Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/50zSICIkA3xdPgqwtf_gHpPYVKQ.roa
File:                     50zSICIkA3xdPgqwtf_gHpPYVKQ.roa (raw, json)
Hash identifier:          6XNhCSAPdhzjEhO5JOqbPDgdIUDVpi34h0kMYWfzTQM=
Subject key identifier:   E7:4C:D2:20:22:24:03:7C:5D:3E:0A:B0:B5:FF:E0:1E:93:D8:54:A4
Certificate issuer:       /CN=18101772248996b87d90840c2d27d62549458173
Certificate serial:       0190BB564FCCC87598648BCBE7254397E972
Authority key identifier: 18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/50zSICIkA3xdPgqwtf_gHpPYVKQ.roa
Signing time:             Tue 16 Jul 2024 11:38:34 +0000
ROA not before:           Tue 16 Jul 2024 11:38:34 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     834
IP address blocks:        185.81.28.0/22 maxlen: 24
                          185.179.218.0/23 maxlen: 24
                          188.64.104.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Tue 16 Jul 2024 23:32:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:90:bb:56:4f:cc:c8:75:98:64:8b:cb:e7:25:43:97:e9:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18101772248996b87d90840c2d27d62549458173
        Validity
            Not Before: Jul 16 11:38:34 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e74cd2202224037c5d3e0ab0b5ffe01e93d854a4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:b4:fd:c1:1d:79:b5:da:82:8d:c0:f0:7e:6a:
                    c8:11:03:e6:04:10:47:2e:b5:af:3d:67:eb:42:1d:
                    e8:10:91:2f:91:05:b2:80:38:06:6b:2c:9e:ce:63:
                    07:aa:dc:05:91:1a:a6:13:48:fd:a0:45:c6:e0:cd:
                    b4:8e:f9:56:9f:4a:b0:56:3a:47:f1:c1:3c:0f:91:
                    bd:a1:41:55:96:d9:a2:8a:25:3a:e8:f2:96:87:ee:
                    6e:70:ad:13:c3:3f:b9:fa:46:23:c8:34:b9:fa:9c:
                    75:c4:06:93:39:04:4e:3b:57:53:d3:f7:fd:18:b7:
                    59:7e:21:67:15:cf:03:67:a8:c2:50:78:8d:35:14:
                    8a:22:c9:df:a3:8c:47:be:19:a7:eb:b0:e7:1f:72:
                    2a:41:ad:74:16:49:5a:1e:90:1f:55:1a:90:1f:6f:
                    aa:e1:4e:fc:78:89:4b:f9:07:00:16:f0:40:75:3e:
                    84:3e:e4:6e:53:31:e9:22:af:d3:6a:fa:55:cf:c0:
                    2e:b8:33:64:f6:a2:25:cf:93:20:49:36:8c:06:c8:
                    af:6e:98:f5:c2:e8:bb:de:8f:a1:5b:f7:f0:1b:9d:
                    1c:94:a5:9a:14:39:d1:f2:ee:b1:99:de:bb:b9:3b:
                    a0:bb:fb:85:68:49:69:c5:58:3d:b0:45:e2:31:7d:
                    ce:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:4C:D2:20:22:24:03:7C:5D:3E:0A:B0:B5:FF:E0:1E:93:D8:54:A4
            X509v3 Authority Key Identifier:
                keyid:18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/50zSICIkA3xdPgqwtf_gHpPYVKQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/GBAXciSJlrh9kIQMLSfWJUlFgXM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.81.28.0/22
