Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/892a27-fdb6-4285-829a-87f5b6479d1e/1/BOjJG7cAKU8B5oyxaBxctqWr7iU.roa
File:                     BOjJG7cAKU8B5oyxaBxctqWr7iU.roa (raw, json)
Hash identifier:          q5ZhaEbPzfQiI2D39DKQbzaYbsxml9mgkgw4FAOAAFg=
Subject key identifier:   04:E8:C9:1B:B7:00:29:4F:01:E6:8C:B1:68:1C:5C:B6:A5:AB:EE:25
Certificate issuer:       /CN=18a84a8e475f6606e7a12f92b330d63d8f880be0
Certificate serial:       01856F1DA9A45CF2EB75DB39F0CA23F3476A
Authority key identifier: 18:A8:4A:8E:47:5F:66:06:E7:A1:2F:92:B3:30:D6:3D:8F:88:0B:E0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GKhKjkdfZgbnoS-SszDWPY-IC-A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d8/892a27-fdb6-4285-829a-87f5b6479d1e/1/BOjJG7cAKU8B5oyxaBxctqWr7iU.roa
Signing time:             Sun 01 Jan 2023 20:54:52 +0000
ROA not before:           Sun 01 Jan 2023 20:54:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     206092
IP address blocks:        185.208.11.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 00:29:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:1d:a9:a4:5c:f2:eb:75:db:39:f0:ca:23:f3:47:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18a84a8e475f6606e7a12f92b330d63d8f880be0
        Validity
            Not Before: Jan  1 20:54:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=04e8c91bb700294f01e68cb1681c5cb6a5abee25
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:6a:8b:da:e9:a1:65:c2:dd:ec:8e:00:06:d9:
                    e4:22:28:77:e7:d2:22:d0:9e:10:03:4e:b4:21:6a:
                    6d:69:7e:a9:63:e9:2a:75:00:29:88:26:77:54:49:
                    c6:c0:fb:29:0d:a5:70:8b:eb:d8:b4:04:1d:81:9f:
                    bd:28:37:5a:30:58:5c:9c:49:a4:d1:b6:74:ad:21:
                    88:40:bf:14:8a:b9:53:52:2a:75:1b:4d:e7:59:5d:
                    76:d5:18:9c:48:99:fa:9f:23:38:d1:cd:9c:a4:5c:
                    c6:55:ca:29:c6:b7:9a:68:91:57:25:23:2a:06:e5:
                    aa:7f:31:7d:3b:f9:c1:0b:17:75:3c:bc:6a:90:59:
                    07:14:9a:21:c3:66:8c:a6:86:7b:87:24:1d:fb:90:
                    cb:6d:76:85:f8:73:dd:89:11:26:dc:b7:cd:f7:8c:
                    fd:14:af:f2:c3:53:72:2d:43:bc:c3:c7:b0:3e:aa:
                    ae:11:92:a5:6b:bd:21:46:e1:34:fb:62:de:ab:0f:
                    91:91:52:bb:8b:57:86:af:e3:b3:e9:13:e4:76:a7:
                    d9:2c:89:65:0f:59:fd:be:a1:20:ae:d1:2a:7c:fb:
                    94:20:42:ae:38:ce:c0:3e:20:e6:e9:b8:05:29:de:
                    8a:c4:5a:c4:c5:f4:06:ec:73:7b:36:65:42:76:b5:
                    86:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:E8:C9:1B:B7:00:29:4F:01:E6:8C:B1:68:1C:5C:B6:A5:AB:EE:25
            X509v3 Authority Key Identifier:
                keyid:18:A8:4A:8E:47:5F:66:06:E7:A1:2F:92:B3:30:D6:3D:8F:88:0B:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GKhKjkdfZgbnoS-SszDWPY-IC-A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/892a27-fdb6-4285-829a-87f5b6479d1e/1/BOjJG7cAKU8B5oyxaBxctqWr7iU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/892a27-fdb6-4285-829a-87f5b6479d1e/1/GKhKjkdfZgbnoS-SszDWPY-IC-A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.208.11.0/24

    Signature Algorithm: sha256WithRSAEncryption
         56:cc:21:17:a3:c2:f5:6e:1d:bc:5e:8c:f9:78:a8:0c:ea:13:
         d4:7a:c5:26:de:55:92:af:42:30:a8:d2:3f:4a:15:31:85:df:
         ce:24:3f:17:24:b4:65:ba:79:5f:18:af:5f:c9:af:08:22:1c:
         9e:86:60:37:6b:cd:23:9d:8d:84:c1:35:a3:27:6d:f7:10:9b:
         56:aa:e6:8d:ad:9b:a4:c3:6c:f1:7e:c7:fe:b2:8d:a0:f8:18:
         d4:57:39:f0:eb:fe:42:c2:28:f4:29:0f:59:5f:35:d4:a5:32:
         6e:36:83:0c:8d:30:dd:81:db:4f:a1:3f:e2:82:1c:2a:0a:a5:
         53:0e:35:8e:06:66:6b:33:4a:11:52:e7:69:99:eb:a3:55:f8:
         f4:f7:80:72:af:dc:e2:a6:0d:08:b7:a8:e1:0c:3e:88:df:94:
         c2:a1:3d:6f:f7:8e:72:1f:1e:97:24:a6:a9:55:12:b7:2f:ae:
         84:06:bf:d0:b8:05:02:87:ab:b1:74:ba:ff:4a:dd:69:18:68:
         02:db:9c:76:c3:4c:c4:74:b7:4a:97:1a:8f:1f:54:d0:8d:c5:
         b2:a9:0d:56:05:69:32:80:6e:37:a1:27:b6:e2:93:46:cb:0d:
         f4:d4:6d:98:f3:84:88:88:35:eb:1d:31:19:f0:49:d8:03:2a:
         4c:73:59:9b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvHamkXPLrdds58Moj80dqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4YTg0YThlNDc1ZjY2MDZlN2ExMmY5MmIzMzBkNjNkOGY4
ODBiZTAwHhcNMjMwMTAxMjA1NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGU4YzkxYmI3MDAyOTRmMDFlNjhjYjE2ODFjNWNiNmE1YWJlZTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlmqL2umhZcLd7I4ABtnkIih359Ii
0J4QA060IWptaX6pY+kqdQApiCZ3VEnGwPspDaVwi+vYtAQdgZ+9KDdaMFhcnEmk
0bZ0rSGIQL8UirlTUip1G03nWV121RicSJn6nyM40c2cpFzGVcopxreaaJFXJSMq
BuWqfzF9O/nBCxd1PLxqkFkHFJohw2aMpoZ7hyQd+5DLbXaF+HPdiREm3LfN94z9
FK/yw1NyLUO8w8ewPqquEZKla70hRuE0+2Leqw+RkVK7i1eGr+Oz6RPkdqfZLIll
D1n9vqEgrtEqfPuUIEKuOM7APiDm6bgFKd6KxFrExfQG7HN7NmVCdrWGrQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAToyRu3AClPAeaMsWgcXLalq+4lMB8GA1UdIwQY
MBaAFBioSo5HX2YG56EvkrMw1j2PiAvgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0toS2prZGZaZ2Jub1MtU3N6RFdQWS1JQy1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC84OTJhMjctZmRiNi00Mjg1LTgyOWEt
ODdmNWI2NDc5ZDFlLzEvQk9qSkc3Y0FLVThCNW95eGFCeGN0cVdyN2lVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC84OTJhMjctZmRiNi00Mjg1LTgyOWEtODdmNWI2NDc5ZDFl
LzEvR0toS2prZGZaZ2Jub1MtU3N6RFdQWS1JQy1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudALMA0G
CSqGSIb3DQEBCwUAA4IBAQBWzCEXo8L1bh28Xoz5eKgM6hPUesUm3lWSr0IwqNI/
ShUxhd/OJD8XJLRlunlfGK9fya8IIhyehmA3a80jnY2EwTWjJ233EJtWquaNrZuk
w2zxfsf+so2g+BjUVznw6/5Cwij0KQ9ZXzXUpTJuNoMMjTDdgdtPoT/ighwqCqVT
DjWOBmZrM0oRUudpmeujVfj094Byr9zipg0It6jhDD6I35TCoT1v945yHx6XJKap
VRK3L66EBr/QuAUCh6uxdLr/St1pGGgC25x2w0zEdLdKlxqPH1TQjcWyqQ1WBWky
gG43oSe24pNGyw301G2Y84SIiDXrHTEZ8EnYAypMc1mb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:47 2024 by rpki-client on console-fra.rpki-client.org