Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/a2787e-c4bb-4dfd-83cd-bdfa7c4f8b0a/1/P-ymWUkiDlOdP_43j8ubKr7_KD4.roa
File:                     P-ymWUkiDlOdP_43j8ubKr7_KD4.roa (raw, json)
Hash identifier:          PjFdtBhyfJ458fPUNwgW7A9ZetwlFGJ5QhHbpuLF+v8=
Subject key identifier:   3F:EC:A6:59:49:22:0E:53:9D:3F:FE:37:8F:CB:9B:2A:BE:FF:28:3E
Certificate issuer:       /CN=3a76fc5c9010b41119ca68dc6b9950ba5ff7327e
Certificate serial:       0185710BE6CAAF97115528993411960A57D2
Authority key identifier: 3A:76:FC:5C:90:10:B4:11:19:CA:68:DC:6B:99:50:BA:5F:F7:32:7E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Onb8XJAQtBEZymjca5lQul_3Mn4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/eb/a2787e-c4bb-4dfd-83cd-bdfa7c4f8b0a/1/P-ymWUkiDlOdP_43j8ubKr7_KD4.roa
Signing time:             Mon 02 Jan 2023 05:54:43 +0000
ROA not before:           Mon 02 Jan 2023 05:54:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212140
IP address blocks:        185.226.96.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 14 Feb 2023 08:49:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:0b:e6:ca:af:97:11:55:28:99:34:11:96:0a:57:d2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3a76fc5c9010b41119ca68dc6b9950ba5ff7327e
        Validity
            Not Before: Jan  2 05:54:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3feca65949220e539d3ffe378fcb9b2abeff283e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:de:a3:23:41:bb:da:ce:d9:86:c9:ac:4c:1a:
                    15:43:cf:1b:b7:34:87:9e:e6:30:37:61:bf:f4:2a:
                    b6:35:d7:3a:75:b0:44:a9:d1:ef:f6:f6:9e:02:31:
                    0e:8c:85:67:e7:a7:e1:76:70:35:df:b0:97:69:55:
                    8a:2f:ea:1b:24:7a:25:44:b9:37:c5:7e:e3:7f:82:
                    8d:e9:3e:73:ac:08:9a:68:5a:ff:4f:ec:a4:e8:33:
                    68:75:17:05:d5:df:22:b7:cd:74:18:63:fa:d0:55:
                    f7:fb:49:b8:6b:d4:b7:e9:58:b9:d9:3e:d3:86:b8:
                    be:ee:b2:b6:a9:05:72:e5:48:81:e3:3e:31:40:e2:
                    66:e1:1b:ac:1f:9c:96:12:68:8f:1e:a9:d6:3c:7a:
                    07:f0:99:af:d1:8a:84:35:36:4f:9c:18:57:56:a5:
                    9b:4d:58:13:0f:38:5a:e3:d5:3c:f4:03:55:a0:57:
                    84:73:3c:c5:17:da:45:e8:59:54:df:5c:c3:1b:c4:
                    41:62:af:bb:69:a4:f2:95:93:be:41:ec:4a:16:de:
                    c1:6b:f5:73:e4:ea:09:93:8d:4c:2d:b0:5a:fd:fb:
                    c7:4c:d5:30:61:8a:89:28:47:7c:8a:74:06:13:f0:
                    64:79:93:ef:79:91:21:34:05:30:86:1a:74:b0:8c:
                    77:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:EC:A6:59:49:22:0E:53:9D:3F:FE:37:8F:CB:9B:2A:BE:FF:28:3E
            X509v3 Authority Key Identifier:
                keyid:3A:76:FC:5C:90:10:B4:11:19:CA:68:DC:6B:99:50:BA:5F:F7:32:7E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Onb8XJAQtBEZymjca5lQul_3Mn4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/a2787e-c4bb-4dfd-83cd-bdfa7c4f8b0a/1/P-ymWUkiDlOdP_43j8ubKr7_KD4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/a2787e-c4bb-4dfd-83cd-bdfa7c4f8b0a/1/Onb8XJAQtBEZymjca5lQul_3Mn4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.226.96.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3c:b3:0f:ae:06:10:eb:f0:2d:1d:92:b8:13:8a:e8:57:d0:25:
         23:a4:69:86:b6:35:a9:74:7d:c4:c5:f6:53:6b:e1:18:61:ce:
         ff:f7:47:30:db:be:c5:48:13:cd:68:8a:78:dd:08:99:92:fc:
         11:29:5f:4e:57:5e:68:e6:68:54:6f:87:58:db:fe:18:2a:a1:
         c0:4c:a4:b1:51:04:03:09:fa:53:1c:93:14:8c:43:6b:bf:64:
         62:4c:7b:ae:9f:a5:26:0c:1a:43:e6:54:cb:5d:ec:8a:a4:12:
         d1:a3:86:33:f1:55:c8:f1:0a:a0:5b:a6:b5:e5:12:35:e5:de:
         26:7d:e8:c9:60:e1:d1:ed:5e:aa:18:d9:a5:c6:68:31:aa:a2:
         63:c3:89:58:a0:b5:93:88:18:49:85:fa:94:cc:44:ae:34:16:
         bc:ba:90:92:43:fc:46:cf:dc:7e:38:a1:dc:05:75:f5:a6:71:
         5f:49:20:17:0f:76:54:d9:2e:f5:3b:21:5e:ce:66:f9:ca:3a:
         03:55:a7:8b:95:68:33:b7:29:8f:bc:97:63:bc:dd:a1:85:20:
         52:c9:3d:27:b2:95:a5:49:49:f1:cb:d6:9c:16:c7:41:04:c7:
         66:f3:0a:65:54:7a:30:16:05:07:d5:ff:14:ed:9f:69:14:02:
         d6:66:d9:94
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxC+bKr5cRVSiZNBGWClfSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNzZmYzVjOTAxMGI0MTExOWNhNjhkYzZiOTk1MGJhNWZm
NzMyN2UwHhcNMjMwMTAyMDU1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmVjYTY1OTQ5MjIwZTUzOWQzZmZlMzc4ZmNiOWIyYWJlZmYyODNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA696jI0G72s7ZhsmsTBoVQ88btzSH
nuYwN2G/9Cq2Ndc6dbBEqdHv9vaeAjEOjIVn56fhdnA137CXaVWKL+obJHolRLk3
xX7jf4KN6T5zrAiaaFr/T+yk6DNodRcF1d8it810GGP60FX3+0m4a9S36Vi52T7T
hri+7rK2qQVy5UiB4z4xQOJm4RusH5yWEmiPHqnWPHoH8Jmv0YqENTZPnBhXVqWb
TVgTDzha49U89ANVoFeEczzFF9pF6FlU31zDG8RBYq+7aaTylZO+QexKFt7Ba/Vz
5OoJk41MLbBa/fvHTNUwYYqJKEd8inQGE/BkeZPveZEhNAUwhhp0sIx3qwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD/spllJIg5TnT/+N4/Lmyq+/yg+MB8GA1UdIwQY
MBaAFDp2/FyQELQRGcpo3GuZULpf9zJ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT25iOFhKQVF0QkVaeW1qY2E1bFF1bF8zTW40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9hMjc4N2UtYzRiYi00ZGZkLTgzY2Qt
YmRmYTdjNGY4YjBhLzEvUC15bVdVa2lEbE9kUF80M2o4dWJLcjdfS0Q0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9hMjc4N2UtYzRiYi00ZGZkLTgzY2QtYmRmYTdjNGY4YjBh
LzEvT25iOFhKQVF0QkVaeW1qY2E1bFF1bF8zTW40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueJgMA0G
CSqGSIb3DQEBCwUAA4IBAQA8sw+uBhDr8C0dkrgTiuhX0CUjpGmGtjWpdH3ExfZT
a+EYYc7/90cw277FSBPNaIp43QiZkvwRKV9OV15o5mhUb4dY2/4YKqHATKSxUQQD
CfpTHJMUjENrv2RiTHuun6UmDBpD5lTLXeyKpBLRo4Yz8VXI8QqgW6a15RI15d4m
fejJYOHR7V6qGNmlxmgxqqJjw4lYoLWTiBhJhfqUzESuNBa8upCSQ/xGz9x+OKHc
BXX1pnFfSSAXD3ZU2S71OyFezmb5yjoDVaeLlWgztymPvJdjvN2hhSBSyT0nspWl
SUnxy9acFsdBBMdm8wplVHowFgUH1f8U7Z9pFALWZtmU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:30 2024 by rpki-client on console-fra.rpki-client.org