Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/1kqtLFR5GWJ1xSO93QlYwr2KluU.roa
File:                     1kqtLFR5GWJ1xSO93QlYwr2KluU.roa (raw, json)
Hash identifier:          pxW9t2F7x30pemoTNkialWZG0IRy6J/FJSHGDqZlegw=
Subject key identifier:   D6:4A:AD:2C:54:79:19:62:75:C5:23:BD:DD:09:58:C2:BD:8A:96:E5
Certificate issuer:       /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial:       01856ED4CCB36C87ED885C3D12CEE30E45E3
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/1kqtLFR5GWJ1xSO93QlYwr2KluU.roa
Signing time:             Sun 01 Jan 2023 19:35:17 +0000
ROA not before:           Sun 01 Jan 2023 19:35:17 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     62064
IP address blocks:        185.28.50.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 16 Mar 2023 17:57:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:d4:cc:b3:6c:87:ed:88:5c:3d:12:ce:e3:0e:45:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
        Validity
            Not Before: Jan  1 19:35:17 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d64aad2c5479196275c523bddd0958c2bd8a96e5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:3f:4c:f9:3e:73:7b:b1:ce:f2:20:e7:d7:c6:
                    8a:10:63:d9:fb:32:89:72:21:a6:1f:05:87:a3:a8:
                    72:79:f3:ba:ca:44:1a:36:02:25:f4:de:ee:d5:44:
                    9b:a4:5c:ca:6d:45:40:b0:80:c7:86:6c:b2:8b:12:
                    0f:0d:1e:ab:22:ac:3f:10:ce:75:a4:f6:15:b0:fd:
                    63:61:43:79:02:49:2d:af:eb:52:58:10:4f:22:ab:
                    8b:32:7a:b0:83:31:b4:89:a6:63:2a:f6:4e:08:7a:
                    8e:55:ba:f6:67:9c:f7:8f:8b:4a:13:ef:bc:f3:5b:
                    74:a2:b0:21:e1:cb:94:f2:d6:11:23:9a:c9:47:31:
                    67:79:59:d9:95:20:71:fb:55:87:b3:2a:30:db:75:
                    56:9f:d3:38:ce:44:36:cc:79:5c:77:df:da:6d:69:
                    c7:16:ad:7a:d8:d7:8b:b1:f4:b6:67:f3:5b:66:47:
                    98:7a:4b:eb:de:15:7f:6e:35:71:8e:d0:81:7b:18:
                    14:6b:46:d3:90:ec:90:19:97:86:13:6c:82:fd:2a:
                    c4:33:b9:4b:d2:06:57:b6:57:7d:19:bd:59:cd:dc:
                    7a:89:2f:bd:ba:0c:43:86:51:ee:62:e2:57:b4:6c:
                    57:dc:8b:ea:1b:15:24:53:ac:9d:41:02:35:69:b4:
                    56:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:4A:AD:2C:54:79:19:62:75:C5:23:BD:DD:09:58:C2:BD:8A:96:E5
            X509v3 Authority Key Identifier:
                keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/1kqtLFR5GWJ1xSO93QlYwr2KluU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.28.50.0/24

    Signature Algorithm: sha256WithRSAEncryption
         17:16:ab:15:93:06:40:48:3b:02:99:7f:cc:7c:ef:00:62:d8:
         cc:4a:47:ef:0d:33:c0:2c:bd:8a:8b:5a:89:31:96:8e:87:c6:
         b3:67:0b:90:c4:b9:79:97:69:da:ed:17:5a:51:29:5e:76:1f:
         7f:7f:6e:44:d2:83:1a:48:8f:e9:5d:25:7b:95:a4:8c:ce:82:
         31:e9:c0:1b:23:48:0e:f9:58:82:1a:53:29:90:8e:3f:4f:db:
         7a:92:45:d9:ec:0d:09:14:86:49:49:da:f4:d0:b9:34:f4:91:
         7f:7f:4b:f6:75:a1:ec:e0:88:4a:1d:a6:45:a7:29:30:7b:0c:
         19:19:fd:01:45:da:23:a7:0b:eb:7b:c3:66:40:a6:ad:19:32:
         f8:33:cc:17:c6:ff:05:ce:91:15:23:d7:1a:be:25:fb:ff:53:
         ed:e0:02:dd:c0:c6:77:4d:31:0c:79:18:ee:a3:0e:82:3c:41:
         db:6d:14:42:06:04:42:16:1f:8b:c0:4a:d8:e1:9d:0e:e1:53:
         10:99:b0:d4:fc:45:72:87:7c:e8:26:a0:dd:93:3e:ba:ae:4a:
         2a:54:77:e6:21:4b:f5:0f:f8:1a:e6:cf:de:53:4c:d5:95:ee:
         d6:54:d3:d3:d3:e5:3b:24:e5:af:6d:bb:7d:ab:68:15:47:e4:
         8f:be:c5:a2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVu1MyzbIftiFw9Es7jDkXjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjMwMTAxMTkzNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjRhYWQyYzU0NzkxOTYyNzVjNTIzYmRkZDA5NThjMmJkOGE5NmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnD9M+T5ze7HO8iDn18aKEGPZ+zKJ
ciGmHwWHo6hyefO6ykQaNgIl9N7u1USbpFzKbUVAsIDHhmyyixIPDR6rIqw/EM51
pPYVsP1jYUN5Akktr+tSWBBPIquLMnqwgzG0iaZjKvZOCHqOVbr2Z5z3j4tKE++8
81t0orAh4cuU8tYRI5rJRzFneVnZlSBx+1WHsyow23VWn9M4zkQ2zHlcd9/abWnH
Fq162NeLsfS2Z/NbZkeYekvr3hV/bjVxjtCBexgUa0bTkOyQGZeGE2yC/SrEM7lL
0gZXtld9Gb1Zzdx6iS+9ugxDhlHuYuJXtGxX3IvqGxUkU6ydQQI1abRWoQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNZKrSxUeRlidcUjvd0JWMK9ipblMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvMWtxdExGUjVHV0oxeFNPOTNRbFl3cjJLbHVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuRwyMA0G
CSqGSIb3DQEBCwUAA4IBAQAXFqsVkwZASDsCmX/MfO8AYtjMSkfvDTPALL2Ki1qJ
MZaOh8azZwuQxLl5l2na7RdaUSledh9/f25E0oMaSI/pXSV7laSMzoIx6cAbI0gO
+ViCGlMpkI4/T9t6kkXZ7A0JFIZJSdr00Lk09JF/f0v2daHs4IhKHaZFpykwewwZ
Gf0BRdojpwvre8NmQKatGTL4M8wXxv8FzpEVI9caviX7/1Pt4ALdwMZ3TTEMeRju
ow6CPEHbbRRCBgRCFh+LwErY4Z0O4VMQmbDU/EVyh3zoJqDdkz66rkoqVHfmIUv1
D/ga5s/eU0zVle7WVNPT0+U7JOWvbbt9q2gVR+SPvsWi
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:56 2024 by rpki-client on console-fra.rpki-client.org