Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/f501f6-1702-48d3-8027-96b8691f5260/1/BPbocu9kPVIIP5T-6TJiTr6AjOI.roa
File:                     BPbocu9kPVIIP5T-6TJiTr6AjOI.roa (raw, json)
Hash identifier:          UGsv1WJv+niHcyqXhUPLaOfykGSeXXF1lxPJnEqxJp8=
Subject key identifier:   04:F6:E8:72:EF:64:3D:52:08:3F:94:FE:E9:32:62:4E:BE:80:8C:E2
Certificate issuer:       /CN=15d1ff6bec9fbcb89e950a3a01ef2d686f0e7a31
Certificate serial:       01856F798FB57A858FCC7EDFDD5966B5FEF3
Authority key identifier: 15:D1:FF:6B:EC:9F:BC:B8:9E:95:0A:3A:01:EF:2D:68:6F:0E:7A:31
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FdH_a-yfvLielQo6Ae8taG8OejE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5e/f501f6-1702-48d3-8027-96b8691f5260/1/BPbocu9kPVIIP5T-6TJiTr6AjOI.roa
Signing time:             Sun 01 Jan 2023 22:35:15 +0000
ROA not before:           Sun 01 Jan 2023 22:35:15 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     3225
IP address blocks:        185.150.219.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:31:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:79:8f:b5:7a:85:8f:cc:7e:df:dd:59:66:b5:fe:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=15d1ff6bec9fbcb89e950a3a01ef2d686f0e7a31
        Validity
            Not Before: Jan  1 22:35:15 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=04f6e872ef643d52083f94fee932624ebe808ce2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:17:c7:b1:3a:70:29:86:8b:33:05:d6:53:9c:
                    66:2f:6b:91:9c:a4:6f:37:ac:99:84:4a:2a:6d:8d:
                    f0:2c:93:6f:9b:19:27:17:35:18:e6:0b:1e:6a:96:
                    34:4e:1d:b9:a5:ce:d9:ac:a6:cc:41:58:a0:99:6e:
                    ad:c8:2e:8c:5a:5f:5e:de:34:9b:f2:4a:6a:35:0d:
                    33:bf:9d:e1:31:e1:89:e3:5d:1f:57:3a:d9:d2:eb:
                    5a:ad:e8:0d:ee:51:8f:66:52:0d:64:bf:13:09:f0:
                    37:cb:ff:72:81:92:9a:a8:cc:55:37:78:30:ab:15:
                    42:7a:c6:5b:ea:09:98:14:64:e0:31:4e:fe:91:7b:
                    54:54:60:60:c9:b6:21:5a:ea:2e:b2:36:92:af:f0:
                    4b:40:1d:94:01:6c:a4:76:ba:e1:d5:54:21:c8:3c:
                    1d:64:57:d9:46:09:8b:6e:47:7e:a3:3a:64:00:47:
                    3b:f2:05:be:e4:02:d5:19:6d:90:5f:1c:91:03:e5:
                    c4:e2:9c:99:c8:42:a7:9c:2b:73:cd:4c:d3:7b:ed:
                    5f:a0:00:8d:a1:9f:84:d5:76:f9:3f:29:73:52:03:
                    3b:d5:e5:af:a0:29:5c:dd:b6:26:d0:db:19:67:64:
                    05:26:b5:34:ab:ae:8d:52:4f:c0:ab:bf:91:c2:91:
                    cc:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:F6:E8:72:EF:64:3D:52:08:3F:94:FE:E9:32:62:4E:BE:80:8C:E2
            X509v3 Authority Key Identifier:
                keyid:15:D1:FF:6B:EC:9F:BC:B8:9E:95:0A:3A:01:EF:2D:68:6F:0E:7A:31

