Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/485769-5835-47f4-a9ff-8ec68e7886e2/1/X0nlSearqCXa4IbJK4cxXetR7kY.roa
File:                     X0nlSearqCXa4IbJK4cxXetR7kY.roa (raw, json)
Hash identifier:          S6P1Tjr3awOBP1qmr6hKlqWs2WX/rKCocIwLenwnCIQ=
Subject key identifier:   5F:49:E5:49:E6:AB:A8:25:DA:E0:86:C9:2B:87:31:5D:EB:51:EE:46
Certificate issuer:       /CN=b48f41afdc609568fb2338fdb20b2d0c422b723b
Certificate serial:       018B23BF377217F2BCC5B7771964AD971081
Authority key identifier: B4:8F:41:AF:DC:60:95:68:FB:23:38:FD:B2:0B:2D:0C:42:2B:72:3B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tI9Br9xglWj7Izj9sgstDEIrcjs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2a/485769-5835-47f4-a9ff-8ec68e7886e2/1/X0nlSearqCXa4IbJK4cxXetR7kY.roa
Signing time:             Thu 12 Oct 2023 11:56:55 +0000
ROA not before:           Thu 12 Oct 2023 11:56:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     6730
IP address blocks:        185.90.152.0/23 maxlen: 23
                          2a05:e100::/48 maxlen: 48

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 00:29:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:23:bf:37:72:17:f2:bc:c5:b7:77:19:64:ad:97:10:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b48f41afdc609568fb2338fdb20b2d0c422b723b
        Validity
            Not Before: Oct 12 11:56:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5f49e549e6aba825dae086c92b87315deb51ee46
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:e8:c1:6f:93:47:de:19:7b:31:b1:b0:e6:ed:
                    90:d6:e8:e6:6b:a8:6b:d3:57:1c:49:3a:82:0b:a5:
                    0b:39:c7:c2:2e:66:9e:f6:eb:95:29:69:a1:61:74:
                    f7:9a:21:c8:6c:d4:12:ff:bc:9b:59:ea:b5:38:d2:
                    b9:ae:da:90:3a:cf:24:d7:6c:06:3e:70:08:75:c1:
                    a4:0d:18:77:08:62:cf:ea:ce:ff:18:b5:14:38:32:
                    bc:2d:29:b1:c7:f0:34:6f:d1:41:fd:09:bb:3c:83:
                    6c:31:f6:b1:eb:ab:22:bf:37:75:13:1c:51:5d:71:
                    59:80:f2:4d:ed:19:9f:0c:f9:1d:49:1c:57:e0:0e:
                    43:07:0e:55:02:63:f5:85:46:41:5f:70:43:5b:86:
                    bb:d9:b7:2f:bb:0b:5a:20:f7:94:96:e5:c6:8c:a7:
                    af:e2:8b:73:2c:c1:cc:f1:09:e6:c4:49:13:b2:55:
                    1f:36:08:7e:e0:c2:28:58:b6:6e:ab:41:92:89:45:
                    f9:39:0d:fc:64:f1:0e:f0:34:05:06:60:8f:fc:e8:
                    a5:a6:68:78:25:2f:8a:83:59:be:31:a1:ad:27:3e:
                    38:b6:70:d7:b1:18:ed:b5:45:92:49:86:90:af:20:
                    f4:53:d2:f0:57:ee:e1:93:21:67:f1:18:1c:f5:a3:
                    b2:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:49:E5:49:E6:AB:A8:25:DA:E0:86:C9:2B:87:31:5D:EB:51:EE:46
            X509v3 Authority Key Identifier:
                keyid:B4:8F:41:AF:DC:60:95:68:FB:23:38:FD:B2:0B:2D:0C:42:2B:72:3B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tI9Br9xglWj7Izj9sgstDEIrcjs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/485769-5835-47f4-a9ff-8ec68e7886e2/1/X0nlSearqCXa4IbJK4cxXetR7kY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/485769-5835-47f4-a9ff-8ec68e7886e2/1/tI9Br9xglWj7Izj9sgstDEIrcjs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.90.152.0/23
