Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/fbffbc-ab82-4058-b8b7-d0c82a3cf4b6/1/EdLgtaOVZPVGHKsxIsb6kUwAjDY.roa
File:                     EdLgtaOVZPVGHKsxIsb6kUwAjDY.roa (raw, json)
Hash identifier:          vM0jWy81CpORrBtmUFb2FAeGKf4laix7dYUNbRIE7+g=
Subject key identifier:   11:D2:E0:B5:A3:95:64:F5:46:1C:AB:31:22:C6:FA:91:4C:00:8C:36
Certificate issuer:       /CN=d7219ec7383fa0610480ddfa62c3f82c400cd56f
Certificate serial:       01857042AB1CEDBDE193292DD2C6933DA832
Authority key identifier: D7:21:9E:C7:38:3F:A0:61:04:80:DD:FA:62:C3:F8:2C:40:0C:D5:6F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1yGexzg_oGEEgN36YsP4LEAM1W8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/fbffbc-ab82-4058-b8b7-d0c82a3cf4b6/1/EdLgtaOVZPVGHKsxIsb6kUwAjDY.roa
Signing time:             Mon 02 Jan 2023 02:14:55 +0000
ROA not before:           Mon 02 Jan 2023 02:14:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     150303
IP address blocks:        185.103.7.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 08 Mar 2023 08:04:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:42:ab:1c:ed:bd:e1:93:29:2d:d2:c6:93:3d:a8:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d7219ec7383fa0610480ddfa62c3f82c400cd56f
        Validity
            Not Before: Jan  2 02:14:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=11d2e0b5a39564f5461cab3122c6fa914c008c36
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:28:93:ce:8c:0c:ea:0a:cc:a3:c8:b5:6d:fc:
                    95:e1:78:24:e9:f6:de:87:d1:71:27:b7:6b:3c:8c:
                    04:c1:03:f5:d0:f4:e1:43:c5:42:87:1c:c7:db:5c:
                    10:4f:4c:2e:b6:5b:e3:62:02:43:fe:06:61:68:4b:
                    3e:0d:6b:a4:96:ad:6e:85:8c:41:19:ab:9b:6d:50:
                    f6:51:97:31:76:9b:51:24:41:56:46:2d:fb:9a:d7:
                    bf:16:e2:ce:06:43:f7:7a:5a:e9:8f:56:8d:ec:6b:
                    32:9b:7e:7c:70:ee:5c:a6:a3:6e:85:dd:5f:7d:94:
                    9a:7a:84:fe:f1:db:70:96:66:c7:f1:df:b8:20:ff:
                    cd:1e:56:64:12:90:32:4b:ec:97:fa:ad:bb:fe:ef:
                    69:89:a6:91:65:0a:78:c6:57:bc:4a:e6:99:ba:ba:
                    5c:d5:f9:23:ef:1a:18:97:17:c9:77:89:46:a5:0f:
                    b8:84:b8:87:8b:7e:c4:af:f8:6e:fa:e2:b3:80:88:
                    a4:ff:bd:51:ec:d6:89:a4:5d:95:1e:0d:a1:65:4a:
                    a7:00:53:2b:c8:a6:27:96:b9:16:ce:04:f1:b8:0a:
                    60:a5:24:06:39:9e:e3:9f:76:ea:f5:78:67:4c:04:
                    d4:e0:45:51:62:85:e1:a5:3a:d3:35:64:36:5d:13:
                    ed:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:D2:E0:B5:A3:95:64:F5:46:1C:AB:31:22:C6:FA:91:4C:00:8C:36
            X509v3 Authority Key Identifier:
                keyid:D7:21:9E:C7:38:3F:A0:61:04:80:DD:FA:62:C3:F8:2C:40:0C:D5:6F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1yGexzg_oGEEgN36YsP4LEAM1W8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/fbffbc-ab82-4058-b8b7-d0c82a3cf4b6/1/EdLgtaOVZPVGHKsxIsb6kUwAjDY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/fbffbc-ab82-4058-b8b7-d0c82a3cf4b6/1/1yGexzg_oGEEgN36YsP4LEAM1W8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.103.7.0/24

    Signature Algorithm: sha256WithRSAEncryption
         40:9f:b8:bf:9f:ae:1a:5a:7b:35:e7:f7:3e:a6:29:f3:49:47:
         c1:7b:69:eb:75:79:e9:88:70:26:e4:0a:63:51:68:b0:89:48:
         45:b6:97:13:43:d9:5f:2b:4a:ef:7e:9b:2d:d5:4c:f1:00:47:
         04:7e:a8:ba:60:ee:63:c8:e2:5e:94:54:70:0a:4b:95:d6:c8:
         44:b3:99:5d:46:ea:d6:18:d0:e3:1b:46:d9:bb:75:75:76:0f:
         81:a6:77:e2:a0:8b:32:4c:42:d3:b0:2e:38:fd:5c:88:57:41:
         3d:a6:94:67:75:d9:c3:76:56:02:c4:33:9c:d8:30:3d:76:35:
         b2:81:b1:e0:57:0f:bd:b1:2a:37:93:d7:b6:a7:c1:07:c4:be:
         48:b6:bb:da:12:ae:6b:73:c1:2c:7f:d9:e5:27:b2:45:98:a8:
         68:12:fe:44:92:08:14:1c:1d:a0:cd:1b:09:ce:44:84:d8:c6:
         9d:c7:75:6f:41:03:9b:a9:26:88:d3:3c:e8:fe:0c:7f:01:c2:
         8d:b2:19:97:62:83:10:26:63:d4:d1:95:9b:8d:be:c5:5a:33:
         74:7b:1d:76:38:d2:77:43:e1:a7:41:db:05:2a:7a:0f:8c:8a:
         5e:2f:fb:fa:bf:25:19:36:1b:07:ff:c9:cd:37:d4:e1:6a:58:
         e4:18:06:28
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwQqsc7b3hkykt0saTPagyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3MjE5ZWM3MzgzZmEwNjEwNDgwZGRmYTYyYzNmODJjNDAw
Y2Q1NmYwHhcNMjMwMTAyMDIxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMWQyZTBiNWEzOTU2NGY1NDYxY2FiMzEyMmM2ZmE5MTRjMDA4YzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqiiTzowM6grMo8i1bfyV4Xgk6fbe
h9FxJ7drPIwEwQP10PThQ8VChxzH21wQT0wutlvjYgJD/gZhaEs+DWuklq1uhYxB
GaubbVD2UZcxdptRJEFWRi37mte/FuLOBkP3elrpj1aN7Gsym358cO5cpqNuhd1f
fZSaeoT+8dtwlmbH8d+4IP/NHlZkEpAyS+yX+q27/u9piaaRZQp4xle8SuaZurpc
1fkj7xoYlxfJd4lGpQ+4hLiHi37Er/hu+uKzgIik/71R7NaJpF2VHg2hZUqnAFMr
yKYnlrkWzgTxuApgpSQGOZ7jn3bq9XhnTATU4EVRYoXhpTrTNWQ2XRPtJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBHS4LWjlWT1RhyrMSLG+pFMAIw2MB8GA1UdIwQY
MBaAFNchnsc4P6BhBIDd+mLD+CxADNVvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXlHZXh6Z19vR0VFZ04zNllzUDRMRUFNMVc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9mYmZmYmMtYWI4Mi00MDU4LWI4Yjct
ZDBjODJhM2NmNGI2LzEvRWRMZ3RhT1ZaUFZHSEtzeElzYjZrVXdBakRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9mYmZmYmMtYWI4Mi00MDU4LWI4YjctZDBjODJhM2NmNGI2
LzEvMXlHZXh6Z19vR0VFZ04zNllzUDRMRUFNMVc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuWcHMA0G
CSqGSIb3DQEBCwUAA4IBAQBAn7i/n64aWns15/c+pinzSUfBe2nrdXnpiHAm5Apj
UWiwiUhFtpcTQ9lfK0rvfpst1UzxAEcEfqi6YO5jyOJelFRwCkuV1shEs5ldRurW
GNDjG0bZu3V1dg+BpnfioIsyTELTsC44/VyIV0E9ppRnddnDdlYCxDOc2DA9djWy
gbHgVw+9sSo3k9e2p8EHxL5ItrvaEq5rc8Esf9nlJ7JFmKhoEv5EkggUHB2gzRsJ
zkSE2Madx3VvQQObqSaI0zzo/gx/AcKNshmXYoMQJmPU0ZWbjb7FWjN0ex12ONJ3
Q+GnQdsFKnoPjIpeL/v6vyUZNhsH/8nNN9ThaljkGAYo
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:10 2024 by rpki-client on console-fra.rpki-client.org