Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/08af22-ffc9-4c1b-a9d7-94bedb5d0334/1/m5NUf4aLym4UlVG2aa3TVb5__2w.roa
File:                     m5NUf4aLym4UlVG2aa3TVb5__2w.roa (raw, json)
Hash identifier:          YDQcahqbHPJa3Qvu6M0rKy9JpX1hfJ6cmmdeCzg5RX0=
Subject key identifier:   9B:93:54:7F:86:8B:CA:6E:14:95:51:B6:69:AD:D3:55:BE:7F:FF:6C
Certificate issuer:       /CN=7c45672fc42bdd33e545338a7417e8171a04ee3f
Certificate serial:       01856F9DC208231164E400840FA0BE7BE64A
Authority key identifier: 7C:45:67:2F:C4:2B:DD:33:E5:45:33:8A:74:17:E8:17:1A:04:EE:3F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fEVnL8Qr3TPlRTOKdBfoFxoE7j8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e8/08af22-ffc9-4c1b-a9d7-94bedb5d0334/1/m5NUf4aLym4UlVG2aa3TVb5__2w.roa
Signing time:             Sun 01 Jan 2023 23:14:47 +0000
ROA not before:           Sun 01 Jan 2023 23:14:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     25400
IP address blocks:        185.197.211.0/24 maxlen: 24
                          2a0c:1bc0::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:30:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:9d:c2:08:23:11:64:e4:00:84:0f:a0:be:7b:e6:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7c45672fc42bdd33e545338a7417e8171a04ee3f
        Validity
            Not Before: Jan  1 23:14:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9b93547f868bca6e149551b669add355be7fff6c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:0f:c1:06:61:b4:61:b9:ee:66:d4:1f:2d:ed:
                    49:2e:fc:af:8a:ca:f8:cc:3d:05:18:42:b4:fc:7e:
                    ac:e9:75:e8:ee:7e:2d:2a:1f:72:18:46:ff:ce:37:
                    cc:fb:e5:6d:ba:6f:8e:ab:45:c1:8b:cc:68:bc:fa:
                    f5:a0:32:ff:a6:b3:9e:22:0f:48:a8:04:6b:8c:3f:
                    60:61:04:d4:59:ef:d3:a7:0c:2f:37:9c:b5:80:13:
                    34:a0:a0:f8:52:16:c9:52:65:6f:08:ac:46:86:e0:
                    26:e9:17:96:84:da:02:72:2c:9f:c2:40:59:17:a2:
                    25:20:af:6c:73:db:8f:d4:ef:6e:12:32:42:8d:c9:
                    98:84:93:e8:6b:08:ec:2d:5e:61:7c:d6:1a:a7:3f:
                    b5:f7:c5:23:37:67:51:19:a3:25:fc:57:aa:38:7b:
                    26:c6:bf:87:a5:79:b8:dd:af:d3:59:e8:8b:00:19:
                    1e:1a:3e:7f:d6:8e:2f:84:03:d6:94:07:87:03:3f:
                    80:bb:be:ee:9f:fd:92:5b:09:ea:20:ba:63:ac:22:
                    b4:9c:47:86:5b:93:77:33:c2:54:77:eb:11:6c:ce:
                    68:ee:54:1f:cb:34:6c:c1:66:9f:f4:9b:76:f3:3c:
                    c5:39:c7:cb:31:fb:21:73:fd:67:40:32:46:41:28:
                    36:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:93:54:7F:86:8B:CA:6E:14:95:51:B6:69:AD:D3:55:BE:7F:FF:6C
            X509v3 Authority Key Identifier:
                keyid:7C:45:67:2F:C4:2B:DD:33:E5:45:33:8A:74:17:E8:17:1A:04:EE:3F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fEVnL8Qr3TPlRTOKdBfoFxoE7j8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/08af22-ffc9-4c1b-a9d7-94bedb5d0334/1/m5NUf4aLym4UlVG2aa3TVb5__2w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/08af22-ffc9-4c1b-a9d7-94bedb5d0334/1/fEVnL8Qr3TPlRTOKdBfoFxoE7j8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.197.211.0/24
