Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/8e501d-c088-4895-aee3-450fe33595d1/1/A1PeMLS-u3qGBifIIUlM3OWKH-o.roa
File:                     A1PeMLS-u3qGBifIIUlM3OWKH-o.roa (raw, json)
Hash identifier:          qPpgQF2kxHIuQrGFrqfb0Gq5777o4CLWaTNMqK1zGiM=
Subject key identifier:   03:53:DE:30:B4:BE:BB:7A:86:06:27:C8:21:49:4C:DC:E5:8A:1F:EA
Certificate issuer:       /CN=380099a81b346f9abcaf26056f5b77094d1cf113
Certificate serial:       0186FE7CF86A3F720F0E516CC41BE15B040E
Authority key identifier: 38:00:99:A8:1B:34:6F:9A:BC:AF:26:05:6F:5B:77:09:4D:1C:F1:13
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OACZqBs0b5q8ryYFb1t3CU0c8RM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/73/8e501d-c088-4895-aee3-450fe33595d1/1/A1PeMLS-u3qGBifIIUlM3OWKH-o.roa
Signing time:             Mon 20 Mar 2023 10:07:28 +0000
ROA not before:           Mon 20 Mar 2023 10:07:28 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60484
IP address blocks:        185.159.172.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 14:32:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:fe:7c:f8:6a:3f:72:0f:0e:51:6c:c4:1b:e1:5b:04:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=380099a81b346f9abcaf26056f5b77094d1cf113
        Validity
            Not Before: Mar 20 10:07:28 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0353de30b4bebb7a860627c821494cdce58a1fea
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:0d:4a:4d:db:32:2b:19:be:b4:9b:73:1d:c8:
                    77:d0:7e:53:c9:17:a0:16:6a:dd:79:b5:8b:a3:6a:
                    55:b6:05:c2:e6:1e:af:3e:13:92:52:13:ae:64:b8:
                    39:ed:2d:df:f5:7b:fa:04:ba:0e:c7:8a:3d:d8:85:
                    96:24:3b:36:20:94:2d:ba:ea:36:06:53:7e:42:58:
                    83:1c:56:8a:fd:8c:fc:60:76:c9:13:15:f9:5c:dc:
                    65:fa:5e:c0:01:4c:11:08:38:47:78:0d:ac:27:e8:
                    e3:f5:86:41:93:7f:c2:38:81:c4:29:3c:09:99:9d:
                    47:e2:e0:82:d9:e2:88:00:30:67:00:1d:67:89:54:
                    14:c6:4f:55:49:18:30:12:31:8a:a2:82:6a:ad:8e:
                    26:72:49:4f:c0:bf:0d:04:37:1b:43:48:56:ce:49:
                    56:f2:24:52:36:a8:20:3c:65:1a:35:38:74:08:59:
                    c8:13:c2:25:d1:81:50:1f:08:d1:a5:c0:35:e1:b7:
                    b1:de:45:f3:07:45:bc:4e:ef:14:ed:5d:0f:58:e0:
                    85:29:75:c7:50:f3:15:8c:1c:cd:b4:ae:a0:65:29:
                    2b:b5:e8:c7:9d:d6:9d:84:2c:dd:5c:22:86:a6:e0:
                    ee:c3:ec:b0:60:06:ad:67:cb:2b:55:b8:9e:89:e4:
                    e2:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:53:DE:30:B4:BE:BB:7A:86:06:27:C8:21:49:4C:DC:E5:8A:1F:EA
            X509v3 Authority Key Identifier:
                keyid:38:00:99:A8:1B:34:6F:9A:BC:AF:26:05:6F:5B:77:09:4D:1C:F1:13

