Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/qLdasZrRcEolGXwLhWLvZOUr27Q.roa
File:                     qLdasZrRcEolGXwLhWLvZOUr27Q.roa (raw, json)
Hash identifier:          lF09/RmuVT3ETxHN1Smog0FFW9mKIxPPgqkDR5YpyS0=
Subject key identifier:   A8:B7:5A:B1:9A:D1:70:4A:25:19:7C:0B:85:62:EF:64:E5:2B:DB:B4
Certificate issuer:       /CN=5f7da568ad027b9e249c13e223d322769881a29f
Certificate serial:       0185719E697F299CECA17681612458042D63
Authority key identifier: 5F:7D:A5:68:AD:02:7B:9E:24:9C:13:E2:23:D3:22:76:98:81:A2:9F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/X32laK0Ce54knBPiI9MidpiBop8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/qLdasZrRcEolGXwLhWLvZOUr27Q.roa
Signing time:             Mon 02 Jan 2023 08:34:45 +0000
ROA not before:           Mon 02 Jan 2023 08:34:45 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     47348
IP address blocks:        185.143.32.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:9e:69:7f:29:9c:ec:a1:76:81:61:24:58:04:2d:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5f7da568ad027b9e249c13e223d322769881a29f
        Validity
            Not Before: Jan  2 08:34:45 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a8b75ab19ad1704a25197c0b8562ef64e52bdbb4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:28:d1:b8:90:6d:93:58:54:d8:79:a9:2b:0c:
                    75:6f:85:7b:09:4d:dd:50:8b:fc:d4:ed:3d:23:ce:
                    40:b3:4f:c4:f5:5f:18:be:98:44:ef:19:e0:2b:dc:
                    6b:33:fd:23:a6:bb:80:c9:10:92:e9:73:96:bb:85:
                    3d:7a:20:4a:9a:3e:de:57:3b:25:f3:ff:bd:b7:fa:
                    b1:fe:f2:de:72:42:2c:92:16:6c:8a:fe:67:20:91:
                    36:9e:c4:fa:cc:61:ef:9b:55:4e:12:28:9c:28:95:
                    e8:99:95:a4:29:58:f0:7c:db:67:e0:3e:0e:e9:a8:
                    e5:12:d3:10:d0:86:95:fd:18:09:ef:c9:8f:f1:ec:
                    e8:ce:15:54:5a:ba:13:7b:f5:92:f4:18:7d:18:25:
                    87:73:4e:62:97:2e:bb:db:e7:1e:a5:e3:ca:d3:67:
                    a5:de:5a:64:84:8a:1c:95:aa:f6:35:9b:bc:c0:27:
                    e0:40:52:e5:eb:28:62:03:1f:f5:ad:bd:c0:8c:9e:
                    9e:e0:3f:24:4b:1e:3b:7e:5f:09:49:07:dc:fd:64:
                    10:b7:91:da:f8:dd:57:28:a4:38:ff:59:58:a5:73:
                    91:37:e6:69:0e:9f:33:8c:fd:a3:28:88:8c:fa:a3:
                    8d:e9:9b:fb:3a:a5:e1:3d:16:6d:35:5b:72:73:dc:
                    95:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:B7:5A:B1:9A:D1:70:4A:25:19:7C:0B:85:62:EF:64:E5:2B:DB:B4
            X509v3 Authority Key Identifier:
                keyid:5F:7D:A5:68:AD:02:7B:9E:24:9C:13:E2:23:D3:22:76:98:81:A2:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X32laK0Ce54knBPiI9MidpiBop8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/qLdasZrRcEolGXwLhWLvZOUr27Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/X32laK0Ce54knBPiI9MidpiBop8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.143.32.0/22

