Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/a1dcfb-8010-414e-9e3a-44001700b8ca/1/sOU2tVKjYhrLddPlIm6-zFHN7CY.roa
File:                     sOU2tVKjYhrLddPlIm6-zFHN7CY.roa (raw, json)
Hash identifier:          4IHZYZ66W095Li1+V/2sSpPq2kYHxAUFHPRiw+hVMKA=
Subject key identifier:   B0:E5:36:B5:52:A3:62:1A:CB:75:D3:E5:22:6E:BE:CC:51:CD:EC:26
Certificate issuer:       /CN=5baa35401e5297b3b527e84f93ea8aa110d97b95
Certificate serial:       01875AB7B8696A6B2CD9E3D3002A077934FA
Authority key identifier: 5B:AA:35:40:1E:52:97:B3:B5:27:E8:4F:93:EA:8A:A1:10:D9:7B:95
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/W6o1QB5Sl7O1J-hPk-qKoRDZe5U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/76/a1dcfb-8010-414e-9e3a-44001700b8ca/1/sOU2tVKjYhrLddPlIm6-zFHN7CY.roa
Signing time:             Fri 07 Apr 2023 07:56:42 +0000
ROA not before:           Fri 07 Apr 2023 07:56:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43926
IP address blocks:        185.182.152.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 16 Aug 2023 13:37:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:5a:b7:b8:69:6a:6b:2c:d9:e3:d3:00:2a:07:79:34:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5baa35401e5297b3b527e84f93ea8aa110d97b95
        Validity
            Not Before: Apr  7 07:56:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b0e536b552a3621acb75d3e5226ebecc51cdec26
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:0a:12:26:cb:d4:41:b6:f1:00:e6:26:42:53:
                    bd:4b:eb:c9:d4:23:3b:e6:e2:14:db:c5:78:6b:ef:
                    69:11:58:d7:9a:7a:f4:fc:45:89:d0:bc:89:68:82:
                    28:46:f5:ab:1f:bd:a4:e7:e1:fa:94:8e:1f:2e:23:
                    c7:bc:b8:21:fd:1d:a0:9c:2f:a3:ac:ee:49:d5:85:
                    2c:89:3f:64:e6:0e:99:62:e4:93:8e:0b:c0:44:8f:
                    d2:c2:79:f5:4f:f8:99:5e:a9:39:5a:73:e9:ab:a2:
                    93:84:5a:07:3d:d2:ef:2d:27:51:42:cf:bc:da:77:
                    e5:0a:90:65:2a:45:53:19:a9:bb:17:ba:86:5d:81:
                    6e:39:54:4c:5b:7c:c6:c0:e6:75:75:c2:32:a7:c5:
                    38:22:2a:c6:52:e0:77:98:d8:80:34:6b:e5:de:f4:
                    81:d1:f9:c6:75:ef:22:06:08:ad:c3:57:9b:62:93:
                    c4:6c:5d:5a:38:39:c3:f8:bd:11:38:8f:3d:0e:a8:
                    a3:5e:ec:8d:67:84:4b:d2:bf:a8:65:80:f8:93:92:
                    d7:77:3a:28:f0:8c:64:cb:ea:7d:dd:1e:86:3d:9f:
                    98:0e:56:56:b7:ff:46:60:0d:52:dc:4f:62:8b:02:
                    b9:80:16:c5:12:93:4a:5d:12:b4:6b:77:5f:5f:94:
                    c0:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:E5:36:B5:52:A3:62:1A:CB:75:D3:E5:22:6E:BE:CC:51:CD:EC:26
            X509v3 Authority Key Identifier:
                keyid:5B:AA:35:40:1E:52:97:B3:B5:27:E8:4F:93:EA:8A:A1:10:D9:7B:95

