Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/112ce7-7415-4c5d-a890-ec95148fd236/1/smRa4fUBSapb8saOgQN-tf2A7EM.roa
File:                     smRa4fUBSapb8saOgQN-tf2A7EM.roa (raw, json)
Hash identifier:          hfwZN9lSyHVS2FWW0wqsbYc0S1fpTNGLmJqdmvXGTd0=
Subject key identifier:   B2:64:5A:E1:F5:01:49:AA:5B:F2:C6:8E:81:03:7E:B5:FD:80:EC:43
Certificate issuer:       /CN=331706b915bab8dac2b5547fbc87adeb61e6aede
Certificate serial:       01881EE85C2EA5C7550624E80AF206DC45F1
Authority key identifier: 33:17:06:B9:15:BA:B8:DA:C2:B5:54:7F:BC:87:AD:EB:61:E6:AE:DE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MxcGuRW6uNrCtVR_vIet62Hmrt4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/74/112ce7-7415-4c5d-a890-ec95148fd236/1/smRa4fUBSapb8saOgQN-tf2A7EM.roa
Signing time:             Mon 15 May 2023 10:15:24 +0000
ROA not before:           Mon 15 May 2023 10:15:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     24989
IP address blocks:        185.7.71.0/24 maxlen: 24
                          2a05:c700::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 16 May 2023 06:29:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:1e:e8:5c:2e:a5:c7:55:06:24:e8:0a:f2:06:dc:45:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=331706b915bab8dac2b5547fbc87adeb61e6aede
        Validity
            Not Before: May 15 10:15:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b2645ae1f50149aa5bf2c68e81037eb5fd80ec43
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:2d:95:e0:93:59:f7:1c:15:d9:b8:fa:fe:86:
                    e7:2a:1c:cc:26:77:04:f0:b8:8e:82:06:87:ac:8d:
                    69:b3:88:7b:13:50:49:38:aa:7c:a0:c4:a5:7f:8d:
                    07:27:80:a0:28:31:ca:a8:14:27:14:4d:4e:0f:c0:
                    90:e7:ee:92:18:45:90:16:ca:31:2a:81:7f:f0:87:
                    b8:64:05:a9:b0:16:9b:85:69:b7:1b:bd:3b:9f:d3:
                    38:ae:88:08:df:3a:31:7d:5f:cf:22:bd:75:c1:d5:
                    ff:ce:9c:2d:ca:e4:fd:33:89:ff:29:7f:a0:cc:f2:
                    21:7a:d3:61:06:e8:0c:fa:4e:66:0a:54:df:eb:88:
                    d8:2f:fd:65:6f:28:fc:f3:41:c8:ea:86:d9:77:de:
                    2b:84:b0:51:aa:b1:ed:b3:b5:b7:83:8a:6d:36:5a:
                    79:5a:ef:f1:56:30:7a:55:a0:ee:1a:af:e2:b1:4c:
                    2a:32:b0:30:85:2d:e3:df:5e:45:15:36:f4:7f:42:
                    5a:c5:59:3f:6c:81:4f:c2:e2:65:de:66:ff:f7:4c:
                    ef:09:8d:b4:35:dd:49:9c:3b:93:9e:da:d6:2c:8f:
                    9a:d7:72:7f:c8:79:58:27:83:26:a2:ce:48:70:b6:
                    58:00:42:6a:b6:be:d6:bf:bc:2a:6c:64:47:bd:3b:
                    de:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:64:5A:E1:F5:01:49:AA:5B:F2:C6:8E:81:03:7E:B5:FD:80:EC:43
            X509v3 Authority Key Identifier:
                keyid:33:17:06:B9:15:BA:B8:DA:C2:B5:54:7F:BC:87:AD:EB:61:E6:AE:DE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MxcGuRW6uNrCtVR_vIet62Hmrt4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/112ce7-7415-4c5d-a890-ec95148fd236/1/smRa4fUBSapb8saOgQN-tf2A7EM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/74/112ce7-7415-4c5d-a890-ec95148fd236/1/MxcGuRW6uNrCtVR_vIet62Hmrt4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.7.71.0/24