                IPv6:
                  2a0c:1bc0::/32

    Signature Algorithm: sha256WithRSAEncryption
         42:20:63:3f:9a:b9:78:9c:5c:70:67:d0:12:22:dc:03:a2:e4:
         63:f0:ae:d4:6b:97:b9:67:80:69:ee:cc:1e:91:7b:3a:3f:d9:
         31:5c:ac:ce:87:78:8f:77:0d:42:a4:a7:9d:72:c8:66:b0:dd:
         37:1e:55:c4:b4:7e:de:9c:ba:a3:21:96:a8:6f:f0:b2:f4:af:
         12:65:35:30:e4:e2:42:7e:1c:f1:4e:7d:56:1c:8c:59:6d:d4:
         a9:7e:db:7e:f3:ba:23:c8:db:4c:60:c3:27:f3:d7:17:33:b4:
         5f:fa:33:d3:67:79:49:42:23:25:28:fe:74:5c:84:ae:93:e5:
         d9:c5:8b:09:fa:54:8e:79:b9:d9:3d:de:9c:a9:92:60:94:25:
         45:61:b0:46:bc:e1:3d:74:88:47:be:f2:03:d2:08:8e:b4:68:
         65:ae:89:a1:49:79:9c:94:62:c7:eb:a6:ee:60:b1:e9:6a:e1:
         bb:43:fc:19:8c:ff:1c:e4:b1:34:b4:24:e1:69:21:46:6e:03:
         31:63:4c:1a:01:25:80:32:44:e9:a4:12:e3:52:64:5b:58:27:
         e5:62:2c:d0:68:7a:d6:a1:5a:5b:f3:31:60:1d:52:69:4d:17:
         eb:47:d9:00:05:36:34:54:81:ee:46:d4:9b:55:fb:8b:d3:cd:
         ff:9c:c0:1a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvncIIIxFk5ACED6C+e+ZKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjNDU2NzJmYzQyYmRkMzNlNTQ1MzM4YTc0MTdlODE3MWEw
NGVlM2YwHhcNMjMwMTAxMjMxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjkzNTQ3Zjg2OGJjYTZlMTQ5NTUxYjY2OWFkZDM1NWJlN2ZmZjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhw/BBmG0YbnuZtQfLe1JLvyvisr4
zD0FGEK0/H6s6XXo7n4tKh9yGEb/zjfM++Vtum+Oq0XBi8xovPr1oDL/prOeIg9I
qARrjD9gYQTUWe/TpwwvN5y1gBM0oKD4UhbJUmVvCKxGhuAm6ReWhNoCciyfwkBZ
F6IlIK9sc9uP1O9uEjJCjcmYhJPoawjsLV5hfNYapz+198UjN2dRGaMl/FeqOHsm
xr+HpXm43a/TWeiLABkeGj5/1o4vhAPWlAeHAz+Au77un/2SWwnqILpjrCK0nEeG
W5N3M8JUd+sRbM5o7lQfyzRswWaf9Jt28zzFOcfLMfshc/1nQDJGQSg2WwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJuTVH+Gi8puFJVRtmmt01W+f/9sMB8GA1UdIwQY
MBaAFHxFZy/EK90z5UUzinQX6BcaBO4/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkVWbkw4UXIzVFBsUlRPS2RCZm9GeG9FN2o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC8wOGFmMjItZmZjOS00YzFiLWE5ZDct
OTRiZWRiNWQwMzM0LzEvbTVOVWY0YUx5bTRVbFZHMmFhM1RWYjVfXzJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC8wOGFmMjItZmZjOS00YzFiLWE5ZDctOTRiZWRiNWQwMzM0
LzEvZkVWbkw4UXIzVFBsUlRPS2RCZm9GeG9FN2o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAucXTMA0E
AgACMAcDBQAqDBvAMA0GCSqGSIb3DQEBCwUAA4IBAQBCIGM/mrl4nFxwZ9ASItwD
ouRj8K7Ua5e5Z4Bp7swekXs6P9kxXKzOh3iPdw1CpKedcshmsN03HlXEtH7enLqj
IZaob/Cy9K8SZTUw5OJCfhzxTn1WHIxZbdSpftt+87ojyNtMYMMn89cXM7Rf+jPT
Z3lJQiMlKP50XISuk+XZxYsJ+lSOebnZPd6cqZJglCVFYbBGvOE9dIhHvvID0giO
tGhlromhSXmclGLH66buYLHpauG7Q/wZjP8c5LE0tCThaSFGbgMxY0waASWAMkTp
pBLjUmRbWCflYizQaHrWoVpb8zFgHVJpTRfrR9kABTY0VIHuRtSbVfuL083/nMAa
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:56 2024 by rpki-client on console-fra.rpki-client.org