Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/35477f-80d0-4ea4-bbde-767b72eb407b/1/PKikxBzTFfDvvWD3tcL7NNLK2k4.roa
File:                     PKikxBzTFfDvvWD3tcL7NNLK2k4.roa (raw, json)
Hash identifier:          J2hWSNvpuim9JKSYk3WFZmoO4I24M420wpWTDVsw008=
Subject key identifier:   3C:A8:A4:C4:1C:D3:15:F0:EF:BD:60:F7:B5:C2:FB:34:D2:CA:DA:4E
Certificate issuer:       /CN=8226a9974102ba582217188be6d49d8776d3bebb
Certificate serial:       01856E38A3901DBCB7881BBEF748F83E859A
Authority key identifier: 82:26:A9:97:41:02:BA:58:22:17:18:8B:E6:D4:9D:87:76:D3:BE:BB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/giapl0ECulgiFxiL5tSdh3bTvrs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f1/35477f-80d0-4ea4-bbde-767b72eb407b/1/PKikxBzTFfDvvWD3tcL7NNLK2k4.roa
Signing time:             Sun 01 Jan 2023 16:44:43 +0000
ROA not before:           Sun 01 Jan 2023 16:44:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204382
IP address blocks:        185.250.176.0/22 maxlen: 22
                          2a0c:1040::/29 maxlen: 64

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:29:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:38:a3:90:1d:bc:b7:88:1b:be:f7:48:f8:3e:85:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8226a9974102ba582217188be6d49d8776d3bebb
        Validity
            Not Before: Jan  1 16:44:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3ca8a4c41cd315f0efbd60f7b5c2fb34d2cada4e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:16:06:a2:16:29:93:2b:1d:6c:89:ba:e1:fa:
                    6f:e8:33:5d:a8:ea:a8:b6:e0:48:05:0d:00:cc:a6:
                    28:ef:36:d2:59:44:40:10:71:47:96:44:11:f6:00:
                    dd:fb:dd:04:de:a7:19:47:37:af:aa:17:32:c3:9d:
                    cb:0d:31:dd:38:54:91:ca:a7:aa:60:14:65:f9:56:
                    f1:59:d6:ed:b8:70:90:fb:6d:46:90:8e:71:ca:60:
                    07:64:5b:e3:ca:23:26:75:05:7e:df:51:cb:a9:61:
                    ad:0a:3a:bd:7c:be:1b:5d:f4:2d:4e:8c:76:fb:40:
                    00:34:7b:8e:73:44:e9:78:f9:31:9d:2f:2c:c3:48:
                    6d:a1:57:bc:e5:06:71:df:45:de:02:c4:90:a4:28:
                    58:31:21:ba:cb:7a:1d:ee:4e:e2:45:ec:2a:37:10:
                    f3:f2:24:4b:d8:9b:96:0a:22:60:8e:9a:a2:6b:64:
                    a3:aa:b3:bb:6c:28:37:60:2e:72:fe:8a:86:08:52:
                    2b:a0:e6:8b:47:69:8f:32:68:9d:d2:bf:78:7c:a4:
                    71:18:3d:7f:d7:32:92:1c:46:d4:be:e1:4b:17:7a:
                    09:08:4c:4e:b1:29:71:e9:40:62:69:59:96:b0:97:
                    d1:96:08:6c:b5:2f:82:fc:56:fc:82:0c:d6:c7:67:
                    34:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:A8:A4:C4:1C:D3:15:F0:EF:BD:60:F7:B5:C2:FB:34:D2:CA:DA:4E
            X509v3 Authority Key Identifier:
                keyid:82:26:A9:97:41:02:BA:58:22:17:18:8B:E6:D4:9D:87:76:D3:BE:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/giapl0ECulgiFxiL5tSdh3bTvrs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/35477f-80d0-4ea4-bbde-767b72eb407b/1/PKikxBzTFfDvvWD3tcL7NNLK2k4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/35477f-80d0-4ea4-bbde-767b72eb407b/1/giapl0ECulgiFxiL5tSdh3bTvrs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.250.176.0/22
