Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/f501f6-1702-48d3-8027-96b8691f5260/1/BK4QVtGTza2lmEl1Wkc_rseZWBg.roa
File:                     BK4QVtGTza2lmEl1Wkc_rseZWBg.roa (raw, json)
Hash identifier:          bl0+jgGD8ftLRGGekw7E74OGylpHJrPlN+Yl6gvDkL4=
Subject key identifier:   04:AE:10:56:D1:93:CD:AD:A5:98:49:75:5A:47:3F:AE:C7:99:58:18
Certificate issuer:       /CN=15d1ff6bec9fbcb89e950a3a01ef2d686f0e7a31
Certificate serial:       01856F79927146B74B38BA198D5658F31EEF
Authority key identifier: 15:D1:FF:6B:EC:9F:BC:B8:9E:95:0A:3A:01:EF:2D:68:6F:0E:7A:31
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FdH_a-yfvLielQo6Ae8taG8OejE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/f501f6-1702-48d3-8027-96b8691f5260/1/BK4QVtGTza2lmEl1Wkc_rseZWBg.roa
Signing time:             Sun 01 Jan 2023 22:35:16 +0000
ROA not before:           Sun 01 Jan 2023 22:35:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     203147
IP address blocks:        185.150.219.0/24 maxlen: 24
                          185.150.216.0/23 maxlen: 23
                          185.150.218.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:31:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:79:92:71:46:b7:4b:38:ba:19:8d:56:58:f3:1e:ef
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=15d1ff6bec9fbcb89e950a3a01ef2d686f0e7a31
        Validity
            Not Before: Jan  1 22:35:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=04ae1056d193cdada59849755a473faec7995818
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:a3:e6:66:8b:0d:e9:1d:1a:c0:82:2b:87:58:
                    98:2b:03:37:f8:40:c7:0f:b4:33:48:20:95:70:a4:
                    0c:f3:08:02:b1:62:ee:ba:74:8d:30:53:c3:65:83:
                    8b:31:d7:50:d6:20:e5:3a:81:22:2f:3e:a0:5c:eb:
                    a3:76:1c:67:01:19:01:49:a0:73:37:2f:22:0c:89:
                    80:07:18:dd:8b:c7:1c:65:51:06:8f:68:79:8d:2c:
                    21:dd:66:ce:ff:be:d4:0c:53:69:f1:8d:92:76:98:
                    8c:3b:7d:89:f9:ac:c0:0a:90:85:c7:19:52:90:58:
                    b6:72:ac:95:e2:0f:31:75:33:f2:aa:d9:3c:33:ad:
                    11:f4:ef:f4:f0:52:d9:9b:56:cd:13:bc:bb:0f:dc:
                    25:62:74:5c:86:ea:98:6e:3b:fe:49:18:ee:02:74:
                    0c:19:81:0e:a5:08:8d:cd:d5:75:18:5e:56:2d:01:
                    fb:13:c5:52:c7:d1:49:10:c2:a0:97:14:12:8f:22:
                    5d:63:98:57:6f:d8:ce:e3:00:62:71:1e:89:28:ea:
                    32:c4:21:f1:f1:10:aa:03:cb:ed:18:a2:7a:e4:c4:
                    bb:ca:9c:e5:30:84:c3:4e:c8:7c:a5:14:2d:fa:6b:
                    ea:18:a9:a0:89:ca:6b:8d:87:c5:5a:58:c7:5b:7e:
                    df:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:AE:10:56:D1:93:CD:AD:A5:98:49:75:5A:47:3F:AE:C7:99:58:18
            X509v3 Authority Key Identifier:
                keyid:15:D1:FF:6B:EC:9F:BC:B8:9E:95:0A:3A:01:EF:2D:68:6F:0E:7A:31

