Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/7fac44-610f-485c-ae11-18ea1d5fef2d/1/urZTBULcN7MVUdreymXQKgod3Kg.roa
File:                     urZTBULcN7MVUdreymXQKgod3Kg.roa (raw, json)
Hash identifier:          QrM1QpNBU7xWAD0rlfzcfVcKe4YKMTnJSXHDBDLLCQE=
Subject key identifier:   BA:B6:53:05:42:DC:37:B3:15:51:DA:DE:CA:65:D0:2A:0A:1D:DC:A8
Certificate issuer:       /CN=d8ba20120ec6dc80fd351a533d2c85ca0d983299
Certificate serial:       018571F0E72CBED9A93E26CEABDC5C79BEBB
Authority key identifier: D8:BA:20:12:0E:C6:DC:80:FD:35:1A:53:3D:2C:85:CA:0D:98:32:99
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2LogEg7G3ID9NRpTPSyFyg2YMpk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5c/7fac44-610f-485c-ae11-18ea1d5fef2d/1/urZTBULcN7MVUdreymXQKgod3Kg.roa
Signing time:             Mon 02 Jan 2023 10:04:51 +0000
ROA not before:           Mon 02 Jan 2023 10:04:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     44210
IP address blocks:        185.79.16.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:30:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:f0:e7:2c:be:d9:a9:3e:26:ce:ab:dc:5c:79:be:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d8ba20120ec6dc80fd351a533d2c85ca0d983299
        Validity
            Not Before: Jan  2 10:04:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=bab6530542dc37b31551dadeca65d02a0a1ddca8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:0b:bc:41:94:5d:3f:2f:62:ff:1b:ec:6f:e0:
                    3e:c1:76:71:bb:8e:24:f4:0d:00:3f:d5:60:f9:ba:
                    fc:b3:80:54:9d:75:a6:c8:be:1a:db:0a:1c:13:90:
                    4c:9b:8d:cd:54:00:4a:61:fe:0d:44:ec:55:e4:ce:
                    6d:7b:77:74:57:a0:8f:ff:9e:50:c4:6a:31:e9:5d:
                    3d:a9:4e:ad:8d:7d:59:85:de:e2:75:b6:2b:00:c5:
                    52:12:66:83:72:a7:90:2a:bd:a5:3c:23:ba:00:5a:
                    80:b9:cb:cd:0f:d1:6e:61:f5:82:e5:31:92:dd:62:
                    24:18:03:da:15:31:54:b7:3d:75:fe:71:eb:a8:7e:
                    18:76:de:d6:8a:be:94:a2:29:87:40:1f:b5:02:97:
                    e5:16:11:46:56:83:e2:97:ad:29:9e:6f:a5:98:16:
                    3d:ac:76:5a:34:c2:e9:3e:60:c2:67:5c:e9:9c:d7:
                    64:e3:63:bf:70:8c:b9:1f:dd:2c:d9:4c:60:92:f7:
                    b3:35:cb:e5:87:0f:7d:15:0f:01:90:09:12:9f:30:
                    45:44:51:ff:97:e3:59:13:81:ed:96:73:75:bb:93:
                    10:f9:57:ad:a2:07:42:07:7f:15:a5:d4:f1:9b:04:
                    70:fd:73:57:d5:0b:04:8e:a1:16:a4:43:c6:8a:70:
                    8f:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:B6:53:05:42:DC:37:B3:15:51:DA:DE:CA:65:D0:2A:0A:1D:DC:A8
            X509v3 Authority Key Identifier:
                keyid:D8:BA:20:12:0E:C6:DC:80:FD:35:1A:53:3D:2C:85:CA:0D:98:32:99

