Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/ab83dc-c0e7-4ec3-af72-81917dffdcd7/1/0AoTSt-kV7QS0HZSPEAYtiQsclY.roa
File:                     0AoTSt-kV7QS0HZSPEAYtiQsclY.roa (raw, json)
Hash identifier:          5mpSvHai5o0glZi4XC8eNhevODumy5LppOoZebZh26k=
Subject key identifier:   D0:0A:13:4A:DF:A4:57:B4:12:D0:76:52:3C:40:18:B6:24:2C:72:56
Certificate issuer:       /CN=1c766b058c096753a34ad625d53275cd2dba5b33
Certificate serial:       01856CE607B943832C098C14480B29584029
Authority key identifier: 1C:76:6B:05:8C:09:67:53:A3:4A:D6:25:D5:32:75:CD:2D:BA:5B:33
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HHZrBYwJZ1OjStYl1TJ1zS26WzM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/ab83dc-c0e7-4ec3-af72-81917dffdcd7/1/0AoTSt-kV7QS0HZSPEAYtiQsclY.roa
Signing time:             Sun 01 Jan 2023 10:34:52 +0000
ROA not before:           Sun 01 Jan 2023 10:34:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     24631
IP address blocks:        185.171.53.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:29:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:e6:07:b9:43:83:2c:09:8c:14:48:0b:29:58:40:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c766b058c096753a34ad625d53275cd2dba5b33
        Validity
            Not Before: Jan  1 10:34:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d00a134adfa457b412d076523c4018b6242c7256
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:47:1b:79:7f:c4:60:cb:e3:24:a3:3e:ec:f2:
                    31:a8:d3:bc:3f:0b:1a:35:12:d2:6a:e9:48:48:7b:
                    5a:da:9c:d0:62:68:4d:d9:21:5b:ba:10:c2:7e:9c:
                    8a:6e:0b:55:74:6b:f5:83:3e:49:a7:74:9b:ee:99:
                    97:92:f4:3d:7f:ae:63:7c:69:cd:67:9a:2c:dc:19:
                    8d:33:37:ca:37:e5:ad:28:37:91:9e:5b:00:a5:e7:
                    21:ed:6a:5a:ac:00:b5:ae:61:1c:f5:e5:6b:6b:aa:
                    8b:3a:ea:29:9b:b7:cc:5a:08:dd:77:86:dd:b8:83:
                    a5:e3:ef:2b:7f:51:3e:08:f9:3f:0c:b0:93:04:05:
                    a2:bb:51:92:ff:9f:5a:50:c7:17:ac:67:fb:5f:99:
                    00:84:d3:79:34:57:fa:f7:0b:5f:2e:a9:56:6e:6b:
                    23:81:d1:c4:d9:3c:c0:77:9e:9d:51:cc:c5:50:9f:
                    4f:20:3e:86:bf:07:e1:06:1b:70:a2:ef:e7:20:0b:
                    18:9d:ee:33:9c:9b:fd:8f:00:aa:83:4d:af:e0:0c:
                    73:44:c3:68:cd:ea:20:62:ce:2d:34:e0:01:a6:4f:
                    0a:64:c3:dd:8b:01:42:1f:96:bf:50:6f:15:22:d1:
                    58:00:93:e1:d7:e3:3f:c0:6b:19:12:5d:98:7d:41:
                    ee:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:0A:13:4A:DF:A4:57:B4:12:D0:76:52:3C:40:18:B6:24:2C:72:56
            X509v3 Authority Key Identifier:
                keyid:1C:76:6B:05:8C:09:67:53:A3:4A:D6:25:D5:32:75:CD:2D:BA:5B:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HHZrBYwJZ1OjStYl1TJ1zS26WzM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/ab83dc-c0e7-4ec3-af72-81917dffdcd7/1/0AoTSt-kV7QS0HZSPEAYtiQsclY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/ab83dc-c0e7-4ec3-af72-81917dffdcd7/1/HHZrBYwJZ1OjStYl1TJ1zS26WzM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.171.53.0/24

    Signature Algorithm: sha256WithRSAEncryption
         85:9b:3c:c0:a5:2a:52:65:bd:24:5a:9a:5a:95:07:13:5b:dc:
         84:e0:6c:c8:f7:ec:df:67:b2:a4:82:94:b7:51:0e:32:21:fa:
         55:ae:d8:d2:30:d2:6c:14:7d:b4:4c:d6:c3:f8:1a:3b:d8:b5:
         63:fc:1c:2a:13:70:0e:00:0b:21:39:0b:bc:22:b5:f9:e1:62:
         22:7c:e0:d3:9b:d7:52:02:52:21:21:04:12:69:ba:2c:af:58:
         4f:b2:df:7b:17:21:d8:55:36:e2:1f:34:d6:a3:a8:0d:28:b3:
         3c:d5:4c:1f:aa:95:27:c1:bb:16:41:4b:db:60:97:82:c3:da:
         9c:8f:ce:71:5a:a0:ae:19:34:ca:22:5b:48:41:b7:0b:71:9e:
         a1:32:9f:00:d5:63:ba:7f:89:e1:83:a5:a3:03:9d:16:23:ff:
         1d:73:69:aa:de:56:d2:f8:74:57:b9:2a:03:67:c9:17:93:58:
         d7:80:40:5e:c1:37:40:dd:a7:32:1e:68:4b:87:e4:e9:13:f7:
         59:db:f7:d2:ae:0d:a6:e8:d1:cd:f9:30:fb:25:bf:02:38:3e:
         a3:0b:57:75:82:a8:65:81:d3:01:9b:6c:57:15:fb:9c:c2:26:
         74:09:27:fa:7c:ba:cb:ff:73:e6:82:eb:c5:d5:4e:b7:1d:f6:
         94:6f:b3:12
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVs5ge5Q4MsCYwUSAspWEApMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjNzY2YjA1OGMwOTY3NTNhMzRhZDYyNWQ1MzI3NWNkMmRi
YTViMzMwHhcNMjMwMTAxMTAzNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDBhMTM0YWRmYTQ1N2I0MTJkMDc2NTIzYzQwMThiNjI0MmM3MjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmEcbeX/EYMvjJKM+7PIxqNO8Pwsa
NRLSaulISHta2pzQYmhN2SFbuhDCfpyKbgtVdGv1gz5Jp3Sb7pmXkvQ9f65jfGnN
Z5os3BmNMzfKN+WtKDeRnlsApech7WparAC1rmEc9eVra6qLOuopm7fMWgjdd4bd
uIOl4+8rf1E+CPk/DLCTBAWiu1GS/59aUMcXrGf7X5kAhNN5NFf69wtfLqlWbmsj
gdHE2TzAd56dUczFUJ9PID6GvwfhBhtwou/nIAsYne4znJv9jwCqg02v4AxzRMNo
zeogYs4tNOABpk8KZMPdiwFCH5a/UG8VItFYAJPh1+M/wGsZEl2YfUHumQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNAKE0rfpFe0EtB2UjxAGLYkLHJWMB8GA1UdIwQY
MBaAFBx2awWMCWdTo0rWJdUydc0tulszMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEhackJZd0paMU9qU3RZbDFUSjF6UzI2V3pNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9hYjgzZGMtYzBlNy00ZWMzLWFmNzIt
ODE5MTdkZmZkY2Q3LzEvMEFvVFN0LWtWN1FTMEhaU1BFQVl0aVFzY2xZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9hYjgzZGMtYzBlNy00ZWMzLWFmNzItODE5MTdkZmZkY2Q3
LzEvSEhackJZd0paMU9qU3RZbDFUSjF6UzI2V3pNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuas1MA0G
CSqGSIb3DQEBCwUAA4IBAQCFmzzApSpSZb0kWppalQcTW9yE4GzI9+zfZ7KkgpS3
UQ4yIfpVrtjSMNJsFH20TNbD+Bo72LVj/BwqE3AOAAshOQu8IrX54WIifODTm9dS
AlIhIQQSabosr1hPst97FyHYVTbiHzTWo6gNKLM81UwfqpUnwbsWQUvbYJeCw9qc
j85xWqCuGTTKIltIQbcLcZ6hMp8A1WO6f4nhg6WjA50WI/8dc2mq3lbS+HRXuSoD
Z8kXk1jXgEBewTdA3acyHmhLh+TpE/dZ2/fSrg2m6NHN+TD7Jb8COD6jC1d1gqhl
gdMBm2xXFfucwiZ0CSf6fLrL/3PmguvF1U63HfaUb7MS
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:38 2024 by rpki-client on console-fra.rpki-client.org