Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/ba6f3e-e95b-48d2-8419-413da667a8be/1/_d5lh0wY_fHFIzHZfCPa1fXRNn4.roa
File:                     _d5lh0wY_fHFIzHZfCPa1fXRNn4.roa (raw, json)
Hash identifier:          9UWCJBQN1coM/5xFtldQDKpRjYNGx1IvlMEscPzLHOA=
Subject key identifier:   FD:DE:65:87:4C:18:FD:F1:C5:23:31:D9:7C:23:DA:D5:F5:D1:36:7E
Certificate issuer:       /CN=9b19758a087876816dc19361eaf1e9412de73f86
Certificate serial:       018B5D5E7FE90D9C329862D7BABE2A4BD20A
Authority key identifier: 9B:19:75:8A:08:78:76:81:6D:C1:93:61:EA:F1:E9:41:2D:E7:3F:86
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mxl1igh4doFtwZNh6vHpQS3nP4Y.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/62/ba6f3e-e95b-48d2-8419-413da667a8be/1/_d5lh0wY_fHFIzHZfCPa1fXRNn4.roa
Signing time:             Mon 23 Oct 2023 16:29:16 +0000
ROA not before:           Mon 23 Oct 2023 16:29:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     216120
IP address blocks:        185.150.19.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 16:29:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:5d:5e:7f:e9:0d:9c:32:98:62:d7:ba:be:2a:4b:d2:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9b19758a087876816dc19361eaf1e9412de73f86
        Validity
            Not Before: Oct 23 16:29:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=fdde65874c18fdf1c52331d97c23dad5f5d1367e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:5d:e1:f8:1c:29:fd:2d:cf:8b:e8:eb:38:c1:
                    58:6c:45:fd:69:bd:c2:a7:90:31:42:f9:99:2f:23:
                    1a:bf:9d:43:4a:66:a5:cb:c2:d6:e1:03:65:bc:0b:
                    85:2a:14:8e:b7:15:9c:10:bc:cd:34:f3:c8:df:83:
                    c3:ca:ea:4e:e5:1c:2c:a0:a1:c9:23:b4:0a:89:5c:
                    af:5b:17:2e:de:a4:65:f3:fa:f2:f5:dc:43:1e:d4:
                    7a:59:b9:3a:85:db:dd:5b:e5:46:d7:21:b6:06:a5:
                    ec:50:8d:2a:4c:cb:62:11:da:0b:12:ff:75:f8:08:
                    24:16:92:5f:c2:91:1a:4d:60:4f:c8:1b:79:0e:26:
                    e8:c9:71:e9:9d:3f:fd:2e:a5:81:d2:b0:11:01:b8:
                    20:83:5a:4c:12:09:60:c3:82:f2:c4:14:13:6f:23:
                    47:53:61:db:73:9c:68:62:ee:af:07:58:b7:40:ca:
                    22:52:b2:79:7f:85:d9:58:13:e1:fd:d3:aa:13:0c:
                    c6:be:83:55:67:39:96:88:7f:77:c5:23:6b:88:15:
                    67:d2:2d:ab:95:eb:1e:fe:6a:cc:2b:bf:0d:0f:8c:
                    82:9c:c5:e6:12:ad:02:c5:fe:67:d1:e2:6e:5d:80:
                    e5:0b:2c:c2:c8:1d:c4:c3:18:91:41:4f:0f:e2:81:
                    8f:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:DE:65:87:4C:18:FD:F1:C5:23:31:D9:7C:23:DA:D5:F5:D1:36:7E
            X509v3 Authority Key Identifier:
                keyid:9B:19:75:8A:08:78:76:81:6D:C1:93:61:EA:F1:E9:41:2D:E7:3F:86

