Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/1507f8-e7d1-406f-9aeb-df169270b134/1/5kukDnHBuWfIErRmebJiko5fkpE.roa
File:                     5kukDnHBuWfIErRmebJiko5fkpE.roa (raw, json)
Hash identifier:          aoFYpvkRRkjGd53rn2EekJY3ouWZ5ecC9rv7F5e6VLM=
Subject key identifier:   E6:4B:A4:0E:71:C1:B9:67:C8:12:B4:66:79:B2:62:92:8E:5F:92:91
Certificate issuer:       /CN=bcf81437457cbc32dfa2732848243a89ee538708
Certificate serial:       01856FCB9A4AE8EA3E479BDBF87E42CA0BDB
Authority key identifier: BC:F8:14:37:45:7C:BC:32:DF:A2:73:28:48:24:3A:89:EE:53:87:08
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vPgUN0V8vDLfonMoSCQ6ie5Thwg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1b/1507f8-e7d1-406f-9aeb-df169270b134/1/5kukDnHBuWfIErRmebJiko5fkpE.roa
Signing time:             Mon 02 Jan 2023 00:04:52 +0000
ROA not before:           Mon 02 Jan 2023 00:04:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     48551
IP address blocks:        185.238.143.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 10:32:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:cb:9a:4a:e8:ea:3e:47:9b:db:f8:7e:42:ca:0b:db
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bcf81437457cbc32dfa2732848243a89ee538708
        Validity
            Not Before: Jan  2 00:04:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e64ba40e71c1b967c812b46679b262928e5f9291
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:16:74:2d:49:c1:fc:7a:6a:fe:e0:79:e0:98:
                    9d:6f:f4:79:a2:f0:61:fa:6a:89:84:89:40:50:8f:
                    39:79:df:b8:a2:b3:be:68:4a:21:02:5c:8d:de:5c:
                    e8:26:46:7e:11:25:f6:c0:15:cd:69:ec:39:de:80:
                    34:fc:6a:17:27:f3:02:50:32:10:c8:22:b7:a2:26:
                    9a:37:2b:f4:8b:5c:be:4c:ba:76:09:e3:88:56:76:
                    99:04:e8:62:0b:d9:ea:ef:50:c1:c7:ca:d8:c9:57:
                    75:20:f0:f4:f5:63:2c:91:02:1d:f5:a2:72:9b:0c:
                    6f:4b:e7:2b:a6:9f:bf:2f:3b:4e:78:c7:6d:9c:72:
                    c2:5c:fa:4d:ab:aa:1b:7d:e7:0e:cd:a2:04:02:9b:
                    49:36:8d:7b:0a:00:43:3f:97:a2:c6:73:f6:43:a4:
                    0d:60:7a:ec:e1:4d:5f:78:69:9c:e1:11:83:27:03:
                    97:e0:5b:41:be:7b:0c:d6:69:f7:16:03:73:39:5e:
                    19:a6:c6:42:0c:60:07:55:93:0e:9d:04:dc:75:d0:
                    fb:2f:b2:45:4e:90:a6:96:da:49:07:a0:8d:32:59:
                    df:2d:6e:b8:3f:cf:36:62:fa:86:0f:20:f1:79:14:
                    5b:a3:4c:27:56:44:e1:07:ba:ff:5a:41:cb:22:9e:
                    c7:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:4B:A4:0E:71:C1:B9:67:C8:12:B4:66:79:B2:62:92:8E:5F:92:91
            X509v3 Authority Key Identifier:
                keyid:BC:F8:14:37:45:7C:BC:32:DF:A2:73:28:48:24:3A:89:EE:53:87:08

