Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/f19d06-c7fa-40e5-b813-7fe3951a735b/1/0YEyFFY0nz3U41aoVBCFv2qU6wM.roa
File:                     0YEyFFY0nz3U41aoVBCFv2qU6wM.roa (raw, json)
Hash identifier:          pOSkAugqape3U/vvyU2AsovV8Fdbj31enWc1HScb6XE=
Subject key identifier:   D1:81:32:14:56:34:9F:3D:D4:E3:56:A8:54:10:85:BF:6A:94:EB:03
Certificate issuer:       /CN=0e0b0dcb6ad0ca816d2bd204e13f1eaf1104274c
Certificate serial:       0185706763CE1E8E5E26BB9273004350E51F
Authority key identifier: 0E:0B:0D:CB:6A:D0:CA:81:6D:2B:D2:04:E1:3F:1E:AF:11:04:27:4C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DgsNy2rQyoFtK9IE4T8erxEEJ0w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4a/f19d06-c7fa-40e5-b813-7fe3951a735b/1/0YEyFFY0nz3U41aoVBCFv2qU6wM.roa
Signing time:             Mon 02 Jan 2023 02:55:01 +0000
ROA not before:           Mon 02 Jan 2023 02:55:01 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     16509
IP address blocks:        185.127.28.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:31:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:67:63:ce:1e:8e:5e:26:bb:92:73:00:43:50:e5:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0e0b0dcb6ad0ca816d2bd204e13f1eaf1104274c
        Validity
            Not Before: Jan  2 02:55:01 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d181321456349f3dd4e356a8541085bf6a94eb03
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:56:af:04:c0:22:39:28:1c:e0:7b:c2:14:26:
                    e1:ef:e6:3f:db:f0:13:db:e0:d8:d2:b9:97:4d:3c:
                    e6:d1:7d:be:10:fe:47:ff:c6:0f:1b:fb:c4:f2:78:
                    b8:6e:b2:4f:11:f2:20:f0:a8:61:db:94:0b:90:7e:
                    34:69:dc:b7:9b:23:ad:55:62:93:d5:21:86:e0:50:
                    be:fa:23:8e:18:b2:9d:07:8c:b3:47:92:be:35:34:
                    c3:68:84:78:31:be:11:0f:02:70:c0:e9:ff:75:0f:
                    ad:04:7b:fc:e0:fa:e7:70:ee:1c:9e:0f:9b:37:e3:
                    50:15:08:e8:48:1e:96:f6:52:44:2c:89:38:34:88:
                    db:5f:1a:7a:85:9c:74:cf:dc:9c:08:70:65:6c:aa:
                    7e:45:bc:f0:6b:be:78:64:10:81:56:d0:bf:b7:e9:
                    a4:63:18:86:fe:de:e9:85:91:f4:5e:36:aa:b0:86:
                    b1:0a:57:e7:d4:11:47:d9:fe:9d:db:4b:9a:c6:03:
                    56:74:73:c0:16:aa:20:f8:6c:04:01:24:ab:2e:b9:
                    0c:95:71:db:16:a5:e5:bd:a4:08:55:e3:11:e7:3a:
                    8b:87:c3:0b:ad:90:cd:e9:a4:e3:e7:7c:7d:9e:3c:
                    70:16:87:d2:1f:df:d5:c8:e5:0c:51:22:94:65:9a:
                    69:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:81:32:14:56:34:9F:3D:D4:E3:56:A8:54:10:85:BF:6A:94:EB:03
            X509v3 Authority Key Identifier:
