Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/efba93-2973-4213-b6f1-449124ace026/1/XaXfEiDMO4DURwHHjvTBMzFxSbs.roa
File:                     XaXfEiDMO4DURwHHjvTBMzFxSbs.roa (raw, json)
Hash identifier:          duW5hFIztS/+H1oEybUurkYnDD+esuDeuO/7bNJEevo=
Subject key identifier:   5D:A5:DF:12:20:CC:3B:80:D4:47:01:C7:8E:F4:C1:33:31:71:49:BB
Certificate issuer:       /CN=2becef943d34c80e0a0fd81426e6136b31508fee
Certificate serial:       01877B4091066AB354A2B823386E752CED1A
Authority key identifier: 2B:EC:EF:94:3D:34:C8:0E:0A:0F:D8:14:26:E6:13:6B:31:50:8F:EE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/K-zvlD00yA4KD9gUJuYTazFQj-4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/27/efba93-2973-4213-b6f1-449124ace026/1/XaXfEiDMO4DURwHHjvTBMzFxSbs.roa
Signing time:             Thu 13 Apr 2023 15:34:01 +0000
ROA not before:           Thu 13 Apr 2023 15:34:01 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     15704
IP address blocks:        185.195.179.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 17 Apr 2023 07:56:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:7b:40:91:06:6a:b3:54:a2:b8:23:38:6e:75:2c:ed:1a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2becef943d34c80e0a0fd81426e6136b31508fee
        Validity
            Not Before: Apr 13 15:34:01 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5da5df1220cc3b80d44701c78ef4c133317149bb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:79:63:61:4a:5e:d3:9e:65:9e:30:1d:9d:3c:
                    80:37:13:52:d8:03:64:22:3b:81:f3:86:92:9c:9a:
                    e6:16:2d:fa:a3:f4:a0:17:1f:22:3f:e8:4c:e2:f2:
                    da:8c:2e:5d:65:6c:e2:79:35:6c:4f:4e:b7:b5:70:
                    47:27:eb:2b:98:2d:16:f6:fd:05:a3:ad:c4:d5:aa:
                    7e:b8:4f:82:65:38:a8:cb:77:69:f7:24:dc:b2:60:
                    6e:7f:60:9c:c9:78:ef:75:4b:f5:aa:56:d1:2a:fb:
                    68:83:f4:0b:33:4c:38:7a:94:91:4a:85:c0:39:00:
                    51:db:3f:9e:5a:96:d5:9e:08:08:18:71:aa:d1:60:
                    a0:ae:61:c8:1e:aa:ec:9b:a2:cc:29:17:b7:f9:36:
                    2a:d7:5f:41:8c:62:96:ec:8a:9a:0a:b2:d8:d3:b8:
                    09:d3:0b:59:cb:24:88:6d:c1:61:d2:cb:51:16:b0:
                    ce:94:42:70:27:d1:0d:95:5d:d8:47:e1:2c:8b:0b:
                    61:17:4d:85:e6:2e:88:8b:d7:1f:81:c4:11:79:a7:
                    13:90:22:08:9a:88:6a:01:a2:82:b8:be:7b:c8:1a:
                    ef:24:ec:17:38:06:00:6a:23:b2:17:d6:c7:a9:8f:
                    06:86:fc:2d:fd:a6:e7:93:68:f8:16:fe:fe:d2:72:
                    22:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:A5:DF:12:20:CC:3B:80:D4:47:01:C7:8E:F4:C1:33:31:71:49:BB
            X509v3 Authority Key Identifier:
                keyid:2B:EC:EF:94:3D:34:C8:0E:0A:0F:D8:14:26:E6:13:6B:31:50:8F:EE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K-zvlD00yA4KD9gUJuYTazFQj-4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/efba93-2973-4213-b6f1-449124ace026/1/XaXfEiDMO4DURwHHjvTBMzFxSbs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/27/efba93-2973-4213-b6f1-449124ace026/1/K-zvlD00yA4KD9gUJuYTazFQj-4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.195.179.0/24

    Signature Algorithm: sha256WithRSAEncryption
         99:6a:bc:7b:a6:b6:86:d9:51:23:de:85:9b:43:ae:6f:73:b9:
         b2:21:f3:9d:2b:06:30:eb:ab:e6:bb:16:49:3b:85:bc:c1:c1:
         09:cb:5c:f4:28:74:18:25:49:62:60:49:50:bd:e7:9a:a9:da:
         14:f8:5c:eb:1b:ec:cb:0c:b5:4c:ca:9a:0c:e8:b4:1f:ed:26:
         6c:b6:f7:08:84:05:64:8c:3a:12:e5:26:35:4f:cc:4b:df:36:
         40:6b:5c:d4:99:99:6e:f9:e5:5a:9a:c2:fe:14:6a:5b:14:32:
         7c:1e:96:fd:19:57:15:51:a0:33:8a:af:1e:0d:b3:55:ca:8e:
         f7:d9:56:f1:80:66:fc:b2:6e:4d:ca:76:05:bf:19:6b:dc:42:
         8e:a9:ad:40:d2:31:6c:e3:c6:1f:f7:2d:cb:11:7a:42:d8:c0:
         e8:cf:9d:c3:2c:eb:32:6d:a7:76:a1:25:7c:0b:99:b7:65:91:
         8a:c3:28:ac:85:ed:e8:c5:00:0a:3a:f6:c2:92:73:ea:32:63:
         e3:e2:d9:60:a8:a0:b2:b0:8d:8d:50:01:1b:79:6b:08:91:24:
         d9:4d:ce:c8:59:34:8e:07:ad:dd:23:9c:a7:71:20:db:02:4d:
         da:42:e1:fc:16:db:8c:1e:90:10:b3:3d:4c:ae:83:2e:e1:2b:
         b5:14:2f:cc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYd7QJEGarNUorgjOG51LO0aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiZWNlZjk0M2QzNGM4MGUwYTBmZDgxNDI2ZTYxMzZiMzE1
MDhmZWUwHhcNMjMwNDEzMTUzNDAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGE1ZGYxMjIwY2MzYjgwZDQ0NzAxYzc4ZWY0YzEzMzMxNzE0OWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs3ljYUpe055lnjAdnTyANxNS2ANk
IjuB84aSnJrmFi36o/SgFx8iP+hM4vLajC5dZWzieTVsT063tXBHJ+srmC0W9v0F
o63E1ap+uE+CZTioy3dp9yTcsmBuf2CcyXjvdUv1qlbRKvtog/QLM0w4epSRSoXA
OQBR2z+eWpbVnggIGHGq0WCgrmHIHqrsm6LMKRe3+TYq119BjGKW7IqaCrLY07gJ
0wtZyySIbcFh0stRFrDOlEJwJ9ENlV3YR+EsiwthF02F5i6Ii9cfgcQReacTkCII
mohqAaKCuL57yBrvJOwXOAYAaiOyF9bHqY8Ghvwt/abnk2j4Fv7+0nIi5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF2l3xIgzDuA1EcBx470wTMxcUm7MB8GA1UdIwQY
MBaAFCvs75Q9NMgOCg/YFCbmE2sxUI/uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSy16dmxEMDB5QTRLRDlnVUp1WVRhekZRai00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9lZmJhOTMtMjk3My00MjEzLWI2ZjEt
NDQ5MTI0YWNlMDI2LzEvWGFYZkVpRE1PNERVUndISGp2VEJNekZ4U2JzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9lZmJhOTMtMjk3My00MjEzLWI2ZjEtNDQ5MTI0YWNlMDI2
LzEvSy16dmxEMDB5QTRLRDlnVUp1WVRhekZRai00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAucOzMA0G
CSqGSIb3DQEBCwUAA4IBAQCZarx7praG2VEj3oWbQ65vc7myIfOdKwYw66vmuxZJ
O4W8wcEJy1z0KHQYJUliYElQveeaqdoU+FzrG+zLDLVMypoM6LQf7SZstvcIhAVk
jDoS5SY1T8xL3zZAa1zUmZlu+eVamsL+FGpbFDJ8Hpb9GVcVUaAziq8eDbNVyo73
2VbxgGb8sm5NynYFvxlr3EKOqa1A0jFs48Yf9y3LEXpC2MDoz53DLOsybad2oSV8
C5m3ZZGKwyishe3oxQAKOvbCknPqMmPj4tlgqKCysI2NUAEbeWsIkSTZTc7IWTSO
B63dI5yncSDbAk3aQuH8FtuMHpAQsz1MroMu4Su1FC/M
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:02 2024 by rpki-client on console-fra.rpki-client.org