwQY
MBaAFJNnfXy5JxzjYSVumDPMexT9Aj6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYt
OTlhY2I5OWNlNzU0LzEvaDZ6blk3UGZ6S2dIMTN4ZS16ZnQ0RGhMNGNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYtOTlhY2I5OWNlNzU0
LzEvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAueinMA0E
AgACMAcDBQMqDiwAMA0GCSqGSIb3DQEBCwUAA4IBAQAPKgVJO02hYFB5j3+OzgjC
xfKoOR7EVmx3dN+oH4thREkIcsmEzpkdZoYTRGIc9HDI9WM3Iq2Oum43HsnUZLeo
TCfeIwtONpy6oqX1JzREvjEZS3tAFMha7cJ9kJLv2dBGuGyrXgWpT4w22ed5aAfl
r1n30fJt2QX37+5VCfnGGi1oUi6Q/9JRH03MghFDOQBerVnPzvCT8u/cPfYiKj6K
8QbbCClz0Ri9zDeTtIyCnDWc3ervvqL5G+5URBG5kVeB8R5in0IAHtSBD41xOj22
WdSFZ/F2MT+zVkfxoZ3onOP1Rgz64pth35nWXpj9Fest8J9knnnFL8V990mLW7Js
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:48 2024 by rpki-client on console-ams.rpki-client.org