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FdH_a-yfvLielQo6Ae8taG8OejE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/f501f6-1702-48d3-8027-96b8691f5260/1/BK4QVtGTza2lmEl1Wkc_rseZWBg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/f501f6-1702-48d3-8027-96b8691f5260/1/FdH_a-yfvLielQo6Ae8taG8OejE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.150.216.0/22

    Signature Algorithm: sha256WithRSAEncryption
         6d:2f:b9:5a:9d:a5:fd:a7:42:50:c2:ba:92:33:b2:6c:ba:a5:
         14:68:42:74:cd:ae:14:88:bf:6e:54:65:d9:a1:89:e4:69:6d:
         3f:43:c0:9e:82:ba:20:79:24:6a:b9:21:6b:23:24:f6:b9:9d:
         04:9c:aa:ec:4c:16:06:bd:ff:11:7b:01:47:5c:93:5a:c7:02:
         39:19:f9:c9:ee:9e:19:4a:ef:4a:4a:dc:f9:f2:68:66:7d:f4:
         17:73:73:32:2a:85:69:46:da:f7:a9:e7:28:85:d3:7f:8c:72:
         c1:2c:06:08:b4:bf:9b:d1:ff:a1:07:fc:74:14:f5:12:5d:6e:
         08:d6:76:e9:54:3e:58:72:2e:64:01:fc:dd:8d:cd:10:0a:90:
         b7:9b:d0:0d:99:a1:4b:47:99:ef:62:61:54:75:ce:52:d9:c6:
         bf:51:1f:00:8d:e0:55:c1:18:e7:57:8c:ac:a4:fb:82:25:4a:
         ac:0a:61:fa:a5:ac:fd:e5:e1:76:59:d7:1a:a5:f0:bf:a9:b6:
         fe:9d:11:56:ad:87:d4:8e:d9:70:58:60:ce:a9:2e:f0:99:a7:
         3e:d8:aa:0e:2e:7e:32:67:85:1e:e4:bd:e8:03:9f:5e:ca:85:
         0e:a3:25:22:dc:30:1b:e9:72:15:b8:30:e1:67:8b:23:7a:97:
         a6:7c:f0:ad
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVveZJxRrdLOLoZjVZY8x7vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZDFmZjZiZWM5ZmJjYjg5ZTk1MGEzYTAxZWYyZDY4NmYw
ZTdhMzEwHhcNMjMwMTAxMjIzNTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGFlMTA1NmQxOTNjZGFkYTU5ODQ5NzU1YTQ3M2ZhZWM3OTk1ODE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4qPmZosN6R0awIIrh1iYKwM3+EDH
D7QzSCCVcKQM8wgCsWLuunSNMFPDZYOLMddQ1iDlOoEiLz6gXOujdhxnARkBSaBz
Ny8iDImABxjdi8ccZVEGj2h5jSwh3WbO/77UDFNp8Y2SdpiMO32J+azACpCFxxlS
kFi2cqyV4g8xdTPyqtk8M60R9O/08FLZm1bNE7y7D9wlYnRchuqYbjv+SRjuAnQM
GYEOpQiNzdV1GF5WLQH7E8VSx9FJEMKglxQSjyJdY5hXb9jO4wBicR6JKOoyxCHx
8RCqA8vtGKJ65MS7ypzlMITDTsh8pRQt+mvqGKmgicprjYfFWljHW37fjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFASuEFbRk82tpZhJdVpHP67HmVgYMB8GA1UdIwQY
MBaAFBXR/2vsn7y4npUKOgHvLWhvDnoxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmRIX2EteWZ2TGllbFFvNkFlOHRhRzhPZWpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9mNTAxZjYtMTcwMi00OGQzLTgwMjct
OTZiODY5MWY1MjYwLzEvQks0UVZ0R1R6YTJsbUVsMVdrY19yc2VaV0JnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9mNTAxZjYtMTcwMi00OGQzLTgwMjctOTZiODY5MWY1MjYw
LzEvRmRIX2EteWZ2TGllbFFvNkFlOHRhRzhPZWpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZbYMA0G
CSqGSIb3DQEBCwUAA4IBAQBtL7lanaX9p0JQwrqSM7JsuqUUaEJ0za4UiL9uVGXZ
oYnkaW0/Q8CegrogeSRquSFrIyT2uZ0EnKrsTBYGvf8RewFHXJNaxwI5GfnJ7p4Z
Su9KStz58mhmffQXc3MyKoVpRtr3qecohdN/jHLBLAYItL+b0f+hB/x0FPUSXW4I
1nbpVD5Yci5kAfzdjc0QCpC3m9ANmaFLR5nvYmFUdc5S2ca/UR8AjeBVwRjnV4ys
pPuCJUqsCmH6paz95eF2WdcapfC/qbb+nRFWrYfUjtlwWGDOqS7wmac+2KoOLn4y
Z4Ue5L3oA59eyoUOoyUi3DAb6XIVuDDhZ4sjepemfPCt
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:58 2024 by rpki-client on console-fra.rpki-client.org