Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/cc0750-f461-4d63-8ef2-68f32ea9f0a7/1/gFXo9vDiDs1DNXn24R37Froic5U.roa
File:                     gFXo9vDiDs1DNXn24R37Froic5U.roa (raw, json)
Hash identifier:          vGcDEmzMFBX5h0gEosAjibwH7E1BSGw9/if4vQeGlfU=
Subject key identifier:   80:55:E8:F6:F0:E2:0E:CD:43:35:79:F6:E1:1D:FB:16:BA:22:73:95
Certificate issuer:       /CN=fe42b4da0aea578ca27f25deb0cfed61a80b9ea2
Certificate serial:       018C7B80C69A7983104052F33A5E9C8C1D0F
Authority key identifier: FE:42:B4:DA:0A:EA:57:8C:A2:7F:25:DE:B0:CF:ED:61:A8:0B:9E:A2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_kK02grqV4yifyXesM_tYagLnqI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0c/cc0750-f461-4d63-8ef2-68f32ea9f0a7/1/gFXo9vDiDs1DNXn24R37Froic5U.roa
Signing time:             Mon 18 Dec 2023 05:58:06 +0000
ROA not before:           Mon 18 Dec 2023 05:58:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     48551
IP address blocks:        185.33.25.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:31:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:7b:80:c6:9a:79:83:10:40:52:f3:3a:5e:9c:8c:1d:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fe42b4da0aea578ca27f25deb0cfed61a80b9ea2
        Validity
            Not Before: Dec 18 05:58:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8055e8f6f0e20ecd433579f6e11dfb16ba227395
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:04:a2:4f:d0:d8:48:13:4c:8c:2d:e1:e5:c1:
                    7f:ac:af:d1:6b:7a:0e:18:b7:e7:aa:c8:1f:2b:67:
                    14:8a:06:c2:02:9c:6a:76:89:7e:5d:7f:3d:aa:10:
                    1e:c8:d9:1d:cd:88:4f:7d:1b:6e:c1:1c:ea:a1:dd:
                    0c:fe:b4:84:8a:0a:92:c5:87:e1:48:5b:08:cf:24:
                    1a:f8:94:b9:be:16:3e:5a:f6:a8:26:e8:d5:44:33:
                    6d:07:00:d5:93:84:0b:91:c1:41:e8:fa:9b:1c:f0:
                    ff:0b:1c:bc:f1:95:89:f1:4b:b5:5e:8f:9d:d6:78:
                    8f:c7:dd:62:79:39:ae:25:1d:d4:4d:39:06:28:62:
                    11:e2:fb:fc:c7:9c:95:19:1d:9f:2c:81:09:f3:dd:
                    31:9f:d4:19:8f:67:6c:28:e8:3d:ca:81:71:70:40:
                    36:0b:da:a1:cb:44:11:ad:83:d7:26:79:da:9b:0a:
                    0a:58:ee:bb:ab:83:f6:c7:df:08:67:73:6c:b2:a2:
                    3e:8a:fe:8f:e0:8f:b8:2c:70:d9:5b:6a:59:b7:30:
                    15:b8:57:45:8c:56:71:f3:89:b0:d9:de:77:d7:ba:
                    c5:55:ce:37:0b:8e:84:82:fc:d0:5e:d0:d7:cf:a8:
                    cd:91:c8:9c:8c:de:5d:1a:d0:82:8d:15:c8:2c:bc:
                    4c:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:55:E8:F6:F0:E2:0E:CD:43:35:79:F6:E1:1D:FB:16:BA:22:73:95
            X509v3 Authority Key Identifier:
                keyid:FE:42:B4:DA:0A:EA:57:8C:A2:7F:25:DE:B0:CF:ED:61:A8:0B:9E:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_kK02grqV4yifyXesM_tYagLnqI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/cc0750-f461-4d63-8ef2-68f32ea9f0a7/1/gFXo9vDiDs1DNXn24R37Froic5U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/cc0750-f461-4d63-8ef2-68f32ea9f0a7/1/_kK02grqV4yifyXesM_tYagLnqI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.33.25.0/24

    Signature Algorithm: sha256WithRSAEncryption
         75:e4:a5:e7:b8:c8:92:ab:29:48:84:c5:a5:7e:65:a1:a7:e4:
         1c:c3:97:a4:c7:eb:5c:49:58:5f:7d:e3:64:b7:e3:74:63:22:
         4f:df:8f:23:77:ae:f6:47:2c:27:dd:db:86:fd:85:b5:7b:66:
         47:e4:5b:6a:36:43:e4:5f:c9:53:2f:5a:75:a0:c0:04:c7:ce:
         a8:cb:06:00:07:13:bd:46:3d:08:44:6f:9e:88:19:63:cd:c6:
         5f:74:98:6f:b6:8d:74:1d:6c:91:d5:b9:33:b3:df:ce:77:dc:
         23:de:a4:99:ad:ec:ec:10:ad:5d:09:2a:05:b7:44:fd:ef:f6:
         57:68:2b:1b:ff:39:3f:f3:92:11:7a:3b:d3:c3:02:78:b6:ef:
         25:6e:d3:af:27:b9:9e:7b:a7:b0:cf:3a:00:32:62:77:57:56:
         b2:07:31:c7:33:c2:63:d1:2e:bf:4c:17:fa:09:b9:68:bc:72:
         da:2b:6f:03:ae:c5:da:3c:3a:e0:c9:85:c4:1a:fe:49:38:84:
         fc:99:0e:7b:ab:da:50:24:45:f8:ad:bb:9f:9e:8d:f8:03:e6:
         c2:c1:f2:91:7c:2b:e8:3b:98:ad:6e:38:bb:e9:d2:80:bb:67:
         c7:dc:00:cf:99:be:96:fe:25:0a:e4:ca:2c:61:eb:13:f5:f7:
         c3:44:a2:a3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYx7gMaaeYMQQFLzOl6cjB0PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNDJiNGRhMGFlYTU3OGNhMjdmMjVkZWIwY2ZlZDYxYTgw
YjllYTIwHhcNMjMxMjE4MDU1ODA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDU1ZThmNmYwZTIwZWNkNDMzNTc5ZjZlMTFkZmIxNmJhMjI3Mzk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAowSiT9DYSBNMjC3h5cF/rK/Ra3oO
GLfnqsgfK2cUigbCApxqdol+XX89qhAeyNkdzYhPfRtuwRzqod0M/rSEigqSxYfh
SFsIzyQa+JS5vhY+WvaoJujVRDNtBwDVk4QLkcFB6PqbHPD/Cxy88ZWJ8Uu1Xo+d
1niPx91ieTmuJR3UTTkGKGIR4vv8x5yVGR2fLIEJ890xn9QZj2dsKOg9yoFxcEA2
C9qhy0QRrYPXJnnamwoKWO67q4P2x98IZ3NssqI+iv6P4I+4LHDZW2pZtzAVuFdF
jFZx84mw2d5317rFVc43C46EgvzQXtDXz6jNkcicjN5dGtCCjRXILLxMzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIBV6Pbw4g7NQzV59uEd+xa6InOVMB8GA1UdIwQY
MBaAFP5CtNoK6leMon8l3rDP7WGoC56iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2tLMDJncnFWNHlpZnlYZXNNX3RZYWdMbnFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9jYzA3NTAtZjQ2MS00ZDYzLThlZjIt
NjhmMzJlYTlmMGE3LzEvZ0ZYbzl2RGlEczFETlhuMjRSMzdGcm9pYzVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9jYzA3NTAtZjQ2MS00ZDYzLThlZjItNjhmMzJlYTlmMGE3
LzEvX2tLMDJncnFWNHlpZnlYZXNNX3RZYWdMbnFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuSEZMA0G
CSqGSIb3DQEBCwUAA4IBAQB15KXnuMiSqylIhMWlfmWhp+Qcw5ekx+tcSVhffeNk
t+N0YyJP348jd672Rywn3duG/YW1e2ZH5FtqNkPkX8lTL1p1oMAEx86oywYABxO9
Rj0IRG+eiBljzcZfdJhvto10HWyR1bkzs9/Od9wj3qSZrezsEK1dCSoFt0T97/ZX
aCsb/zk/85IRejvTwwJ4tu8lbtOvJ7mee6ewzzoAMmJ3V1ayBzHHM8Jj0S6/TBf6
CblovHLaK28DrsXaPDrgyYXEGv5JOIT8mQ57q9pQJEX4rbufno34A+bCwfKRfCvo
O5itbji76dKAu2fH3ADPmb6W/iUK5MosYesT9ffDRKKj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:41 2024 by rpki-client on console-fra.rpki-client.org