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FdH_a-yfvLielQo6Ae8taG8OejE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/f501f6-1702-48d3-8027-96b8691f5260/1/BPbocu9kPVIIP5T-6TJiTr6AjOI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/f501f6-1702-48d3-8027-96b8691f5260/1/FdH_a-yfvLielQo6Ae8taG8OejE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.150.219.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8a:e7:97:09:5e:10:dc:fc:d8:d5:30:20:74:7b:3c:56:6b:dc:
         6c:2f:46:9e:0a:7b:2e:ea:87:3e:31:5a:a3:35:0a:2b:a3:03:
         7b:bc:66:b2:b9:08:26:34:fb:85:5c:db:da:1c:22:e9:76:29:
         96:8d:b8:91:c4:1e:82:b9:cd:5b:16:67:2b:9c:ee:c9:69:9c:
         7f:f7:a5:d4:c1:91:03:dd:96:82:10:88:0c:c8:b3:34:0f:eb:
         a5:dd:e4:80:18:70:86:0d:ca:f3:84:40:bb:e1:8b:4c:a2:c5:
         7f:d9:bb:33:59:13:f8:96:d6:50:e6:8a:da:4b:56:b0:e4:a8:
         41:5f:bb:92:b4:ce:dc:2a:1b:88:7c:ea:9e:34:c4:e1:b2:b6:
         c5:61:67:b9:38:5f:2d:8a:da:63:21:c4:73:90:3e:3d:cd:be:
         75:39:54:e3:63:bc:67:a4:2f:c2:8c:89:99:fc:94:09:79:b5:
         ff:a1:95:18:33:97:87:3b:91:94:3c:3f:82:c5:72:bd:96:84:
         cf:c1:1d:09:80:61:70:b1:c1:c1:e9:8f:07:c0:9d:ed:a0:86:
         1e:ab:67:d7:00:0b:1a:96:be:a3:c7:43:91:49:7c:8f:c8:fd:
         00:4b:4f:ec:40:4f:25:00:c1:b2:7d:46:01:84:ec:e5:22:c8:
         82:64:5e:ee
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVveY+1eoWPzH7f3Vlmtf7zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZDFmZjZiZWM5ZmJjYjg5ZTk1MGEzYTAxZWYyZDY4NmYw
ZTdhMzEwHhcNMjMwMTAxMjIzNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGY2ZTg3MmVmNjQzZDUyMDgzZjk0ZmVlOTMyNjI0ZWJlODA4Y2UyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqBfHsTpwKYaLMwXWU5xmL2uRnKRv
N6yZhEoqbY3wLJNvmxknFzUY5gseapY0Th25pc7ZrKbMQVigmW6tyC6MWl9e3jSb
8kpqNQ0zv53hMeGJ410fVzrZ0utaregN7lGPZlINZL8TCfA3y/9ygZKaqMxVN3gw
qxVCesZb6gmYFGTgMU7+kXtUVGBgybYhWuousjaSr/BLQB2UAWykdrrh1VQhyDwd
ZFfZRgmLbkd+ozpkAEc78gW+5ALVGW2QXxyRA+XE4pyZyEKnnCtzzUzTe+1foACN
oZ+E1Xb5PylzUgM71eWvoClc3bYm0NsZZ2QFJrU0q66NUk/Aq7+RwpHMtwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAT26HLvZD1SCD+U/ukyYk6+gIziMB8GA1UdIwQY
MBaAFBXR/2vsn7y4npUKOgHvLWhvDnoxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmRIX2EteWZ2TGllbFFvNkFlOHRhRzhPZWpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9mNTAxZjYtMTcwMi00OGQzLTgwMjct
OTZiODY5MWY1MjYwLzEvQlBib2N1OWtQVklJUDVULTZUSmlUcjZBak9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9mNTAxZjYtMTcwMi00OGQzLTgwMjctOTZiODY5MWY1MjYw
LzEvRmRIX2EteWZ2TGllbFFvNkFlOHRhRzhPZWpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZbbMA0G
CSqGSIb3DQEBCwUAA4IBAQCK55cJXhDc/NjVMCB0ezxWa9xsL0aeCnsu6oc+MVqj
NQorowN7vGayuQgmNPuFXNvaHCLpdimWjbiRxB6Cuc1bFmcrnO7JaZx/96XUwZED
3ZaCEIgMyLM0D+ul3eSAGHCGDcrzhEC74YtMosV/2bszWRP4ltZQ5oraS1aw5KhB
X7uStM7cKhuIfOqeNMThsrbFYWe5OF8titpjIcRzkD49zb51OVTjY7xnpC/CjImZ
/JQJebX/oZUYM5eHO5GUPD+CxXK9loTPwR0JgGFwscHB6Y8HwJ3toIYeq2fXAAsa
lr6jx0ORSXyPyP0AS0/sQE8lAMGyfUYBhOzlIsiCZF7u
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:13:30 2024 by rpki-client on console-ams.rpki-client.org