Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/vohZhRFfen29VSuMUzT-uLkMPKA.roa
File:                     vohZhRFfen29VSuMUzT-uLkMPKA.roa (raw, json)
Hash identifier:          lvTNfyGaueV5vBMCneGgz/CzuQoLl+nDtTYN4ZyjDsI=
Subject key identifier:   BE:88:59:85:11:5F:7A:7D:BD:55:2B:8C:53:34:FE:B8:B9:0C:3C:A0
Certificate issuer:       /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial:       018B9C62188C10DB6A92FA7472EDAE09E9BB
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/vohZhRFfen29VSuMUzT-uLkMPKA.roa
Signing time:             Sat 04 Nov 2023 22:09:16 +0000
ROA not before:           Sat 04 Nov 2023 22:09:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     399641
IP address blocks:        185.218.103.0/24 maxlen: 24
                          185.194.31.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:9c:62:18:8c:10:db:6a:92:fa:74:72:ed:ae:09:e9:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
        Validity
            Not Before: Nov  4 22:09:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=be885985115f7a7dbd552b8c5334feb8b90c3ca0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:05:15:75:cb:c7:06:47:f4:25:7e:58:d7:86:
                    93:37:6d:21:93:c5:b2:2b:d6:f9:77:3c:b9:89:a6:
                    b7:b2:22:b5:4d:08:40:b6:57:f6:02:fa:9c:c5:93:
                    0f:d4:a2:dc:58:b2:86:90:02:fe:f1:3c:dc:0f:cd:
                    47:00:cb:78:f9:00:c8:be:f1:c3:0b:3e:46:ee:bb:
                    b7:32:66:d3:30:e4:81:54:c7:5d:0b:5d:07:03:40:
                    ae:8a:40:73:42:de:c2:f1:34:4c:96:3d:09:a6:53:
                    1e:3b:92:a0:29:a7:b6:b5:5f:09:ab:db:62:c5:00:
                    ac:ef:9c:3e:0f:b7:7f:42:71:3d:d7:23:91:77:9f:
                    af:b6:a0:1c:0a:75:fd:b9:3f:a0:b1:3e:b5:f1:c1:
                    70:7d:c8:c0:3e:bf:b1:f9:6c:8c:ed:a5:00:b0:9e:
                    0a:e6:9f:b9:ae:98:09:7e:25:c0:88:0a:aa:44:1c:
                    a5:24:12:14:54:9c:36:1a:34:f2:44:36:b8:a4:c8:
                    b5:e5:d5:7f:2b:c4:75:4a:00:1a:8a:74:3d:ae:4c:
                    e4:c4:c6:73:69:5a:3f:78:31:b4:4f:0a:26:72:c9:
                    bc:60:23:69:27:4b:b3:ee:56:7a:3e:1e:9a:73:e6:
                    5c:7a:ce:ee:8a:69:45:78:49:e6:9d:ec:16:99:14:
                    50:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:88:59:85:11:5F:7A:7D:BD:55:2B:8C:53:34:FE:B8:B9:0C:3C:A0
            X509v3 Authority Key Identifier:
                keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/vohZhRFfen29VSuMUzT-uLkMPKA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.194.31.0/24
                  185.218.103.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8c:be:b4:83:ed:3a:30:f9:c8:2e:5f:fc:59:cc:15:e4:c8:77:
         6b:a0:99:89:e9:7c:ee:f7:f1:29:64:09:56:73:a8:42:12:84:
         d4:3b:d6:44:f1:17:77:d4:f2:79:45:93:d2:4f:8e:49:42:18:
         7d:be:83:53:cb:bc:3c:b7:59:dd:23:df:32:09:a3:d2:69:f4:
         2d:29:f6:4d:5f:65:a0:56:b3:d0:72:ff:e9:f5:e2:8e:ec:c5:
         77:df:f3:91:60:be:1b:fd:65:40:2d:50:85:22:92:5d:ed:a9:
         8d:1a:06:c9:a8:e5:47:d5:d3:55:20:f0:c8:16:4a:54:19:15:
         92:af:9b:d3:25:cb:ca:9a:c4:4f:64:2b:41:10:38:ae:06:a2:
         f1:5d:aa:cb:09:51:05:59:aa:67:c9:d9:6b:bf:38:29:d9:f8:
         3f:b3:66:07:13:38:73:7a:c0:5e:26:88:95:97:21:40:4c:9a:
         24:54:f3:71:46:0e:ad:33:a0:2b:30:f3:88:38:b9:2d:19:bd:
         09:fa:76:d7:ed:b1:9a:d9:1d:36:49:0f:fb:63:0d:15:34:ac:
         18:2b:94:35:43:33:6e:b8:60:38:47:5d:b5:32:c2:8b:5a:c4:
         4b:c1:33:a0:7e:e6:2f:d8:47:50:74:4c:e3:2c:e7:e8:49:5c:
         60:4e:3a:62
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYucYhiMENtqkvp0cu2uCem7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMxMTA0MjIwOTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTg4NTk4NTExNWY3YTdkYmQ1NTJiOGM1MzM0ZmViOGI5MGMzY2EwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsAUVdcvHBkf0JX5Y14aTN20hk8Wy
K9b5dzy5iaa3siK1TQhAtlf2AvqcxZMP1KLcWLKGkAL+8TzcD81HAMt4+QDIvvHD
Cz5G7ru3MmbTMOSBVMddC10HA0CuikBzQt7C8TRMlj0JplMeO5KgKae2tV8Jq9ti
xQCs75w+D7d/QnE91yORd5+vtqAcCnX9uT+gsT618cFwfcjAPr+x+WyM7aUAsJ4K
5p+5rpgJfiXAiAqqRBylJBIUVJw2GjTyRDa4pMi15dV/K8R1SgAainQ9rkzkxMZz
aVo/eDG0Twomcsm8YCNpJ0uz7lZ6Ph6ac+Zces7uimlFeEnmnewWmRRQewIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFL6IWYURX3p9vVUrjFM0/ri5DDygMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvdm9oWmhSRmZlbjI5VlN1TVV6VC11TGtNUEtBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAucIfAwQA
udpnMA0GCSqGSIb3DQEBCwUAA4IBAQCMvrSD7Tow+cguX/xZzBXkyHdroJmJ6Xzu
9/EpZAlWc6hCEoTUO9ZE8Rd31PJ5RZPST45JQhh9voNTy7w8t1ndI98yCaPSafQt
KfZNX2WgVrPQcv/p9eKO7MV33/ORYL4b/WVALVCFIpJd7amNGgbJqOVH1dNVIPDI
FkpUGRWSr5vTJcvKmsRPZCtBEDiuBqLxXarLCVEFWapnydlrvzgp2fg/s2YHEzhz
esBeJoiVlyFATJokVPNxRg6tM6ArMPOIOLktGb0J+nbX7bGa2R02SQ/7Yw0VNKwY
K5Q1QzNuuGA4R121MsKLWsRLwTOgfuYv2EdQdEzjLOfoSVxgTjpi
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:33:15 2024 by rpki-client on console-ams.rpki-client.org