Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/892a27-fdb6-4285-829a-87f5b6479d1e/1/1z6e7LC8HM9V6l8Ni9C822VtLH8.roa
File:                     1z6e7LC8HM9V6l8Ni9C822VtLH8.roa (raw, json)
Hash identifier:          mk0jhqe4CnbF95mWoWaE7we6tNT8kWC7b38E5kBbDYM=
Subject key identifier:   D7:3E:9E:EC:B0:BC:1C:CF:55:EA:5F:0D:8B:D0:BC:DB:65:6D:2C:7F
Certificate issuer:       /CN=18a84a8e475f6606e7a12f92b330d63d8f880be0
Certificate serial:       01856F1DA86314D74926ED55A0A90B6178C1
Authority key identifier: 18:A8:4A:8E:47:5F:66:06:E7:A1:2F:92:B3:30:D6:3D:8F:88:0B:E0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GKhKjkdfZgbnoS-SszDWPY-IC-A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d8/892a27-fdb6-4285-829a-87f5b6479d1e/1/1z6e7LC8HM9V6l8Ni9C822VtLH8.roa
Signing time:             Sun 01 Jan 2023 20:54:52 +0000
ROA not before:           Sun 01 Jan 2023 20:54:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     8100
IP address blocks:        185.208.10.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 00:29:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:1d:a8:63:14:d7:49:26:ed:55:a0:a9:0b:61:78:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18a84a8e475f6606e7a12f92b330d63d8f880be0
        Validity
            Not Before: Jan  1 20:54:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d73e9eecb0bc1ccf55ea5f0d8bd0bcdb656d2c7f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:d3:df:f3:74:a8:01:c4:5f:2c:72:46:df:aa:
                    f4:c5:28:80:2e:64:c5:4e:97:51:a0:f3:40:63:1a:
                    72:48:b4:4a:81:02:28:7d:34:c8:9f:85:db:74:8d:
                    1b:7e:f1:c5:a0:b4:5c:11:07:f6:8a:5f:13:f0:75:
                    10:97:40:2e:25:f6:d4:c1:05:3b:e2:26:17:da:63:
                    aa:29:32:1b:87:f2:81:a3:5b:3f:68:85:27:6f:a2:
                    7d:35:1e:83:3c:f0:78:36:73:0c:85:fd:ba:3e:95:
                    a6:49:0e:fd:dd:14:e1:77:79:63:d1:5d:b9:4b:c1:
                    32:b1:b9:c2:05:fd:8c:94:05:7e:5d:8f:bf:58:77:
                    eb:3b:f9:72:a8:6d:c1:24:8a:b5:96:65:48:31:dd:
                    8c:2b:fc:a9:cc:15:5d:b9:67:eb:c0:05:7a:1d:e7:
                    f0:8e:be:99:0a:9c:06:2d:7e:25:b1:62:69:4d:9a:
                    0c:81:ad:3c:e4:61:bd:1b:0f:f2:63:a1:27:24:c8:
                    2e:a5:bc:7a:35:db:6f:f2:e6:20:d1:d5:c3:7f:a1:
                    12:a7:89:6a:19:c7:e7:95:ea:1b:81:ba:61:cf:0e:
                    dd:2f:9b:76:c5:d4:52:4a:5b:05:f5:07:61:48:45:
                    6f:a1:ce:10:e1:39:2f:9e:d6:a6:35:05:04:81:a9:
                    f4:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:3E:9E:EC:B0:BC:1C:CF:55:EA:5F:0D:8B:D0:BC:DB:65:6D:2C:7F
            X509v3 Authority Key Identifier:
                keyid:18:A8:4A:8E:47:5F:66:06:E7:A1:2F:92:B3:30:D6:3D:8F:88:0B:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GKhKjkdfZgbnoS-SszDWPY-IC-A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/892a27-fdb6-4285-829a-87f5b6479d1e/1/1z6e7LC8HM9V6l8Ni9C822VtLH8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/892a27-fdb6-4285-829a-87f5b6479d1e/1/GKhKjkdfZgbnoS-SszDWPY-IC-A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.208.10.0/24

    Signature Algorithm: sha256WithRSAEncryption
         67:97:ef:8e:27:e9:e4:09:51:de:7d:c7:e3:21:54:a8:98:db:
         2d:bf:41:50:72:52:6a:d0:e8:c1:bd:7c:2c:22:f9:82:f7:30:
         27:c3:34:77:bc:9f:62:89:a0:47:2c:26:27:fc:e7:a7:7c:db:
         88:5c:d6:2d:9b:08:16:26:31:09:49:d3:61:ac:d9:d9:95:80:
         93:0f:36:47:af:da:e1:c5:eb:53:f5:33:bd:c9:77:b9:21:aa:
         b2:56:df:08:09:e7:60:5d:cd:15:0c:1e:5a:b9:db:48:29:4b:
         1a:38:b8:aa:d7:05:d2:f4:e9:a0:14:fd:c8:c5:c9:47:91:56:
         18:52:7a:62:c4:cf:49:3a:4a:d1:82:cd:4f:52:99:ee:65:f6:
         1b:7c:e2:84:e7:f8:a4:03:00:a1:95:fd:90:9f:bb:05:a4:1e:
         b7:73:2f:ab:a8:be:2f:a6:b8:ea:b2:7a:eb:c5:54:c1:ee:fa:
         57:a0:b7:ab:f5:37:56:ae:53:83:32:16:c2:5b:2d:67:31:d0:
         c1:c0:4e:d4:8d:c9:e3:dd:fb:1a:3d:9e:12:25:68:af:bb:1e:
         fe:7d:19:ed:e1:7c:1d:fb:6c:17:a7:d7:65:bb:84:84:86:3f:
         6a:75:6e:4b:3f:ca:47:f7:98:29:1e:76:b1:69:25:94:f0:63:
         a0:48:a1:ca
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvHahjFNdJJu1VoKkLYXjBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4YTg0YThlNDc1ZjY2MDZlN2ExMmY5MmIzMzBkNjNkOGY4
ODBiZTAwHhcNMjMwMTAxMjA1NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzNlOWVlY2IwYmMxY2NmNTVlYTVmMGQ4YmQwYmNkYjY1NmQyYzdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAstPf83SoAcRfLHJG36r0xSiALmTF
TpdRoPNAYxpySLRKgQIofTTIn4XbdI0bfvHFoLRcEQf2il8T8HUQl0AuJfbUwQU7
4iYX2mOqKTIbh/KBo1s/aIUnb6J9NR6DPPB4NnMMhf26PpWmSQ793RThd3lj0V25
S8EysbnCBf2MlAV+XY+/WHfrO/lyqG3BJIq1lmVIMd2MK/ypzBVduWfrwAV6Hefw
jr6ZCpwGLX4lsWJpTZoMga085GG9Gw/yY6EnJMgupbx6Ndtv8uYg0dXDf6ESp4lq
Gcfnleobgbphzw7dL5t2xdRSSlsF9QdhSEVvoc4Q4TkvntamNQUEgan0hQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNc+nuywvBzPVepfDYvQvNtlbSx/MB8GA1UdIwQY
MBaAFBioSo5HX2YG56EvkrMw1j2PiAvgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0toS2prZGZaZ2Jub1MtU3N6RFdQWS1JQy1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC84OTJhMjctZmRiNi00Mjg1LTgyOWEt
ODdmNWI2NDc5ZDFlLzEvMXo2ZTdMQzhITTlWNmw4Tmk5QzgyMlZ0TEg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC84OTJhMjctZmRiNi00Mjg1LTgyOWEtODdmNWI2NDc5ZDFl
LzEvR0toS2prZGZaZ2Jub1MtU3N6RFdQWS1JQy1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudAKMA0G
CSqGSIb3DQEBCwUAA4IBAQBnl++OJ+nkCVHefcfjIVSomNstv0FQclJq0OjBvXws
IvmC9zAnwzR3vJ9iiaBHLCYn/OenfNuIXNYtmwgWJjEJSdNhrNnZlYCTDzZHr9rh
xetT9TO9yXe5IaqyVt8ICedgXc0VDB5audtIKUsaOLiq1wXS9OmgFP3IxclHkVYY
UnpixM9JOkrRgs1PUpnuZfYbfOKE5/ikAwChlf2Qn7sFpB63cy+rqL4vprjqsnrr
xVTB7vpXoLer9TdWrlODMhbCWy1nMdDBwE7Ujcnj3fsaPZ4SJWivux7+fRnt4Xwd
+2wXp9dlu4SEhj9qdW5LP8pH95gpHnaxaSWU8GOgSKHK
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:01 2024 by rpki-client on console-ams.rpki-client.org