                  185.179.218.0/23
                  188.64.104.0/22

    Signature Algorithm: sha256WithRSAEncryption
         5b:6f:4d:61:e2:8e:6f:49:25:a6:39:41:2c:bd:23:df:ad:5a:
         f1:9b:32:55:ce:7b:55:d2:b7:fb:93:f6:5e:63:91:18:b0:2b:
         8e:3f:13:c2:90:d7:e3:44:f8:bb:12:1b:d3:99:f5:6d:b1:78:
         b7:24:c9:d0:21:2b:ba:7f:17:35:7d:46:97:59:1d:fb:52:5e:
         c8:eb:17:01:ad:f0:bf:63:cc:51:2e:9b:7b:24:8a:ce:e1:37:
         f3:67:ec:0a:04:80:c7:16:b5:a3:a9:eb:29:00:9f:e4:ab:b4:
         4a:fa:22:da:8f:bb:55:86:a3:d3:1b:15:3e:82:b6:98:28:a8:
         ad:88:b2:50:ef:55:d8:90:ef:7a:2c:dc:52:bc:b8:9a:7f:42:
         59:5b:f5:d6:62:40:a0:6b:1c:23:2d:e8:c5:5c:34:07:8d:d9:
         07:d3:6a:41:53:4d:96:bf:99:27:79:aa:67:80:7b:d3:bd:1e:
         d8:e2:70:08:4c:4d:3d:e3:81:1c:c7:e6:53:e9:b8:ec:75:51:
         7b:30:8a:00:f4:00:fc:92:bc:ae:8f:ad:fd:6a:2d:cb:37:fc:
         2e:fb:fe:8d:59:3b:50:4b:64:60:27:88:9b:1b:1a:7e:77:11:
         98:49:28:08:0f:21:a4:b6:c5:0d:f0:75:00:cf:7b:29:d7:94:
         4d:c3:17:14
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZC7Vk/MyHWYZIvL5yVDl+lyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4MTAxNzcyMjQ4OTk2Yjg3ZDkwODQwYzJkMjdkNjI1NDk0
NTgxNzMwHhcNMjQwNzE2MTEzODM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzRjZDIyMDIyMjQwMzdjNWQzZTBhYjBiNWZmZTAxZTkzZDg1NGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy7T9wR15tdqCjcDwfmrIEQPmBBBH
LrWvPWfrQh3oEJEvkQWygDgGayyezmMHqtwFkRqmE0j9oEXG4M20jvlWn0qwVjpH
8cE8D5G9oUFVltmiiiU66PKWh+5ucK0Twz+5+kYjyDS5+px1xAaTOQROO1dT0/f9
GLdZfiFnFc8DZ6jCUHiNNRSKIsnfo4xHvhmn67DnH3IqQa10FklaHpAfVRqQH2+q
4U78eIlL+QcAFvBAdT6EPuRuUzHpIq/TavpVz8AuuDNk9qIlz5MgSTaMBsivbpj1
wui73o+hW/fwG50clKWaFDnR8u6xmd67uTugu/uFaElpxVg9sEXiMX3OAQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOdM0iAiJAN8XT4KsLX/4B6T2FSkMB8GA1UdIwQY
MBaAFBgQF3IkiZa4fZCEDC0n1iVJRYFzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0JBWGNpU0pscmg5a0lRTUxTZldKVWxGZ1hNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8yMGE1YTUtMGJhMi00MDUyLWJlYjQt
M2NjODVhZDNjMTkwLzEvNTB6U0lDSWtBM3hkUGdxd3RmX2dIcFBZVktRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8yMGE1YTUtMGJhMi00MDUyLWJlYjQtM2NjODVhZDNjMTkw
LzEvR0JBWGNpU0pscmg5a0lRTUxTZldKVWxGZ1hNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuVEcAwQB
ubPaAwQCvEBoMA0GCSqGSIb3DQEBCwUAA4IBAQBbb01h4o5vSSWmOUEsvSPfrVrx
mzJVzntV0rf7k/ZeY5EYsCuOPxPCkNfjRPi7EhvTmfVtsXi3JMnQISu6fxc1fUaX
WR37Ul7I6xcBrfC/Y8xRLpt7JIrO4TfzZ+wKBIDHFrWjqespAJ/kq7RK+iLaj7tV
hqPTGxU+graYKKitiLJQ71XYkO96LNxSvLiaf0JZW/XWYkCgaxwjLejFXDQHjdkH
02pBU02Wv5kneapngHvTvR7Y4nAITE0944Ecx+ZT6bjsdVF7MIoA9AD8kryuj639
ai3LN/wu+/6NWTtQS2RgJ4ibGxp+dxGYSSgIDyGktsUN8HUAz3sp15RNwxcU
-----END CERTIFICATE-----
Generated at Wed Jul 17 01:58:22 2024 by rpki-client on console-ams.rpki-client.org