Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/de31a6-aaa3-409d-8d4f-f61554c6c145/1/_YXo2Nl8MVPfuln7Axe6rARIsLg.roa
File:                     _YXo2Nl8MVPfuln7Axe6rARIsLg.roa (raw, json)
Hash identifier:          c9Et6oB5jOt9+ikcNZdEXoHfdnXPTNYGkhWx7B2l/5U=
Subject key identifier:   FD:85:E8:D8:D9:7C:31:53:DF:BA:59:FB:03:17:BA:AC:04:48:B0:B8
Certificate issuer:       /CN=815780532ed29a3f80e7ba414efcb379d9ec97c9
Certificate serial:       0187BD3BBE8616A31C7FA0A5402984BD5D0F
Authority key identifier: 81:57:80:53:2E:D2:9A:3F:80:E7:BA:41:4E:FC:B3:79:D9:EC:97:C9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/gVeAUy7Smj-A57pBTvyzednsl8k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/de31a6-aaa3-409d-8d4f-f61554c6c145/1/_YXo2Nl8MVPfuln7Axe6rARIsLg.roa
Signing time:             Wed 26 Apr 2023 11:03:41 +0000
ROA not before:           Wed 26 Apr 2023 11:03:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     11158
IP address blocks:        185.71.48.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 26 Apr 2023 12:38:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:bd:3b:be:86:16:a3:1c:7f:a0:a5:40:29:84:bd:5d:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=815780532ed29a3f80e7ba414efcb379d9ec97c9
        Validity
            Not Before: Apr 26 11:03:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=fd85e8d8d97c3153dfba59fb0317baac0448b0b8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:b7:52:7f:8d:aa:7d:58:29:0e:1f:9d:b0:c0:
                    2d:e0:d2:82:1b:d7:ac:c0:82:c0:69:c9:16:46:5e:
                    7b:0f:09:15:f3:bd:43:5f:af:7f:96:29:f7:d5:99:
                    da:b0:fe:f5:d1:0e:6b:27:5b:0c:7d:2a:49:b7:b6:
                    b8:11:08:27:20:40:5a:da:e2:52:f9:b1:59:a5:d3:
                    a5:6f:ee:1a:63:0a:2d:9c:4d:2b:32:86:b4:b2:a9:
                    31:c3:63:26:ff:7f:a3:30:59:36:70:a6:6f:fc:5b:
                    d0:13:c3:52:34:3e:c2:6f:e9:e2:39:33:bf:4d:b6:
                    1b:b8:3d:a0:db:32:82:fc:31:9b:c6:9c:da:ed:9d:
                    65:c9:b3:57:a2:63:dc:ac:4f:04:18:38:cd:b9:d5:
                    10:ce:28:6d:3a:64:f2:df:8f:86:6d:13:b2:36:ee:
                    d6:2b:e7:8a:e0:04:3b:73:20:b7:15:d8:9e:a6:b3:
                    91:e0:f8:90:1a:da:63:79:d0:d4:a8:38:36:98:61:
                    7a:cc:0a:f2:ce:78:a6:fe:12:6d:5d:0a:30:73:3f:
                    6e:00:14:47:c4:25:90:f2:fd:e3:a5:d0:cf:4c:bb:
                    a2:9a:16:56:34:8a:70:14:cb:12:a5:63:a5:7c:a0:
                    19:42:73:08:b7:77:7a:71:22:51:ce:39:23:e0:91:
                    32:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:85:E8:D8:D9:7C:31:53:DF:BA:59:FB:03:17:BA:AC:04:48:B0:B8
            X509v3 Authority Key Identifier:
