Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/gZQt2tvl0n--nDOXBhEDuePlsbA.roa
File:                     gZQt2tvl0n--nDOXBhEDuePlsbA.roa (raw, json)
Hash identifier:          mVMM1XfIj0zCDg4sLc1QBptNFyyRs/fGgzBI3CpvCuQ=
Subject key identifier:   81:94:2D:DA:DB:E5:D2:7F:BE:9C:33:97:06:11:03:B9:E3:E5:B1:B0
Certificate issuer:       /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial:       0190D9FB89E80CC4CA2118FAF2E622012161
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/gZQt2tvl0n--nDOXBhEDuePlsbA.roa
Signing time:             Mon 22 Jul 2024 10:27:38 +0000
ROA not before:           Mon 22 Jul 2024 10:27:38 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     263238
IP address blocks:        185.181.35.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 30 Jul 2024 16:11:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:d9:fb:89:e8:0c:c4:ca:21:18:fa:f2:e6:22:01:21:61
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
        Validity
            Not Before: Jul 22 10:27:38 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=81942ddadbe5d27fbe9c3397061103b9e3e5b1b0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:29:b7:12:15:0a:fd:f3:22:8d:7d:3a:46:51:
                    28:fd:c1:d4:1a:3e:66:33:f1:1a:ba:07:27:5a:d6:
                    4b:92:0e:4e:1c:50:15:3b:a5:f7:30:39:79:a6:6e:
                    45:91:19:e8:37:20:8f:e0:fa:6b:16:34:22:2a:fd:
                    9c:fa:06:95:35:2a:27:2f:ac:7c:24:11:2d:72:13:
                    9c:9b:b3:a0:86:2c:c6:12:df:08:24:c6:ef:62:00:
                    61:6f:e2:f5:9a:22:9b:1e:d7:d4:fc:6b:e6:08:c1:
                    44:0f:08:8c:91:e4:c9:cf:08:72:20:1a:6e:c9:a4:
                    5d:8d:d9:28:88:77:58:da:ce:75:b1:99:be:b1:be:
                    4e:ff:a2:4b:69:a7:e2:82:e2:94:ef:99:44:9b:8e:
                    41:82:09:c8:aa:8c:c4:7a:9d:61:d0:b5:ff:bb:52:
                    57:50:fa:a5:ca:99:f5:6c:53:95:2f:81:b1:fd:5c:
                    d6:fe:1b:eb:19:7c:14:92:a6:2b:c9:28:b7:40:33:
                    ec:70:80:72:73:6d:db:e3:03:db:7f:68:8f:e4:bf:
                    4e:c2:a0:7c:50:58:df:79:66:2a:ae:30:35:5e:55:
                    27:10:3b:f9:22:6b:eb:5d:7f:fb:d2:39:b0:c3:09:
                    f5:99:86:8e:36:f9:0a:7b:30:86:74:e8:57:ab:5d:
                    bf:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:94:2D:DA:DB:E5:D2:7F:BE:9C:33:97:06:11:03:B9:E3:E5:B1:B0
            X509v3 Authority Key Identifier:
                keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/gZQt2tvl0n--nDOXBhEDuePlsbA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.181.35.0/24

    Signature Algorithm: sha256WithRSAEncryption
         10:9d:6b:e1:3c:42:4a:cc:0d:d5:50:18:e0:5d:c6:a5:15:31:
         c6:73:bb:29:c2:45:50:dd:1f:d0:3a:89:89:fc:17:a1:75:56:
         da:9a:8e:89:24:b8:7f:96:0e:02:4e:0a:93:8a:9f:7f:18:48:
         bb:b4:fa:6e:a4:23:91:b6:cb:09:1a:4a:c6:52:2f:ee:c4:d3:
         07:dd:47:d1:39:36:81:f4:2d:1a:29:f3:e0:92:d0:fd:20:93:
         3f:3b:ce:f2:2f:e5:64:25:8b:68:52:68:17:31:0b:90:4e:26:
         ba:3e:80:0a:24:1d:94:50:fd:2c:b5:82:56:c8:1a:56:f0:fd:
         ee:87:3a:d1:0d:a0:ff:82:23:ac:fd:8d:6d:78:e0:21:ee:50:
         8a:1b:c9:d6:e9:ef:1d:4a:46:91:48:bc:fc:85:42:29:f6:cb:
         fe:da:e5:7d:fe:0f:48:b2:f6:9e:78:d9:fe:85:75:5f:c2:74:
         3e:3f:43:d4:43:ac:8d:a1:33:57:e8:30:f6:95:91:cb:f5:24:
         71:d5:91:06:16:5b:70:d5:0f:ba:30:fc:14:a6:de:0f:6a:1e:
         7b:b3:ce:4c:11:aa:b2:8b:cd:09:36:04:93:55:cd:39:0f:20:
         0d:12:1c:9c:c0:c1:02:5c:c9:9c:89:d8:85:6b:d9:ce:45:81:
         2e:b4:78:26
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZDZ+4noDMTKIRj68uYiASFhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjQwNzIyMTAyNzM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTk0MmRkYWRiZTVkMjdmYmU5YzMzOTcwNjExMDNiOWUzZTViMWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjCm3EhUK/fMijX06RlEo/cHUGj5m
M/EaugcnWtZLkg5OHFAVO6X3MDl5pm5FkRnoNyCP4PprFjQiKv2c+gaVNSonL6x8
JBEtchOcm7OghizGEt8IJMbvYgBhb+L1miKbHtfU/GvmCMFEDwiMkeTJzwhyIBpu
yaRdjdkoiHdY2s51sZm+sb5O/6JLaafiguKU75lEm45BggnIqozEep1h0LX/u1JX
UPqlypn1bFOVL4Gx/VzW/hvrGXwUkqYrySi3QDPscIByc23b4wPbf2iP5L9OwqB8
UFjfeWYqrjA1XlUnEDv5ImvrXX/70jmwwwn1mYaONvkKezCGdOhXq12/zQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIGULdrb5dJ/vpwzlwYRA7nj5bGwMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvZ1pRdDJ0dmwwbi0tbkRPWEJoRUR1ZVBsc2JBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAubUjMA0G
CSqGSIb3DQEBCwUAA4IBAQAQnWvhPEJKzA3VUBjgXcalFTHGc7spwkVQ3R/QOomJ
/BehdVbamo6JJLh/lg4CTgqTip9/GEi7tPpupCORtssJGkrGUi/uxNMH3UfROTaB
9C0aKfPgktD9IJM/O87yL+VkJYtoUmgXMQuQTia6PoAKJB2UUP0stYJWyBpW8P3u
hzrRDaD/giOs/Y1teOAh7lCKG8nW6e8dSkaRSLz8hUIp9sv+2uV9/g9IsvaeeNn+
hXVfwnQ+P0PUQ6yNoTNX6DD2lZHL9SRx1ZEGFltw1Q+6MPwUpt4Pah57s85MEaqy
i80JNgSTVc05DyANEhycwMECXMmcidiFa9nORYEutHgm
-----END CERTIFICATE-----
Generated at Tue Jul 30 19:59:40 2024 by rpki-client on console-ams.rpki-client.org