Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/00c3ab-4a7f-4f74-b556-a488bd42024f/1/ff0TUh5qMsNQXVP0rgxN3AvmHKg.roa
File:                     ff0TUh5qMsNQXVP0rgxN3AvmHKg.roa (raw, json)
Hash identifier:          CIZtt7YcesXFYjjCgYgRfjzBGu1fThyoLz78VNUOKho=
Subject key identifier:   7D:FD:13:52:1E:6A:32:C3:50:5D:53:F4:AE:0C:4D:DC:0B:E6:1C:A8
Certificate issuer:       /CN=9588d8b4c7aa45a9b2cd737c614871eb7181babe
Certificate serial:       01872290EFF3EB5DAE885ADB09540645993C
Authority key identifier: 95:88:D8:B4:C7:AA:45:A9:B2:CD:73:7C:61:48:71:EB:71:81:BA:BE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lYjYtMeqRamyzXN8YUhx63GBur4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/75/00c3ab-4a7f-4f74-b556-a488bd42024f/1/ff0TUh5qMsNQXVP0rgxN3AvmHKg.roa
Signing time:             Mon 27 Mar 2023 10:15:36 +0000
ROA not before:           Mon 27 Mar 2023 10:15:36 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     34412
IP address blocks:        185.187.51.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:33:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:22:90:ef:f3:eb:5d:ae:88:5a:db:09:54:06:45:99:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9588d8b4c7aa45a9b2cd737c614871eb7181babe
        Validity
            Not Before: Mar 27 10:15:36 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7dfd13521e6a32c3505d53f4ae0c4ddc0be61ca8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:d0:f1:34:c8:52:13:5c:ac:b3:8d:4c:8e:3c:
                    79:75:50:29:6b:b6:d5:65:e5:64:9c:26:a8:8d:94:
                    5a:d7:f0:a2:89:0a:40:19:5e:60:15:6f:8d:12:72:
                    81:4f:55:67:22:77:c5:14:55:e1:dd:24:00:84:e3:
                    70:2f:1a:47:f6:5f:00:1a:d7:6a:99:02:d7:e8:96:
                    3d:2b:2f:7a:71:74:e9:03:60:8c:2c:9d:33:8f:71:
                    0d:48:ef:4d:7e:da:0e:1e:07:cb:e0:d3:7e:3f:a5:
                    55:0d:80:30:f1:8a:5a:81:5c:ba:1c:1a:d7:15:b9:
                    cc:72:72:58:b1:c7:2e:12:b4:cf:67:9d:29:34:a6:
                    f2:9e:b8:af:eb:ff:03:15:61:6e:92:6a:db:3a:5e:
                    87:f5:40:07:b3:66:d8:95:06:59:c0:1b:95:f2:a8:
                    9f:c5:d5:dc:c3:b6:cc:fc:15:71:8c:5e:fb:c8:e4:
                    51:b0:01:4c:9d:f8:a1:92:5d:45:05:5a:ff:c2:91:
                    bb:e3:76:6a:9e:16:4b:28:8d:0c:ee:ad:16:9d:59:
                    67:14:85:e4:cc:5a:8a:b2:94:7a:c1:84:6c:1c:b2:
                    4b:18:ba:92:4e:a7:45:cc:e2:f8:65:a2:43:15:0f:
                    79:fc:0e:b2:aa:71:b3:ca:17:b7:d3:4b:fb:b3:fe:
                    d9:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:FD:13:52:1E:6A:32:C3:50:5D:53:F4:AE:0C:4D:DC:0B:E6:1C:A8
            X509v3 Authority Key Identifier:
                keyid:95:88:D8:B4:C7:AA:45:A9:B2:CD:73:7C:61:48:71:EB:71:81:BA:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lYjYtMeqRamyzXN8YUhx63GBur4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/00c3ab-4a7f-4f74-b556-a488bd42024f/1/ff0TUh5qMsNQXVP0rgxN3AvmHKg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/75/00c3ab-4a7f-4f74-b556-a488bd42024f/1/lYjYtMeqRamyzXN8YUhx63GBur4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.187.51.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0c:71:0d:a7:76:89:7a:b2:d5:ad:33:e6:05:05:40:73:8b:e2:
         08:24:5e:ad:21:c5:76:ce:8c:99:2c:97:e4:39:12:04:f6:67:
         19:59:67:cd:6b:3f:9f:75:91:13:a5:4a:25:a4:3b:93:91:9d:
         c6:8e:a5:5e:19:2e:5f:17:f7:cd:15:b4:e1:ff:58:51:09:fc:
         85:0d:12:d5:2a:5d:9b:72:8f:f3:fe:65:97:22:27:86:92:07:
         1b:f1:61:d5:ac:ba:ac:f4:ff:db:fc:dc:8c:e2:01:cc:7a:cd:
         08:16:91:5e:cc:4a:10:a9:72:c0:48:f6:ac:3b:5b:63:9c:1f:
         e6:0f:e1:69:10:7e:19:15:74:fa:63:bf:43:0c:ff:69:76:12:
         9e:9c:19:21:6c:c0:fa:46:1f:e2:97:30:d9:02:59:6d:2e:cb:
         ad:4f:e7:5b:dd:b5:dc:e3:3c:77:80:8d:2c:73:f3:cb:c6:cb:
         70:52:b1:1d:90:81:79:24:f9:af:d3:69:30:b8:47:d4:db:08:
         56:03:80:b6:83:7b:79:9e:a6:34:6f:7c:33:00:44:d6:43:84:
         96:2b:ce:f4:3c:6d:ec:6a:f1:d8:5a:18:fb:e9:86:11:df:ad:
         74:73:82:c6:c2:e7:2e:e0:25:0e:36:90:c0:3a:54:3a:ed:fb:
         14:56:17:e8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYcikO/z612uiFrbCVQGRZk8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1ODhkOGI0YzdhYTQ1YTliMmNkNzM3YzYxNDg3MWViNzE4
MWJhYmUwHhcNMjMwMzI3MTAxNTM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGZkMTM1MjFlNmEzMmMzNTA1ZDUzZjRhZTBjNGRkYzBiZTYxY2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo9DxNMhSE1yss41Mjjx5dVApa7bV
ZeVknCaojZRa1/CiiQpAGV5gFW+NEnKBT1VnInfFFFXh3SQAhONwLxpH9l8AGtdq
mQLX6JY9Ky96cXTpA2CMLJ0zj3ENSO9NftoOHgfL4NN+P6VVDYAw8YpagVy6HBrX
FbnMcnJYsccuErTPZ50pNKbynriv6/8DFWFukmrbOl6H9UAHs2bYlQZZwBuV8qif
xdXcw7bM/BVxjF77yORRsAFMnfihkl1FBVr/wpG743ZqnhZLKI0M7q0WnVlnFIXk
zFqKspR6wYRsHLJLGLqSTqdFzOL4ZaJDFQ95/A6yqnGzyhe300v7s/7ZQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH39E1IeajLDUF1T9K4MTdwL5hyoMB8GA1UdIwQY
MBaAFJWI2LTHqkWpss1zfGFIcetxgbq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFlqWXRNZXFSYW15elhOOFlVaHg2M0dCdXI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS8wMGMzYWItNGE3Zi00Zjc0LWI1NTYt
YTQ4OGJkNDIwMjRmLzEvZmYwVFVoNXFNc05RWFZQMHJneE4zQXZtSEtnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS8wMGMzYWItNGE3Zi00Zjc0LWI1NTYtYTQ4OGJkNDIwMjRm
LzEvbFlqWXRNZXFSYW15elhOOFlVaHg2M0dCdXI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAubszMA0G
CSqGSIb3DQEBCwUAA4IBAQAMcQ2ndol6stWtM+YFBUBzi+IIJF6tIcV2zoyZLJfk
ORIE9mcZWWfNaz+fdZETpUolpDuTkZ3GjqVeGS5fF/fNFbTh/1hRCfyFDRLVKl2b
co/z/mWXIieGkgcb8WHVrLqs9P/b/NyM4gHMes0IFpFezEoQqXLASPasO1tjnB/m
D+FpEH4ZFXT6Y79DDP9pdhKenBkhbMD6Rh/ilzDZAlltLsutT+db3bXc4zx3gI0s
c/PLxstwUrEdkIF5JPmv02kwuEfU2whWA4C2g3t5nqY0b3wzAETWQ4SWK870PG3s
avHYWhj76YYR3610c4LGwucu4CUONpDAOlQ67fsUVhfo
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:11 2024 by rpki-client on console-ams.rpki-client.org