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2LogEg7G3ID9NRpTPSyFyg2YMpk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/7fac44-610f-485c-ae11-18ea1d5fef2d/1/urZTBULcN7MVUdreymXQKgod3Kg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/7fac44-610f-485c-ae11-18ea1d5fef2d/1/2LogEg7G3ID9NRpTPSyFyg2YMpk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.79.16.0/22

    Signature Algorithm: sha256WithRSAEncryption
         22:54:f9:e4:75:28:58:19:a8:dd:96:40:51:03:12:b9:05:d5:
         b4:22:c8:07:87:01:41:39:d9:1e:05:06:ba:3f:d9:dc:df:44:
         2c:ce:68:29:0b:82:88:4a:48:77:92:ee:f9:71:3d:fb:a3:06:
         9f:9f:f6:2c:ec:9d:d2:43:04:b6:c2:28:1f:4d:df:e1:44:b1:
         e5:6e:a8:d1:19:93:61:e6:65:32:48:c2:e8:d5:02:be:f6:00:
         62:f9:c5:b2:43:45:57:c8:9b:29:88:bb:22:3f:31:9d:c2:d3:
         70:96:17:8c:91:74:16:26:61:fc:c2:11:de:92:3f:4d:4a:16:
         86:89:58:33:e4:24:58:e4:88:76:ef:8b:f0:47:42:8c:51:fb:
         2f:36:68:08:f8:b5:29:f4:40:79:45:ac:88:a4:5a:c6:3a:6f:
         8b:fd:53:a2:97:d5:d2:bd:e2:03:67:73:b3:51:8d:8a:f2:89:
         ce:14:46:a1:93:00:ce:0d:1f:20:f6:e0:50:f1:63:ca:3a:39:
         7d:d5:d3:08:6e:8d:e3:45:5f:50:3e:fb:4a:19:3b:38:a7:d9:
         65:34:7e:8e:0c:33:b6:6c:ee:63:79:2c:5f:b5:54:63:08:e9:
         a6:f5:be:c0:10:74:82:50:d3:b6:6a:50:00:bf:f7:22:40:51:
         dd:15:93:3c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx8OcsvtmpPibOq9xceb67MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4YmEyMDEyMGVjNmRjODBmZDM1MWE1MzNkMmM4NWNhMGQ5
ODMyOTkwHhcNMjMwMTAyMTAwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWI2NTMwNTQyZGMzN2IzMTU1MWRhZGVjYTY1ZDAyYTBhMWRkY2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoAu8QZRdPy9i/xvsb+A+wXZxu44k
9A0AP9Vg+br8s4BUnXWmyL4a2wocE5BMm43NVABKYf4NROxV5M5te3d0V6CP/55Q
xGox6V09qU6tjX1Zhd7idbYrAMVSEmaDcqeQKr2lPCO6AFqAucvND9FuYfWC5TGS
3WIkGAPaFTFUtz11/nHrqH4Ydt7Wir6UoimHQB+1ApflFhFGVoPil60pnm+lmBY9
rHZaNMLpPmDCZ1zpnNdk42O/cIy5H90s2UxgkvezNcvlhw99FQ8BkAkSnzBFRFH/
l+NZE4HtlnN1u5MQ+VetogdCB38VpdTxmwRw/XNX1QsEjqEWpEPGinCP+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLq2UwVC3DezFVHa3spl0CoKHdyoMB8GA1UdIwQY
MBaAFNi6IBIOxtyA/TUaUz0shcoNmDKZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkxvZ0VnN0czSUQ5TlJwVFBTeUZ5ZzJZTXBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy83ZmFjNDQtNjEwZi00ODVjLWFlMTEt
MThlYTFkNWZlZjJkLzEvdXJaVEJVTGNON01WVWRyZXltWFFLZ29kM0tnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy83ZmFjNDQtNjEwZi00ODVjLWFlMTEtMThlYTFkNWZlZjJk
LzEvMkxvZ0VnN0czSUQ5TlJwVFBTeUZ5ZzJZTXBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuU8QMA0G
CSqGSIb3DQEBCwUAA4IBAQAiVPnkdShYGajdlkBRAxK5BdW0IsgHhwFBOdkeBQa6
P9nc30QszmgpC4KISkh3ku75cT37owafn/Ys7J3SQwS2wigfTd/hRLHlbqjRGZNh
5mUySMLo1QK+9gBi+cWyQ0VXyJspiLsiPzGdwtNwlheMkXQWJmH8whHekj9NShaG
iVgz5CRY5Ih274vwR0KMUfsvNmgI+LUp9EB5RayIpFrGOm+L/VOil9XSveIDZ3Oz
UY2K8onOFEahkwDODR8g9uBQ8WPKOjl91dMIbo3jRV9QPvtKGTs4p9llNH6ODDO2
bO5jeSxftVRjCOmm9b7AEHSCUNO2alAAv/ciQFHdFZM8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:16 2024 by rpki-client on console-fra.rpki-client.org