Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/c67d90-d304-481b-8a64-1e326deba4d0/1/u0dYISwz2jwHJPWTccoALHPOAYc.roa
File:                     u0dYISwz2jwHJPWTccoALHPOAYc.roa (raw, json)
Hash identifier:          3eowtLB83gWeIeumjr5+0dGDNMqJFJux8ik7aJP4MJU=
Subject key identifier:   BB:47:58:21:2C:33:DA:3C:07:24:F5:93:71:CA:00:2C:73:CE:01:87
Certificate issuer:       /CN=8bdea2d4ab1380f0a3b7fe7d4fa7828e1c943558
Certificate serial:       0185720C48C8A66982D67C2BCE4463364378
Authority key identifier: 8B:DE:A2:D4:AB:13:80:F0:A3:B7:FE:7D:4F:A7:82:8E:1C:94:35:58
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/i96i1KsTgPCjt_59T6eCjhyUNVg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d6/c67d90-d304-481b-8a64-1e326deba4d0/1/u0dYISwz2jwHJPWTccoALHPOAYc.roa
Signing time:             Mon 02 Jan 2023 10:34:45 +0000
ROA not before:           Mon 02 Jan 2023 10:34:45 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204356
IP address blocks:        185.252.103.0/24 maxlen: 24
                          185.252.100.0/24 maxlen: 24
                          185.252.101.0/24 maxlen: 24
                          185.252.102.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:31:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:0c:48:c8:a6:69:82:d6:7c:2b:ce:44:63:36:43:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8bdea2d4ab1380f0a3b7fe7d4fa7828e1c943558
        Validity
            Not Before: Jan  2 10:34:45 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=bb4758212c33da3c0724f59371ca002c73ce0187
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:b2:4b:ce:36:b3:90:e5:75:61:8a:cc:4e:a7:
                    91:55:62:69:a2:5b:94:34:3f:ea:4a:54:d1:d3:4f:
                    b3:79:5c:c0:c6:de:05:9a:2d:2c:82:d5:38:4a:29:
                    18:46:26:b2:9a:2f:be:f1:b4:0a:a0:49:e1:c8:6c:
                    e6:f7:ba:a3:2d:58:6b:6a:2b:63:ce:bf:d7:52:dd:
                    7f:24:29:dd:8e:b8:db:57:7a:07:5e:cc:b4:30:dd:
                    e3:91:05:07:94:33:7c:54:aa:75:86:40:de:12:8d:
                    b4:71:0e:ad:9d:6b:64:b7:ef:68:dd:49:b4:7c:c5:
                    e1:08:80:c3:87:d9:86:ae:df:4b:4e:d8:78:3d:f3:
                    e6:13:19:e3:a7:02:f0:16:e9:66:5a:9a:76:02:b3:
                    3d:94:c6:9c:8f:a3:52:2e:69:da:06:7e:79:36:51:
                    89:bd:7a:ea:58:1b:19:21:5d:fd:05:a5:fa:97:ec:
                    dd:58:93:0d:37:a8:2c:96:7c:35:b0:52:2a:d4:a2:
                    40:14:00:a0:6c:4d:36:ff:0e:6e:fa:e1:bd:74:13:
                    af:fe:7b:72:80:49:98:e2:88:6a:1c:74:15:15:e5:
                    24:3e:cb:1a:37:00:0a:9f:59:e0:c1:32:b8:50:75:
                    fa:57:8e:f3:25:91:1c:dc:bb:ad:99:b9:d9:04:5c:
                    aa:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:47:58:21:2C:33:DA:3C:07:24:F5:93:71:CA:00:2C:73:CE:01:87
            X509v3 Authority Key Identifier:
                keyid:8B:DE:A2:D4:AB:13:80:F0:A3:B7:FE:7D:4F:A7:82:8E:1C:94:35:58

