Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/e3f562-5929-44ad-9cc9-d3134c66bf6c/1/XUr5NKUrKY0gpz_GxUDGzJIsF5U.roa
File:                     XUr5NKUrKY0gpz_GxUDGzJIsF5U.roa (raw, json)
Hash identifier:          P192qg1EOcLEoBpBHcvDhsJY7AKgw4GLxWZl0yBw1wI=
Subject key identifier:   5D:4A:F9:34:A5:2B:29:8D:20:A7:3F:C6:C5:40:C6:CC:92:2C:17:95
Certificate issuer:       /CN=292c5d372319fa6175e56ca79883d12b0c6e38ec
Certificate serial:       01891AAB8DBB2F1C1F41B04917490132D061
Authority key identifier: 29:2C:5D:37:23:19:FA:61:75:E5:6C:A7:98:83:D1:2B:0C:6E:38:EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KSxdNyMZ-mF15WynmIPRKwxuOOw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/50/e3f562-5929-44ad-9cc9-d3134c66bf6c/1/XUr5NKUrKY0gpz_GxUDGzJIsF5U.roa
Signing time:             Mon 03 Jul 2023 07:33:17 +0000
ROA not before:           Mon 03 Jul 2023 07:33:17 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        185.81.69.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:29:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:1a:ab:8d:bb:2f:1c:1f:41:b0:49:17:49:01:32:d0:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=292c5d372319fa6175e56ca79883d12b0c6e38ec
        Validity
            Not Before: Jul  3 07:33:17 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5d4af934a52b298d20a73fc6c540c6cc922c1795
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:a2:97:65:14:f0:b8:68:da:be:3d:b1:a6:f5:
                    03:c6:88:af:a7:91:09:cc:66:91:46:d5:d4:25:e6:
                    5f:b8:d1:af:4d:80:ca:a6:d3:09:8a:29:c8:dc:cb:
                    7b:5a:f0:a6:3b:fa:c8:b3:5c:01:7b:c2:7f:8f:60:
                    aa:63:e5:d7:db:11:16:36:c7:d0:c8:3b:5f:e0:5d:
                    12:2b:bf:93:af:2a:1b:b7:0f:6c:0b:ea:ed:cb:c2:
                    08:78:33:93:60:29:29:56:4f:ac:35:fe:3c:e7:7f:
                    7c:c9:45:79:c5:6b:e2:93:21:8b:54:84:f1:0c:8a:
                    13:7e:74:e1:62:da:da:89:76:bb:90:bd:ae:b6:bd:
                    7a:3b:79:07:97:71:0e:56:19:e5:58:52:34:72:96:
                    0e:6a:9c:40:39:f9:7e:29:5d:88:c8:26:6b:32:97:
                    d8:0d:65:66:de:c9:db:e8:5b:e5:ee:59:f2:5f:2e:
                    bc:c0:9a:b8:2f:55:09:a3:e3:5d:1b:f0:04:b2:f5:
                    9f:45:7a:a8:50:e5:2c:a1:40:72:a0:bd:ff:0a:37:
                    63:9c:f5:0d:c9:2d:70:e1:c7:98:c8:bb:b6:40:c2:
                    00:bf:f3:c1:21:32:75:92:d9:70:24:c2:f6:7c:32:
                    a7:5b:b1:fa:14:21:37:de:29:18:4b:b7:18:f2:02:
                    aa:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:4A:F9:34:A5:2B:29:8D:20:A7:3F:C6:C5:40:C6:CC:92:2C:17:95
            X509v3 Authority Key Identifier:
                keyid:29:2C:5D:37:23:19:FA:61:75:E5:6C:A7:98:83:D1:2B:0C:6E:38:EC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KSxdNyMZ-mF15WynmIPRKwxuOOw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/e3f562-5929-44ad-9cc9-d3134c66bf6c/1/XUr5NKUrKY0gpz_GxUDGzJIsF5U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/50/e3f562-5929-44ad-9cc9-d3134c66bf6c/1/KSxdNyMZ-mF15WynmIPRKwxuOOw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.81.69.0/24