                keyid:81:57:80:53:2E:D2:9A:3F:80:E7:BA:41:4E:FC:B3:79:D9:EC:97:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gVeAUy7Smj-A57pBTvyzednsl8k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/de31a6-aaa3-409d-8d4f-f61554c6c145/1/_YXo2Nl8MVPfuln7Axe6rARIsLg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/de31a6-aaa3-409d-8d4f-f61554c6c145/1/gVeAUy7Smj-A57pBTvyzednsl8k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.71.48.0/24

    Signature Algorithm: sha256WithRSAEncryption
         97:8e:11:d4:70:fc:ec:56:c0:0e:67:c1:7d:82:ec:6f:7f:3e:
         ad:9a:ef:fe:a9:00:a3:38:24:c2:03:0f:e7:e0:af:9b:47:63:
         fe:42:0d:bd:39:6a:03:40:21:95:5c:f3:22:19:59:1a:ab:49:
         cc:fd:57:98:af:08:8f:ab:df:45:e7:59:b6:ee:8b:c6:fd:d9:
         48:1d:1f:a7:76:be:5f:c0:77:08:14:f8:64:38:08:ea:de:5b:
         f9:98:42:1b:bf:6b:71:3d:ff:30:e4:ee:62:c3:cb:24:95:93:
         42:fd:83:e8:62:55:b8:bc:2d:a4:79:c7:21:9c:2e:12:8d:2e:
         98:43:ff:e7:2c:43:4c:b2:e6:bd:ec:43:34:11:1a:18:e9:46:
         69:9d:de:cc:3f:15:e2:3c:81:90:cc:8b:ba:b9:2c:6d:2b:51:
         cf:8e:e2:1b:2d:1d:b7:1c:58:e5:96:f2:77:22:b4:08:8e:f7:
         3d:a9:29:4f:aa:55:d4:4a:3a:6f:92:17:eb:33:d5:7d:56:a3:
         24:46:1b:5d:f3:09:ae:83:5a:32:6b:ad:26:b1:c1:15:03:7e:
         ba:93:02:c2:30:c9:f0:a5:73:04:9f:0c:01:34:1b:17:05:3b:
         0a:1d:ce:7d:06:d5:ef:22:52:85:de:fa:82:61:99:a9:c3:48:
         d4:ac:c6:60
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYe9O76GFqMcf6ClQCmEvV0PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxNTc4MDUzMmVkMjlhM2Y4MGU3YmE0MTRlZmNiMzc5ZDll
Yzk3YzkwHhcNMjMwNDI2MTEwMzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDg1ZThkOGQ5N2MzMTUzZGZiYTU5ZmIwMzE3YmFhYzA0NDhiMGI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjLdSf42qfVgpDh+dsMAt4NKCG9es
wILAackWRl57DwkV871DX69/lin31ZnasP710Q5rJ1sMfSpJt7a4EQgnIEBa2uJS
+bFZpdOlb+4aYwotnE0rMoa0sqkxw2Mm/3+jMFk2cKZv/FvQE8NSND7Cb+niOTO/
TbYbuD2g2zKC/DGbxpza7Z1lybNXomPcrE8EGDjNudUQzihtOmTy34+GbROyNu7W
K+eK4AQ7cyC3FdieprOR4PiQGtpjedDUqDg2mGF6zAryznim/hJtXQowcz9uABRH
xCWQ8v3jpdDPTLuimhZWNIpwFMsSpWOlfKAZQnMIt3d6cSJRzjkj4JEybwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP2F6NjZfDFT37pZ+wMXuqwESLC4MB8GA1UdIwQY
MBaAFIFXgFMu0po/gOe6QU78s3nZ7JfJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1ZlQVV5N1Ntai1BNTdwQlR2eXplZG5zbDhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9kZTMxYTYtYWFhMy00MDlkLThkNGYt
ZjYxNTU0YzZjMTQ1LzEvX1lYbzJObDhNVlBmdWxuN0F4ZTZyQVJJc0xnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9kZTMxYTYtYWFhMy00MDlkLThkNGYtZjYxNTU0YzZjMTQ1
LzEvZ1ZlQVV5N1Ntai1BNTdwQlR2eXplZG5zbDhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuUcwMA0G
CSqGSIb3DQEBCwUAA4IBAQCXjhHUcPzsVsAOZ8F9guxvfz6tmu/+qQCjOCTCAw/n
4K+bR2P+Qg29OWoDQCGVXPMiGVkaq0nM/VeYrwiPq99F51m27ovG/dlIHR+ndr5f
wHcIFPhkOAjq3lv5mEIbv2txPf8w5O5iw8sklZNC/YPoYlW4vC2kecchnC4SjS6Y
Q//nLENMsua97EM0ERoY6UZpnd7MPxXiPIGQzIu6uSxtK1HPjuIbLR23HFjllvJ3
IrQIjvc9qSlPqlXUSjpvkhfrM9V9VqMkRhtd8wmug1oya60mscEVA366kwLCMMnw
pXMEnwwBNBsXBTsKHc59BtXvIlKF3vqCYZmpw0jUrMZg
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:13 2024 by rpki-client on console-ams.rpki-client.org