Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/D2v5XhwFHQwPcMFVDBnAQ5c6B-s.roa
File:                     D2v5XhwFHQwPcMFVDBnAQ5c6B-s.roa (raw, json)
Hash identifier:          xyz1drjxa/Yx+Uddz/NdNIC/zrnQN6Mq9ajlFg5xBj4=
Subject key identifier:   0F:6B:F9:5E:1C:05:1D:0C:0F:70:C1:55:0C:19:C0:43:97:3A:07:EB
Certificate issuer:       /CN=0c90c356e2864f43894857443555d8b5c0352819
Certificate serial:       0185718C2F0C2AABE8BD450C35B112D82C36
Authority key identifier: 0C:90:C3:56:E2:86:4F:43:89:48:57:44:35:55:D8:B5:C0:35:28:19
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DJDDVuKGT0OJSFdENVXYtcA1KBk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/D2v5XhwFHQwPcMFVDBnAQ5c6B-s.roa
Signing time:             Mon 02 Jan 2023 08:14:50 +0000
ROA not before:           Mon 02 Jan 2023 08:14:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212749
IP address blocks:        185.86.194.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:30:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:8c:2f:0c:2a:ab:e8:bd:45:0c:35:b1:12:d8:2c:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0c90c356e2864f43894857443555d8b5c0352819
        Validity
            Not Before: Jan  2 08:14:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0f6bf95e1c051d0c0f70c1550c19c043973a07eb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:09:e5:70:b2:dd:2e:a8:85:8e:01:62:ee:cb:
                    27:2c:fc:09:89:58:ed:00:7a:7d:95:47:ea:65:e1:
                    7c:da:8f:29:c8:7c:87:84:73:22:2a:4b:d8:47:e5:
                    b9:6b:63:1f:fa:7c:cd:6c:11:71:39:d9:2a:53:2e:
                    e5:6a:a7:08:4b:db:76:4b:57:6c:09:6e:a6:af:0f:
                    65:e2:3d:50:74:f1:9d:08:35:2d:96:4c:dc:5b:0b:
                    f4:aa:91:e5:4f:3a:7f:4d:58:f0:08:9d:eb:13:1e:
                    9f:73:03:c8:ae:64:f2:03:47:e0:6b:eb:4d:1c:f3:
                    c9:15:37:a7:29:fe:9b:e5:cb:57:a6:79:d8:a7:12:
                    97:5d:20:19:64:82:eb:e6:cd:b0:9f:be:d4:71:20:
                    54:05:ac:c5:97:0a:23:ed:60:cf:4e:cc:3f:5a:cb:
                    59:93:fb:c3:36:f9:70:d8:c6:98:7f:1d:b1:5a:52:
                    2a:81:d4:78:16:d8:68:f8:24:00:3f:ce:22:4e:07:
                    b4:e0:8d:ee:6e:3d:04:45:2d:5d:9d:23:9b:26:fa:
                    df:3d:c4:7c:1f:6b:a3:61:7e:5c:3d:14:e7:ef:c8:
                    2e:7a:79:e2:10:f6:d1:97:75:7d:83:82:be:6f:37:
                    38:79:23:58:db:a3:92:6d:e7:0e:2d:49:e5:b4:f1:
                    2e:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:6B:F9:5E:1C:05:1D:0C:0F:70:C1:55:0C:19:C0:43:97:3A:07:EB
            X509v3 Authority Key Identifier:
                keyid:0C:90:C3:56:E2:86:4F:43:89:48:57:44:35:55:D8:B5:C0:35:28:19

