Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/31952a-608c-468e-a00e-d633aa70dd66/1/rO98RkDpySvWUldAYAnBTqob3GM.roa
File:                     rO98RkDpySvWUldAYAnBTqob3GM.roa (raw, json)
Hash identifier:          waJ4j6H8oxaJtxSKXyyMTfZlHDWivA5BIXdJFvx+E5U=
Subject key identifier:   AC:EF:7C:46:40:E9:C9:2B:D6:52:57:40:60:09:C1:4E:AA:1B:DC:63
Certificate issuer:       /CN=88fe1905cd7af36e63ada6366c147b61d85c9f2b
Certificate serial:       018AAD735063A403F122E1221BF3E8D54427
Authority key identifier: 88:FE:19:05:CD:7A:F3:6E:63:AD:A6:36:6C:14:7B:61:D8:5C:9F:2B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/iP4ZBc16825jraY2bBR7Ydhcnys.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f7/31952a-608c-468e-a00e-d633aa70dd66/1/rO98RkDpySvWUldAYAnBTqob3GM.roa
Signing time:             Tue 19 Sep 2023 12:38:50 +0000
ROA not before:           Tue 19 Sep 2023 12:38:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     16509
IP address blocks:        185.99.237.0/24 maxlen: 24
                          185.99.236.0/24 maxlen: 24
                          185.99.238.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:30:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:ad:73:50:63:a4:03:f1:22:e1:22:1b:f3:e8:d5:44:27
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=88fe1905cd7af36e63ada6366c147b61d85c9f2b
        Validity
            Not Before: Sep 19 12:38:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=acef7c4640e9c92bd65257406009c14eaa1bdc63
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:11:31:17:b9:43:b1:71:7f:59:53:9b:39:15:
                    15:6e:30:d8:ef:3e:a1:80:a0:82:05:49:4a:05:ed:
                    a5:0b:a8:3d:76:d8:6a:a8:30:83:25:dd:da:ac:53:
                    c2:80:fc:23:c6:35:bc:9b:e9:b9:ee:f5:a3:c2:f9:
                    4a:04:8c:88:76:cc:46:50:5a:f6:2e:e7:78:ac:89:
                    c0:3a:2a:9c:fd:fe:5e:28:c9:e5:f0:30:a3:8e:a8:
                    0d:24:ba:4b:db:c6:b6:72:47:c4:bd:83:d4:40:df:
                    79:07:c8:9b:70:5d:3d:56:3f:c4:61:fe:b1:60:76:
                    f2:a8:5b:6a:5a:85:a5:53:30:ac:e5:74:89:a1:df:
                    f2:fc:85:e6:f7:a3:bc:3f:f4:5b:83:76:4c:1f:9b:
                    f5:8f:65:a3:13:5e:a5:d4:11:f8:1a:3c:bc:c8:c7:
                    71:07:bb:d7:f7:a7:18:c8:4d:8e:0e:01:6f:85:97:
                    d6:0f:18:10:42:a0:bd:82:fd:a9:0a:71:07:9b:05:
                    ae:ec:21:bf:02:60:57:4c:a0:95:39:7c:0a:bb:61:
                    b8:b6:cd:bc:ce:81:ee:82:fd:11:f7:da:51:2f:1e:
                    20:0c:67:a6:9f:b5:96:dd:9f:b0:3a:31:44:14:9b:
                    f6:bc:78:87:85:9a:80:58:39:07:95:92:5b:d1:22:
                    b7:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:EF:7C:46:40:E9:C9:2B:D6:52:57:40:60:09:C1:4E:AA:1B:DC:63
            X509v3 Authority Key Identifier:
                keyid:88:FE:19:05:CD:7A:F3:6E:63:AD:A6:36:6C:14:7B:61:D8:5C:9F:2B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iP4ZBc16825jraY2bBR7Ydhcnys.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/31952a-608c-468e-a00e-d633aa70dd66/1/rO98RkDpySvWUldAYAnBTqob3GM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/31952a-608c-468e-a00e-d633aa70dd66/1/iP4ZBc16825jraY2bBR7Ydhcnys.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.99.236.0-185.99.238.255

    Signature Algorithm: sha256WithRSAEncryption
         ad:43:e1:a8:c6:69:6b:e7:e5:76:78:62:62:25:61:17:9f:9a:
         8f:cd:13:fc:54:6c:2c:88:70:e6:71:24:7e:40:d3:b9:8e:1b:
         3b:e0:af:41:d1:60:42:ca:23:cf:76:99:0f:6c:68:f7:5b:6d:
         1c:20:71:a8:57:9b:e3:05:4b:6e:5f:cd:ca:7f:c6:84:23:4b:
         44:45:05:2d:cc:5c:23:3c:a5:f6:d3:8d:cf:44:d7:d1:1a:0e:
         0a:68:a1:05:57:4f:93:bf:72:9d:35:ef:5f:04:f1:12:4f:ec:
         8c:87:71:95:13:37:2e:2e:8e:70:6d:aa:17:5b:60:99:da:dd:
         de:c9:34:89:39:5e:f5:39:d3:75:93:48:53:80:df:1e:9f:00:
         7c:40:63:f2:ce:33:3b:cd:70:02:c8:f1:f9:24:59:79:37:d4:
         f0:8f:5b:48:c3:50:0b:c0:ea:7e:aa:f6:a6:ba:3b:eb:48:bd:
         42:6e:56:5b:fc:9f:c3:ce:a9:88:f0:8b:de:34:9e:84:4f:f1:
         ac:c5:f1:d4:c6:ce:84:5a:07:32:c1:f2:82:93:40:1f:d6:54:
         cc:4e:9f:11:70:25:85:f2:ce:40:77:ba:ae:3a:76:f3:c4:0a:
         a1:a1:9d:60:62:46:0e:4e:c3:b1:d6:c2:32:32:dd:08:c1:b5:
         74:7e:fa:39
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYqtc1BjpAPxIuEiG/Po1UQnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4ZmUxOTA1Y2Q3YWYzNmU2M2FkYTYzNjZjMTQ3YjYxZDg1
YzlmMmIwHhcNMjMwOTE5MTIzODUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2VmN2M0NjQwZTljOTJiZDY1MjU3NDA2MDA5YzE0ZWFhMWJkYzYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgxExF7lDsXF/WVObORUVbjDY7z6h
gKCCBUlKBe2lC6g9dthqqDCDJd3arFPCgPwjxjW8m+m57vWjwvlKBIyIdsxGUFr2
Lud4rInAOiqc/f5eKMnl8DCjjqgNJLpL28a2ckfEvYPUQN95B8ibcF09Vj/EYf6x
YHbyqFtqWoWlUzCs5XSJod/y/IXm96O8P/Rbg3ZMH5v1j2WjE16l1BH4Gjy8yMdx
B7vX96cYyE2ODgFvhZfWDxgQQqC9gv2pCnEHmwWu7CG/AmBXTKCVOXwKu2G4ts28
zoHugv0R99pRLx4gDGemn7WW3Z+wOjFEFJv2vHiHhZqAWDkHlZJb0SK3rwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFKzvfEZA6ckr1lJXQGAJwU6qG9xjMB8GA1UdIwQY
MBaAFIj+GQXNevNuY62mNmwUe2HYXJ8rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVA0WkJjMTY4MjVqcmFZMmJCUjdZZGhjbnlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy8zMTk1MmEtNjA4Yy00NjhlLWEwMGUt
ZDYzM2FhNzBkZDY2LzEvck85OFJrRHB5U3ZXVWxkQVlBbkJUcW9iM0dNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy8zMTk1MmEtNjA4Yy00NjhlLWEwMGUtZDYzM2FhNzBkZDY2
LzEvaVA0WkJjMTY4MjVqcmFZMmJCUjdZZGhjbnlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAK5Y+wD
BAC5Y+4wDQYJKoZIhvcNAQELBQADggEBAK1D4ajGaWvn5XZ4YmIlYRefmo/NE/xU
bCyIcOZxJH5A07mOGzvgr0HRYELKI892mQ9saPdbbRwgcahXm+MFS25fzcp/xoQj
S0RFBS3MXCM8pfbTjc9E19EaDgpooQVXT5O/cp01718E8RJP7IyHcZUTNy4ujnBt
qhdbYJna3d7JNIk5XvU503WTSFOA3x6fAHxAY/LOMzvNcALI8fkkWXk31PCPW0jD
UAvA6n6q9qa6O+tIvUJuVlv8n8POqYjwi940noRP8azF8dTGzoRaBzLB8oKTQB/W
VMxOnxFwJYXyzkB3uq46dvPECqGhnWBiRg5Ow7HWwjIy3QjBtXR++jk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:03 2024 by rpki-client on console-fra.rpki-client.org