Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/M0c5MlWEYRPm-DlPyKkfvau0Yds.roa
File:                     M0c5MlWEYRPm-DlPyKkfvau0Yds.roa (raw, json)
Hash identifier:          CbxAG1XPX3W3FD5DdKu7vtOT0x9v5SdqZ7GDquPvBig=
Subject key identifier:   33:47:39:32:55:84:61:13:E6:F8:39:4F:C8:A9:1F:BD:AB:B4:61:DB
Certificate issuer:       /CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
Certificate serial:       018C82213F3FD8D80A324C681BC8FB50930C
Authority key identifier: AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/M0c5MlWEYRPm-DlPyKkfvau0Yds.roa
Signing time:             Tue 19 Dec 2023 12:51:06 +0000
ROA not before:           Tue 19 Dec 2023 12:51:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     203576
IP address blocks:        185.148.241.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:29:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:82:21:3f:3f:d8:d8:0a:32:4c:68:1b:c8:fb:50:93:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
        Validity
            Not Before: Dec 19 12:51:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3347393255846113e6f8394fc8a91fbdabb461db
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:30:b4:bd:df:67:ad:65:85:60:f3:23:c7:e0:
                    dc:2b:65:73:9a:9d:d0:a4:43:fe:0f:d2:66:7c:ac:
                    75:6d:21:6f:23:0a:9b:1a:29:ae:48:8f:68:92:20:
                    ff:5f:00:dc:f0:87:5d:d8:0b:ad:c1:4f:d3:98:c4:
                    19:c7:b6:e7:94:8c:05:ba:0c:1c:e7:0d:47:51:f6:
                    d6:56:0b:5d:d7:3f:bb:70:65:14:e9:b8:c3:34:1e:
                    d2:bd:95:36:1d:e6:9e:a8:d7:a3:a3:ef:84:a1:4a:
                    30:9e:16:76:bd:48:6e:4e:9e:76:41:16:62:7d:b8:
                    5c:45:cd:eb:7c:3a:64:99:54:dd:b6:c6:fb:96:a3:
                    79:13:19:95:ad:cc:9a:b8:aa:7f:b8:8f:24:2f:e3:
                    cc:c2:bb:49:ac:ad:da:a1:b8:5b:59:58:0a:ee:97:
                    3e:75:19:e3:60:78:4d:51:08:24:56:53:8c:b1:eb:
                    bb:01:ff:c3:39:da:77:03:ab:b6:f5:13:25:89:ee:
                    00:55:bf:f4:b9:a3:b2:0f:79:00:b2:0e:f3:97:0f:
                    12:07:c4:8d:b5:27:8f:65:cd:c1:4a:c7:5d:20:62:
                    50:93:ea:3a:7c:05:c2:b8:aa:a7:5b:75:e5:ba:94:
                    63:ea:8a:cf:b2:c2:d9:2e:81:5a:eb:ad:8e:95:7f:
                    dd:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:47:39:32:55:84:61:13:E6:F8:39:4F:C8:A9:1F:BD:AB:B4:61:DB
            X509v3 Authority Key Identifier:
                keyid:AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/M0c5MlWEYRPm-DlPyKkfvau0Yds.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.148.241.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3f:6c:e3:3d:01:44:46:71:43:df:f8:be:2c:d4:b2:95:af:62:
         30:f1:5c:38:45:4a:b3:aa:6d:03:4d:1e:39:27:a9:05:39:5f:
         4c:bd:90:df:b7:f1:19:c0:e1:c0:d0:b7:c7:bf:1e:13:b0:44:
         0b:b3:a4:b2:bf:e9:60:be:0c:de:59:ce:d6:dd:78:c2:60:4e:
         9b:3a:cb:50:41:60:4c:91:84:04:d2:bb:29:1e:44:1c:4b:79:
         4b:62:5f:b8:c7:ef:a9:09:6e:80:e2:ab:c8:82:04:00:91:c6:
         0f:bb:f9:3e:3d:d0:16:51:fa:72:d7:bb:1e:ea:78:03:cd:f0:
         ee:0c:e2:48:c1:06:45:e3:2b:9c:35:ef:76:97:57:91:8b:8b:
         6b:9b:0e:85:1e:ea:94:06:5f:35:f1:0b:78:ea:57:b9:6e:69:
         57:84:a9:de:a9:d5:a9:82:20:7d:92:cb:71:a6:d7:a5:39:1c:
         0b:5b:d4:ae:b3:2a:45:29:78:1f:dc:d0:8d:ce:a9:bf:b9:e0:
         3b:5c:3c:8b:7e:58:cf:20:a0:dd:96:d9:b2:0c:d3:72:35:43:
         c6:68:5f:f5:ce:38:14:16:08:66:ef:2e:43:80:e6:af:b4:8c:
         2b:e5:dd:0e:9c:75:c9:2d:8a:90:9d:59:c5:43:18:27:35:9d:
         ab:ba:75:fa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYyCIT8/2NgKMkxoG8j7UJMMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMGRhNDNiNGE1ZDNkYjc4YmEzZjc3NGU1YjMxYjc3MDM3
MjAyZDUwHhcNMjMxMjE5MTI1MTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzQ3MzkzMjU1ODQ2MTEzZTZmODM5NGZjOGE5MWZiZGFiYjQ2MWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzTC0vd9nrWWFYPMjx+DcK2Vzmp3Q
pEP+D9JmfKx1bSFvIwqbGimuSI9okiD/XwDc8Idd2AutwU/TmMQZx7bnlIwFugwc
5w1HUfbWVgtd1z+7cGUU6bjDNB7SvZU2HeaeqNejo++EoUownhZ2vUhuTp52QRZi
fbhcRc3rfDpkmVTdtsb7lqN5ExmVrcyauKp/uI8kL+PMwrtJrK3aobhbWVgK7pc+
dRnjYHhNUQgkVlOMseu7Af/DOdp3A6u29RMlie4AVb/0uaOyD3kAsg7zlw8SB8SN
tSePZc3BSsddIGJQk+o6fAXCuKqnW3XlupRj6orPssLZLoFa662OlX/dxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDNHOTJVhGET5vg5T8ipH72rtGHbMB8GA1UdIwQY
MBaAFK0NpDtKXT23i6P3dOWzG3cDcgLVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTct
YzUxNWYzNTRjYzVhLzEvTTBjNU1sV0VZUlBtLURsUHlLa2Z2YXUwWWRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTctYzUxNWYzNTRjYzVh
LzEvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZTxMA0G
CSqGSIb3DQEBCwUAA4IBAQA/bOM9AURGcUPf+L4s1LKVr2Iw8Vw4RUqzqm0DTR45
J6kFOV9MvZDft/EZwOHA0LfHvx4TsEQLs6Syv+lgvgzeWc7W3XjCYE6bOstQQWBM
kYQE0rspHkQcS3lLYl+4x++pCW6A4qvIggQAkcYPu/k+PdAWUfpy17se6ngDzfDu
DOJIwQZF4yucNe92l1eRi4trmw6FHuqUBl818Qt46le5bmlXhKneqdWpgiB9kstx
ptelORwLW9SusypFKXgf3NCNzqm/ueA7XDyLfljPIKDdltmyDNNyNUPGaF/1zjgU
Fghm7y5DgOavtIwr5d0OnHXJLYqQnVnFQxgnNZ2runX6
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:45 2024 by rpki-client on console-ams.rpki-client.org