Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/ab83dc-c0e7-4ec3-af72-81917dffdcd7/1/SxSaEK75fo6HUiSdlZdckt_kH-0.roa
File:                     SxSaEK75fo6HUiSdlZdckt_kH-0.roa (raw, json)
Hash identifier:          XdhAF9bYPXY7daZdUapi9sEDiOab0Vagdkq+2zR6N8g=
Subject key identifier:   4B:14:9A:10:AE:F9:7E:8E:87:52:24:9D:95:97:5C:92:DF:E4:1F:ED
Certificate issuer:       /CN=1c766b058c096753a34ad625d53275cd2dba5b33
Certificate serial:       01856CE6099EE60DEB27EB78B132F342CAA3
Authority key identifier: 1C:76:6B:05:8C:09:67:53:A3:4A:D6:25:D5:32:75:CD:2D:BA:5B:33
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HHZrBYwJZ1OjStYl1TJ1zS26WzM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/ab83dc-c0e7-4ec3-af72-81917dffdcd7/1/SxSaEK75fo6HUiSdlZdckt_kH-0.roa
Signing time:             Sun 01 Jan 2023 10:34:52 +0000
ROA not before:           Sun 01 Jan 2023 10:34:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     44285
IP address blocks:        185.171.54.0/24 maxlen: 24
                          185.171.55.0/24 maxlen: 24
                          185.171.52.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:29:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:e6:09:9e:e6:0d:eb:27:eb:78:b1:32:f3:42:ca:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1c766b058c096753a34ad625d53275cd2dba5b33
        Validity
            Not Before: Jan  1 10:34:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4b149a10aef97e8e8752249d95975c92dfe41fed
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:ed:bf:e9:e4:43:0e:08:8c:cf:ab:39:93:a6:
                    7f:dd:e0:79:7e:3f:ac:bd:07:8c:a2:76:28:7f:98:
                    d7:54:29:a8:62:20:07:1d:b1:42:c4:17:91:be:91:
                    0b:4a:ba:9c:42:33:a7:bb:7d:c0:da:83:1e:f6:3b:
                    9a:9f:1d:ab:e4:22:35:fc:1b:1b:61:b7:9e:eb:1e:
                    cb:81:f5:02:bb:c2:21:69:6d:52:2e:5f:d7:55:e3:
                    4c:e4:65:76:54:1c:0b:c5:0d:6d:07:fd:f4:b2:1b:
                    6c:af:a8:5f:16:d8:cc:b6:23:be:9a:3f:3d:5d:63:
                    e4:14:cc:2c:77:a4:de:28:91:31:49:41:c8:08:e5:
                    72:7e:c3:b7:44:9c:51:9b:5e:7e:93:09:e6:46:c0:
                    ba:b3:de:2c:66:5d:1f:74:fd:2a:fb:aa:1b:46:79:
                    d7:2d:f9:03:7e:3b:94:bc:ce:32:88:dd:15:c9:4c:
                    ee:bd:e9:5b:58:88:27:12:37:2f:5d:b9:42:65:e8:
                    97:80:62:73:71:9b:e2:c5:6e:aa:23:c4:ab:ed:67:
                    1b:5f:f5:18:3f:61:7d:30:6c:ae:cb:57:04:49:78:
                    a5:74:34:77:ab:1c:f9:78:e6:b9:15:33:07:4d:56:
                    98:ac:78:fa:28:46:9d:77:56:5e:a3:ca:dc:53:c0:
                    b7:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:14:9A:10:AE:F9:7E:8E:87:52:24:9D:95:97:5C:92:DF:E4:1F:ED
            X509v3 Authority Key Identifier:
                keyid:1C:76:6B:05:8C:09:67:53:A3:4A:D6:25:D5:32:75:CD:2D:BA:5B:33

