Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/igPSDrjebbBonIXldNhpUErY8iE.roa
File:                     igPSDrjebbBonIXldNhpUErY8iE.roa (raw, json)
Hash identifier:          mhVMJnB8NDGKQv9nBXLHrT5cY12ouv5IWSjxJ7B11i4=
Subject key identifier:   8A:03:D2:0E:B8:DE:6D:B0:68:9C:85:E5:74:D8:69:50:4A:D8:F2:21
Certificate issuer:       /CN=5324defbaade93e998e13a942029dd593b8b2ea3
Certificate serial:       018CC49336B154A5FAC834D58A3F0E974B95
Authority key identifier: 53:24:DE:FB:AA:DE:93:E9:98:E1:3A:94:20:29:DD:59:3B:8B:2E:A3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UyTe-6rek-mY4TqUICndWTuLLqM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/igPSDrjebbBonIXldNhpUErY8iE.roa
Signing time:             Mon 01 Jan 2024 10:30:31 +0000
ROA not before:           Mon 01 Jan 2024 10:30:31 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     30535
IP address blocks:        185.162.73.0/24 maxlen: 24
                          185.162.72.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sat 30 Mar 2024 22:11:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c4:93:36:b1:54:a5:fa:c8:34:d5:8a:3f:0e:97:4b:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5324defbaade93e998e13a942029dd593b8b2ea3
        Validity
            Not Before: Jan  1 10:30:31 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=8a03d20eb8de6db0689c85e574d869504ad8f221
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f7:a7:21:cd:b0:b8:b3:c3:90:41:14:8b:ef:f0:
                    dd:87:b3:f9:ce:58:18:30:50:bd:3a:f3:a3:ec:d7:
                    86:4b:53:8a:d5:06:27:f8:b4:b9:31:91:fa:12:6d:
                    aa:9a:2b:65:ca:f9:38:df:06:62:39:4c:2a:91:da:
                    68:1c:46:1a:ea:d0:28:2d:77:f2:d1:a5:08:24:9b:
                    a3:0f:ed:e4:ba:60:ad:cf:bd:54:db:a6:d1:6e:c3:
                    b0:f2:ae:c9:81:59:01:b7:30:d5:d5:45:af:c5:c3:
                    e5:92:1b:71:a8:1f:d8:68:86:7f:3c:9a:78:81:05:
                    87:ee:4b:aa:86:5d:91:75:40:85:9e:7b:1a:bf:56:
                    26:43:64:c5:05:c3:65:7f:44:9a:d7:bd:17:92:d8:
                    ef:85:0a:d3:83:b3:95:f9:b3:ef:02:a7:6c:11:23:
                    a9:c9:44:c4:67:99:52:42:57:f6:dd:ce:9d:c0:fb:
                    21:59:a6:c3:a7:45:b1:b1:f2:34:5f:1d:d3:65:a0:
                    c0:ee:ff:f2:40:f4:c5:90:70:18:92:e8:e3:6d:50:
                    4b:8d:52:ad:3e:b1:f1:c6:12:2a:d3:18:f6:a9:1d:
                    a4:53:dd:2f:65:4d:84:cf:02:4b:2d:3a:37:e7:b8:
                    cb:f0:96:44:09:19:42:5f:e0:77:7e:95:bb:ec:de:
                    be:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:03:D2:0E:B8:DE:6D:B0:68:9C:85:E5:74:D8:69:50:4A:D8:F2:21
            X509v3 Authority Key Identifier:
                keyid:53:24:DE:FB:AA:DE:93:E9:98:E1:3A:94:20:29:DD:59:3B:8B:2E:A3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UyTe-6rek-mY4TqUICndWTuLLqM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/igPSDrjebbBonIXldNhpUErY8iE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/294e84-cfc5-45a4-a5cd-33b7459975e0/1/UyTe-6rek-mY4TqUICndWTuLLqM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.162.72.0/23

    Signature Algorithm: sha256WithRSAEncryption
         92:70:ec:ae:48:4a:1f:1d:1d:a5:55:0b:ed:d7:89:cf:0f:e5:
         e5:ff:77:90:b0:c2:e0:1f:76:31:74:77:25:01:e5:12:7d:64:
         19:2b:36:7f:f4:51:1f:db:3c:a8:90:8d:31:44:30:4d:26:b5:
         e4:af:0f:2c:6c:ae:a6:a6:70:c9:41:f3:b2:6a:4d:72:7c:c4:
         07:45:f7:e2:72:8d:bb:f9:fe:78:9d:47:f6:0c:4b:a3:23:4f:
         59:b6:de:0c:67:07:1c:ed:8b:92:b9:53:10:ba:96:ff:92:84:
         72:0c:df:c9:c1:7f:cf:6a:31:71:a1:0e:6c:f3:ce:aa:bc:77:
         44:c2:51:5e:94:c8:05:27:5b:91:cd:bb:72:00:ec:aa:1e:97:
         b7:ec:1c:b2:a3:0c:c2:51:b1:8d:be:57:a4:10:f4:3d:fd:70:
         27:40:ec:f9:4c:d2:9c:82:e5:40:25:58:94:4f:c4:73:12:e8:
         6b:d5:7d:86:65:2f:f1:4a:0f:95:7e:c4:fd:b4:43:2b:53:e9:
         ca:26:81:c9:05:3a:d5:89:ca:b3:82:dc:db:89:b8:60:4f:41:
         82:d0:71:28:b1:d9:68:94:be:71:77:27:e4:1d:53:56:be:95:
         01:9e:91:17:00:26:89:6e:6d:be:39:79:e9:1f:17:9d:72:8b:
         c9:94:7e:63
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEkzaxVKX6yDTVij8Ol0uVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzMjRkZWZiYWFkZTkzZTk5OGUxM2E5NDIwMjlkZDU5M2I4
YjJlYTMwHhcNMjQwMTAxMTAzMDMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTAzZDIwZWI4ZGU2ZGIwNjg5Yzg1ZTU3NGQ4Njk1MDRhZDhmMjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA96chzbC4s8OQQRSL7/Ddh7P5zlgY
MFC9OvOj7NeGS1OK1QYn+LS5MZH6Em2qmitlyvk43wZiOUwqkdpoHEYa6tAoLXfy
0aUIJJujD+3kumCtz71U26bRbsOw8q7JgVkBtzDV1UWvxcPlkhtxqB/YaIZ/PJp4
gQWH7kuqhl2RdUCFnnsav1YmQ2TFBcNlf0Sa170XktjvhQrTg7OV+bPvAqdsESOp
yUTEZ5lSQlf23c6dwPshWabDp0WxsfI0Xx3TZaDA7v/yQPTFkHAYkujjbVBLjVKt
PrHxxhIq0xj2qR2kU90vZU2EzwJLLTo357jL8JZECRlCX+B3fpW77N6+xQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIoD0g643m2waJyF5XTYaVBK2PIhMB8GA1UdIwQY
MBaAFFMk3vuq3pPpmOE6lCAp3Vk7iy6jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXlUZS02cmVrLW1ZNFRxVUlDbmRXVHVMTHFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS8yOTRlODQtY2ZjNS00NWE0LWE1Y2Qt
MzNiNzQ1OTk3NWUwLzEvaWdQU0RyamViYkJvbklYbGROaHBVRXJZOGlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS8yOTRlODQtY2ZjNS00NWE0LWE1Y2QtMzNiNzQ1OTk3NWUw
LzEvVXlUZS02cmVrLW1ZNFRxVUlDbmRXVHVMTHFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuaJIMA0G
CSqGSIb3DQEBCwUAA4IBAQCScOyuSEofHR2lVQvt14nPD+Xl/3eQsMLgH3YxdHcl
AeUSfWQZKzZ/9FEf2zyokI0xRDBNJrXkrw8sbK6mpnDJQfOyak1yfMQHRffico27
+f54nUf2DEujI09Ztt4MZwcc7YuSuVMQupb/koRyDN/JwX/PajFxoQ5s886qvHdE
wlFelMgFJ1uRzbtyAOyqHpe37ByyowzCUbGNvlekEPQ9/XAnQOz5TNKcguVAJViU
T8RzEuhr1X2GZS/xSg+VfsT9tEMrU+nKJoHJBTrVicqzgtzbibhgT0GC0HEosdlo
lL5xdyfkHVNWvpUBnpEXACaJbm2+OXnpHxedcovJlH5j
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:09 2024 by rpki-client on console-ams.rpki-client.org