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DJDDVuKGT0OJSFdENVXYtcA1KBk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/D2v5XhwFHQwPcMFVDBnAQ5c6B-s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/DJDDVuKGT0OJSFdENVXYtcA1KBk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.86.194.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2e:f8:28:47:fc:2d:c4:72:d0:07:34:6d:21:5c:22:87:b9:ec:
         68:6e:6e:81:92:a4:47:96:bb:10:0d:71:c7:6f:9c:23:74:40:
         fc:33:d1:7b:3a:77:25:7c:08:2e:eb:b1:9f:01:06:2b:97:e9:
         b1:b6:14:ee:81:f6:df:d7:d7:d0:44:b5:ed:70:6c:e9:0a:95:
         35:2c:37:88:7f:73:05:df:b0:19:ec:8c:39:c0:27:77:3b:f1:
         d4:44:8a:6e:56:74:8b:d9:49:38:bd:70:7b:66:41:ef:96:5e:
         1e:b6:78:8f:e4:b1:2e:4e:79:b9:68:7c:02:ed:5e:85:1c:45:
         1b:da:7d:5a:6d:5c:cc:b6:5b:e8:37:f5:8b:ce:ae:2f:0b:4c:
         70:69:bf:df:84:48:f2:ca:1e:34:fc:0a:9e:a1:7c:7c:a8:4e:
         08:60:c9:24:3f:1e:78:1f:b1:d0:e9:8d:a0:2d:68:37:9a:28:
         f8:4d:64:e1:39:c1:b9:54:91:6c:6f:bb:1d:80:28:d2:c5:6d:
         2b:b2:0a:fa:32:39:d6:d5:0c:30:cc:94:dd:57:ba:30:ad:dc:
         c0:9f:c6:05:a7:ce:97:29:90:b4:b0:40:7d:6d:0c:ee:47:b5:
         0d:4c:1e:e9:87:19:64:1e:d2:3c:75:0e:ce:de:37:59:3c:86:
         a8:ce:a0:1e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxjC8MKqvovUUMNbES2Cw2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjOTBjMzU2ZTI4NjRmNDM4OTQ4NTc0NDM1NTVkOGI1YzAz
NTI4MTkwHhcNMjMwMTAyMDgxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjZiZjk1ZTFjMDUxZDBjMGY3MGMxNTUwYzE5YzA0Mzk3M2EwN2ViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsAnlcLLdLqiFjgFi7ssnLPwJiVjt
AHp9lUfqZeF82o8pyHyHhHMiKkvYR+W5a2Mf+nzNbBFxOdkqUy7laqcIS9t2S1ds
CW6mrw9l4j1QdPGdCDUtlkzcWwv0qpHlTzp/TVjwCJ3rEx6fcwPIrmTyA0fga+tN
HPPJFTenKf6b5ctXpnnYpxKXXSAZZILr5s2wn77UcSBUBazFlwoj7WDPTsw/WstZ
k/vDNvlw2MaYfx2xWlIqgdR4Ftho+CQAP84iTge04I3ubj0ERS1dnSObJvrfPcR8
H2ujYX5cPRTn78guenniEPbRl3V9g4K+bzc4eSNY26OSbecOLUnltPEuCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA9r+V4cBR0MD3DBVQwZwEOXOgfrMB8GA1UdIwQY
MBaAFAyQw1bihk9DiUhXRDVV2LXANSgZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREpERFZ1S0dUME9KU0ZkRU5WWFl0Y0ExS0JrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hYzVhNTYtMTYzYS00OTdhLTk1NDct
ZTM3OTlhZGU5ZGZlLzEvRDJ2NVhod0ZIUXdQY01GVkRCbkFRNWM2Qi1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hYzVhNTYtMTYzYS00OTdhLTk1NDctZTM3OTlhZGU5ZGZl
LzEvREpERFZ1S0dUME9KU0ZkRU5WWFl0Y0ExS0JrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuVbCMA0G
CSqGSIb3DQEBCwUAA4IBAQAu+ChH/C3EctAHNG0hXCKHuexobm6BkqRHlrsQDXHH
b5wjdED8M9F7OnclfAgu67GfAQYrl+mxthTugfbf19fQRLXtcGzpCpU1LDeIf3MF
37AZ7Iw5wCd3O/HURIpuVnSL2Uk4vXB7ZkHvll4etniP5LEuTnm5aHwC7V6FHEUb
2n1abVzMtlvoN/WLzq4vC0xwab/fhEjyyh40/AqeoXx8qE4IYMkkPx54H7HQ6Y2g
LWg3mij4TWThOcG5VJFsb7sdgCjSxW0rsgr6MjnW1QwwzJTdV7owrdzAn8YFp86X
KZC0sEB9bQzuR7UNTB7phxlkHtI8dQ7O3jdZPIaozqAe
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:49 2024 by rpki-client on console-ams.rpki-client.org