Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/4acc15-bba0-4459-9667-de9b2f8f7e29/1/IqqDfyOzSOdx8n7GXEEJCae-3Ws.roa
File:                     IqqDfyOzSOdx8n7GXEEJCae-3Ws.roa (raw, json)
Hash identifier:          3Zv0w7jTa8K0PecrYiVRSTjxa+oNAopyk/oOweoFV+4=
Subject key identifier:   22:AA:83:7F:23:B3:48:E7:71:F2:7E:C6:5C:41:09:09:A7:BE:DD:6B
Certificate issuer:       /CN=e61bd7dd1f8ac8b4192ba78a592348b5dd0a1a66
Certificate serial:       018E2359792755A53603A5CA3220854FF3C6
Authority key identifier: E6:1B:D7:DD:1F:8A:C8:B4:19:2B:A7:8A:59:23:48:B5:DD:0A:1A:66
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5hvX3R-KyLQZK6eKWSNItd0KGmY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/4acc15-bba0-4459-9667-de9b2f8f7e29/1/IqqDfyOzSOdx8n7GXEEJCae-3Ws.roa
Signing time:             Sat 09 Mar 2024 13:14:09 +0000
ROA not before:           Sat 09 Mar 2024 13:14:09 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     212150
IP address blocks:        185.129.208.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Sat 09 Mar 2024 15:27:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8e:23:59:79:27:55:a5:36:03:a5:ca:32:20:85:4f:f3:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e61bd7dd1f8ac8b4192ba78a592348b5dd0a1a66
        Validity
            Not Before: Mar  9 13:14:09 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=22aa837f23b348e771f27ec65c410909a7bedd6b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:8b:7c:fa:51:6f:04:7e:cf:b8:1a:75:92:c1:
                    c9:d0:f4:ae:9c:ff:df:49:8d:16:7d:78:97:dd:f1:
                    0d:ee:62:d4:11:4b:bf:62:3a:6e:62:dd:f5:ff:98:
                    81:34:c3:04:4e:16:7b:19:8f:83:26:c3:08:b9:c2:
                    94:18:7b:2d:71:1e:c3:6c:d8:c9:45:fe:77:fc:26:
                    46:a8:d7:7b:97:eb:ec:77:78:7a:8c:e0:ce:57:ac:
                    6a:6d:df:76:da:a5:64:e0:3b:49:16:45:73:0f:78:
                    d0:9d:49:79:5d:8a:74:91:69:7e:54:cf:1c:62:23:
                    6d:ad:52:99:89:5d:be:0a:55:29:ee:01:13:25:da:
                    30:da:e7:01:bf:28:e8:38:6c:16:3a:39:51:23:09:
                    ef:3c:ab:31:42:a3:b0:e3:05:e1:d7:77:cf:c7:18:
                    d9:41:1b:69:cb:f9:f9:3d:6a:39:c2:f1:9d:00:00:
                    00:fa:1f:ad:e5:f8:c0:d2:2a:3e:47:a7:5c:44:5b:
                    8e:e7:bd:62:8a:71:74:b8:4f:db:7d:43:d7:2c:3f:
                    99:ea:08:9c:84:e0:77:98:04:50:6c:0d:00:73:3f:
                    89:6b:c6:34:b7:16:86:b0:e1:30:d6:fa:d0:a6:74:
                    15:7a:7e:c9:a9:91:38:a2:ab:56:6e:9e:09:99:db:
                    65:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:AA:83:7F:23:B3:48:E7:71:F2:7E:C6:5C:41:09:09:A7:BE:DD:6B
            X509v3 Authority Key Identifier:
                keyid:E6:1B:D7:DD:1F:8A:C8:B4:19:2B:A7:8A:59:23:48:B5:DD:0A:1A:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5hvX3R-KyLQZK6eKWSNItd0KGmY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/4acc15-bba0-4459-9667-de9b2f8f7e29/1/IqqDfyOzSOdx8n7GXEEJCae-3Ws.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/4acc15-bba0-4459-9667-de9b2f8f7e29/1/5hvX3R-KyLQZK6eKWSNItd0KGmY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.129.208.0/22

    Signature Algorithm: sha256WithRSAEncryption
         36:8b:c5:29:a3:5c:68:d6:22:56:98:3d:d9:33:00:e6:9d:bd:
         92:f1:3c:fb:c7:3d:a2:e3:13:e3:54:a7:2c:c7:df:70:08:98:
         77:41:1f:28:75:6a:6f:a9:4b:e0:9c:60:3d:5e:30:01:66:93:
         02:3b:9d:c1:36:38:c9:c4:fa:d1:20:7f:79:87:be:f1:66:50:
         71:41:32:bd:f6:f0:ad:e1:b9:79:00:72:80:a4:48:4e:d2:f5:
         1d:f3:29:6f:b8:23:f0:70:e1:71:55:af:9d:fc:5c:53:ad:c1:
         6d:e4:09:96:7f:0b:07:3e:b3:b3:46:c6:2a:6f:30:31:88:29:
         88:44:8e:4d:74:5a:32:f8:ef:58:b3:6d:d4:51:db:67:00:13:
         65:99:5a:b4:bf:31:e3:5c:37:04:9f:72:c6:37:69:ba:ca:50:
         d6:49:c1:81:47:8c:10:a2:97:a8:e6:de:35:31:9b:da:64:7d:
         8d:06:90:74:ec:40:41:45:da:76:29:51:bb:24:fe:26:fe:2c:
         e8:b0:5e:a9:bf:8c:93:a1:31:9c:ba:3b:1c:83:14:6b:3f:21:
         d4:e3:1f:b0:de:81:78:b9:90:c8:ae:59:88:cd:58:a7:bf:af:
         ff:85:bd:5b:ba:1b:9e:55:d7:1e:79:ef:b0:68:a9:66:47:be:
         b1:95:a5:64
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY4jWXknVaU2A6XKMiCFT/PGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2MWJkN2RkMWY4YWM4YjQxOTJiYTc4YTU5MjM0OGI1ZGQw
YTFhNjYwHhcNMjQwMzA5MTMxNDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmFhODM3ZjIzYjM0OGU3NzFmMjdlYzY1YzQxMDkwOWE3YmVkZDZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnot8+lFvBH7PuBp1ksHJ0PSunP/f
SY0WfXiX3fEN7mLUEUu/YjpuYt31/5iBNMMEThZ7GY+DJsMIucKUGHstcR7DbNjJ
Rf53/CZGqNd7l+vsd3h6jODOV6xqbd922qVk4DtJFkVzD3jQnUl5XYp0kWl+VM8c
YiNtrVKZiV2+ClUp7gETJdow2ucBvyjoOGwWOjlRIwnvPKsxQqOw4wXh13fPxxjZ
QRtpy/n5PWo5wvGdAAAA+h+t5fjA0io+R6dcRFuO571iinF0uE/bfUPXLD+Z6gic
hOB3mARQbA0Acz+Ja8Y0txaGsOEw1vrQpnQVen7JqZE4oqtWbp4JmdtlUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCKqg38js0jncfJ+xlxBCQmnvt1rMB8GA1UdIwQY
MBaAFOYb190fisi0GSunilkjSLXdChpmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWh2WDNSLUt5TFFaSzZlS1dTTkl0ZDBLR21ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80YWNjMTUtYmJhMC00NDU5LTk2Njct
ZGU5YjJmOGY3ZTI5LzEvSXFxRGZ5T3pTT2R4OG43R1hFRUpDYWUtM1dzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80YWNjMTUtYmJhMC00NDU5LTk2NjctZGU5YjJmOGY3ZTI5
LzEvNWh2WDNSLUt5TFFaSzZlS1dTTkl0ZDBLR21ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYHQMA0G
CSqGSIb3DQEBCwUAA4IBAQA2i8Upo1xo1iJWmD3ZMwDmnb2S8Tz7xz2i4xPjVKcs
x99wCJh3QR8odWpvqUvgnGA9XjABZpMCO53BNjjJxPrRIH95h77xZlBxQTK99vCt
4bl5AHKApEhO0vUd8ylvuCPwcOFxVa+d/FxTrcFt5AmWfwsHPrOzRsYqbzAxiCmI
RI5NdFoy+O9Ys23UUdtnABNlmVq0vzHjXDcEn3LGN2m6ylDWScGBR4wQopeo5t41
MZvaZH2NBpB07EBBRdp2KVG7JP4m/izosF6pv4yToTGcujscgxRrPyHU4x+w3oF4
uZDIrlmIzVinv6//hb1buhueVdceee+waKlmR76xlaVk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:46 2024 by rpki-client on console-fra.rpki-client.org