Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/PeFJ0fhlztOasj0-ty--C6wEN0M.roa
File:                     PeFJ0fhlztOasj0-ty--C6wEN0M.roa (raw, json)
Hash identifier:          tVn/3F28tIZ1v/7yRoLnhnp2BvWQLe7L2h67XWflbfQ=
Subject key identifier:   3D:E1:49:D1:F8:65:CE:D3:9A:B2:3D:3E:B7:2F:BE:0B:AC:04:37:43
Certificate issuer:       /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial:       01856ED4DCC3F1A2D21EFCDD4F891630900E
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/PeFJ0fhlztOasj0-ty--C6wEN0M.roa
Signing time:             Sun 01 Jan 2023 19:35:21 +0000
ROA not before:           Sun 01 Jan 2023 19:35:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211441
IP address blocks:        185.226.195.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:29:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:d4:dc:c3:f1:a2:d2:1e:fc:dd:4f:89:16:30:90:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
        Validity
            Not Before: Jan  1 19:35:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3de149d1f865ced39ab23d3eb72fbe0bac043743
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:19:1a:1e:e8:19:ea:95:6b:0e:57:b5:21:f4:
                    35:d7:75:ee:3b:f3:ed:a5:c1:63:56:09:dd:18:98:
                    1a:62:45:cc:13:db:b9:8a:f6:e3:61:7e:dc:52:9f:
                    76:8c:87:95:54:b5:53:d7:2e:49:ff:b9:ff:2d:43:
                    a1:c4:16:a0:5a:49:ca:92:e7:47:b1:01:51:3a:e1:
                    9d:1a:91:5a:62:89:da:e0:97:76:6a:be:f4:4d:05:
                    47:61:85:90:51:65:58:41:3a:52:8d:75:67:7c:9e:
                    1e:a1:ed:a2:13:87:f0:f8:cb:03:03:a1:95:88:c2:
                    80:e2:7e:1f:d8:0c:28:f9:3d:79:f2:cb:40:5b:7f:
                    b8:c5:3d:e8:90:cc:e4:d4:4f:93:97:d5:f9:95:7e:
                    6c:d7:0d:02:aa:1f:e5:b8:7f:4b:7e:5c:55:7f:78:
                    51:ce:ec:0d:29:11:69:e8:89:00:2d:42:d0:17:64:
                    39:4b:bd:e2:35:a4:8e:a2:f1:79:69:97:21:ac:8b:
                    ee:9a:08:9a:17:7c:d6:81:92:ca:f0:a0:70:a0:66:
                    92:2e:d7:f6:ca:63:e5:7d:8c:55:b9:57:73:79:e2:
                    63:12:c4:02:6f:af:6a:6e:c6:53:40:04:ee:ba:4e:
                    8f:c2:4d:02:ce:52:6c:7f:d2:fa:2f:4c:fc:b6:59:
                    25:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:E1:49:D1:F8:65:CE:D3:9A:B2:3D:3E:B7:2F:BE:0B:AC:04:37:43
            X509v3 Authority Key Identifier:
                keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/PeFJ0fhlztOasj0-ty--C6wEN0M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.226.195.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1d:22:f9:a0:a6:39:6d:9d:23:27:8b:24:4a:8d:a4:5f:71:86:
         49:69:fe:1a:98:a7:05:6c:d1:2b:03:cc:c5:e6:6b:ae:50:4c:
         dc:fd:7f:0c:93:29:0e:c5:27:2e:2f:81:47:48:62:19:52:75:
         6f:19:56:30:21:f2:78:47:3b:97:3e:8b:11:8f:d4:a2:09:7f:
         5b:b3:2a:1f:ae:cb:d2:e3:3e:35:47:f8:9c:45:57:77:cf:9a:
         3d:87:49:3c:23:3c:7a:8e:81:dd:0a:a3:98:22:e2:cf:17:12:
         42:01:df:74:62:15:c7:77:63:82:be:75:ed:87:39:9b:de:3b:
         cc:f1:7c:98:f7:76:12:d5:dd:59:40:45:a6:80:05:99:fe:aa:
         e2:6c:f7:52:d4:4c:1b:3b:dd:bc:d8:1d:45:b3:59:db:cc:16:
         a2:d5:b4:11:41:9c:1a:90:1f:a2:92:d9:e0:f6:4e:8e:ca:1c:
         e9:fc:02:3b:38:16:5e:63:fd:69:d4:f6:c4:9c:00:72:c5:19:
         91:1c:e0:52:e6:fa:02:f4:7e:c1:44:d3:d9:57:0b:e2:f3:65:
         f1:ce:47:58:a8:dc:a4:2a:26:37:02:52:1e:8a:4c:5f:44:9e:
         73:14:59:e2:82:97:d7:db:35:1d:ff:99:a1:87:6a:d4:0b:f0:
         10:81:2c:c9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVu1NzD8aLSHvzdT4kWMJAOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjMwMTAxMTkzNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGUxNDlkMWY4NjVjZWQzOWFiMjNkM2ViNzJmYmUwYmFjMDQzNzQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtRkaHugZ6pVrDle1IfQ113XuO/Pt
pcFjVgndGJgaYkXME9u5ivbjYX7cUp92jIeVVLVT1y5J/7n/LUOhxBagWknKkudH
sQFROuGdGpFaYona4Jd2ar70TQVHYYWQUWVYQTpSjXVnfJ4eoe2iE4fw+MsDA6GV
iMKA4n4f2Awo+T158stAW3+4xT3okMzk1E+Tl9X5lX5s1w0Cqh/luH9LflxVf3hR
zuwNKRFp6IkALULQF2Q5S73iNaSOovF5aZchrIvumgiaF3zWgZLK8KBwoGaSLtf2
ymPlfYxVuVdzeeJjEsQCb69qbsZTQATuuk6Pwk0CzlJsf9L6L0z8tlklgQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD3hSdH4Zc7TmrI9PrcvvgusBDdDMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvUGVGSjBmaGx6dE9hc2owLXR5LS1DNndFTjBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueLDMA0G
CSqGSIb3DQEBCwUAA4IBAQAdIvmgpjltnSMniyRKjaRfcYZJaf4amKcFbNErA8zF
5muuUEzc/X8MkykOxScuL4FHSGIZUnVvGVYwIfJ4RzuXPosRj9SiCX9bsyofrsvS
4z41R/icRVd3z5o9h0k8Izx6joHdCqOYIuLPFxJCAd90YhXHd2OCvnXthzmb3jvM
8XyY93YS1d1ZQEWmgAWZ/qribPdS1EwbO9282B1Fs1nbzBai1bQRQZwakB+iktng
9k6Oyhzp/AI7OBZeY/1p1PbEnAByxRmRHOBS5voC9H7BRNPZVwvi82XxzkdYqNyk
KiY3AlIeikxfRJ5zFFnigpfX2zUd/5mhh2rUC/AQgSzJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:56 2024 by rpki-client on console-fra.rpki-client.org