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mxl1igh4doFtwZNh6vHpQS3nP4Y.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/ba6f3e-e95b-48d2-8419-413da667a8be/1/_d5lh0wY_fHFIzHZfCPa1fXRNn4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/62/ba6f3e-e95b-48d2-8419-413da667a8be/1/mxl1igh4doFtwZNh6vHpQS3nP4Y.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.150.19.0/24

    Signature Algorithm: sha256WithRSAEncryption
         84:ab:ca:07:d7:0c:09:5c:11:b6:a4:83:87:55:e0:99:db:44:
         b6:cd:b2:c1:a4:a9:fa:7b:ba:78:6d:cc:47:d7:d9:c9:6c:7d:
         4e:6c:13:d8:7c:1f:41:8b:a6:1d:b4:5c:d5:b5:f8:8f:41:63:
         db:9e:11:9e:d1:c0:4f:cf:ee:e1:b4:9c:52:ef:08:38:73:bf:
         78:f5:c3:dd:a1:54:00:c7:e2:5a:33:65:d4:24:4a:a6:a8:ea:
         be:e4:eb:e1:a7:6b:57:72:45:2f:53:72:14:bc:00:58:e4:f8:
         6d:db:9f:75:db:f0:04:8c:6f:12:32:73:86:08:fd:72:71:6f:
         67:49:2f:6e:fc:fd:c4:b4:bc:fd:25:a5:00:9f:1d:45:3b:bc:
         89:44:a3:f6:21:e4:a4:cc:4c:fb:df:aa:a9:7f:2f:61:3e:d2:
         2d:b2:ac:a0:1f:d0:1e:bb:60:73:df:4d:c1:88:16:74:84:62:
         81:79:a6:a2:10:07:29:01:37:5d:25:e9:a9:4c:2c:db:a4:25:
         b6:1c:66:41:ca:28:92:4b:d2:a6:7a:90:9d:34:42:e5:aa:34:
         11:8c:a1:ce:dd:4b:8b:29:8d:b0:a3:91:88:12:aa:5b:b6:1c:
         71:f4:46:f0:10:17:d4:54:77:a1:51:ff:6e:0f:07:da:d6:8b:
         b4:f3:f1:1f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYtdXn/pDZwymGLXur4qS9IKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliMTk3NThhMDg3ODc2ODE2ZGMxOTM2MWVhZjFlOTQxMmRl
NzNmODYwHhcNMjMxMDIzMTYyOTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGRlNjU4NzRjMThmZGYxYzUyMzMxZDk3YzIzZGFkNWY1ZDEzNjdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArl3h+Bwp/S3Pi+jrOMFYbEX9ab3C
p5AxQvmZLyMav51DSmaly8LW4QNlvAuFKhSOtxWcELzNNPPI34PDyupO5RwsoKHJ
I7QKiVyvWxcu3qRl8/ry9dxDHtR6Wbk6hdvdW+VG1yG2BqXsUI0qTMtiEdoLEv91
+AgkFpJfwpEaTWBPyBt5DiboyXHpnT/9LqWB0rARAbggg1pMEglgw4LyxBQTbyNH
U2Hbc5xoYu6vB1i3QMoiUrJ5f4XZWBPh/dOqEwzGvoNVZzmWiH93xSNriBVn0i2r
lese/mrMK78ND4yCnMXmEq0Cxf5n0eJuXYDlCyzCyB3EwxiRQU8P4oGPewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP3eZYdMGP3xxSMx2Xwj2tX10TZ+MB8GA1UdIwQY
MBaAFJsZdYoIeHaBbcGTYerx6UEt5z+GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXhsMWlnaDRkb0Z0d1pOaDZ2SHBRUzNuUDRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi9iYTZmM2UtZTk1Yi00OGQyLTg0MTkt
NDEzZGE2NjdhOGJlLzEvX2Q1bGgwd1lfZkhGSXpIWmZDUGExZlhSTm40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi9iYTZmM2UtZTk1Yi00OGQyLTg0MTktNDEzZGE2NjdhOGJl
LzEvbXhsMWlnaDRkb0Z0d1pOaDZ2SHBRUzNuUDRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZYTMA0G
CSqGSIb3DQEBCwUAA4IBAQCEq8oH1wwJXBG2pIOHVeCZ20S2zbLBpKn6e7p4bcxH
19nJbH1ObBPYfB9Bi6YdtFzVtfiPQWPbnhGe0cBPz+7htJxS7wg4c7949cPdoVQA
x+JaM2XUJEqmqOq+5Ovhp2tXckUvU3IUvABY5Pht25912/AEjG8SMnOGCP1ycW9n
SS9u/P3EtLz9JaUAnx1FO7yJRKP2IeSkzEz736qpfy9hPtItsqygH9Aeu2Bz303B
iBZ0hGKBeaaiEAcpATddJempTCzbpCW2HGZByiiSS9KmepCdNELlqjQRjKHO3UuL
KY2wo5GIEqpbthxx9EbwEBfUVHehUf9uDwfa1ou08/Ef
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:31 2024 by rpki-client on console-ams.rpki-client.org