Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/OrWcWimhhlMPD8kxZaUDL7wgyl4.roa
File:                     OrWcWimhhlMPD8kxZaUDL7wgyl4.roa (raw, json)
Hash identifier:          n5opDvFBemnoVX4XRR7PJzSiWqS7jCcyFBQbvOh/b5s=
Subject key identifier:   3A:B5:9C:5A:29:A1:86:53:0F:0F:C9:31:65:A5:03:2F:BC:20:CA:5E
Certificate issuer:       /CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Certificate serial:       018CC649E7EDEDAE87EA431CB9A626E6CADC
Authority key identifier: 05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/OrWcWimhhlMPD8kxZaUDL7wgyl4.roa
Signing time:             Mon 01 Jan 2024 18:29:41 +0000
ROA not before:           Mon 01 Jan 2024 18:29:41 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     200024
IP address blocks:        85.196.136.0/24 maxlen: 24
                          151.251.38.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 06 Mar 2024 13:14:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:49:e7:ed:ed:ae:87:ea:43:1c:b9:a6:26:e6:ca:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0548cedf17029ed98a108113c6c109ecaccd82ec
        Validity
            Not Before: Jan  1 18:29:41 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=3ab59c5a29a186530f0fc93165a5032fbc20ca5e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:e6:77:d5:cc:43:35:10:37:ba:1f:d4:5d:cd:
                    4f:a5:e4:55:69:34:b1:b8:d9:0d:23:2e:71:2d:ef:
                    2d:da:b7:58:74:42:11:4d:d6:54:b5:c1:49:43:2c:
                    0b:c5:04:f6:24:b2:b8:a6:5a:13:c0:de:94:09:bd:
                    30:69:95:9c:6e:14:35:b0:79:2c:b8:ad:a4:df:58:
                    20:37:e9:89:b5:cc:ee:e7:33:0d:10:fd:e1:19:8e:
                    c4:35:87:0d:c8:e7:8b:88:40:d6:52:f2:f3:6c:e7:
                    07:9a:e8:5f:e5:4b:99:2f:ca:3d:ee:71:73:f6:fc:
                    ac:10:47:81:c9:ce:7a:10:3a:0c:63:34:5d:72:69:
                    25:5a:87:17:db:00:42:2f:5b:a0:20:3b:bb:84:89:
                    b6:7e:7e:86:1c:f0:db:94:2e:6e:44:7b:63:34:d0:
                    d0:2a:74:71:6b:a5:7e:7c:e7:6b:57:96:4d:b1:56:
                    b8:d8:d7:7e:93:59:1d:43:d9:ae:e8:75:2a:d8:c5:
                    2d:9c:0b:42:28:cd:10:d5:1a:52:af:a4:f7:16:28:
                    c2:e3:85:4a:55:8d:3f:5f:16:31:84:ee:c3:1d:f2:
                    34:3f:88:44:6e:7c:9c:d5:92:3c:97:42:18:65:c7:
                    24:2d:fe:3a:f4:5c:ca:1a:f0:c4:af:85:47:24:02:
                    b8:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:B5:9C:5A:29:A1:86:53:0F:0F:C9:31:65:A5:03:2F:BC:20:CA:5E
            X509v3 Authority Key Identifier:
                keyid:05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/OrWcWimhhlMPD8kxZaUDL7wgyl4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.196.136.0/24
                  151.251.38.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8b:4e:8f:59:b0:b8:0c:a4:c4:f2:6d:8d:e2:54:0c:00:9b:ad:
         88:39:b5:00:4c:85:c8:5d:68:da:21:91:6d:00:98:dd:7c:e1:
         da:96:3e:3c:b0:ff:16:ad:5d:71:ba:c9:de:f3:b3:f4:d7:af:
         87:ba:4e:32:ac:02:27:3c:68:c3:8c:52:f6:95:fc:17:09:9f:
         30:7a:63:04:29:54:1b:2d:14:37:13:2a:09:a8:e1:b7:d3:be:
         92:7a:ca:f3:1e:5b:27:7e:71:7e:8a:f4:04:5d:50:2e:ba:e8:
         ee:76:8a:ef:f4:e7:85:6c:80:3d:36:28:1f:ae:a5:b5:b2:a5:
         e9:c3:50:d7:44:d8:bf:af:51:93:45:04:d4:52:d9:bc:8f:e4:
         82:b1:c2:ac:65:00:e2:64:fe:52:d2:57:0c:8b:8f:5e:9b:f3:
         60:d3:01:df:12:c0:8c:05:8f:94:72:1a:24:ca:47:86:0e:bf:
         73:14:59:e4:4b:64:9c:ab:dc:93:d2:74:e2:1c:ca:d2:f8:80:
         5e:92:53:58:5e:e5:ed:93:22:8e:41:6f:16:e5:ff:55:af:bd:
         3f:5c:83:36:bf:db:e4:fc:e1:28:1e:91:2a:46:5c:64:fb:64:
         19:8f:5f:f0:b8:1d:9f:e8:a2:2a:be:8c:58:f7:ae:34:96:dc:
         4c:87:59:b1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzGSeft7a6H6kMcuaYm5srcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NDhjZWRmMTcwMjllZDk4YTEwODExM2M2YzEwOWVjYWNj
ZDgyZWMwHhcNMjQwMTAxMTgyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWI1OWM1YTI5YTE4NjUzMGYwZmM5MzE2NWE1MDMyZmJjMjBjYTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAheZ31cxDNRA3uh/UXc1PpeRVaTSx
uNkNIy5xLe8t2rdYdEIRTdZUtcFJQywLxQT2JLK4ploTwN6UCb0waZWcbhQ1sHks
uK2k31ggN+mJtczu5zMNEP3hGY7ENYcNyOeLiEDWUvLzbOcHmuhf5UuZL8o97nFz
9vysEEeByc56EDoMYzRdcmklWocX2wBCL1ugIDu7hIm2fn6GHPDblC5uRHtjNNDQ
KnRxa6V+fOdrV5ZNsVa42Nd+k1kdQ9mu6HUq2MUtnAtCKM0Q1RpSr6T3FijC44VK
VY0/XxYxhO7DHfI0P4hEbnyc1ZI8l0IYZcckLf469FzKGvDEr4VHJAK4CwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDq1nFopoYZTDw/JMWWlAy+8IMpeMB8GA1UdIwQY
MBaAFAVIzt8XAp7ZihCBE8bBCeyszYLsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAt
N2ZiYmFlNmY5NDM3LzEvT3JXY1dpbWhobE1QRDhreFphVURMN3dneWw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAtN2ZiYmFlNmY5NDM3
LzEvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVcSIAwQA
l/smMA0GCSqGSIb3DQEBCwUAA4IBAQCLTo9ZsLgMpMTybY3iVAwAm62IObUATIXI
XWjaIZFtAJjdfOHalj48sP8WrV1xusne87P016+Huk4yrAInPGjDjFL2lfwXCZ8w
emMEKVQbLRQ3EyoJqOG3076SesrzHlsnfnF+ivQEXVAuuujudorv9OeFbIA9Nigf
rqW1sqXpw1DXRNi/r1GTRQTUUtm8j+SCscKsZQDiZP5S0lcMi49em/Ng0wHfEsCM
BY+UchokykeGDr9zFFnkS2Scq9yT0nTiHMrS+IBeklNYXuXtkyKOQW8W5f9Vr70/
XIM2v9vk/OEoHpEqRlxk+2QZj1/wuB2f6KIqvoxY9640ltxMh1mx
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:52 2024 by rpki-client on console-ams.rpki-client.org