Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/f2UIuschPaNHb6Jc_Td7yntB750.roa
File:                     f2UIuschPaNHb6Jc_Td7yntB750.roa (raw, json)
Hash identifier:          BX2YUZ/D7GA6wEFs7mvSQLdK78Ar45/sV1a7qBSt0hM=
Subject key identifier:   7F:65:08:BA:C7:21:3D:A3:47:6F:A2:5C:FD:37:7B:CA:7B:41:EF:9D
Certificate issuer:       /CN=95b30111b0b720a209f788c8b90f60380b465c2e
Certificate serial:       01856F94D1DC462DB5B08858B15D067BB573
Authority key identifier: 95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/f2UIuschPaNHb6Jc_Td7yntB750.roa
Signing time:             Sun 01 Jan 2023 23:05:01 +0000
ROA not before:           Sun 01 Jan 2023 23:05:01 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     202754
IP address blocks:        185.153.16.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 00:29:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:94:d1:dc:46:2d:b5:b0:88:58:b1:5d:06:7b:b5:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=95b30111b0b720a209f788c8b90f60380b465c2e
        Validity
            Not Before: Jan  1 23:05:01 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7f6508bac7213da3476fa25cfd377bca7b41ef9d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:dc:f5:8e:a5:5a:d6:42:0a:35:62:3f:37:c1:
                    9e:d0:76:50:8d:48:85:91:a6:d8:47:95:be:46:c0:
                    5c:f4:f4:5e:34:45:2e:e5:cd:27:c2:8f:49:9d:b1:
                    01:f6:dd:fe:be:89:6f:20:ba:cc:6e:1c:36:0c:94:
                    12:65:bd:dc:fc:d3:6f:f4:32:87:4f:cc:f4:11:f7:
                    5c:f7:53:7a:0f:99:29:65:7f:76:37:19:93:0e:4f:
                    39:0a:03:d8:13:23:38:63:34:c6:90:3a:c9:2d:91:
                    52:78:34:5d:13:68:30:81:6e:1c:b8:88:6e:59:41:
                    c8:1b:46:33:fe:dd:4a:2c:f9:1d:6b:d7:1c:59:ae:
                    fa:b4:6d:87:08:31:61:f0:a5:2a:0a:b6:74:60:06:
                    8b:37:2c:90:4b:b9:1c:c4:c0:61:1e:d6:35:26:07:
                    c0:58:40:3f:4b:ee:84:ec:8a:b9:05:80:8c:57:93:
                    23:3c:f2:51:da:bd:e5:b9:c2:1a:39:9d:4f:df:49:
                    89:34:73:e3:07:55:49:b1:bd:88:4d:ac:b2:64:97:
                    ea:92:15:10:66:97:ba:06:22:b9:75:60:cb:e3:1b:
                    08:27:cf:2c:82:bd:85:e9:1f:3a:f3:16:42:74:52:
                    35:37:7e:03:a2:2f:3e:0f:46:43:a6:bd:f9:b8:ae:
                    7e:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:65:08:BA:C7:21:3D:A3:47:6F:A2:5C:FD:37:7B:CA:7B:41:EF:9D
            X509v3 Authority Key Identifier:
                keyid:95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/f2UIuschPaNHb6Jc_Td7yntB750.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.153.16.0/22

    Signature Algorithm: sha256WithRSAEncryption
         ab:20:0a:ba:39:ff:61:f4:1e:34:c2:3a:77:56:d8:a4:c7:52:
         26:af:91:c5:57:b6:29:70:c9:4d:47:bf:fc:90:3e:b9:61:a9:
         3c:fc:2f:12:31:77:99:de:f5:ff:93:0c:00:78:1a:83:d2:c7:
         b7:e5:15:a1:55:22:cd:6c:06:1c:a4:a5:df:ca:d1:06:db:13:
         b8:6f:b4:45:0c:2b:b6:0a:5c:a6:0e:cf:c0:82:0a:35:b4:3b:
         8d:ad:3b:aa:72:39:a8:82:66:eb:88:73:f0:ac:37:c4:b3:a3:
         2a:bd:57:c7:ba:34:eb:10:ee:7f:70:4d:a6:77:92:5e:b7:c6:
         44:68:cc:92:e1:ee:0d:7e:37:00:38:bb:75:23:be:d4:dd:a9:
         ee:f6:cc:3e:fc:39:94:cb:47:95:a8:3d:90:de:0f:6a:67:0b:
         5e:c8:b6:e4:64:d3:b7:1b:1a:f5:fa:f3:c9:42:f0:8e:46:4f:
         ad:b3:c6:1b:9a:80:6d:33:a3:55:6d:7f:11:23:23:e0:14:af:
         10:b5:7f:60:7b:8d:3f:23:93:d1:91:5e:41:8d:9f:78:24:6d:
         e6:93:dc:2e:3c:8b:35:5e:5d:bc:d6:c0:34:48:72:39:9b:ef:
         c7:7b:80:07:ad:05:e4:a0:2a:1a:d4:4d:b8:65:56:51:fe:50:
         57:fa:7c:a4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvlNHcRi21sIhYsV0Ge7VzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YjMwMTExYjBiNzIwYTIwOWY3ODhjOGI5MGY2MDM4MGI0
NjVjMmUwHhcNMjMwMTAxMjMwNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjY1MDhiYWM3MjEzZGEzNDc2ZmEyNWNmZDM3N2JjYTdiNDFlZjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAptz1jqVa1kIKNWI/N8Ge0HZQjUiF
kabYR5W+RsBc9PReNEUu5c0nwo9JnbEB9t3+volvILrMbhw2DJQSZb3c/NNv9DKH
T8z0Efdc91N6D5kpZX92NxmTDk85CgPYEyM4YzTGkDrJLZFSeDRdE2gwgW4cuIhu
WUHIG0Yz/t1KLPkda9ccWa76tG2HCDFh8KUqCrZ0YAaLNyyQS7kcxMBhHtY1JgfA
WEA/S+6E7Iq5BYCMV5MjPPJR2r3lucIaOZ1P30mJNHPjB1VJsb2ITayyZJfqkhUQ
Zpe6BiK5dWDL4xsIJ88sgr2F6R868xZCdFI1N34Doi8+D0ZDpr35uK5+ZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH9lCLrHIT2jR2+iXP03e8p7Qe+dMB8GA1UdIwQY
MBaAFJWzARGwtyCiCfeIyLkPYDgLRlwuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmIt
OTE2NDZiZjAxNTNkLzEvZjJVSXVzY2hQYU5IYjZKY19UZDd5bnRCNzUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmItOTE2NDZiZjAxNTNk
LzEvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZkQMA0G
CSqGSIb3DQEBCwUAA4IBAQCrIAq6Of9h9B40wjp3Vtikx1Imr5HFV7YpcMlNR7/8
kD65Yak8/C8SMXeZ3vX/kwwAeBqD0se35RWhVSLNbAYcpKXfytEG2xO4b7RFDCu2
ClymDs/Aggo1tDuNrTuqcjmogmbriHPwrDfEs6MqvVfHujTrEO5/cE2md5Jet8ZE
aMyS4e4NfjcAOLt1I77U3anu9sw+/DmUy0eVqD2Q3g9qZwteyLbkZNO3Gxr1+vPJ
QvCORk+ts8YbmoBtM6NVbX8RIyPgFK8QtX9ge40/I5PRkV5BjZ94JG3mk9wuPIs1
Xl281sA0SHI5m+/He4AHrQXkoCoa1E24ZVZR/lBX+nyk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:18 2024 by rpki-client on console-fra.rpki-client.org