Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/e6e15c-12b0-40be-8bc1-5708f580e36a/1/lcZGpACR8pa8x5PupSN9G87ZgfQ.roa
File:                     lcZGpACR8pa8x5PupSN9G87ZgfQ.roa (raw, json)
Hash identifier:          kr2PZK0VdpWKXdgzIQGJkKFwgJN/ZXZH++xGoQB1CUo=
Subject key identifier:   95:C6:46:A4:00:91:F2:96:BC:C7:93:EE:A5:23:7D:1B:CE:D9:81:F4
Certificate issuer:       /CN=0a73778fb1bec28c9982652aede86a004c2682f1
Certificate serial:       018572C39D7B1D11CDE028834AB09A941572
Authority key identifier: 0A:73:77:8F:B1:BE:C2:8C:99:82:65:2A:ED:E8:6A:00:4C:26:82:F1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/CnN3j7G-woyZgmUq7ehqAEwmgvE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/76/e6e15c-12b0-40be-8bc1-5708f580e36a/1/lcZGpACR8pa8x5PupSN9G87ZgfQ.roa
Signing time:             Mon 02 Jan 2023 13:55:00 +0000
ROA not before:           Mon 02 Jan 2023 13:55:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     396982
IP address blocks:        185.30.28.0/22 maxlen: 22
                          185.38.196.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:29:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:c3:9d:7b:1d:11:cd:e0:28:83:4a:b0:9a:94:15:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0a73778fb1bec28c9982652aede86a004c2682f1
        Validity
            Not Before: Jan  2 13:55:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=95c646a40091f296bcc793eea5237d1bced981f4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:f8:a5:b7:21:2c:37:ce:8c:ac:91:30:09:2f:
                    35:b6:ca:9f:c4:d1:69:ca:35:df:56:10:25:85:40:
                    cd:d0:f4:16:28:86:72:3b:fb:08:ca:d5:0c:b3:cd:
                    b2:e1:22:be:75:d4:ee:7a:8b:e4:cd:11:46:72:58:
                    4f:cc:11:70:86:ad:9a:d6:bf:30:f0:b5:a0:6f:89:
                    a6:82:f9:ec:3f:4c:a6:16:b4:4d:57:dd:5c:67:c5:
                    b9:17:b4:4b:38:37:0d:47:37:7e:98:8b:b0:f2:4f:
                    af:20:54:00:e9:8d:47:8f:dc:ce:1a:f2:16:00:5b:
                    53:ce:fe:63:8f:b4:5c:b6:f8:48:92:50:05:a7:88:
                    02:5d:79:a4:8c:19:cb:c9:13:a1:6e:77:4c:ad:24:
                    a3:a5:55:07:8b:21:47:da:00:cd:25:4a:bd:e7:b3:
                    c1:4b:9d:10:80:84:2e:c8:a5:d3:37:03:39:62:ab:
                    92:49:78:aa:2e:98:d1:3d:22:d8:1e:77:9a:cc:be:
                    40:81:5d:27:4c:0d:84:73:1c:a6:af:b2:dd:94:d0:
                    0d:50:74:4e:42:08:3f:df:bd:a6:86:bd:40:92:0a:
                    b7:30:09:52:ce:58:0b:11:2a:c3:c6:bc:91:f7:01:
                    6b:10:b4:6a:2b:40:b3:9d:37:79:15:f2:93:ea:82:
                    6e:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:C6:46:A4:00:91:F2:96:BC:C7:93:EE:A5:23:7D:1B:CE:D9:81:F4
            X509v3 Authority Key Identifier:
