Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/f0c9e3-1c40-4f33-95ce-98d2fee0f87a/1/LxlBb7N4n2x-TZmh2Tecjl7BHpQ.roa
File:                     LxlBb7N4n2x-TZmh2Tecjl7BHpQ.roa (raw, json)
Hash identifier:          tb5+cOrGh2ds/bpGQGQMOhM1OyOhN31b2OjBe0QhJ3k=
Subject key identifier:   2F:19:41:6F:B3:78:9F:6C:7E:4D:99:A1:D9:37:9C:8E:5E:C1:1E:94
Certificate issuer:       /CN=215a409d27b9a69346324004694da11beae02dbb
Certificate serial:       018A56F2C21B0F6C0FC3AE23072352D286A1
Authority key identifier: 21:5A:40:9D:27:B9:A6:93:46:32:40:04:69:4D:A1:1B:EA:E0:2D:BB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IVpAnSe5ppNGMkAEaU2hG-rgLbs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/f0c9e3-1c40-4f33-95ce-98d2fee0f87a/1/LxlBb7N4n2x-TZmh2Tecjl7BHpQ.roa
Signing time:             Sat 02 Sep 2023 17:31:04 +0000
ROA not before:           Sat 02 Sep 2023 17:31:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212238
IP address blocks:        185.134.177.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:29:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:56:f2:c2:1b:0f:6c:0f:c3:ae:23:07:23:52:d2:86:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=215a409d27b9a69346324004694da11beae02dbb
        Validity
            Not Before: Sep  2 17:31:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2f19416fb3789f6c7e4d99a1d9379c8e5ec11e94
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:a8:67:63:fc:a4:0b:51:92:e7:d8:91:a1:ae:
                    d5:5a:26:0f:2e:47:05:a7:f8:55:b6:2f:58:69:6e:
                    de:97:be:ce:ed:ec:3e:84:66:04:7a:9a:77:49:4e:
                    31:4c:e0:92:01:84:57:b1:97:c4:f1:bd:70:2a:a0:
                    60:9f:3f:14:4b:4e:04:9a:7a:6c:95:07:1a:45:5c:
                    bf:f3:41:f8:65:f5:a5:a1:92:d1:7c:54:46:b1:8d:
                    69:11:a5:8d:89:7c:1a:c4:b3:34:e9:2e:7b:3b:12:
                    2c:70:86:22:16:e2:95:19:f5:73:e8:b7:a5:31:e7:
                    4a:d2:7c:9a:8e:a3:20:2f:65:e0:8d:a4:6a:61:99:
                    ae:22:55:12:b9:9c:67:32:c7:b7:70:37:90:f6:7d:
                    ef:14:eb:15:19:4c:28:c5:fb:54:6f:9a:a7:b6:ff:
                    39:0c:8d:ca:5d:8a:af:8e:27:de:72:22:43:ff:28:
                    92:23:96:81:1b:8e:02:35:f5:0b:6f:29:f7:56:4b:
                    49:6e:64:11:d4:01:2f:64:19:6d:c0:ef:ae:ca:3e:
                    2c:c8:35:b0:c7:d2:a2:54:f5:a0:6d:4f:b4:e5:e6:
                    ee:c6:42:91:31:f8:ba:1e:04:1d:a4:f6:63:ae:a8:
                    26:c1:c5:f6:7c:bf:50:ca:3e:c4:03:af:ae:68:61:
                    a6:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:19:41:6F:B3:78:9F:6C:7E:4D:99:A1:D9:37:9C:8E:5E:C1:1E:94
            X509v3 Authority Key Identifier:
                keyid:21:5A:40:9D:27:B9:A6:93:46:32:40:04:69:4D:A1:1B:EA:E0:2D:BB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IVpAnSe5ppNGMkAEaU2hG-rgLbs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/f0c9e3-1c40-4f33-95ce-98d2fee0f87a/1/LxlBb7N4n2x-TZmh2Tecjl7BHpQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/f0c9e3-1c40-4f33-95ce-98d2fee0f87a/1/IVpAnSe5ppNGMkAEaU2hG-rgLbs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.134.177.0/24

    Signature Algorithm: sha256WithRSAEncryption
         98:0a:6d:de:cb:e7:af:ee:d3:5c:f0:09:36:91:77:d7:3c:0d:
         2e:62:ea:d3:bf:b2:25:6c:cc:fd:53:6b:2e:0e:95:dd:49:26:
         cd:60:13:fb:ed:a2:cb:f2:49:9f:c2:4a:69:18:8e:15:60:b2:
         f3:ef:89:15:6b:82:11:88:92:9f:f2:ce:e1:b6:ec:53:57:3b:
         ff:a0:1e:ad:61:47:58:b9:3a:bb:ea:81:1e:61:ac:7a:00:19:
         4f:e0:8e:72:c6:23:86:72:e6:a3:b2:1c:7f:20:94:35:0b:47:
         56:e2:f4:40:d5:45:a4:7a:b1:b2:ae:d9:6b:46:69:9e:a1:de:
         04:a0:66:d3:39:a9:94:07:b5:00:3e:fb:0f:e0:04:93:c3:85:
         f0:6e:8a:04:f5:a4:1c:39:eb:c4:11:1e:96:b1:3e:e5:b0:1a:
         21:f1:0b:16:e9:3b:98:0a:a7:26:70:00:3e:31:42:00:4f:15:
         11:3c:f4:ba:36:3b:a8:69:b3:7a:c9:22:84:ee:a2:bf:fb:e4:
         80:43:7f:0b:ad:13:3a:f4:be:89:a4:4a:c0:5c:ed:e6:c6:9e:
         38:9b:a0:09:ea:e6:bf:9f:e0:48:d6:0b:e8:c1:70:4c:96:5c:
         0c:10:be:8e:07:71:db:65:b4:e3:d5:26:62:b3:60:0f:25:a2:
         ab:d5:98:d4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYpW8sIbD2wPw64jByNS0oahMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNWE0MDlkMjdiOWE2OTM0NjMyNDAwNDY5NGRhMTFiZWFl
MDJkYmIwHhcNMjMwOTAyMTczMTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjE5NDE2ZmIzNzg5ZjZjN2U0ZDk5YTFkOTM3OWM4ZTVlYzExZTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk6hnY/ykC1GS59iRoa7VWiYPLkcF
p/hVti9YaW7el77O7ew+hGYEepp3SU4xTOCSAYRXsZfE8b1wKqBgnz8US04Emnps
lQcaRVy/80H4ZfWloZLRfFRGsY1pEaWNiXwaxLM06S57OxIscIYiFuKVGfVz6Lel
MedK0nyajqMgL2XgjaRqYZmuIlUSuZxnMse3cDeQ9n3vFOsVGUwoxftUb5qntv85
DI3KXYqvjifeciJD/yiSI5aBG44CNfULbyn3VktJbmQR1AEvZBltwO+uyj4syDWw
x9KiVPWgbU+05ebuxkKRMfi6HgQdpPZjrqgmwcX2fL9Qyj7EA6+uaGGmxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC8ZQW+zeJ9sfk2Zodk3nI5ewR6UMB8GA1UdIwQY
MBaAFCFaQJ0nuaaTRjJABGlNoRvq4C27MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVZwQW5TZTVwcE5HTWtBRWFVMmhHLXJnTGJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9mMGM5ZTMtMWM0MC00ZjMzLTk1Y2Ut
OThkMmZlZTBmODdhLzEvTHhsQmI3TjRuMngtVFptaDJUZWNqbDdCSHBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9mMGM5ZTMtMWM0MC00ZjMzLTk1Y2UtOThkMmZlZTBmODdh
LzEvSVZwQW5TZTVwcE5HTWtBRWFVMmhHLXJnTGJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYaxMA0G
CSqGSIb3DQEBCwUAA4IBAQCYCm3ey+ev7tNc8Ak2kXfXPA0uYurTv7IlbMz9U2su
DpXdSSbNYBP77aLL8kmfwkppGI4VYLLz74kVa4IRiJKf8s7htuxTVzv/oB6tYUdY
uTq76oEeYax6ABlP4I5yxiOGcuajshx/IJQ1C0dW4vRA1UWkerGyrtlrRmmeod4E
oGbTOamUB7UAPvsP4ASTw4XwbooE9aQcOevEER6WsT7lsBoh8QsW6TuYCqcmcAA+
MUIATxURPPS6NjuoabN6ySKE7qK/++SAQ38LrRM69L6JpErAXO3mxp44m6AJ6ua/
n+BI1gvowXBMllwMEL6OB3HbZbTj1SZis2APJaKr1ZjU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:58 2024 by rpki-client on console-fra.rpki-client.org