Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/5043fb-ccac-4fb6-869d-48e30e2f7c36/1/SG3M9vFY-FetuFg4xWQRjLGI-Ls.roa
File:                     SG3M9vFY-FetuFg4xWQRjLGI-Ls.roa (raw, json)
Hash identifier:          GJT8K3hlVXY/s5bYkkHQculwe8L0OOAfCvHbsZzLcYA=
Subject key identifier:   48:6D:CC:F6:F1:58:F8:57:AD:B8:58:38:C5:64:11:8C:B1:88:F8:BB
Certificate issuer:       /CN=350045f7d83ceb130d8d695ffe7d43db3819de55
Certificate serial:       01856C6EDB73A64A9037629F8461945C1019
Authority key identifier: 35:00:45:F7:D8:3C:EB:13:0D:8D:69:5F:FE:7D:43:DB:38:19:DE:55
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NQBF99g86xMNjWlf_n1D2zgZ3lU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/5043fb-ccac-4fb6-869d-48e30e2f7c36/1/SG3M9vFY-FetuFg4xWQRjLGI-Ls.roa
Signing time:             Sun 01 Jan 2023 08:24:42 +0000
ROA not before:           Sun 01 Jan 2023 08:24:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     15576
IP address blocks:        185.98.152.0/22 maxlen: 22
                          2a01:a480::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:6e:db:73:a6:4a:90:37:62:9f:84:61:94:5c:10:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=350045f7d83ceb130d8d695ffe7d43db3819de55
        Validity
            Not Before: Jan  1 08:24:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=486dccf6f158f857adb85838c564118cb188f8bb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:9a:03:a0:b6:bd:2e:3d:30:1a:af:f8:7b:24:
                    7f:dd:f3:32:99:05:99:19:b5:87:fb:83:56:71:01:
                    76:30:ce:ca:dd:37:48:39:5b:25:89:19:84:fc:cd:
                    aa:0b:30:a1:c5:32:4e:01:80:af:bc:01:da:c6:49:
                    92:71:c7:00:9a:32:3d:53:19:62:bb:18:fb:77:ca:
                    a3:36:8c:2b:f3:06:d9:da:05:b5:e3:c4:ed:80:03:
                    cb:8f:4c:e0:36:9d:6c:6b:aa:a8:66:b8:e5:0d:91:
                    53:2b:6a:36:1d:14:a0:51:2c:52:70:ed:03:5d:29:
                    55:f8:0a:e9:a9:7c:7d:5a:a4:35:90:12:b2:1d:ff:
                    1e:1b:8d:b1:0f:7d:e8:f9:e8:44:e7:70:b3:4f:ec:
                    68:b2:70:9d:e4:ba:44:68:57:91:99:33:fe:7d:7b:
                    6a:a7:fa:2e:e8:7e:5c:1d:f4:e4:9b:ce:9d:1e:ab:
                    0c:84:6e:67:fc:13:8d:9d:f1:89:29:97:40:0e:f3:
                    48:29:19:91:81:59:8d:b6:35:d8:08:b4:b4:f7:60:
                    43:51:4a:ee:51:a7:8c:7a:34:4f:de:70:b9:de:76:
                    2b:29:e8:9a:16:11:08:bb:cb:16:f4:09:06:1e:d2:
                    8a:21:2c:e5:83:17:90:18:c0:38:49:ed:d7:37:3c:
                    90:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:6D:CC:F6:F1:58:F8:57:AD:B8:58:38:C5:64:11:8C:B1:88:F8:BB
            X509v3 Authority Key Identifier:
                keyid:35:00:45:F7:D8:3C:EB:13:0D:8D:69:5F:FE:7D:43:DB:38:19:DE:55

