Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/19RLXpFb-dNqnb-RxcOPvRYhR54.roa
File:                     19RLXpFb-dNqnb-RxcOPvRYhR54.roa (raw, json)
Hash identifier:          rDKI3qW965typECIh3XWJCwWdoEsmogUsnRJtqJoPtE=
Subject key identifier:   D7:D4:4B:5E:91:5B:F9:D3:6A:9D:BF:91:C5:C3:8F:BD:16:21:47:9E
Certificate issuer:       /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial:       0185739017B82D67EB6E6F2A6148BCC12197
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/19RLXpFb-dNqnb-RxcOPvRYhR54.roa
Signing time:             Mon 02 Jan 2023 17:38:21 +0000
ROA not before:           Mon 02 Jan 2023 17:38:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     213250
IP address blocks:        185.234.72.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 27 Mar 2023 17:31:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:90:17:b8:2d:67:eb:6e:6f:2a:61:48:bc:c1:21:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
        Validity
            Not Before: Jan  2 17:38:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d7d44b5e915bf9d36a9dbf91c5c38fbd1621479e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:5e:f1:74:69:2b:b1:ec:00:9c:c9:8a:b5:c7:
                    02:97:0b:ff:c4:9a:2a:a4:de:33:64:1d:62:e2:5f:
                    ea:4b:f4:9f:c8:0c:06:9a:a2:a7:67:7b:ba:50:3b:
                    f1:c8:d0:af:0e:f7:25:c1:cd:59:10:9b:08:fa:c4:
                    8d:51:ac:fe:f8:62:4a:d9:59:62:3c:05:08:5e:28:
                    d7:1d:fa:5a:24:1f:1f:f9:17:f5:11:3a:e8:39:0d:
                    ea:fa:36:fc:c4:92:bc:3d:f5:eb:ee:d4:4e:dc:c9:
                    52:9c:c9:63:b7:ae:20:ef:f0:16:47:d8:3b:a7:a2:
                    54:14:ce:5e:7b:50:32:57:e6:54:83:12:0f:07:01:
                    f9:14:43:9f:34:d4:90:c5:e2:8e:3b:f5:78:2d:0d:
                    73:cf:50:67:ed:ac:5d:22:29:b5:0b:c9:e8:6c:3b:
                    1f:57:57:a7:9b:f1:50:f3:9e:f2:f3:48:6f:0f:56:
                    a0:0b:fa:b2:df:4d:4a:98:b2:9b:38:71:27:a4:4c:
                    a1:e3:f0:18:59:e6:bc:fc:6c:56:51:95:d4:7e:c7:
                    31:50:b0:00:f0:5f:1c:c9:d3:d2:45:4b:08:49:8a:
                    76:75:4b:e0:68:46:de:38:26:a9:1d:87:95:6b:c9:
                    36:54:0e:85:16:03:52:eb:a7:e6:bc:09:72:e0:c7:
                    b1:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:D4:4B:5E:91:5B:F9:D3:6A:9D:BF:91:C5:C3:8F:BD:16:21:47:9E
            X509v3 Authority Key Identifier:
                keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/19RLXpFb-dNqnb-RxcOPvRYhR54.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.234.72.0/24

    Signature Algorithm: sha256WithRSAEncryption
         54:0d:fb:ae:b6:85:05:93:7a:59:cb:b6:42:f6:f4:80:4b:e2:
         31:13:49:ae:86:e9:70:88:b1:1d:5e:03:98:11:a1:b7:69:86:
         a3:65:8e:f7:e7:b8:5a:1b:0c:ea:7c:53:be:d0:6c:3c:74:a1:
         98:ba:8e:01:5c:01:08:44:bf:d1:37:cc:96:a7:28:e6:db:1f:
         db:59:dd:27:2b:eb:47:10:0c:0e:87:03:6e:85:af:03:e2:3b:
         e4:7c:59:1a:de:4a:3a:2b:4c:27:38:d5:d6:e3:d2:be:22:65:
         5e:97:a9:38:29:32:de:df:9b:d3:b4:29:2a:7b:26:e9:48:48:
         be:fc:06:9f:b9:0e:3f:f0:d9:13:e9:72:27:f1:cc:10:22:4f:
         ed:19:4b:85:a3:de:56:a8:75:6a:2a:6b:a3:2e:d9:fb:a4:5e:
         da:ef:14:ff:89:6a:d3:54:58:7c:cb:ce:f0:ea:47:ca:fb:77:
         68:77:3c:6b:53:02:2f:69:55:4b:85:33:11:1c:96:6a:e5:b1:
         69:4c:a9:93:fa:bd:be:bd:df:cd:b1:01:bf:2c:a8:89:5a:7c:
         70:26:d9:7d:1e:58:0e:81:fa:ed:5e:9b:0f:e6:9d:ab:a1:11:
         92:4e:4f:d6:d3:0e:1d:a3:39:ee:bc:1a:76:85:a1:b1:ba:71:
         ed:53:99:a2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzkBe4LWfrbm8qYUi8wSGXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwMTAyMTczODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2Q0NGI1ZTkxNWJmOWQzNmE5ZGJmOTFjNWMzOGZiZDE2MjE0NzllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwl7xdGkrsewAnMmKtccClwv/xJoq
pN4zZB1i4l/qS/SfyAwGmqKnZ3u6UDvxyNCvDvclwc1ZEJsI+sSNUaz++GJK2Vli
PAUIXijXHfpaJB8f+Rf1ETroOQ3q+jb8xJK8PfXr7tRO3MlSnMljt64g7/AWR9g7
p6JUFM5ee1AyV+ZUgxIPBwH5FEOfNNSQxeKOO/V4LQ1zz1Bn7axdIim1C8nobDsf
V1enm/FQ857y80hvD1agC/qy301KmLKbOHEnpEyh4/AYWea8/GxWUZXUfscxULAA
8F8cydPSRUsISYp2dUvgaEbeOCapHYeVa8k2VA6FFgNS66fmvAly4MexxwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNfUS16RW/nTap2/kcXDj70WIUeeMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvMTlSTFhwRmItZE5xbmItUnhjT1B2UlloUjU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuepIMA0G
CSqGSIb3DQEBCwUAA4IBAQBUDfuutoUFk3pZy7ZC9vSAS+IxE0muhulwiLEdXgOY
EaG3aYajZY7357haGwzqfFO+0Gw8dKGYuo4BXAEIRL/RN8yWpyjm2x/bWd0nK+tH
EAwOhwNuha8D4jvkfFka3ko6K0wnONXW49K+ImVel6k4KTLe35vTtCkqeybpSEi+
/AafuQ4/8NkT6XIn8cwQIk/tGUuFo95WqHVqKmujLtn7pF7a7xT/iWrTVFh8y87w
6kfK+3dodzxrUwIvaVVLhTMRHJZq5bFpTKmT+r2+vd/NsQG/LKiJWnxwJtl9HlgO
gfrtXpsP5p2roRGSTk/W0w4doznuvBp2haGxunHtU5mi
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:48 2024 by rpki-client on console-fra.rpki-client.org