Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/58b206-5744-439d-be73-473660b31b16/1/EKtQ9Z9_Rq2BzUVSWPh1o12freo.roa
File:                     EKtQ9Z9_Rq2BzUVSWPh1o12freo.roa (raw, json)
Hash identifier:          1aisVws2PX7S0eQJfTgiOIWT49w5cOyyg0CEa+pAeEM=
Subject key identifier:   10:AB:50:F5:9F:7F:46:AD:81:CD:45:52:58:F8:75:A3:5D:9F:AD:EA
Certificate issuer:       /CN=36ca81a378a87e043c4883fbdef4ee9f13a024a7
Certificate serial:       018964C04ED5D082DEDCE9E05F2161F9A3A3
Authority key identifier: 36:CA:81:A3:78:A8:7E:04:3C:48:83:FB:DE:F4:EE:9F:13:A0:24:A7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsqBo3iofgQ8SIP73vTunxOgJKc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/50/58b206-5744-439d-be73-473660b31b16/1/EKtQ9Z9_Rq2BzUVSWPh1o12freo.roa
Signing time:             Mon 17 Jul 2023 16:47:51 +0000
ROA not before:           Mon 17 Jul 2023 16:47:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     62240
IP address blocks:        185.244.161.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:29:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:64:c0:4e:d5:d0:82:de:dc:e9:e0:5f:21:61:f9:a3:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36ca81a378a87e043c4883fbdef4ee9f13a024a7
        Validity
            Not Before: Jul 17 16:47:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=10ab50f59f7f46ad81cd455258f875a35d9fadea
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:2e:99:8b:38:0c:05:d9:c0:f5:02:f7:ae:98:
                    16:86:84:c2:c1:f2:b9:e6:5b:60:62:5c:c9:a5:4c:
                    53:69:52:31:4b:29:1f:1f:76:e5:6d:18:7d:fa:f7:
                    55:19:4f:ce:a2:2e:72:25:e5:ea:e7:8b:37:af:e1:
                    00:af:53:72:92:fb:5d:50:fe:91:a4:4a:08:e9:32:
                    39:8e:68:f8:4e:71:93:fa:aa:1c:6a:00:87:50:c2:
                    a0:56:8c:99:a8:3a:4b:90:f8:81:6f:41:9a:ee:10:
                    8f:13:cf:36:07:e6:6a:4a:3e:fa:92:06:ec:d5:08:
                    c9:19:3c:44:32:f4:df:2d:d2:45:ed:9a:71:46:88:
                    49:37:cd:25:15:1a:78:9a:3b:6a:a5:3a:66:cc:b3:
                    21:15:4a:4d:fc:b3:15:28:2e:38:fa:53:3c:7b:d8:
                    99:fb:22:7b:73:43:b7:82:0c:3c:b2:b9:55:b0:23:
                    44:f2:4d:ce:b1:74:08:d4:ca:50:a3:c0:cb:bb:42:
                    1a:e6:f1:c7:3f:89:ed:f1:82:38:ae:cd:62:1c:62:
                    38:e4:5f:32:35:0b:a5:cf:e1:0c:4f:8b:a8:15:ba:
                    34:2c:72:70:68:ad:3f:d3:76:ff:d2:88:9f:32:d9:
                    ad:3a:3a:b2:3d:a3:e8:d0:50:39:d2:53:1c:f2:52:
                    0f:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:AB:50:F5:9F:7F:46:AD:81:CD:45:52:58:F8:75:A3:5D:9F:AD:EA
            X509v3 Authority Key Identifier:
                keyid:36:CA:81:A3:78:A8:7E:04:3C:48:83:FB:DE:F4:EE:9F:13:A0:24:A7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsqBo3iofgQ8SIP73vTunxOgJKc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/58b206-5744-439d-be73-473660b31b16/1/EKtQ9Z9_Rq2BzUVSWPh1o12freo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/50/58b206-5744-439d-be73-473660b31b16/1/NsqBo3iofgQ8SIP73vTunxOgJKc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.244.161.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4b:59:65:8b:57:9c:d2:13:97:83:2e:1d:a2:59:eb:7f:98:ba:
         d5:c1:30:ab:d7:09:49:99:20:f7:78:a0:88:18:c1:05:38:ad:
         a4:1a:44:eb:9d:b9:fc:c7:28:8a:b9:f4:17:fc:5b:4a:d4:6f:
         17:00:a1:29:89:60:8a:c9:17:1b:9e:ee:7d:2a:9e:38:79:a3:
         6c:b5:25:dd:f3:2a:81:4d:8f:d0:7d:16:d7:7b:30:c0:d0:54:
         66:24:4f:cc:f8:3f:fb:d0:ce:0d:a2:06:80:18:b5:b8:6a:be:
         20:ed:d5:f8:d2:6c:55:7e:58:ad:b4:a8:b5:f7:6a:1f:63:ac:
         33:d6:bc:2d:8d:f2:1c:08:40:eb:49:4a:9c:37:05:4f:7f:1c:
         53:a3:c4:4e:c2:36:6a:f9:ef:e3:63:fe:37:54:13:49:1e:ce:
         2e:d2:4f:b4:c6:8c:20:5c:53:8c:ed:35:fe:18:7a:fb:a4:ff:
         a9:17:fc:e9:15:1b:2c:bc:4f:b7:b2:aa:b7:78:dd:9f:39:88:
         3b:44:e8:61:28:40:85:f9:8c:11:59:90:46:f5:9d:fe:72:76:
         21:01:3b:79:ff:03:25:df:bf:e0:9b:be:4b:70:28:5e:dd:df:
         8c:66:45:e8:9d:0a:f6:cb:3d:72:1c:cc:ca:ac:59:b2:62:ec:
         f7:0b:e0:ad
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYlkwE7V0ILe3OngXyFh+aOjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2Y2E4MWEzNzhhODdlMDQzYzQ4ODNmYmRlZjRlZTlmMTNh
MDI0YTcwHhcNMjMwNzE3MTY0NzUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGFiNTBmNTlmN2Y0NmFkODFjZDQ1NTI1OGY4NzVhMzVkOWZhZGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtC6ZizgMBdnA9QL3rpgWhoTCwfK5
5ltgYlzJpUxTaVIxSykfH3blbRh9+vdVGU/Ooi5yJeXq54s3r+EAr1NykvtdUP6R
pEoI6TI5jmj4TnGT+qocagCHUMKgVoyZqDpLkPiBb0Ga7hCPE882B+ZqSj76kgbs
1QjJGTxEMvTfLdJF7ZpxRohJN80lFRp4mjtqpTpmzLMhFUpN/LMVKC44+lM8e9iZ
+yJ7c0O3ggw8srlVsCNE8k3OsXQI1MpQo8DLu0Ia5vHHP4nt8YI4rs1iHGI45F8y
NQulz+EMT4uoFbo0LHJwaK0/03b/0oifMtmtOjqyPaPo0FA50lMc8lIPDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBCrUPWff0atgc1FUlj4daNdn63qMB8GA1UdIwQY
MBaAFDbKgaN4qH4EPEiD+9707p8ToCSnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNxQm8zaW9mZ1E4U0lQNzN2VHVueE9nSktjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC81OGIyMDYtNTc0NC00MzlkLWJlNzMt
NDczNjYwYjMxYjE2LzEvRUt0UTlaOV9ScTJCelVWU1dQaDFvMTJmcmVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC81OGIyMDYtNTc0NC00MzlkLWJlNzMtNDczNjYwYjMxYjE2
LzEvTnNxQm8zaW9mZ1E4U0lQNzN2VHVueE9nSktjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufShMA0G
CSqGSIb3DQEBCwUAA4IBAQBLWWWLV5zSE5eDLh2iWet/mLrVwTCr1wlJmSD3eKCI
GMEFOK2kGkTrnbn8xyiKufQX/FtK1G8XAKEpiWCKyRcbnu59Kp44eaNstSXd8yqB
TY/QfRbXezDA0FRmJE/M+D/70M4NogaAGLW4ar4g7dX40mxVflittKi192ofY6wz
1rwtjfIcCEDrSUqcNwVPfxxTo8ROwjZq+e/jY/43VBNJHs4u0k+0xowgXFOM7TX+
GHr7pP+pF/zpFRssvE+3sqq3eN2fOYg7ROhhKECF+YwRWZBG9Z3+cnYhATt5/wMl
37/gm75LcChe3d+MZkXonQr2yz1yHMzKrFmyYuz3C+Ct
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:41 2024 by rpki-client on console-ams.rpki-client.org