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vPgUN0V8vDLfonMoSCQ6ie5Thwg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/1507f8-e7d1-406f-9aeb-df169270b134/1/5kukDnHBuWfIErRmebJiko5fkpE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/1507f8-e7d1-406f-9aeb-df169270b134/1/vPgUN0V8vDLfonMoSCQ6ie5Thwg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.238.143.0/24

    Signature Algorithm: sha256WithRSAEncryption
         d9:02:17:e2:17:90:3c:f6:b9:97:17:68:00:e9:f6:24:fe:3d:
         85:53:ff:40:c6:69:94:25:22:b1:2f:42:3c:d8:b2:68:4d:c0:
         5c:30:90:8e:2d:03:ad:b9:ef:c8:31:8a:24:12:1d:bc:52:d0:
         3f:7a:97:20:03:53:24:e2:e0:b3:82:1f:5a:24:05:49:3b:1b:
         de:83:0e:ae:d3:54:ab:cb:e0:33:1f:1b:73:70:c9:e7:30:91:
         1f:ad:53:a2:b9:4a:71:40:e2:e1:e6:5f:05:03:83:79:60:af:
         67:79:f1:0b:3b:13:f6:7d:7c:8d:25:45:6d:6e:f5:6a:cb:0e:
         07:e8:12:4c:98:ed:c9:a9:35:45:b4:8d:b2:cd:e5:9b:da:31:
         af:f9:93:95:f6:0d:85:89:5f:86:6a:5e:5c:77:9e:b6:8e:cf:
         09:92:66:b2:9b:b0:70:ab:2c:a5:62:3f:a3:2d:5f:d0:52:0f:
         ee:28:00:56:07:80:2c:1c:17:ff:96:db:4e:7d:f6:61:58:fb:
         55:a3:7e:03:5f:81:a1:28:83:d7:f3:dd:3d:a9:be:ab:7b:85:
         e7:99:4b:96:5d:ba:ed:62:e1:6c:a2:e4:a2:e5:95:81:b9:84:
         af:c8:a0:0f:13:fc:68:4a:90:95:36:b2:88:7c:e7:76:37:87:
         95:ca:42:7b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvy5pK6Oo+R5vb+H5CygvbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjZjgxNDM3NDU3Y2JjMzJkZmEyNzMyODQ4MjQzYTg5ZWU1
Mzg3MDgwHhcNMjMwMTAyMDAwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjRiYTQwZTcxYzFiOTY3YzgxMmI0NjY3OWIyNjI5MjhlNWY5MjkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnxZ0LUnB/Hpq/uB54Jidb/R5ovBh
+mqJhIlAUI85ed+4orO+aEohAlyN3lzoJkZ+ESX2wBXNaew53oA0/GoXJ/MCUDIQ
yCK3oiaaNyv0i1y+TLp2CeOIVnaZBOhiC9nq71DBx8rYyVd1IPD09WMskQId9aJy
mwxvS+crpp+/LztOeMdtnHLCXPpNq6obfecOzaIEAptJNo17CgBDP5eixnP2Q6QN
YHrs4U1feGmc4RGDJwOX4FtBvnsM1mn3FgNzOV4ZpsZCDGAHVZMOnQTcddD7L7JF
TpCmltpJB6CNMlnfLW64P882YvqGDyDxeRRbo0wnVkThB7r/WkHLIp7HWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOZLpA5xwblnyBK0ZnmyYpKOX5KRMB8GA1UdIwQY
MBaAFLz4FDdFfLwy36JzKEgkOonuU4cIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlBnVU4wVjh2RExmb25Nb1NDUTZpZTVUaHdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi8xNTA3ZjgtZTdkMS00MDZmLTlhZWIt
ZGYxNjkyNzBiMTM0LzEvNWt1a0RuSEJ1V2ZJRXJSbWViSmlrbzVma3BFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi8xNTA3ZjgtZTdkMS00MDZmLTlhZWItZGYxNjkyNzBiMTM0
LzEvdlBnVU4wVjh2RExmb25Nb1NDUTZpZTVUaHdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAue6PMA0G
CSqGSIb3DQEBCwUAA4IBAQDZAhfiF5A89rmXF2gA6fYk/j2FU/9AxmmUJSKxL0I8
2LJoTcBcMJCOLQOtue/IMYokEh28UtA/epcgA1Mk4uCzgh9aJAVJOxvegw6u01Sr
y+AzHxtzcMnnMJEfrVOiuUpxQOLh5l8FA4N5YK9nefELOxP2fXyNJUVtbvVqyw4H
6BJMmO3JqTVFtI2yzeWb2jGv+ZOV9g2FiV+Gal5cd562js8Jkmaym7BwqyylYj+j
LV/QUg/uKABWB4AsHBf/lttOffZhWPtVo34DX4GhKIPX8909qb6re4XnmUuWXbrt
YuFsouSi5ZWBuYSvyKAPE/xoSpCVNrKIfOd2N4eVykJ7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:22 2024 by rpki-client on console-fra.rpki-client.org