                IPv6:
                  2a05:e100::/48

    Signature Algorithm: sha256WithRSAEncryption
         88:4d:4b:5f:c9:e3:70:45:e7:c9:93:67:08:f0:8c:bb:46:c0:
         fc:5d:73:99:14:c1:54:87:d6:f1:eb:ae:15:98:1c:3f:df:f6:
         6d:58:39:bf:50:4f:ea:88:5f:b5:a2:6b:bc:4a:0f:35:87:60:
         0b:e2:19:0e:d8:96:28:96:bc:c2:88:98:5f:f4:56:b2:8c:58:
         4e:a0:dd:cd:fb:46:82:36:af:08:6b:3c:6c:aa:07:7a:ef:2c:
         31:52:c0:5b:14:87:85:2e:82:e9:bc:e8:14:84:fa:71:73:d4:
         f0:89:a1:90:bd:06:a3:63:99:79:a9:aa:14:ea:9e:ff:81:aa:
         9c:41:96:7a:ef:47:d8:f6:fd:31:63:e3:7a:3c:90:73:77:3b:
         45:06:5e:da:83:9f:65:86:ce:5f:0e:90:2f:f0:a4:11:4d:9a:
         c2:00:5b:e2:76:f8:fe:e2:f2:26:c9:61:f9:58:50:b4:61:a0:
         96:e2:0c:ea:d0:e9:74:52:d5:1d:8f:12:79:da:7c:6b:23:24:
         08:cc:e7:14:37:56:a5:46:e3:b5:97:d6:61:6f:5d:d7:1c:d7:
         2c:a0:a7:e4:58:50:9b:9b:61:51:fe:e0:ff:e6:70:18:18:7f:
         6b:44:2e:ec:6d:9a:c7:a7:4e:12:27:85:24:21:fd:1f:e9:99:
         93:95:6b:28
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsjvzdyF/K8xbd3GWStlxCBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0OGY0MWFmZGM2MDk1NjhmYjIzMzhmZGIyMGIyZDBjNDIy
YjcyM2IwHhcNMjMxMDEyMTE1NjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjQ5ZTU0OWU2YWJhODI1ZGFlMDg2YzkyYjg3MzE1ZGViNTFlZTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkejBb5NH3hl7MbGw5u2Q1ujma6hr
01ccSTqCC6ULOcfCLmae9uuVKWmhYXT3miHIbNQS/7ybWeq1ONK5rtqQOs8k12wG
PnAIdcGkDRh3CGLP6s7/GLUUODK8LSmxx/A0b9FB/Qm7PINsMfax66sivzd1ExxR
XXFZgPJN7RmfDPkdSRxX4A5DBw5VAmP1hUZBX3BDW4a72bcvuwtaIPeUluXGjKev
4otzLMHM8QnmxEkTslUfNgh+4MIoWLZuq0GSiUX5OQ38ZPEO8DQFBmCP/Oilpmh4
JS+Kg1m+MaGtJz44tnDXsRjttUWSSYaQryD0U9LwV+7hkyFn8Rgc9aOyFwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFF9J5Unmq6gl2uCGySuHMV3rUe5GMB8GA1UdIwQY
MBaAFLSPQa/cYJVo+yM4/bILLQxCK3I7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEk5QnI5eGdsV2o3SXpqOXNnc3RERUlyY2pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS80ODU3NjktNTgzNS00N2Y0LWE5ZmYt
OGVjNjhlNzg4NmUyLzEvWDBubFNlYXJxQ1hhNEliSks0Y3hYZXRSN2tZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS80ODU3NjktNTgzNS00N2Y0LWE5ZmYtOGVjNjhlNzg4NmUy
LzEvdEk5QnI5eGdsV2o3SXpqOXNnc3RERUlyY2pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBuVqYMA8E
AgACMAkDBwAqBeEAAAAwDQYJKoZIhvcNAQELBQADggEBAIhNS1/J43BF58mTZwjw
jLtGwPxdc5kUwVSH1vHrrhWYHD/f9m1YOb9QT+qIX7Wia7xKDzWHYAviGQ7YliiW
vMKImF/0VrKMWE6g3c37RoI2rwhrPGyqB3rvLDFSwFsUh4Uugum86BSE+nFz1PCJ
oZC9BqNjmXmpqhTqnv+BqpxBlnrvR9j2/TFj43o8kHN3O0UGXtqDn2WGzl8OkC/w
pBFNmsIAW+J2+P7i8ibJYflYULRhoJbiDOrQ6XRS1R2PEnnafGsjJAjM5xQ3VqVG
47WX1mFvXdcc1yygp+RYUJubYVH+4P/mcBgYf2tELuxtmsenThInhSQh/R/pmZOV
ayg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:12 2024 by rpki-client on console-ams.rpki-client.org