Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/c8f647-ed79-42d9-8df6-05877604a01d/1/VQj5JQ-OP_Op059t6I2u7bSnRZE.roa
File:                     VQj5JQ-OP_Op059t6I2u7bSnRZE.roa (raw, json)
Hash identifier:          RQhqqEc85ZWwyT/7FTxy9LAx5kGAfQW417edvf2UnhM=
Subject key identifier:   55:08:F9:25:0F:8E:3F:F3:A9:D3:9F:6D:E8:8D:AE:ED:B4:A7:45:91
Certificate issuer:       /CN=ae7f187c12782fc4d844762235993329c4563a0d
Certificate serial:       01856E6F9576FC7FE17A201B4801BB0D9BCA
Authority key identifier: AE:7F:18:7C:12:78:2F:C4:D8:44:76:22:35:99:33:29:C4:56:3A:0D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rn8YfBJ4L8TYRHYiNZkzKcRWOg0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2b/c8f647-ed79-42d9-8df6-05877604a01d/1/VQj5JQ-OP_Op059t6I2u7bSnRZE.roa
Signing time:             Sun 01 Jan 2023 17:44:44 +0000
ROA not before:           Sun 01 Jan 2023 17:44:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     202877
IP address blocks:        185.151.253.0/24 maxlen: 24
                          185.151.252.0/22 maxlen: 22
                          185.151.252.0/24 maxlen: 24
                          185.151.255.0/24 maxlen: 24
                          185.151.254.0/24 maxlen: 24
                          2a07:7300::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:29:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:6f:95:76:fc:7f:e1:7a:20:1b:48:01:bb:0d:9b:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ae7f187c12782fc4d844762235993329c4563a0d
        Validity
            Not Before: Jan  1 17:44:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5508f9250f8e3ff3a9d39f6de88daeedb4a74591
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:e3:03:9b:cd:ad:c3:00:0c:2f:5f:3d:21:d8:
                    08:f5:42:28:01:5a:99:de:d0:ba:0d:6b:9d:33:37:
                    3a:c4:3f:6c:3e:8b:79:3d:36:5f:e2:3b:64:12:2a:
                    6a:4d:46:44:ea:74:fa:67:69:45:39:8a:79:4e:b6:
                    5f:27:35:0b:9f:59:1b:76:b1:f5:90:45:b4:56:6c:
                    81:4f:3f:3e:e6:7d:95:94:40:d8:1d:b7:41:2d:b9:
                    93:ce:57:6c:74:c6:08:c3:6e:f3:13:27:43:fc:fd:
                    3a:f1:77:27:94:a5:d4:3e:37:61:c4:8e:0e:86:75:
                    1b:72:db:ea:ec:57:91:34:bf:ca:e9:8a:d8:44:76:
                    0c:b7:fa:53:24:53:34:28:b0:76:9d:6f:42:07:b4:
                    63:b7:d2:2f:b9:c2:ee:aa:c9:d9:33:1a:8e:7a:ea:
                    bb:f0:a6:26:7c:28:2b:63:47:97:da:73:fc:83:83:
                    80:53:e2:00:8a:0f:af:53:d0:1b:52:46:33:a5:84:
                    22:69:75:45:22:2b:5c:d6:48:bc:e9:f4:63:dd:0e:
                    cf:be:d6:b7:b5:af:f6:96:40:a5:04:c3:89:32:93:
                    0c:7c:32:88:8f:09:50:bd:69:88:a3:c9:7e:56:77:
                    f8:d2:8f:98:64:6b:57:63:7e:b3:89:93:87:58:54:
                    0d:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:08:F9:25:0F:8E:3F:F3:A9:D3:9F:6D:E8:8D:AE:ED:B4:A7:45:91
            X509v3 Authority Key Identifier:
                keyid:AE:7F:18:7C:12:78:2F:C4:D8:44:76:22:35:99:33:29:C4:56:3A:0D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rn8YfBJ4L8TYRHYiNZkzKcRWOg0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/c8f647-ed79-42d9-8df6-05877604a01d/1/VQj5JQ-OP_Op059t6I2u7bSnRZE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/c8f647-ed79-42d9-8df6-05877604a01d/1/rn8YfBJ4L8TYRHYiNZkzKcRWOg0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.151.252.0/22
                IPv6:
                  2a07:7300::/29

    Signature Algorithm: sha256WithRSAEncryption
         29:7d:cb:84:b4:d8:59:31:e9:af:1b:77:ea:5a:09:9f:7f:36:
         45:57:a4:7a:30:32:61:d9:11:d9:db:60:00:cb:08:39:0a:12:
         20:8f:db:14:4e:a1:62:b3:24:93:aa:4b:0f:42:75:ca:b3:7b:
         7b:1a:dc:2d:a7:ca:9d:3b:65:80:9b:96:2d:5e:bc:c1:85:8a:
         f9:15:89:f7:8b:fa:dc:ff:90:b5:41:ea:57:91:08:89:b7:07:
         4f:64:f4:3c:80:d9:d6:c7:3f:f4:77:07:a4:19:df:f9:a0:a1:
         98:70:0c:7b:e5:3a:8c:d5:16:c1:1b:3c:c5:53:64:69:e9:63:
         b1:17:fd:39:09:e0:89:0c:29:4e:98:2d:b7:3c:13:d4:43:d8:
         c8:9b:37:8e:55:3f:32:a1:75:da:24:db:36:96:62:4f:69:62:
         9c:ef:89:7e:12:e4:17:1b:2e:16:15:50:83:88:00:95:aa:f6:
         27:06:ea:47:fe:24:b2:e2:64:78:d9:5c:4d:c0:44:ae:23:8f:
         f3:d5:07:3f:a0:52:d6:f7:ca:ef:12:d2:2d:3b:bc:9f:7c:e8:
         e2:50:a4:e9:49:87:c4:ba:af:98:df:e7:82:1e:75:c7:b2:c3:
         8a:b1:d2:74:cd:7a:fe:01:40:77:19:d9:47:2e:7a:f3:b0:e4:
         82:9b:39:e9
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVub5V2/H/heiAbSAG7DZvKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlN2YxODdjMTI3ODJmYzRkODQ0NzYyMjM1OTkzMzI5YzQ1
NjNhMGQwHhcNMjMwMTAxMTc0NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTA4ZjkyNTBmOGUzZmYzYTlkMzlmNmRlODhkYWVlZGI0YTc0NTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoOMDm82twwAML189IdgI9UIoAVqZ
3tC6DWudMzc6xD9sPot5PTZf4jtkEipqTUZE6nT6Z2lFOYp5TrZfJzULn1kbdrH1
kEW0VmyBTz8+5n2VlEDYHbdBLbmTzldsdMYIw27zEydD/P068XcnlKXUPjdhxI4O
hnUbctvq7FeRNL/K6YrYRHYMt/pTJFM0KLB2nW9CB7Rjt9IvucLuqsnZMxqOeuq7
8KYmfCgrY0eX2nP8g4OAU+IAig+vU9AbUkYzpYQiaXVFIitc1ki86fRj3Q7Pvta3
ta/2lkClBMOJMpMMfDKIjwlQvWmIo8l+Vnf40o+YZGtXY36ziZOHWFQNOQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFUI+SUPjj/zqdOfbeiNru20p0WRMB8GA1UdIwQY
MBaAFK5/GHwSeC/E2ER2IjWZMynEVjoNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcm44WWZCSjRMOFRZUkhZaU5aa3pLY1JXT2cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9jOGY2NDctZWQ3OS00MmQ5LThkZjYt
MDU4Nzc2MDRhMDFkLzEvVlFqNUpRLU9QX09wMDU5dDZJMnU3YlNuUlpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9jOGY2NDctZWQ3OS00MmQ5LThkZjYtMDU4Nzc2MDRhMDFk
LzEvcm44WWZCSjRMOFRZUkhZaU5aa3pLY1JXT2cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZf8MA0E
AgACMAcDBQMqB3MAMA0GCSqGSIb3DQEBCwUAA4IBAQApfcuEtNhZMemvG3fqWgmf
fzZFV6R6MDJh2RHZ22AAywg5ChIgj9sUTqFisySTqksPQnXKs3t7Gtwtp8qdO2WA
m5YtXrzBhYr5FYn3i/rc/5C1QepXkQiJtwdPZPQ8gNnWxz/0dwekGd/5oKGYcAx7
5TqM1RbBGzzFU2Rp6WOxF/05CeCJDClOmC23PBPUQ9jImzeOVT8yoXXaJNs2lmJP
aWKc74l+EuQXGy4WFVCDiACVqvYnBupH/iSy4mR42VxNwESuI4/z1Qc/oFLW98rv
EtItO7yffOjiUKTpSYfEuq+Y3+eCHnXHssOKsdJ0zXr+AUB3GdlHLnrzsOSCmznp
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:29 2024 by rpki-client on console-ams.rpki-client.org