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W6o1QB5Sl7O1J-hPk-qKoRDZe5U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/a1dcfb-8010-414e-9e3a-44001700b8ca/1/sOU2tVKjYhrLddPlIm6-zFHN7CY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/76/a1dcfb-8010-414e-9e3a-44001700b8ca/1/W6o1QB5Sl7O1J-hPk-qKoRDZe5U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.182.152.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4d:82:19:10:f1:dc:ca:1e:cb:44:e6:a5:68:22:62:54:10:ab:
         1c:e9:fe:64:27:14:c4:52:c8:c7:54:91:63:43:4b:59:a6:29:
         5b:17:95:e9:a9:5b:54:59:23:5e:27:66:59:cc:10:77:0b:72:
         f4:ef:d7:de:2d:a0:ac:ac:10:bb:68:4c:86:a0:bb:f0:19:3b:
         c4:24:2a:ce:09:be:62:4b:7b:b1:55:ef:73:b3:cc:21:0c:3c:
         31:7e:d8:39:1d:73:4a:04:41:3c:c1:3a:ee:27:fb:28:dc:35:
         e4:58:48:4a:f0:8d:7a:18:2e:bb:a4:7e:58:e3:01:79:91:6e:
         ec:fd:fe:a1:57:dc:e3:9f:7c:48:37:8d:b7:77:5c:0f:b0:4f:
         d1:0d:0b:b0:b0:bc:53:60:bb:77:b0:6e:c9:7c:cc:7e:b2:ae:
         f8:45:6a:05:b8:8d:14:e2:8d:bd:bf:c3:71:81:9b:98:c2:47:
         de:12:6d:11:ba:02:ed:51:db:12:20:87:75:d7:c5:27:f8:36:
         31:72:c2:f6:fa:e3:0f:0f:16:88:a7:02:f7:b7:58:35:ce:35:
         04:c2:f8:9f:ce:29:4e:46:65:f9:a0:61:b6:8e:f5:7a:33:87:
         49:3e:d5:cb:55:d0:f0:ba:21:84:d6:39:56:81:a5:65:7c:a9:
         f2:21:49:7e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYdat7hpamss2ePTACoHeTT6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViYWEzNTQwMWU1Mjk3YjNiNTI3ZTg0ZjkzZWE4YWExMTBk
OTdiOTUwHhcNMjMwNDA3MDc1NjQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGU1MzZiNTUyYTM2MjFhY2I3NWQzZTUyMjZlYmVjYzUxY2RlYzI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsQoSJsvUQbbxAOYmQlO9S+vJ1CM7
5uIU28V4a+9pEVjXmnr0/EWJ0LyJaIIoRvWrH72k5+H6lI4fLiPHvLgh/R2gnC+j
rO5J1YUsiT9k5g6ZYuSTjgvARI/Swnn1T/iZXqk5WnPpq6KThFoHPdLvLSdRQs+8
2nflCpBlKkVTGam7F7qGXYFuOVRMW3zGwOZ1dcIyp8U4IirGUuB3mNiANGvl3vSB
0fnGde8iBgitw1ebYpPEbF1aODnD+L0ROI89DqijXuyNZ4RL0r+oZYD4k5LXdzoo
8Ixky+p93R6GPZ+YDlZWt/9GYA1S3E9iiwK5gBbFEpNKXRK0a3dfX5TAhwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLDlNrVSo2Iay3XT5SJuvsxRzewmMB8GA1UdIwQY
MBaAFFuqNUAeUpeztSfoT5PqiqEQ2XuVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzZvMVFCNVNsN08xSi1oUGstcUtvUkRaZTVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni9hMWRjZmItODAxMC00MTRlLTllM2Et
NDQwMDE3MDBiOGNhLzEvc09VMnRWS2pZaHJMZGRQbEltNi16RkhON0NZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni9hMWRjZmItODAxMC00MTRlLTllM2EtNDQwMDE3MDBiOGNh
LzEvVzZvMVFCNVNsN08xSi1oUGstcUtvUkRaZTVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAubaYMA0G
CSqGSIb3DQEBCwUAA4IBAQBNghkQ8dzKHstE5qVoImJUEKsc6f5kJxTEUsjHVJFj
Q0tZpilbF5XpqVtUWSNeJ2ZZzBB3C3L079feLaCsrBC7aEyGoLvwGTvEJCrOCb5i
S3uxVe9zs8whDDwxftg5HXNKBEE8wTruJ/so3DXkWEhK8I16GC67pH5Y4wF5kW7s
/f6hV9zjn3xIN423d1wPsE/RDQuwsLxTYLt3sG7JfMx+sq74RWoFuI0U4o29v8Nx
gZuYwkfeEm0RugLtUdsSIId118Un+DYxcsL2+uMPDxaIpwL3t1g1zjUEwvifzilO
RmX5oGG2jvV6M4dJPtXLVdDwuiGE1jlWgaVlfKnyIUl+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:22 2024 by rpki-client on console-fra.rpki-client.org