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OACZqBs0b5q8ryYFb1t3CU0c8RM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/8e501d-c088-4895-aee3-450fe33595d1/1/A1PeMLS-u3qGBifIIUlM3OWKH-o.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/73/8e501d-c088-4895-aee3-450fe33595d1/1/OACZqBs0b5q8ryYFb1t3CU0c8RM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.159.172.0/22

    Signature Algorithm: sha256WithRSAEncryption
         2e:48:1b:2c:ce:da:a9:6b:ae:71:c0:f4:b5:8d:9d:1e:87:5a:
         b7:da:21:a0:ef:c0:c7:db:3d:9d:7d:79:30:b5:34:29:9c:df:
         cc:b7:db:66:0f:07:2b:a7:76:25:2e:21:a3:3f:7d:fa:26:df:
         66:88:3f:4d:a9:96:a8:75:0c:20:ed:c0:34:2d:ab:20:2b:cc:
         25:0b:05:0a:06:90:f8:cb:77:79:34:77:7a:88:87:45:34:94:
         3a:78:11:a4:f0:e3:92:27:13:c3:80:99:0e:f5:f3:e7:0b:36:
         94:8e:33:fb:29:2e:95:7a:f8:9b:55:61:0d:8e:03:c5:7f:a1:
         0a:e0:0d:71:f5:4d:ec:7b:f7:ad:a9:f9:b8:c8:f1:90:07:f9:
         27:69:ee:98:ac:66:a6:6f:c8:ca:54:05:a5:01:72:0a:fc:b9:
         5a:1b:43:86:e5:3f:dd:80:cd:11:d9:5b:ad:ed:89:cf:1c:d8:
         21:97:e6:76:18:8e:28:eb:af:f5:60:d0:e8:08:cc:27:f7:59:
         82:27:3d:26:38:c4:cb:f5:fb:89:8f:09:2f:f7:12:2d:b6:ee:
         7f:45:bd:bd:fa:af:33:19:5a:dc:c1:a0:dc:d0:a5:2a:01:b7:
         77:1b:3c:e1:8e:46:74:ba:c1:1b:66:1d:31:88:6e:d7:f5:e8:
         6e:47:dc:e1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYb+fPhqP3IPDlFsxBvhWwQOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MDA5OWE4MWIzNDZmOWFiY2FmMjYwNTZmNWI3NzA5NGQx
Y2YxMTMwHhcNMjMwMzIwMTAwNzI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzUzZGUzMGI0YmViYjdhODYwNjI3YzgyMTQ5NGNkY2U1OGExZmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiA1KTdsyKxm+tJtzHch30H5TyReg
FmrdebWLo2pVtgXC5h6vPhOSUhOuZLg57S3f9Xv6BLoOx4o92IWWJDs2IJQtuuo2
BlN+QliDHFaK/Yz8YHbJExX5XNxl+l7AAUwRCDhHeA2sJ+jj9YZBk3/COIHEKTwJ
mZ1H4uCC2eKIADBnAB1niVQUxk9VSRgwEjGKooJqrY4mcklPwL8NBDcbQ0hWzklW
8iRSNqggPGUaNTh0CFnIE8Il0YFQHwjRpcA14bex3kXzB0W8Tu8U7V0PWOCFKXXH
UPMVjBzNtK6gZSkrtejHndadhCzdXCKGpuDuw+ywYAatZ8srVbieieTiwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFANT3jC0vrt6hgYnyCFJTNzlih/qMB8GA1UdIwQY
MBaAFDgAmagbNG+avK8mBW9bdwlNHPETMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0FDWnFCczBiNXE4cnlZRmIxdDNDVTBjOFJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My84ZTUwMWQtYzA4OC00ODk1LWFlZTMt
NDUwZmUzMzU5NWQxLzEvQTFQZU1MUy11M3FHQmlmSUlVbE0zT1dLSC1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My84ZTUwMWQtYzA4OC00ODk1LWFlZTMtNDUwZmUzMzU5NWQx
LzEvT0FDWnFCczBiNXE4cnlZRmIxdDNDVTBjOFJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZ+sMA0G
CSqGSIb3DQEBCwUAA4IBAQAuSBssztqpa65xwPS1jZ0eh1q32iGg78DH2z2dfXkw
tTQpnN/Mt9tmDwcrp3YlLiGjP336Jt9miD9NqZaodQwg7cA0LasgK8wlCwUKBpD4
y3d5NHd6iIdFNJQ6eBGk8OOSJxPDgJkO9fPnCzaUjjP7KS6VevibVWENjgPFf6EK
4A1x9U3se/etqfm4yPGQB/knae6YrGamb8jKVAWlAXIK/LlaG0OG5T/dgM0R2Vut
7YnPHNghl+Z2GI4o66/1YNDoCMwn91mCJz0mOMTL9fuJjwkv9xIttu5/Rb29+q8z
GVrcwaDc0KUqAbd3GzzhjkZ0usEbZh0xiG7X9ehuR9zh
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:59 2024 by rpki-client on console-fra.rpki-client.org