                IPv6:
                  2a05:c700::/32

    Signature Algorithm: sha256WithRSAEncryption
         52:10:62:ec:a0:c5:e6:1e:8e:bc:97:2d:f5:6d:f6:b7:58:ce:
         bc:d5:2c:f8:aa:15:4b:f8:41:95:a6:53:c2:a3:f5:bf:c0:94:
         3c:5d:8a:a6:d5:8a:64:7c:97:8e:8b:a0:58:e0:12:ec:aa:58:
         93:75:42:19:b6:02:0f:72:4b:1b:c8:6d:78:75:22:6c:e2:87:
         2e:e4:40:9a:aa:9d:af:5a:7d:7b:49:99:58:92:43:09:ee:00:
         57:94:0d:9d:b8:dd:db:83:01:60:d5:7e:bc:a0:3f:ab:59:78:
         a5:08:9c:65:b2:9d:2f:55:91:fb:04:13:ba:99:11:20:ed:24:
         38:fd:a7:a1:9e:29:77:7b:b4:00:ab:92:14:88:58:82:6f:57:
         33:44:9b:48:6e:3b:e9:9d:f7:f4:53:87:83:12:ec:3b:e5:8f:
         56:ab:aa:f1:69:46:66:21:38:b4:6f:db:b1:8a:f8:3b:6e:77:
         3d:f1:38:65:8a:dc:59:0b:f6:05:7d:ef:87:6e:45:9a:2e:5e:
         51:e2:8f:9e:c6:2d:23:db:a0:d2:23:28:3f:84:fd:dc:5a:cb:
         98:d0:62:b4:35:2d:3b:40:8d:6f:84:ae:41:21:09:4a:09:1e:
         c3:80:55:43:a0:a1:10:90:57:28:aa:42:4d:c0:04:d8:3c:0d:
         d6:a3:ee:ea
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYge6FwupcdVBiToCvIG3EXxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzMTcwNmI5MTViYWI4ZGFjMmI1NTQ3ZmJjODdhZGViNjFl
NmFlZGUwHhcNMjMwNTE1MTAxNTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjY0NWFlMWY1MDE0OWFhNWJmMmM2OGU4MTAzN2ViNWZkODBlYzQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkC2V4JNZ9xwV2bj6/obnKhzMJncE
8LiOggaHrI1ps4h7E1BJOKp8oMSlf40HJ4CgKDHKqBQnFE1OD8CQ5+6SGEWQFsox
KoF/8Ie4ZAWpsBabhWm3G707n9M4rogI3zoxfV/PIr11wdX/zpwtyuT9M4n/KX+g
zPIhetNhBugM+k5mClTf64jYL/1lbyj880HI6obZd94rhLBRqrHts7W3g4ptNlp5
Wu/xVjB6VaDuGq/isUwqMrAwhS3j315FFTb0f0JaxVk/bIFPwuJl3mb/90zvCY20
Nd1JnDuTntrWLI+a13J/yHlYJ4Mmos5IcLZYAEJqtr7Wv7wqbGRHvTveDQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLJkWuH1AUmqW/LGjoEDfrX9gOxDMB8GA1UdIwQY
MBaAFDMXBrkVurjawrVUf7yHreth5q7eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXhjR3VSVzZ1TnJDdFZSX3ZJZXQ2MkhtcnQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC8xMTJjZTctNzQxNS00YzVkLWE4OTAt
ZWM5NTE0OGZkMjM2LzEvc21SYTRmVUJTYXBiOHNhT2dRTi10ZjJBN0VNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC8xMTJjZTctNzQxNS00YzVkLWE4OTAtZWM5NTE0OGZkMjM2
LzEvTXhjR3VSVzZ1TnJDdFZSX3ZJZXQ2MkhtcnQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuQdHMA0E
AgACMAcDBQAqBccAMA0GCSqGSIb3DQEBCwUAA4IBAQBSEGLsoMXmHo68ly31bfa3
WM681Sz4qhVL+EGVplPCo/W/wJQ8XYqm1YpkfJeOi6BY4BLsqliTdUIZtgIPcksb
yG14dSJs4ocu5ECaqp2vWn17SZlYkkMJ7gBXlA2duN3bgwFg1X68oD+rWXilCJxl
sp0vVZH7BBO6mREg7SQ4/aehnil3e7QAq5IUiFiCb1czRJtIbjvpnff0U4eDEuw7
5Y9Wq6rxaUZmITi0b9uxivg7bnc98ThlitxZC/YFfe+HbkWaLl5R4o+exi0j26DS
Iyg/hP3cWsuY0GK0NS07QI1vhK5BIQlKCR7DgFVDoKEQkFcoqkJNwATYPA3Wo+7q
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:03 2024 by rpki-client on console-fra.rpki-client.org