                IPv6:
                  2a0c:1040::/29

    Signature Algorithm: sha256WithRSAEncryption
         67:86:a5:e6:f4:84:9a:3d:23:79:53:39:b5:e6:06:49:3e:9c:
         ad:78:4f:9e:56:85:45:a9:aa:39:7b:af:3d:3c:4f:a4:a9:c1:
         69:ef:05:c1:35:d3:09:b0:8a:36:c3:37:30:dc:4b:b5:cd:24:
         d0:55:62:9e:d6:0f:d8:47:1c:e8:2f:1b:9e:47:08:99:48:e7:
         74:18:fb:79:ce:aa:80:ee:c7:92:aa:5f:37:7d:19:e2:93:08:
         12:40:71:ec:34:86:70:d0:0f:8d:4d:bf:ff:2d:67:66:fa:95:
         9d:31:8d:e0:81:a9:64:e9:fd:a1:ff:61:2c:da:6d:c9:fe:78:
         14:49:28:ab:e5:48:ce:39:5c:e1:8f:39:4a:57:b7:31:a4:5b:
         5b:63:e0:97:a7:d1:42:52:cd:4d:3b:7f:a2:d8:77:7d:8f:ac:
         53:10:8c:2c:c2:a2:08:da:18:dc:b0:20:ff:e8:41:ac:b9:cf:
         4b:03:c1:dc:5c:8c:2f:b3:d2:fc:3f:84:a8:96:ff:9c:a5:c3:
         de:24:18:b7:9f:97:c8:05:5b:fd:97:ad:90:c7:48:e8:8d:ee:
         78:52:ec:b9:2b:ec:be:35:ca:7d:5d:6c:dc:2c:8c:a6:a8:d1:
         8f:ab:1a:a2:a7:53:45:02:fc:92:ac:de:62:43:d7:04:b6:b4:
         f0:04:27:78
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVuOKOQHby3iBu+90j4PoWaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMjZhOTk3NDEwMmJhNTgyMjE3MTg4YmU2ZDQ5ZDg3NzZk
M2JlYmIwHhcNMjMwMTAxMTY0NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2E4YTRjNDFjZDMxNWYwZWZiZDYwZjdiNWMyZmIzNGQyY2FkYTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjRYGohYpkysdbIm64fpv6DNdqOqo
tuBIBQ0AzKYo7zbSWURAEHFHlkQR9gDd+90E3qcZRzevqhcyw53LDTHdOFSRyqeq
YBRl+VbxWdbtuHCQ+21GkI5xymAHZFvjyiMmdQV+31HLqWGtCjq9fL4bXfQtTox2
+0AANHuOc0TpePkxnS8sw0htoVe85QZx30XeAsSQpChYMSG6y3od7k7iRewqNxDz
8iRL2JuWCiJgjpqia2SjqrO7bCg3YC5y/oqGCFIroOaLR2mPMmid0r94fKRxGD1/
1zKSHEbUvuFLF3oJCExOsSlx6UBiaVmWsJfRlghstS+C/Fb8ggzWx2c0vwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDyopMQc0xXw771g97XC+zTSytpOMB8GA1UdIwQY
MBaAFIImqZdBArpYIhcYi+bUnYd20767MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2lhcGwwRUN1bGdpRnhpTDV0U2RoM2JUdnJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8zNTQ3N2YtODBkMC00ZWE0LWJiZGUt
NzY3YjcyZWI0MDdiLzEvUEtpa3hCelRGZkR2dldEM3RjTDdOTkxLMms0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS8zNTQ3N2YtODBkMC00ZWE0LWJiZGUtNzY3YjcyZWI0MDdi
LzEvZ2lhcGwwRUN1bGdpRnhpTDV0U2RoM2JUdnJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCufqwMA0E
AgACMAcDBQMqDBBAMA0GCSqGSIb3DQEBCwUAA4IBAQBnhqXm9ISaPSN5Uzm15gZJ
PpyteE+eVoVFqao5e689PE+kqcFp7wXBNdMJsIo2wzcw3Eu1zSTQVWKe1g/YRxzo
LxueRwiZSOd0GPt5zqqA7seSql83fRnikwgSQHHsNIZw0A+NTb//LWdm+pWdMY3g
galk6f2h/2Es2m3J/ngUSSir5UjOOVzhjzlKV7cxpFtbY+CXp9FCUs1NO3+i2Hd9
j6xTEIwswqII2hjcsCD/6EGsuc9LA8HcXIwvs9L8P4Solv+cpcPeJBi3n5fIBVv9
l62Qx0joje54Uuy5K+y+Ncp9XWzcLIymqNGPqxqip1NFAvySrN5iQ9cEtrTwBCd4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:15 2024 by rpki-client on console-fra.rpki-client.org