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i96i1KsTgPCjt_59T6eCjhyUNVg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/c67d90-d304-481b-8a64-1e326deba4d0/1/u0dYISwz2jwHJPWTccoALHPOAYc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/c67d90-d304-481b-8a64-1e326deba4d0/1/i96i1KsTgPCjt_59T6eCjhyUNVg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.252.100.0/22

    Signature Algorithm: sha256WithRSAEncryption
         64:d9:c9:37:ec:5c:aa:f1:bb:dd:ee:38:a4:b5:33:85:db:35:
         c5:c0:9b:4e:cc:54:cd:9e:23:0d:72:59:d3:88:61:8a:c6:5d:
         17:cf:84:bb:88:14:05:62:e1:02:01:28:8c:35:17:a0:5d:17:
         a5:ba:17:9f:71:fc:a5:9f:cd:53:57:18:36:37:c8:ec:4c:9e:
         09:9c:bd:8f:ec:52:9d:2b:ad:fb:38:10:30:f5:fb:3c:fa:51:
         db:08:ed:e7:46:0b:8b:ae:f9:b0:6c:fc:ce:c1:ee:97:10:b0:
         05:ca:58:91:3d:e2:64:8c:fc:3d:44:a9:b0:b0:1d:31:17:25:
         6c:51:10:bc:1f:b0:a2:93:f5:55:85:b2:38:a0:a8:89:24:2a:
         05:61:75:ec:8f:71:fc:25:81:43:3d:46:74:e9:83:c5:4a:74:
         b0:d2:bc:05:08:f4:1c:a5:79:cf:40:ff:dc:b8:04:d5:ba:04:
         a9:40:2e:5b:9f:6f:5f:f7:41:a4:b0:c5:e9:f9:d5:05:29:ef:
         a2:a0:5f:e7:0d:a0:f6:f3:2b:68:a6:a8:e4:ee:0c:be:86:16:
         45:69:a7:51:f3:ee:b4:12:e2:9d:cd:12:37:d9:43:eb:5c:60:
         0a:d5:a8:72:d8:78:8c:71:d9:45:c2:53:96:3e:18:70:a2:7c:
         63:fb:9f:56
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyDEjIpmmC1nwrzkRjNkN4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiZGVhMmQ0YWIxMzgwZjBhM2I3ZmU3ZDRmYTc4MjhlMWM5
NDM1NTgwHhcNMjMwMTAyMTAzNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjQ3NTgyMTJjMzNkYTNjMDcyNGY1OTM3MWNhMDAyYzczY2UwMTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjLJLzjazkOV1YYrMTqeRVWJpoluU
ND/qSlTR00+zeVzAxt4Fmi0sgtU4SikYRiaymi++8bQKoEnhyGzm97qjLVhraitj
zr/XUt1/JCndjrjbV3oHXsy0MN3jkQUHlDN8VKp1hkDeEo20cQ6tnWtkt+9o3Um0
fMXhCIDDh9mGrt9LTth4PfPmExnjpwLwFulmWpp2ArM9lMacj6NSLmnaBn55NlGJ
vXrqWBsZIV39BaX6l+zdWJMNN6gslnw1sFIq1KJAFACgbE02/w5u+uG9dBOv/nty
gEmY4ohqHHQVFeUkPssaNwAKn1ngwTK4UHX6V47zJZEc3LutmbnZBFyqIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLtHWCEsM9o8ByT1k3HKACxzzgGHMB8GA1UdIwQY
MBaAFIveotSrE4Dwo7f+fU+ngo4clDVYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTk2aTFLc1RnUENqdF81OVQ2ZUNqaHlVTlZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi9jNjdkOTAtZDMwNC00ODFiLThhNjQt
MWUzMjZkZWJhNGQwLzEvdTBkWUlTd3oyandISlBXVGNjb0FMSFBPQVljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi9jNjdkOTAtZDMwNC00ODFiLThhNjQtMWUzMjZkZWJhNGQw
LzEvaTk2aTFLc1RnUENqdF81OVQ2ZUNqaHlVTlZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCufxkMA0G
CSqGSIb3DQEBCwUAA4IBAQBk2ck37Fyq8bvd7jiktTOF2zXFwJtOzFTNniMNclnT
iGGKxl0Xz4S7iBQFYuECASiMNRegXReluhefcfyln81TVxg2N8jsTJ4JnL2P7FKd
K637OBAw9fs8+lHbCO3nRguLrvmwbPzOwe6XELAFyliRPeJkjPw9RKmwsB0xFyVs
URC8H7Cik/VVhbI4oKiJJCoFYXXsj3H8JYFDPUZ06YPFSnSw0rwFCPQcpXnPQP/c
uATVugSpQC5bn29f90GksMXp+dUFKe+ioF/nDaD28ytopqjk7gy+hhZFaadR8+60
EuKdzRI32UPrXGAK1ahy2HiMcdlFwlOWPhhwonxj+59W
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:44 2024 by rpki-client on console-ams.rpki-client.org