Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/o8HhmuortL6peK19nSCagtBtYCA.roa
File:                     o8HhmuortL6peK19nSCagtBtYCA.roa (raw, json)
Hash identifier:          ZZbdqmEQcO/Znf6yDZ8btrysLGR37VfMyR0O7IdqDuE=
Subject key identifier:   A3:C1:E1:9A:EA:2B:B4:BE:A9:78:AD:7D:9D:20:9A:82:D0:6D:60:20
Certificate issuer:       /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial:       0189D44ACB10E50E38DDAD3E08A0EC9EE961
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/o8HhmuortL6peK19nSCagtBtYCA.roa
Signing time:             Tue 08 Aug 2023 08:36:58 +0000
ROA not before:           Tue 08 Aug 2023 08:36:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     198154
IP address blocks:        85.133.218.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 09 Aug 2023 16:13:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:d4:4a:cb:10:e5:0e:38:dd:ad:3e:08:a0:ec:9e:e9:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
        Validity
            Not Before: Aug  8 08:36:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a3c1e19aea2bb4bea978ad7d9d209a82d06d6020
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:1b:d6:9c:7b:a4:7e:ae:bc:9b:5d:6c:0d:65:
                    e4:f8:a0:40:11:01:cc:5d:42:a3:97:8e:02:72:84:
                    cd:f5:8f:70:fe:62:87:af:97:8c:d9:53:5c:47:b3:
                    77:d3:11:63:bb:84:dc:9f:3f:ad:cd:fe:34:a0:14:
                    e0:53:e7:05:60:c7:75:bd:23:51:f3:a7:ea:69:05:
                    aa:04:37:d5:cc:a0:00:74:d4:ea:63:3a:5b:6d:75:
                    e5:81:18:b9:9e:af:31:e3:66:2b:07:fb:dd:65:df:
                    9a:ba:ad:73:57:b6:22:7a:cb:49:6f:3a:4b:5d:e2:
                    e1:35:af:37:93:a9:2b:f2:3f:9a:49:34:05:86:a2:
                    29:40:c6:ef:c7:83:55:c1:f5:cd:06:9c:c1:86:e7:
                    de:df:d9:4b:cf:04:d0:83:dd:c5:6e:6d:ec:a5:48:
                    30:aa:45:2b:6e:ac:f1:e8:d4:7e:fc:39:48:3b:d2:
                    64:86:30:41:f0:2a:6f:37:a7:c2:8c:55:ed:4b:a4:
                    d9:64:28:98:82:bd:2c:b8:a6:23:ec:c9:f8:3e:37:
                    62:ef:56:33:2c:b0:c7:78:c1:7b:4a:a8:c2:1e:ed:
                    12:5f:09:64:01:c7:46:c3:f0:d9:a8:b6:ac:9e:b2:
                    ad:79:d5:10:fd:92:4b:dc:e9:66:56:94:bf:16:68:
                    be:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:C1:E1:9A:EA:2B:B4:BE:A9:78:AD:7D:9D:20:9A:82:D0:6D:60:20
            X509v3 Authority Key Identifier:
                keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/o8HhmuortL6peK19nSCagtBtYCA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.133.218.0/24

    Signature Algorithm: sha256WithRSAEncryption
         54:1d:c8:c3:4d:4f:fb:0d:32:1e:34:49:55:4a:99:2a:49:3b:
         5c:93:bc:16:f6:92:4d:61:fe:1b:c2:0e:b7:42:90:6f:16:d0:
         82:39:b5:57:75:9f:05:db:2c:4c:da:e3:b4:9d:cc:a7:dd:c5:
         57:ab:7d:eb:78:0d:d1:63:75:ee:99:a9:96:3d:dd:c6:60:f9:
         3a:1c:db:61:f3:2e:c2:0f:13:b0:9b:95:e6:c3:0c:cc:da:3c:
         67:d9:da:53:63:e1:04:81:41:fa:a2:46:98:de:9e:83:7e:9a:
         d2:a1:f0:3d:0c:65:4e:8b:ff:34:7e:3a:25:d7:35:17:65:73:
         6a:e2:8c:b5:6f:c9:f5:12:4a:56:09:b8:20:6d:27:81:ca:68:
         5b:c3:6d:74:9f:e0:61:77:30:b7:3f:01:e9:3b:10:28:89:1b:
         9b:c6:83:4e:f6:61:b8:5a:2c:9d:f1:d5:2d:10:0f:a2:0a:9e:
         cb:08:64:07:52:8c:82:23:2b:9e:cf:a2:63:c4:5b:4a:b2:2d:
         6c:b9:44:9a:63:2a:b5:b0:a7:7c:59:ed:98:d2:8b:25:6f:1f:
         17:d0:6a:e9:58:28:07:2f:a4:c2:55:6b:c8:ac:83:91:b7:ae:
         0a:92:c3:92:5e:38:51:85:d2:25:35:af:c7:14:e8:02:9a:b1:
         23:b5:76:91
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYnUSssQ5Q443a0+CKDsnulhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMwODA4MDgzNjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2MxZTE5YWVhMmJiNGJlYTk3OGFkN2Q5ZDIwOWE4MmQwNmQ2MDIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhxvWnHukfq68m11sDWXk+KBAEQHM
XUKjl44CcoTN9Y9w/mKHr5eM2VNcR7N30xFju4Tcnz+tzf40oBTgU+cFYMd1vSNR
86fqaQWqBDfVzKAAdNTqYzpbbXXlgRi5nq8x42YrB/vdZd+auq1zV7YiestJbzpL
XeLhNa83k6kr8j+aSTQFhqIpQMbvx4NVwfXNBpzBhufe39lLzwTQg93Fbm3spUgw
qkUrbqzx6NR+/DlIO9JkhjBB8CpvN6fCjFXtS6TZZCiYgr0suKYj7Mn4Pjdi71Yz
LLDHeMF7SqjCHu0SXwlkAcdGw/DZqLasnrKtedUQ/ZJL3OlmVpS/Fmi+iQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKPB4ZrqK7S+qXitfZ0gmoLQbWAgMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvbzhIaG11b3J0TDZwZUsxOW5TQ2FndEJ0WUNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVYXaMA0G
CSqGSIb3DQEBCwUAA4IBAQBUHcjDTU/7DTIeNElVSpkqSTtck7wW9pJNYf4bwg63
QpBvFtCCObVXdZ8F2yxM2uO0ncyn3cVXq33reA3RY3XumamWPd3GYPk6HNth8y7C
DxOwm5XmwwzM2jxn2dpTY+EEgUH6okaY3p6DfprSofA9DGVOi/80fjol1zUXZXNq
4oy1b8n1EkpWCbggbSeBymhbw210n+BhdzC3PwHpOxAoiRubxoNO9mG4Wiyd8dUt
EA+iCp7LCGQHUoyCIyuez6JjxFtKsi1suUSaYyq1sKd8We2Y0oslbx8X0GrpWCgH
L6TCVWvIrIORt64KksOSXjhRhdIlNa/HFOgCmrEjtXaR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:13 2024 by rpki-client on console-fra.rpki-client.org