    Signature Algorithm: sha256WithRSAEncryption
         1c:54:69:5e:30:a5:5e:61:cf:2a:f9:d2:0f:84:95:aa:e8:c2:
         b5:c0:4b:29:f5:42:47:a3:57:16:54:ee:e9:47:3b:5f:e9:e0:
         c9:9d:1d:4e:86:e7:3a:7a:30:11:0a:36:e6:cf:ad:b6:ae:8b:
         7e:68:37:a1:d7:3d:66:b5:6e:5c:01:02:34:5b:e8:8b:50:3b:
         2b:82:80:66:ab:de:d9:83:a2:26:47:3c:64:ec:db:05:aa:39:
         45:15:2e:08:c7:19:e1:fc:db:c4:1a:02:a3:f8:ea:bd:41:a2:
         2e:99:53:38:7e:b0:d8:28:0e:e7:7a:40:72:d7:2a:84:ea:1f:
         82:76:d7:ac:90:65:b9:a5:ac:96:ad:fe:d1:47:8a:ce:aa:e9:
         01:f6:44:68:49:d1:29:30:35:8f:51:6b:fa:4a:97:87:54:3a:
         80:20:1c:30:af:35:90:7c:cd:8f:77:01:be:95:d2:95:8a:3f:
         4d:13:c2:f0:41:88:70:5d:89:7d:75:5d:53:41:b7:d8:fc:a5:
         be:3b:21:a5:02:20:ab:71:2c:e7:6d:df:96:b2:d1:b7:3d:1a:
         2b:8a:ff:bf:0d:38:67:19:df:2d:b6:ab:12:d8:93:28:39:f2:
         d8:ec:57:e8:9b:17:ea:7a:87:7e:ae:ca:97:d6:e6:28:83:71:
         4b:2c:66:b0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxnml/KZzsoXaBYSRYBC1jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmN2RhNTY4YWQwMjdiOWUyNDljMTNlMjIzZDMyMjc2OTg4
MWEyOWYwHhcNMjMwMTAyMDgzNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGI3NWFiMTlhZDE3MDRhMjUxOTdjMGI4NTYyZWY2NGU1MmJkYmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqijRuJBtk1hU2HmpKwx1b4V7CU3d
UIv81O09I85As0/E9V8YvphE7xngK9xrM/0jpruAyRCS6XOWu4U9eiBKmj7eVzsl
8/+9t/qx/vLeckIskhZsiv5nIJE2nsT6zGHvm1VOEiicKJXomZWkKVjwfNtn4D4O
6ajlEtMQ0IaV/RgJ78mP8ezozhVUWroTe/WS9Bh9GCWHc05ily672+cepePK02el
3lpkhIoclar2NZu8wCfgQFLl6yhiAx/1rb3AjJ6e4D8kSx47fl8JSQfc/WQQt5Ha
+N1XKKQ4/1lYpXORN+ZpDp8zjP2jKIiM+qON6Zv7OqXhPRZtNVtyc9yVDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKi3WrGa0XBKJRl8C4Vi72TlK9u0MB8GA1UdIwQY
MBaAFF99pWitAnueJJwT4iPTInaYgaKfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDMybGFLMENlNTRrbkJQaUk5TWlkcGlCb3A4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8wNTQ4OGYtZjRlMC00ZTZjLTk0ZjUt
Mzc1NzUzOWMyYWM5LzEvcUxkYXNaclJjRW9sR1h3TGhXTHZaT1VyMjdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS8wNTQ4OGYtZjRlMC00ZTZjLTk0ZjUtMzc1NzUzOWMyYWM5
LzEvWDMybGFLMENlNTRrbkJQaUk5TWlkcGlCb3A4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuY8gMA0G
CSqGSIb3DQEBCwUAA4IBAQAcVGleMKVeYc8q+dIPhJWq6MK1wEsp9UJHo1cWVO7p
Rztf6eDJnR1Ohuc6ejARCjbmz622rot+aDeh1z1mtW5cAQI0W+iLUDsrgoBmq97Z
g6ImRzxk7NsFqjlFFS4Ixxnh/NvEGgKj+Oq9QaIumVM4frDYKA7nekBy1yqE6h+C
dteskGW5payWrf7RR4rOqukB9kRoSdEpMDWPUWv6SpeHVDqAIBwwrzWQfM2PdwG+
ldKVij9NE8LwQYhwXYl9dV1TQbfY/KW+OyGlAiCrcSznbd+WstG3PRoriv+/DThn
Gd8ttqsS2JMoOfLY7Ffomxfqeod+rsqX1uYog3FLLGaw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:58 2024 by rpki-client on console-fra.rpki-client.org