                keyid:0A:73:77:8F:B1:BE:C2:8C:99:82:65:2A:ED:E8:6A:00:4C:26:82:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CnN3j7G-woyZgmUq7ehqAEwmgvE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/e6e15c-12b0-40be-8bc1-5708f580e36a/1/lcZGpACR8pa8x5PupSN9G87ZgfQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/76/e6e15c-12b0-40be-8bc1-5708f580e36a/1/CnN3j7G-woyZgmUq7ehqAEwmgvE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.30.28.0/22
                  185.38.196.0/22

    Signature Algorithm: sha256WithRSAEncryption
         6e:72:60:64:4a:4e:69:30:47:73:d3:24:a1:db:2c:fd:6b:ce:
         83:9c:db:12:c2:00:83:f7:05:d6:e8:c4:28:02:d1:83:73:a6:
         54:8f:68:f1:1e:3c:4b:6c:04:40:45:9c:a5:0b:3d:d5:be:b8:
         c8:63:69:a6:d2:6e:9b:3c:bd:f1:ce:99:6e:0b:a8:a0:37:fa:
         0b:4c:b6:fb:90:29:63:da:84:a0:af:87:37:20:44:ec:89:4c:
         30:4a:e0:06:cc:92:bf:74:dc:5d:fc:89:04:83:9a:86:f1:51:
         c1:6f:96:9c:ad:ce:fe:dc:f6:d4:97:65:92:30:61:a1:b1:50:
         02:9d:dc:7d:3a:a4:fb:8a:6a:e5:a5:7d:23:c6:85:d4:b7:d0:
         60:cc:14:26:aa:63:ab:49:3e:84:49:b7:f8:f5:12:38:61:40:
         4b:80:3a:24:81:31:e1:6d:2c:7a:7f:cb:7b:83:4b:c0:4e:ca:
         c8:8c:ee:36:d8:37:94:a8:67:09:92:ed:89:27:bc:39:b7:15:
         62:0e:19:f3:a7:c2:e8:80:6e:b8:69:db:56:30:b9:22:d8:49:
         cc:d4:16:3d:89:1e:28:23:92:7d:82:63:35:6c:54:e8:c3:fa:
         90:3c:5c:31:e8:ad:c0:00:16:ff:a8:10:0c:97:ce:b2:dc:ff:
         f2:3a:10:df
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVyw517HRHN4CiDSrCalBVyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhNzM3NzhmYjFiZWMyOGM5OTgyNjUyYWVkZTg2YTAwNGMy
NjgyZjEwHhcNMjMwMTAyMTM1NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWM2NDZhNDAwOTFmMjk2YmNjNzkzZWVhNTIzN2QxYmNlZDk4MWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmviltyEsN86MrJEwCS81tsqfxNFp
yjXfVhAlhUDN0PQWKIZyO/sIytUMs82y4SK+ddTueovkzRFGclhPzBFwhq2a1r8w
8LWgb4mmgvnsP0ymFrRNV91cZ8W5F7RLODcNRzd+mIuw8k+vIFQA6Y1Hj9zOGvIW
AFtTzv5jj7RctvhIklAFp4gCXXmkjBnLyROhbndMrSSjpVUHiyFH2gDNJUq957PB
S50QgIQuyKXTNwM5YquSSXiqLpjRPSLYHneazL5AgV0nTA2Ecxymr7LdlNANUHRO
Qgg/372mhr1Akgq3MAlSzlgLESrDxryR9wFrELRqK0CznTd5FfKT6oJuNQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJXGRqQAkfKWvMeT7qUjfRvO2YH0MB8GA1UdIwQY
MBaAFApzd4+xvsKMmYJlKu3oagBMJoLxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ25OM2o3Ry13b3laZ21VcTdlaHFBRXdtZ3ZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni9lNmUxNWMtMTJiMC00MGJlLThiYzEt
NTcwOGY1ODBlMzZhLzEvbGNaR3BBQ1I4cGE4eDVQdXBTTjlHODdaZ2ZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni9lNmUxNWMtMTJiMC00MGJlLThiYzEtNTcwOGY1ODBlMzZh
LzEvQ25OM2o3Ry13b3laZ21VcTdlaHFBRXdtZ3ZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuR4cAwQC
uSbEMA0GCSqGSIb3DQEBCwUAA4IBAQBucmBkSk5pMEdz0ySh2yz9a86DnNsSwgCD
9wXW6MQoAtGDc6ZUj2jxHjxLbARARZylCz3VvrjIY2mm0m6bPL3xzpluC6igN/oL
TLb7kClj2oSgr4c3IETsiUwwSuAGzJK/dNxd/IkEg5qG8VHBb5acrc7+3PbUl2WS
MGGhsVACndx9OqT7imrlpX0jxoXUt9BgzBQmqmOrST6ESbf49RI4YUBLgDokgTHh
bSx6f8t7g0vATsrIjO422DeUqGcJku2JJ7w5txViDhnzp8LogG64adtWMLki2EnM
1BY9iR4oI5J9gmM1bFTow/qQPFwx6K3AABb/qBAMl86y3P/yOhDf
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:24 2024 by rpki-client on console-fra.rpki-client.org