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NQBF99g86xMNjWlf_n1D2zgZ3lU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/5043fb-ccac-4fb6-869d-48e30e2f7c36/1/SG3M9vFY-FetuFg4xWQRjLGI-Ls.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/5043fb-ccac-4fb6-869d-48e30e2f7c36/1/NQBF99g86xMNjWlf_n1D2zgZ3lU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.98.152.0/22
                IPv6:
                  2a01:a480::/32

    Signature Algorithm: sha256WithRSAEncryption
         6a:b8:e0:d9:92:e5:ef:22:ad:62:23:ab:38:3b:0c:b2:59:3d:
         15:ed:e5:89:cb:2d:00:95:4a:40:fa:0b:87:9a:eb:07:cc:f6:
         5c:b8:a7:3e:78:b2:84:4c:86:32:3b:df:21:53:5f:3f:39:45:
         bc:21:be:71:ac:86:6c:9f:66:d8:a4:cf:13:af:33:3f:55:7c:
         55:c9:81:09:5b:e9:c9:07:7d:f5:dc:aa:58:a3:08:71:9a:4f:
         6a:32:8e:71:6d:fb:28:a6:01:e1:68:b9:56:c4:4a:20:db:2d:
         99:28:90:45:85:f3:b9:36:61:d6:33:b4:0e:76:0e:15:b7:ec:
         d2:cf:c3:43:2f:63:06:88:30:6d:c0:99:39:ca:5a:1f:e1:b9:
         17:ca:0b:c3:60:fb:68:d0:05:fa:66:4c:9e:e2:1e:96:9b:67:
         0e:cb:09:ad:df:24:00:96:df:a6:e6:c7:8f:c0:77:dc:03:fd:
         c7:80:fd:4c:60:cb:70:5c:f5:51:80:e7:52:75:91:70:84:b6:
         13:f0:ec:4e:1a:e5:d0:35:87:84:37:1b:45:ff:f6:2b:7e:4a:
         82:ce:46:22:d9:65:f5:73:28:e0:78:01:18:c1:05:67:10:8f:
         85:b9:f0:e0:3a:80:0d:24:52:76:c3:d1:f1:36:d6:ca:46:ef:
         0c:e2:2d:0a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVsbttzpkqQN2KfhGGUXBAZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MDA0NWY3ZDgzY2ViMTMwZDhkNjk1ZmZlN2Q0M2RiMzgx
OWRlNTUwHhcNMjMwMTAxMDgyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODZkY2NmNmYxNThmODU3YWRiODU4MzhjNTY0MTE4Y2IxODhmOGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgJoDoLa9Lj0wGq/4eyR/3fMymQWZ
GbWH+4NWcQF2MM7K3TdIOVsliRmE/M2qCzChxTJOAYCvvAHaxkmScccAmjI9Uxli
uxj7d8qjNowr8wbZ2gW148TtgAPLj0zgNp1sa6qoZrjlDZFTK2o2HRSgUSxScO0D
XSlV+ArpqXx9WqQ1kBKyHf8eG42xD33o+ehE53CzT+xosnCd5LpEaFeRmTP+fXtq
p/ou6H5cHfTkm86dHqsMhG5n/BONnfGJKZdADvNIKRmRgVmNtjXYCLS092BDUUru
UaeMejRP3nC53nYrKeiaFhEIu8sW9AkGHtKKISzlgxeQGMA4Se3XNzyQZQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEhtzPbxWPhXrbhYOMVkEYyxiPi7MB8GA1UdIwQY
MBaAFDUARffYPOsTDY1pX/59Q9s4Gd5VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlFCRjk5Zzg2eE1OaldsZl9uMUQyemdaM2xVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS81MDQzZmItY2NhYy00ZmI2LTg2OWQt
NDhlMzBlMmY3YzM2LzEvU0czTTl2RlktRmV0dUZnNHhXUVJqTEdJLUxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS81MDQzZmItY2NhYy00ZmI2LTg2OWQtNDhlMzBlMmY3YzM2
LzEvTlFCRjk5Zzg2eE1OaldsZl9uMUQyemdaM2xVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWKYMA0E
AgACMAcDBQAqAaSAMA0GCSqGSIb3DQEBCwUAA4IBAQBquODZkuXvIq1iI6s4Owyy
WT0V7eWJyy0AlUpA+guHmusHzPZcuKc+eLKETIYyO98hU18/OUW8Ib5xrIZsn2bY
pM8TrzM/VXxVyYEJW+nJB3313KpYowhxmk9qMo5xbfsopgHhaLlWxEog2y2ZKJBF
hfO5NmHWM7QOdg4Vt+zSz8NDL2MGiDBtwJk5ylof4bkXygvDYPto0AX6Zkye4h6W
m2cOywmt3yQAlt+m5sePwHfcA/3HgP1MYMtwXPVRgOdSdZFwhLYT8OxOGuXQNYeE
NxtF//YrfkqCzkYi2WX1cyjgeAEYwQVnEI+FufDgOoANJFJ2w9HxNtbKRu8M4i0K
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:45 2024 by rpki-client on console-ams.rpki-client.org