Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/zOhsBYcoVy6mqqXG_6y2rGJijbI.roa
File:                     zOhsBYcoVy6mqqXG_6y2rGJijbI.roa (raw, json)
Hash identifier:          b9UHNCW+0zhro+4iqHuUx3iJ7ymAJfoC+BLq9oRNjaI=
Subject key identifier:   CC:E8:6C:05:87:28:57:2E:A6:AA:A5:C6:FF:AC:B6:AC:62:62:8D:B2
Certificate issuer:       /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial:       018BA55B27444DD2ABE00135A0346AE28BFC
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/zOhsBYcoVy6mqqXG_6y2rGJijbI.roa
Signing time:             Mon 06 Nov 2023 15:58:16 +0000
ROA not before:           Mon 06 Nov 2023 15:58:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209336
IP address blocks:        185.246.114.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 13 Dec 2023 09:39:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:a5:5b:27:44:4d:d2:ab:e0:01:35:a0:34:6a:e2:8b:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
        Validity
            Not Before: Nov  6 15:58:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=cce86c058728572ea6aaa5c6ffacb6ac62628db2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:76:a5:c8:e5:bc:0b:38:01:8a:49:b0:9d:11:
                    97:12:ab:d2:26:bc:5b:1c:32:13:b8:13:ee:e1:74:
                    8b:47:44:ff:00:4c:a9:b9:62:e7:d3:94:c1:76:3a:
                    7b:8f:eb:ca:a2:d7:77:00:2b:93:18:de:52:83:4e:
                    1e:26:f1:8e:bd:86:09:f9:65:b3:30:e0:72:99:68:
                    a6:75:49:d0:dd:ed:ad:73:c6:25:c6:de:39:3b:20:
                    bb:48:78:9d:fb:60:c6:e1:d7:60:94:01:27:4c:24:
                    fc:3b:5d:a1:ec:7c:38:25:93:4d:c7:b8:e4:38:cb:
                    c4:32:ff:06:35:8b:fb:75:22:bd:06:b4:d4:e4:3c:
                    e2:76:7a:da:81:50:35:7c:83:69:30:31:e4:eb:21:
                    8b:01:03:d9:20:ae:c9:33:be:53:2d:15:75:6c:37:
                    56:11:55:6b:6c:97:46:62:89:6f:eb:f8:5d:16:6e:
                    c1:68:ee:82:e9:a4:54:35:48:76:f0:e7:62:79:4f:
                    79:99:93:b1:5f:5b:75:c1:22:29:e8:60:58:e3:3c:
                    e5:e6:de:d3:44:3f:40:3d:67:fd:e9:38:4a:d2:60:
                    dc:02:1d:89:d8:2a:63:98:0f:ec:8c:9e:94:77:0d:
                    97:2a:1b:0c:66:ae:b7:02:e4:e0:40:40:58:07:a4:
                    de:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:E8:6C:05:87:28:57:2E:A6:AA:A5:C6:FF:AC:B6:AC:62:62:8D:B2
            X509v3 Authority Key Identifier:
                keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/zOhsBYcoVy6mqqXG_6y2rGJijbI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.246.114.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4d:24:84:6d:68:3e:23:1e:2d:6b:aa:4a:1c:dc:61:54:7a:ec:
         87:41:2d:6c:61:f1:cd:41:66:89:f9:6c:51:2a:20:55:67:6a:
         a5:63:82:fd:42:7f:31:1a:7f:c9:1d:0f:df:2d:84:f9:19:f2:
         94:c8:c3:20:4d:f2:d1:9a:22:fa:cd:76:56:a8:58:35:08:bc:
         db:0b:bf:ea:84:62:cc:07:1e:34:4f:70:4b:26:e4:80:5b:c3:
         62:7b:ab:74:73:2e:14:5b:66:a1:ec:63:5f:cd:69:4a:60:41:
         5e:94:48:fb:7a:6d:c4:ee:1d:52:e5:0c:29:c5:0b:63:b3:69:
         a4:fd:6c:94:27:76:a0:7b:9c:60:28:5b:db:d2:b3:5c:66:e5:
         69:7b:f4:ea:a2:ff:5c:82:8d:b8:7e:ed:03:06:86:17:a7:bf:
         a4:1e:17:12:07:9f:ec:a2:b9:33:82:fe:37:a4:15:74:b0:82:
         7f:bd:d3:96:40:c1:c5:9d:e4:3a:93:ed:81:03:46:b4:f9:5c:
         a6:74:46:34:c1:ad:39:6b:18:07:89:8f:e1:3f:6a:94:16:51:
         a5:09:d6:57:c7:f4:2f:3d:bc:ba:7f:fa:9f:59:eb:74:43:d9:
         ef:ef:5d:a3:c5:b9:c7:ce:3e:24:d1:9c:a5:93:9c:1d:7b:b4:
         35:32:db:db
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYulWydETdKr4AE1oDRq4ov8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMxMTA2MTU1ODE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2U4NmMwNTg3Mjg1NzJlYTZhYWE1YzZmZmFjYjZhYzYyNjI4ZGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl3alyOW8CzgBikmwnRGXEqvSJrxb
HDITuBPu4XSLR0T/AEypuWLn05TBdjp7j+vKotd3ACuTGN5Sg04eJvGOvYYJ+WWz
MOBymWimdUnQ3e2tc8Ylxt45OyC7SHid+2DG4ddglAEnTCT8O12h7Hw4JZNNx7jk
OMvEMv8GNYv7dSK9BrTU5DzidnragVA1fINpMDHk6yGLAQPZIK7JM75TLRV1bDdW
EVVrbJdGYolv6/hdFm7BaO6C6aRUNUh28OdieU95mZOxX1t1wSIp6GBY4zzl5t7T
RD9APWf96ThK0mDcAh2J2CpjmA/sjJ6Udw2XKhsMZq63AuTgQEBYB6Te9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMzobAWHKFcupqqlxv+stqxiYo2yMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvek9oc0JZY29WeTZtcXFYR182eTJyR0ppamJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufZyMA0G
CSqGSIb3DQEBCwUAA4IBAQBNJIRtaD4jHi1rqkoc3GFUeuyHQS1sYfHNQWaJ+WxR
KiBVZ2qlY4L9Qn8xGn/JHQ/fLYT5GfKUyMMgTfLRmiL6zXZWqFg1CLzbC7/qhGLM
Bx40T3BLJuSAW8Nie6t0cy4UW2ah7GNfzWlKYEFelEj7em3E7h1S5QwpxQtjs2mk
/WyUJ3age5xgKFvb0rNcZuVpe/Tqov9cgo24fu0DBoYXp7+kHhcSB5/sorkzgv43
pBV0sIJ/vdOWQMHFneQ6k+2BA0a0+VymdEY0wa05axgHiY/hP2qUFlGlCdZXx/Qv
Pby6f/qfWet0Q9nv712jxbnHzj4k0Zylk5wde7Q1Mtvb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:44 2024 by rpki-client on console-fra.rpki-client.org