Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/f3fb24-9a20-449e-af62-28f52052c1dd/1/pK14I3em1d-u1L3rbZAIQhN2TGM.roa
File:                     pK14I3em1d-u1L3rbZAIQhN2TGM.roa (raw, json)
Hash identifier:          6RuMzOA6Jyo7WfD91SAsHCytIDMHNfKo+BJLPGLPpx4=
Subject key identifier:   A4:AD:78:23:77:A6:D5:DF:AE:D4:BD:EB:6D:90:08:42:13:76:4C:63
Certificate issuer:       /CN=150183623fc16dc74cb775462c36d31016a40ac1
Certificate serial:       01856F4B8AED0AC607B55078787CA3335CFF
Authority key identifier: 15:01:83:62:3F:C1:6D:C7:4C:B7:75:46:2C:36:D3:10:16:A4:0A:C1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FQGDYj_BbcdMt3VGLDbTEBakCsE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/77/f3fb24-9a20-449e-af62-28f52052c1dd/1/pK14I3em1d-u1L3rbZAIQhN2TGM.roa
Signing time:             Sun 01 Jan 2023 21:44:59 +0000
ROA not before:           Sun 01 Jan 2023 21:44:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49832
IP address blocks:        185.16.24.0/24 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 16:29:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:4b:8a:ed:0a:c6:07:b5:50:78:78:7c:a3:33:5c:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=150183623fc16dc74cb775462c36d31016a40ac1
        Validity
            Not Before: Jan  1 21:44:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a4ad782377a6d5dfaed4bdeb6d90084213764c63
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:55:f4:79:5c:d3:21:a4:f7:68:2e:58:b7:26:
                    fd:71:bb:90:25:8f:ce:b3:0c:34:cb:81:44:ab:e9:
                    fc:bc:8b:01:66:7b:4c:c6:6b:2a:3e:58:07:75:75:
                    88:5f:50:ce:18:f1:65:65:78:f0:7b:d9:6e:c5:7b:
                    85:bc:12:98:61:93:3c:a2:a5:09:e1:3b:d1:25:7e:
                    3b:2c:ee:46:d0:f2:57:3e:4c:12:83:89:89:c3:fd:
                    ec:77:ee:11:9e:d9:3b:4d:4c:01:36:38:70:62:82:
                    fe:95:58:0a:56:71:88:5a:1c:3a:4d:e8:9e:de:2b:
                    20:a6:34:f8:a3:1c:3c:59:bd:7a:fc:21:99:01:7e:
                    95:ca:f3:24:1e:b0:b3:c3:47:c2:51:24:00:c1:52:
                    fa:ad:7c:cd:d5:15:d1:ca:69:82:9d:ac:fe:19:08:
                    be:5b:8a:2c:70:03:60:c1:f4:41:e7:74:00:7f:93:
                    d1:68:bb:d4:23:00:e2:77:21:de:42:a0:ff:6a:39:
                    12:2c:47:1a:40:34:54:66:80:b4:ff:00:6d:43:bf:
                    d8:e1:34:d1:a2:18:73:3c:dd:c7:f3:c8:61:33:00:
                    9d:5e:4c:16:8c:c8:05:ef:03:41:02:27:d2:2b:3e:
                    4b:3f:5a:ca:89:f8:f7:45:97:fe:27:e5:f2:5d:00:
                    3c:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:AD:78:23:77:A6:D5:DF:AE:D4:BD:EB:6D:90:08:42:13:76:4C:63
            X509v3 Authority Key Identifier:
                keyid:15:01:83:62:3F:C1:6D:C7:4C:B7:75:46:2C:36:D3:10:16:A4:0A:C1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FQGDYj_BbcdMt3VGLDbTEBakCsE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/f3fb24-9a20-449e-af62-28f52052c1dd/1/pK14I3em1d-u1L3rbZAIQhN2TGM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/77/f3fb24-9a20-449e-af62-28f52052c1dd/1/FQGDYj_BbcdMt3VGLDbTEBakCsE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.16.24.0/24

    Signature Algorithm: sha256WithRSAEncryption
         08:10:45:72:97:4b:fb:71:1b:b5:d8:4d:23:ea:0f:ed:33:64:
         e4:a0:68:c7:11:1d:f3:f5:cd:03:27:82:b4:76:66:3a:60:9f:
         e0:5c:d9:c7:fe:d4:38:71:55:58:a7:c0:c2:78:03:f9:9d:95:
         e4:d4:27:3c:4a:c1:94:e5:3d:17:1a:7e:63:31:8c:90:4e:f4:
         c0:6a:83:43:b2:80:f7:6b:6c:f3:f8:8b:ba:8a:f1:38:ed:eb:
         07:7f:29:10:02:24:7e:a1:38:0a:bc:48:63:44:c8:e4:1a:4d:
         9c:ff:22:3f:83:31:62:cd:23:9b:ef:6a:02:3a:91:73:59:2d:
         55:a9:d5:52:e3:84:c3:c4:96:d7:f3:bd:9e:6e:ec:2a:a3:aa:
         67:e2:b4:95:7d:26:6a:a0:e3:9a:1f:10:f2:6d:19:5e:d9:e9:
         3e:4d:16:f9:30:e6:dc:bc:97:09:05:c3:39:b7:a7:6d:58:b3:
         c7:d3:48:0a:07:da:77:2e:4c:ea:34:80:f7:08:32:04:3a:f9:
         2c:23:d4:9d:fc:4b:28:f5:1f:b1:f5:12:27:3a:00:9c:92:48:
         5e:e0:b5:4e:66:11:f5:28:95:1f:ce:6c:da:89:08:c6:f8:65:
         a5:52:a0:b1:ef:3a:8a:51:0a:0c:4b:c5:4f:ee:6a:be:bd:bf:
         af:ee:0a:e4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvS4rtCsYHtVB4eHyjM1z/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1MDE4MzYyM2ZjMTZkYzc0Y2I3NzU0NjJjMzZkMzEwMTZh
NDBhYzEwHhcNMjMwMTAxMjE0NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGFkNzgyMzc3YTZkNWRmYWVkNGJkZWI2ZDkwMDg0MjEzNzY0YzYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsVX0eVzTIaT3aC5Ytyb9cbuQJY/O
sww0y4FEq+n8vIsBZntMxmsqPlgHdXWIX1DOGPFlZXjwe9luxXuFvBKYYZM8oqUJ
4TvRJX47LO5G0PJXPkwSg4mJw/3sd+4Rntk7TUwBNjhwYoL+lVgKVnGIWhw6Teie
3isgpjT4oxw8Wb16/CGZAX6VyvMkHrCzw0fCUSQAwVL6rXzN1RXRymmCnaz+GQi+
W4oscANgwfRB53QAf5PRaLvUIwDidyHeQqD/ajkSLEcaQDRUZoC0/wBtQ7/Y4TTR
ohhzPN3H88hhMwCdXkwWjMgF7wNBAifSKz5LP1rKifj3RZf+J+XyXQA8xQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKSteCN3ptXfrtS9622QCEITdkxjMB8GA1UdIwQY
MBaAFBUBg2I/wW3HTLd1Riw20xAWpArBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRlFHRFlqX0JiY2RNdDNWR0xEYlRFQmFrQ3NFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny9mM2ZiMjQtOWEyMC00NDllLWFmNjIt
MjhmNTIwNTJjMWRkLzEvcEsxNEkzZW0xZC11MUwzcmJaQUlRaE4yVEdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny9mM2ZiMjQtOWEyMC00NDllLWFmNjItMjhmNTIwNTJjMWRk
LzEvRlFHRFlqX0JiY2RNdDNWR0xEYlRFQmFrQ3NFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuRAYMA0G
CSqGSIb3DQEBCwUAA4IBAQAIEEVyl0v7cRu12E0j6g/tM2TkoGjHER3z9c0DJ4K0
dmY6YJ/gXNnH/tQ4cVVYp8DCeAP5nZXk1Cc8SsGU5T0XGn5jMYyQTvTAaoNDsoD3
a2zz+Iu6ivE47esHfykQAiR+oTgKvEhjRMjkGk2c/yI/gzFizSOb72oCOpFzWS1V
qdVS44TDxJbX872ebuwqo6pn4rSVfSZqoOOaHxDybRle2ek+TRb5MObcvJcJBcM5
t6dtWLPH00gKB9p3LkzqNID3CDIEOvksI9Sd/Eso9R+x9RInOgCckkhe4LVOZhH1
KJUfzmzaiQjG+GWlUqCx7zqKUQoMS8VP7mq+vb+v7grk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:31 2024 by rpki-client on console-fra.rpki-client.org