Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/xfYF7vk0JmWiRRt3jPocAK5N67A.roa
File:                     xfYF7vk0JmWiRRt3jPocAK5N67A.roa (raw, json)
Hash identifier:          cNyof90O1rEVhG1lB6C6pFr5X93jHjsmHsJDWHBGWxY=
Subject key identifier:   C5:F6:05:EE:F9:34:26:65:A2:45:1B:77:8C:FA:1C:00:AE:4D:EB:B0
Certificate issuer:       /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial:       018571A7AE484F981B03229CE2CAFF4AE3A2
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/xfYF7vk0JmWiRRt3jPocAK5N67A.roa
Signing time:             Mon 02 Jan 2023 08:44:52 +0000
ROA not before:           Mon 02 Jan 2023 08:44:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     202960
IP address blocks:        185.147.48.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 11 Aug 2023 14:11:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:a7:ae:48:4f:98:1b:03:22:9c:e2:ca:ff:4a:e3:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
        Validity
            Not Before: Jan  2 08:44:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c5f605eef9342665a2451b778cfa1c00ae4debb0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:a9:3e:05:7a:2f:63:f6:ce:ce:f0:ad:c7:a6:
                    d0:1c:b9:74:f2:31:38:a0:70:25:c7:b1:12:51:23:
                    7d:c3:bb:ae:d3:99:fc:a4:2f:49:5e:1c:36:7c:3e:
                    6d:f6:ca:0c:54:04:a9:c9:64:22:dc:92:02:98:f9:
                    78:2b:d1:15:5e:83:bf:4b:76:c1:31:eb:d4:46:2f:
                    c5:c3:e7:85:cd:92:e5:ff:6a:eb:bc:0e:4e:fa:b5:
                    62:d2:93:f7:7a:3e:36:7c:be:fa:9a:ed:fa:09:7d:
                    96:91:ac:a7:f2:68:65:fd:e1:e2:41:23:be:5a:d3:
                    74:5d:7c:03:11:c1:95:a7:38:a7:22:8b:0d:68:ec:
                    7e:b6:1c:0e:6f:32:8d:79:2c:0d:83:36:bc:f6:c9:
                    5b:03:2b:4c:ad:04:9a:f4:ae:82:3d:fa:a4:1b:a3:
                    93:de:d1:d3:bd:40:47:af:88:c3:d7:fe:4f:88:ff:
                    29:c0:44:6e:88:a9:4e:2e:c9:72:fd:df:90:a8:3a:
                    25:7b:c8:15:0a:38:a5:15:db:00:4d:06:a0:dd:b5:
                    66:fd:ea:5f:ee:f2:96:7a:4b:6a:c1:1b:9c:b4:ed:
                    43:13:a1:95:a8:b6:cd:0a:22:88:bd:c4:c6:8c:c7:
                    31:67:b7:43:2d:b4:aa:24:0e:15:a5:c0:f4:25:59:
                    53:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:F6:05:EE:F9:34:26:65:A2:45:1B:77:8C:FA:1C:00:AE:4D:EB:B0
            X509v3 Authority Key Identifier:
                keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/xfYF7vk0JmWiRRt3jPocAK5N67A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.147.48.0/24

    Signature Algorithm: sha256WithRSAEncryption
         63:39:e7:2b:75:50:fb:d6:0a:63:38:d0:71:d2:87:39:08:a5:
         6b:09:8f:25:13:b9:d6:af:29:ae:a5:55:80:a6:2d:37:01:d5:
         ef:85:01:92:c5:bb:a0:a0:24:95:a6:5d:c7:8e:28:53:10:d1:
         17:51:fb:73:f3:33:7e:01:43:2c:61:8a:2e:67:9b:0a:1f:d9:
         79:d4:3d:a7:1c:52:52:bf:2b:03:d9:85:74:64:65:cf:09:8e:
         9d:db:9d:2c:99:00:92:14:43:a3:60:ad:9b:70:5a:12:ff:15:
         60:53:6c:e8:f3:a9:2e:0c:ee:09:ed:fc:2e:b7:49:8f:81:18:
         26:3f:1f:58:e5:ab:6a:2a:50:99:02:80:58:d9:f1:a6:c5:77:
         78:b9:68:e3:0f:c4:38:06:1e:9e:67:57:1c:76:6e:03:3c:fa:
         fb:d0:bf:03:65:f2:3e:71:72:97:63:7a:c4:8f:b2:33:44:14:
         4b:6c:cc:a6:7a:d6:6a:50:d9:41:59:a8:4b:e2:d2:dd:b4:ac:
         d6:28:5f:43:93:93:36:70:bd:20:a5:36:9e:96:df:5c:8f:ba:
         8f:1d:c5:0e:29:a6:e6:50:0d:70:c9:67:7a:aa:20:f5:0f:ad:
         ff:1d:97:90:ff:51:c8:be:bf:ab:a1:11:bc:9e:e0:32:3b:2a:
         9c:fe:78:bc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxp65IT5gbAyKc4sr/SuOiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMwMTAyMDg0NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWY2MDVlZWY5MzQyNjY1YTI0NTFiNzc4Y2ZhMWMwMGFlNGRlYmIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvKk+BXovY/bOzvCtx6bQHLl08jE4
oHAlx7ESUSN9w7uu05n8pC9JXhw2fD5t9soMVASpyWQi3JICmPl4K9EVXoO/S3bB
MevURi/Fw+eFzZLl/2rrvA5O+rVi0pP3ej42fL76mu36CX2Wkayn8mhl/eHiQSO+
WtN0XXwDEcGVpzinIosNaOx+thwObzKNeSwNgza89slbAytMrQSa9K6CPfqkG6OT
3tHTvUBHr4jD1/5PiP8pwERuiKlOLsly/d+QqDole8gVCjilFdsATQag3bVm/epf
7vKWektqwRuctO1DE6GVqLbNCiKIvcTGjMcxZ7dDLbSqJA4VpcD0JVlTOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMX2Be75NCZlokUbd4z6HACuTeuwMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEveGZZRjd2azBKbVdpUlJ0M2pQb2NBSzVONjdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZMwMA0G
CSqGSIb3DQEBCwUAA4IBAQBjOecrdVD71gpjONBx0oc5CKVrCY8lE7nWrymupVWA
pi03AdXvhQGSxbugoCSVpl3HjihTENEXUftz8zN+AUMsYYouZ5sKH9l51D2nHFJS
vysD2YV0ZGXPCY6d250smQCSFEOjYK2bcFoS/xVgU2zo86kuDO4J7fwut0mPgRgm
Px9Y5atqKlCZAoBY2fGmxXd4uWjjD8Q4Bh6eZ1ccdm4DPPr70L8DZfI+cXKXY3rE
j7IzRBRLbMymetZqUNlBWahL4tLdtKzWKF9Dk5M2cL0gpTaelt9cj7qPHcUOKabm
UA1wyWd6qiD1D63/HZeQ/1HIvr+roRG8nuAyOyqc/ni8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:42 2024 by rpki-client on console-fra.rpki-client.org