    Signature Algorithm: sha256WithRSAEncryption
         69:fd:80:2d:2a:a3:33:ab:7a:d1:39:f3:48:4b:c8:c7:96:43:
         ae:0c:5b:15:e4:1c:9a:ab:ab:be:36:48:85:7d:1e:bb:55:00:
         32:a5:3f:51:36:08:e1:1e:73:70:05:8a:da:63:2d:7a:ac:29:
         76:4b:77:8f:ce:2b:a3:b2:58:b5:45:10:1b:98:73:6e:2c:b4:
         1e:b0:f0:48:31:39:e3:df:e1:d9:9c:57:c6:bd:1d:7c:a5:fd:
         92:81:cc:0f:8d:8d:25:0c:71:ef:b9:27:bb:7a:4b:f2:d6:13:
         56:7c:17:4c:f9:12:c3:36:fb:fb:1b:7f:35:44:03:d5:ba:df:
         04:a2:dc:37:22:4c:44:22:1f:25:76:e9:b5:17:99:6b:c5:4b:
         08:38:30:99:42:f9:a9:90:1c:a9:88:66:fd:ef:24:35:3f:f7:
         a8:d9:e7:4b:0c:63:5c:bc:40:4a:19:79:3a:91:3a:e1:e9:1b:
         0f:c9:59:93:62:68:26:0a:4b:29:58:7d:e2:12:66:70:ea:87:
         e1:a5:00:ba:bb:3f:1f:7c:56:24:75:3d:55:8f:ed:d9:8d:72:
         64:5c:fb:75:0d:87:1d:97:b8:94:a2:d8:8f:01:67:95:21:ee:
         60:f4:ee:26:76:7a:65:5d:91:ec:0c:ec:69:25:7c:9e:1a:9d:
         d8:33:f3:2c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYkaq427LxwfQbBJF0kBMtBhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MmM1ZDM3MjMxOWZhNjE3NWU1NmNhNzk4ODNkMTJiMGM2
ZTM4ZWMwHhcNMjMwNzAzMDczMzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDRhZjkzNGE1MmIyOThkMjBhNzNmYzZjNTQwYzZjYzkyMmMxNzk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgKKXZRTwuGjavj2xpvUDxoivp5EJ
zGaRRtXUJeZfuNGvTYDKptMJiinI3Mt7WvCmO/rIs1wBe8J/j2CqY+XX2xEWNsfQ
yDtf4F0SK7+Tryobtw9sC+rty8IIeDOTYCkpVk+sNf485398yUV5xWvikyGLVITx
DIoTfnThYtraiXa7kL2utr16O3kHl3EOVhnlWFI0cpYOapxAOfl+KV2IyCZrMpfY
DWVm3snb6Fvl7lnyXy68wJq4L1UJo+NdG/AEsvWfRXqoUOUsoUByoL3/CjdjnPUN
yS1w4ceYyLu2QMIAv/PBITJ1ktlwJML2fDKnW7H6FCE33ikYS7cY8gKqjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF1K+TSlKymNIKc/xsVAxsySLBeVMB8GA1UdIwQY
MBaAFCksXTcjGfphdeVsp5iD0SsMbjjsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1N4ZE55TVotbUYxNVd5bm1JUFJLd3h1T093LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9lM2Y1NjItNTkyOS00NGFkLTljYzkt
ZDMxMzRjNjZiZjZjLzEvWFVyNU5LVXJLWTBncHpfR3hVREd6SklzRjVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9lM2Y1NjItNTkyOS00NGFkLTljYzktZDMxMzRjNjZiZjZj
LzEvS1N4ZE55TVotbUYxNVd5bm1JUFJLd3h1T093LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuVFFMA0G
CSqGSIb3DQEBCwUAA4IBAQBp/YAtKqMzq3rROfNIS8jHlkOuDFsV5Byaq6u+NkiF
fR67VQAypT9RNgjhHnNwBYraYy16rCl2S3ePziujsli1RRAbmHNuLLQesPBIMTnj
3+HZnFfGvR18pf2SgcwPjY0lDHHvuSe7ekvy1hNWfBdM+RLDNvv7G381RAPVut8E
otw3IkxEIh8ldum1F5lrxUsIODCZQvmpkBypiGb97yQ1P/eo2edLDGNcvEBKGXk6
kTrh6RsPyVmTYmgmCkspWH3iEmZw6ofhpQC6uz8ffFYkdT1Vj+3ZjXJkXPt1DYcd
l7iUotiPAWeVIe5g9O4mdnplXZHsDOxpJXyeGp3YM/Ms
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:17 2024 by rpki-client on console-fra.rpki-client.org