Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/8OC1YssY2C1fZA88RMH4E6grM0k.roa
File:                     8OC1YssY2C1fZA88RMH4E6grM0k.roa (raw, json)
Hash identifier:          wmSfyk9PYC8tJObNXJRh5FEaezUZnPAH7CC4m3w/M2U=
Subject key identifier:   F0:E0:B5:62:CB:18:D8:2D:5F:64:0F:3C:44:C1:F8:13:A8:2B:33:49
Certificate issuer:       /CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Certificate serial:       01877C8374EEBCDEA504845C812B0F8072CA
Authority key identifier: C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/8OC1YssY2C1fZA88RMH4E6grM0k.roa
Signing time:             Thu 13 Apr 2023 21:26:42 +0000
ROA not before:           Thu 13 Apr 2023 21:26:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     205331
IP address blocks:        91.191.216.0/23 maxlen: 24
                          5.104.183.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:30:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:7c:83:74:ee:bc:de:a5:04:84:5c:81:2b:0f:80:72:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
        Validity
            Not Before: Apr 13 21:26:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f0e0b562cb18d82d5f640f3c44c1f813a82b3349
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:c1:fd:d3:c2:37:1a:02:e1:6b:ee:45:34:04:
                    ea:c5:64:95:64:3b:93:47:98:8c:44:d8:63:d6:5d:
                    af:c6:76:56:43:67:8b:8c:1f:28:6e:cd:26:26:91:
                    7e:15:43:a8:b3:84:0c:cb:3f:63:fb:37:4e:45:b1:
                    ab:33:d1:23:9c:2c:dc:c7:7d:67:e4:d9:dc:a0:cd:
                    ce:6f:38:3a:b0:c7:f6:62:72:3d:08:22:62:54:1a:
                    44:f8:f1:29:30:92:af:ef:63:80:fd:c0:ae:d8:80:
                    64:f7:30:eb:68:d0:a8:64:b0:d3:c5:dc:19:d9:30:
                    44:76:e2:95:b6:b2:eb:b7:0a:c2:e1:2b:a3:15:dc:
                    0e:0b:39:b5:f2:ad:7b:d4:4a:29:70:07:82:2b:29:
                    06:d9:d4:f7:6f:6e:f6:7f:8c:5b:d0:05:9a:de:1d:
                    0a:a8:fa:e7:d2:64:8c:37:b8:b2:77:54:44:34:15:
                    ee:12:f4:79:3e:bf:73:fd:38:da:c4:68:91:d9:9e:
                    71:c2:85:c6:38:05:94:6d:ba:2c:9b:65:27:18:e8:
                    53:3b:4e:05:42:da:b7:af:92:73:3e:b3:dc:70:e0:
                    e2:7e:7c:6f:88:4d:f0:db:1f:13:6c:df:57:ce:ef:
                    ec:eb:22:d0:74:ca:32:da:e4:cb:90:12:4b:33:d2:
                    dc:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:E0:B5:62:CB:18:D8:2D:5F:64:0F:3C:44:C1:F8:13:A8:2B:33:49
            X509v3 Authority Key Identifier:
                keyid:C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/8OC1YssY2C1fZA88RMH4E6grM0k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.104.183.0/24
                  91.191.216.0/23

    Signature Algorithm: sha256WithRSAEncryption
         7d:89:8d:d9:9c:06:c6:22:89:a5:13:5f:78:95:44:ac:18:e0:
         14:c3:f6:a4:94:ea:25:b5:c4:94:4a:a3:78:8b:2d:80:ed:e2:
         97:f8:52:f5:2a:f6:8a:c8:33:47:44:99:d2:ea:82:43:19:f1:
         0f:3f:59:bc:76:d8:75:83:e1:4e:32:83:53:c1:6f:28:af:a7:
         46:30:66:9b:51:b6:02:1f:9c:d7:23:3c:c1:21:23:1a:55:00:
         62:d0:20:bc:df:23:ac:6d:5e:91:04:fb:f0:09:6d:99:1d:40:
         da:1f:0c:23:84:17:1e:b2:86:77:b9:14:38:9c:82:84:0d:a4:
         74:a7:0a:17:fa:74:10:a7:2f:9c:64:8c:a1:99:ad:8e:2e:64:
         b8:02:e8:ea:d2:f1:18:f5:e1:a0:e3:63:55:dd:5e:55:c2:1f:
         85:e0:e4:1d:8d:f6:64:84:83:0d:64:e9:fb:f2:5e:74:20:eb:
         c2:46:8c:f7:c2:24:16:7b:37:04:fe:e3:4c:4a:99:ea:d8:b1:
         f7:4a:0c:93:b1:49:e4:83:18:87:cc:68:d3:7b:8b:cd:ac:dc:
         18:b8:e1:4a:36:f7:12:17:1a:2b:ba:34:4b:55:9a:0b:36:b4:
         3f:32:cd:f4:a7:a2:4f:64:ae:29:c6:42:1d:b0:69:bb:44:8d:
         2f:bb:2b:25
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYd8g3TuvN6lBIRcgSsPgHLKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNWVhYzY0ZWE0ODAyZTY4MjQ2ODZmN2MwZDIwMWYyYzg1
Y2IyYWEwHhcNMjMwNDEzMjEyNjQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGUwYjU2MmNiMThkODJkNWY2NDBmM2M0NGMxZjgxM2E4MmIzMzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj8H908I3GgLha+5FNATqxWSVZDuT
R5iMRNhj1l2vxnZWQ2eLjB8obs0mJpF+FUOos4QMyz9j+zdORbGrM9EjnCzcx31n
5NncoM3Obzg6sMf2YnI9CCJiVBpE+PEpMJKv72OA/cCu2IBk9zDraNCoZLDTxdwZ
2TBEduKVtrLrtwrC4SujFdwOCzm18q171EopcAeCKykG2dT3b272f4xb0AWa3h0K
qPrn0mSMN7iyd1RENBXuEvR5Pr9z/TjaxGiR2Z5xwoXGOAWUbbosm2UnGOhTO04F
Qtq3r5JzPrPccODifnxviE3w2x8TbN9Xzu/s6yLQdMoy2uTLkBJLM9LclwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPDgtWLLGNgtX2QPPETB+BOoKzNJMB8GA1UdIwQY
MBaAFMNerGTqSALmgkaG98DSAfLIXLKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMt
ZGFjYjVmMzU2ZWEzLzEvOE9DMVlzc1kyQzFmWkE4OFJNSDRFNmdyTTBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMtZGFjYjVmMzU2ZWEz
LzEvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABWi3AwQB
W7/YMA0GCSqGSIb3DQEBCwUAA4IBAQB9iY3ZnAbGIomlE194lUSsGOAUw/aklOol
tcSUSqN4iy2A7eKX+FL1KvaKyDNHRJnS6oJDGfEPP1m8dth1g+FOMoNTwW8or6dG
MGabUbYCH5zXIzzBISMaVQBi0CC83yOsbV6RBPvwCW2ZHUDaHwwjhBcesoZ3uRQ4
nIKEDaR0pwoX+nQQpy+cZIyhma2OLmS4Aujq0vEY9eGg42NV3V5Vwh+F4OQdjfZk
hIMNZOn78l50IOvCRoz3wiQWezcE/uNMSpnq2LH3SgyTsUnkgxiHzGjTe4vNrNwY
uOFKNvcSFxorujRLVZoLNrQ/Ms30p6JPZK4pxkIdsGm7RI0vuysl
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:14 2024 by rpki-client on console-fra.rpki-client.org