                keyid:0E:0B:0D:CB:6A:D0:CA:81:6D:2B:D2:04:E1:3F:1E:AF:11:04:27:4C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DgsNy2rQyoFtK9IE4T8erxEEJ0w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/f19d06-c7fa-40e5-b813-7fe3951a735b/1/0YEyFFY0nz3U41aoVBCFv2qU6wM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/f19d06-c7fa-40e5-b813-7fe3951a735b/1/DgsNy2rQyoFtK9IE4T8erxEEJ0w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.127.28.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0c:4b:92:6a:b0:ae:f1:24:2e:0f:a9:a5:50:93:8c:c1:fe:c6:
         2e:13:74:69:cb:ce:6e:a1:fa:6f:19:a8:47:64:71:46:04:73:
         a0:d9:c5:0c:e2:70:f8:4d:82:6c:33:26:27:33:08:ce:08:13:
         5c:8c:f0:05:1d:6d:3c:a7:53:26:36:75:dc:04:78:2a:0c:be:
         ce:d0:3a:ae:f8:45:03:bc:fe:93:26:3d:a2:9c:7e:7c:41:39:
         83:9f:1c:5e:69:12:a3:a4:8f:fc:1b:c7:24:5f:65:a4:2c:ae:
         ed:1b:5f:84:90:1e:52:1e:be:7d:d7:81:41:e5:59:35:ba:27:
         23:5b:5f:f0:ae:cc:bf:9e:d2:ae:a6:4b:4c:e1:98:19:8d:a4:
         b6:24:b6:57:6b:9c:87:f7:fc:fb:3f:2c:e2:94:d2:f5:93:1b:
         94:e0:c5:f9:e9:9d:ef:51:66:07:c7:8c:2a:54:e0:0d:18:d3:
         0f:bc:52:dd:c6:16:da:6e:57:96:7f:d7:f1:6a:9a:f4:02:52:
         06:e8:5e:36:a6:17:70:e2:cf:a3:0b:27:2a:e9:09:d0:b5:ed:
         5d:a4:22:a6:33:6c:48:d4:21:b8:bf:93:8a:53:01:4c:27:b8:
         6a:24:ce:78:c1:da:ae:b5:59:7b:8c:50:f5:f5:4d:d1:e1:97:
         23:5c:7b:b6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwZ2POHo5eJruScwBDUOUfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlMGIwZGNiNmFkMGNhODE2ZDJiZDIwNGUxM2YxZWFmMTEw
NDI3NGMwHhcNMjMwMTAyMDI1NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTgxMzIxNDU2MzQ5ZjNkZDRlMzU2YTg1NDEwODViZjZhOTRlYjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnVavBMAiOSgc4HvCFCbh7+Y/2/AT
2+DY0rmXTTzm0X2+EP5H/8YPG/vE8ni4brJPEfIg8Khh25QLkH40ady3myOtVWKT
1SGG4FC++iOOGLKdB4yzR5K+NTTDaIR4Mb4RDwJwwOn/dQ+tBHv84PrncO4cng+b
N+NQFQjoSB6W9lJELIk4NIjbXxp6hZx0z9ycCHBlbKp+Rbzwa754ZBCBVtC/t+mk
YxiG/t7phZH0XjaqsIaxClfn1BFH2f6d20uaxgNWdHPAFqog+GwEASSrLrkMlXHb
FqXlvaQIVeMR5zqLh8MLrZDN6aTj53x9njxwFofSH9/VyOUMUSKUZZppkwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNGBMhRWNJ891ONWqFQQhb9qlOsDMB8GA1UdIwQY
MBaAFA4LDctq0MqBbSvSBOE/Hq8RBCdMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGdzTnkyclF5b0Z0SzlJRTRUOGVyeEVFSjB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9mMTlkMDYtYzdmYS00MGU1LWI4MTMt
N2ZlMzk1MWE3MzViLzEvMFlFeUZGWTBuejNVNDFhb1ZCQ0Z2MnFVNndNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9mMTlkMDYtYzdmYS00MGU1LWI4MTMtN2ZlMzk1MWE3MzVi
LzEvRGdzTnkyclF5b0Z0SzlJRTRUOGVyeEVFSjB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuX8cMA0G
CSqGSIb3DQEBCwUAA4IBAQAMS5JqsK7xJC4PqaVQk4zB/sYuE3Rpy85uofpvGahH
ZHFGBHOg2cUM4nD4TYJsMyYnMwjOCBNcjPAFHW08p1MmNnXcBHgqDL7O0Dqu+EUD
vP6TJj2inH58QTmDnxxeaRKjpI/8G8ckX2WkLK7tG1+EkB5SHr5914FB5Vk1uicj
W1/wrsy/ntKupktM4ZgZjaS2JLZXa5yH9/z7PyzilNL1kxuU4MX56Z3vUWYHx4wq
VOANGNMPvFLdxhbableWf9fxapr0AlIG6F42phdw4s+jCycq6QnQte1dpCKmM2xI
1CG4v5OKUwFMJ7hqJM54wdqutVl7jFD19U3R4ZcjXHu2
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:17 2024 by rpki-client on console-fra.rpki-client.org