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HHZrBYwJZ1OjStYl1TJ1zS26WzM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/ab83dc-c0e7-4ec3-af72-81917dffdcd7/1/SxSaEK75fo6HUiSdlZdckt_kH-0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/ab83dc-c0e7-4ec3-af72-81917dffdcd7/1/HHZrBYwJZ1OjStYl1TJ1zS26WzM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.171.52.0/24
                  185.171.54.0/23

    Signature Algorithm: sha256WithRSAEncryption
         c9:0c:d6:5e:a0:83:32:77:68:08:4e:49:89:e3:4b:7a:27:1d:
         7b:b7:bc:61:1d:10:f7:58:74:b6:b6:7e:5d:11:f4:a0:d2:e8:
         05:87:07:f9:68:de:ca:a9:4f:ab:1a:54:40:70:ff:24:ca:31:
         fe:aa:ed:c5:72:42:b1:c2:c5:3b:15:fd:3c:68:3a:ea:be:a5:
         bd:03:34:41:46:3e:5c:60:3b:0e:76:ca:84:39:81:59:48:13:
         94:00:c4:7b:b8:32:cf:6b:c4:7a:7a:3b:9c:23:64:84:3a:49:
         aa:02:44:5e:54:26:9a:b9:55:5f:32:c6:e5:b9:ae:0b:a9:54:
         14:ee:7f:5d:a9:ae:a9:1e:5d:3c:23:4a:00:e1:7b:c3:a1:aa:
         f6:5f:84:fc:8d:e0:40:00:ea:fa:99:73:96:57:ca:c1:39:03:
         2d:7b:88:27:f3:44:57:06:82:d9:8e:bb:16:03:fb:58:d3:84:
         fb:fe:72:f9:34:32:96:e5:46:b6:61:21:9b:5a:37:e2:20:3c:
         ca:d5:79:b2:c5:f0:52:51:b0:2d:15:e4:6c:3a:eb:c9:15:3c:
         3b:f1:8c:7f:33:26:11:80:e1:75:00:6a:dc:f1:e3:26:df:ca:
         1f:62:86:0b:de:9e:eb:8d:bc:f3:47:e0:a1:8f:31:b3:06:53:
         18:cc:e1:d0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVs5gme5g3rJ+t4sTLzQsqjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjNzY2YjA1OGMwOTY3NTNhMzRhZDYyNWQ1MzI3NWNkMmRi
YTViMzMwHhcNMjMwMTAxMTAzNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjE0OWExMGFlZjk3ZThlODc1MjI0OWQ5NTk3NWM5MmRmZTQxZmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg+2/6eRDDgiMz6s5k6Z/3eB5fj+s
vQeMonYof5jXVCmoYiAHHbFCxBeRvpELSrqcQjOnu33A2oMe9juanx2r5CI1/Bsb
Ybee6x7LgfUCu8IhaW1SLl/XVeNM5GV2VBwLxQ1tB/30shtsr6hfFtjMtiO+mj89
XWPkFMwsd6TeKJExSUHICOVyfsO3RJxRm15+kwnmRsC6s94sZl0fdP0q+6obRnnX
LfkDfjuUvM4yiN0VyUzuvelbWIgnEjcvXblCZeiXgGJzcZvixW6qI8Sr7WcbX/UY
P2F9MGyuy1cESXildDR3qxz5eOa5FTMHTVaYrHj6KEadd1Zeo8rcU8C3eQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEsUmhCu+X6Oh1IknZWXXJLf5B/tMB8GA1UdIwQY
MBaAFBx2awWMCWdTo0rWJdUydc0tulszMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEhackJZd0paMU9qU3RZbDFUSjF6UzI2V3pNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9hYjgzZGMtYzBlNy00ZWMzLWFmNzIt
ODE5MTdkZmZkY2Q3LzEvU3hTYUVLNzVmbzZIVWlTZGxaZGNrdF9rSC0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9hYjgzZGMtYzBlNy00ZWMzLWFmNzItODE5MTdkZmZkY2Q3
LzEvSEhackJZd0paMU9qU3RZbDFUSjF6UzI2V3pNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuas0AwQB
uas2MA0GCSqGSIb3DQEBCwUAA4IBAQDJDNZeoIMyd2gITkmJ40t6Jx17t7xhHRD3
WHS2tn5dEfSg0ugFhwf5aN7KqU+rGlRAcP8kyjH+qu3FckKxwsU7Ff08aDrqvqW9
AzRBRj5cYDsOdsqEOYFZSBOUAMR7uDLPa8R6ejucI2SEOkmqAkReVCaauVVfMsbl
ua4LqVQU7n9dqa6pHl08I0oA4XvDoar2X4T8jeBAAOr6mXOWV8rBOQMte4gn80RX
BoLZjrsWA/tY04T7/nL5NDKW5Ua2YSGbWjfiIDzK1XmyxfBSUbAtFeRsOuvJFTw7
8Yx/MyYRgOF1AGrc8eMm38ofYoYL3p7rjbzzR+ChjzGzBlMYzOHQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:38 2024 by rpki-client on console-fra.rpki-client.org