Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/hGETA5PWEXq4PdBye8GXNwy-o_4.roa
File:                     hGETA5PWEXq4PdBye8GXNwy-o_4.roa (raw, json)
Hash identifier:          k8gaoeWoj0/9YkKWowOb6ffzwgx9lQamTGRg85/2qU0=
Subject key identifier:   84:61:13:03:93:D6:11:7A:B8:3D:D0:72:7B:C1:97:37:0C:BE:A3:FE
Certificate issuer:       /CN=28855852a4bcd1bf1ec813f3c13b0f1f372f3971
Certificate serial:       01856CE605D6C79BADD2A6CBAD1DC7757E09
Authority key identifier: 28:85:58:52:A4:BC:D1:BF:1E:C8:13:F3:C1:3B:0F:1F:37:2F:39:71
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KIVYUqS80b8eyBPzwTsPHzcvOXE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/hGETA5PWEXq4PdBye8GXNwy-o_4.roa
Signing time:             Sun 01 Jan 2023 10:34:52 +0000
ROA not before:           Sun 01 Jan 2023 10:34:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     262254
IP address blocks:        185.129.48.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:31:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:e6:05:d6:c7:9b:ad:d2:a6:cb:ad:1d:c7:75:7e:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=28855852a4bcd1bf1ec813f3c13b0f1f372f3971
        Validity
            Not Before: Jan  1 10:34:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8461130393d6117ab83dd0727bc197370cbea3fe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:89:bd:d2:37:5d:e4:51:8e:4c:fe:43:64:97:
                    0d:94:11:e0:b8:fb:9b:72:cf:96:5a:0b:ed:1f:a1:
                    90:80:f0:27:98:52:ac:f8:41:66:f8:23:e1:8d:5d:
                    de:6d:07:f6:24:07:4a:c3:50:90:3f:ee:71:20:12:
                    a8:fa:bb:35:0a:22:8a:6c:34:ea:e7:1a:cf:75:9f:
                    5f:d3:18:86:be:e9:51:99:85:57:8e:a1:24:f0:f8:
                    2a:59:8c:47:46:27:74:f7:9e:6f:ac:46:e6:2f:26:
                    60:03:14:97:e3:69:04:f0:1e:bd:3c:26:c7:f5:18:
                    81:84:b1:5d:3b:a2:15:a1:b9:07:b1:17:69:dc:20:
                    9d:fe:28:a7:c8:65:d4:91:8b:f9:f0:32:06:42:af:
                    53:ef:84:b7:a8:4d:fe:05:77:a2:af:ee:cc:ed:4d:
                    20:4d:f6:4e:88:8f:e2:ad:ad:29:a8:43:cc:2b:34:
                    01:48:d8:c1:17:b8:94:10:8f:29:a8:be:6d:c9:fe:
                    9d:71:95:29:f5:71:4b:ea:37:54:b6:e2:d5:aa:76:
                    ac:1f:56:5f:60:f9:f0:b4:5b:9c:9f:b0:d1:f8:7f:
                    af:4d:4c:97:bb:76:58:eb:52:24:42:e9:77:84:64:
                    87:e0:81:c1:d4:b5:f9:3e:45:bf:09:ea:1e:95:82:
                    11:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:61:13:03:93:D6:11:7A:B8:3D:D0:72:7B:C1:97:37:0C:BE:A3:FE
            X509v3 Authority Key Identifier:
                keyid:28:85:58:52:A4:BC:D1:BF:1E:C8:13:F3:C1:3B:0F:1F:37:2F:39:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KIVYUqS80b8eyBPzwTsPHzcvOXE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/hGETA5PWEXq4PdBye8GXNwy-o_4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/KIVYUqS80b8eyBPzwTsPHzcvOXE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.129.48.0/24

    Signature Algorithm: sha256WithRSAEncryption
         11:1f:8f:7c:15:ae:1d:ac:97:fc:fd:5d:4f:4f:84:b3:dc:05:
         99:09:5a:e8:16:a8:f1:be:b1:d4:2f:ba:5f:60:92:d4:a8:28:
         9d:02:a3:6d:23:86:0d:31:11:11:a3:51:ab:f5:bd:c1:9a:f2:
         3c:65:84:24:0b:29:88:ca:37:63:71:c4:4f:a5:b8:60:4d:a2:
         0b:83:63:66:53:74:ae:af:5c:57:52:0e:81:d0:09:fb:36:fb:
         75:43:64:d1:39:b0:a4:8d:ee:16:16:d3:ed:43:12:a1:d5:6c:
         59:3a:2f:3b:58:51:9a:f7:9b:2d:7e:63:ed:b3:30:f6:35:73:
         aa:f3:bf:24:d5:4c:58:aa:3f:a9:65:0b:00:14:40:47:f6:4b:
         73:40:91:3a:68:b0:c2:72:5c:9a:da:f9:72:dc:98:ca:27:e1:
         e4:64:b5:cb:b0:18:95:08:e1:94:69:1a:2a:42:0d:1a:9d:f2:
         70:42:f1:3b:52:4f:b4:7f:09:93:9b:d3:00:21:14:e2:e3:c0:
         1b:d5:23:25:c8:bf:cb:63:88:37:ec:e7:da:79:9f:85:07:e9:
         0d:5e:5a:b5:f8:a6:d1:52:d9:4c:f7:f0:54:24:dc:cf:f1:f0:
         e1:e1:30:c1:59:69:18:b8:11:81:05:50:7c:11:0b:e3:e3:9d:
         ae:3d:15:3c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVs5gXWx5ut0qbLrR3HdX4JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4ODU1ODUyYTRiY2QxYmYxZWM4MTNmM2MxM2IwZjFmMzcy
ZjM5NzEwHhcNMjMwMTAxMTAzNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDYxMTMwMzkzZDYxMTdhYjgzZGQwNzI3YmMxOTczNzBjYmVhM2ZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv4m90jdd5FGOTP5DZJcNlBHguPub
cs+WWgvtH6GQgPAnmFKs+EFm+CPhjV3ebQf2JAdKw1CQP+5xIBKo+rs1CiKKbDTq
5xrPdZ9f0xiGvulRmYVXjqEk8PgqWYxHRid0955vrEbmLyZgAxSX42kE8B69PCbH
9RiBhLFdO6IVobkHsRdp3CCd/iinyGXUkYv58DIGQq9T74S3qE3+BXeir+7M7U0g
TfZOiI/ira0pqEPMKzQBSNjBF7iUEI8pqL5tyf6dcZUp9XFL6jdUtuLVqnasH1Zf
YPnwtFucn7DR+H+vTUyXu3ZY61IkQul3hGSH4IHB1LX5PkW/CeoelYIRUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIRhEwOT1hF6uD3QcnvBlzcMvqP+MB8GA1UdIwQY
MBaAFCiFWFKkvNG/HsgT88E7Dx83LzlxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0lWWVVxUzgwYjhleUJQendUc1BIemN2T1hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8wZTM2ZmMtYmEwYi00Y2U2LWFmNmEt
NzA0NDYzZWJhZDM2LzEvaEdFVEE1UFdFWHE0UGRCeWU4R1hOd3ktb180LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8wZTM2ZmMtYmEwYi00Y2U2LWFmNmEtNzA0NDYzZWJhZDM2
LzEvS0lWWVVxUzgwYjhleUJQendUc1BIemN2T1hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYEwMA0G
CSqGSIb3DQEBCwUAA4IBAQARH498Fa4drJf8/V1PT4Sz3AWZCVroFqjxvrHUL7pf
YJLUqCidAqNtI4YNMRERo1Gr9b3BmvI8ZYQkCymIyjdjccRPpbhgTaILg2NmU3Su
r1xXUg6B0An7Nvt1Q2TRObCkje4WFtPtQxKh1WxZOi87WFGa95stfmPtszD2NXOq
878k1UxYqj+pZQsAFEBH9ktzQJE6aLDCclya2vly3JjKJ+HkZLXLsBiVCOGUaRoq
Qg0anfJwQvE7Uk+0fwmTm9MAIRTi48Ab1SMlyL/LY4g37OfaeZ+FB+kNXlq1+KbR
UtlM9/BUJNzP8fDh4TDBWWkYuBGBBVB8EQvj452uPRU8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:22 2024 by rpki-client on console-ams.rpki-client.org