Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/XvARyZl8T-MBLj59ANDU0l5tZWY.roa
File:                     XvARyZl8T-MBLj59ANDU0l5tZWY.roa (raw, json)
Hash identifier:          UZ/TziNZIgsjyDH9YPHlOrylKGaxfM19XSzl/XmwXJI=
Subject key identifier:   5E:F0:11:C9:99:7C:4F:E3:01:2E:3E:7D:00:D0:D4:D2:5E:6D:65:66
Certificate issuer:       /CN=18101772248996b87d90840c2d27d62549458173
Certificate serial:       01856F66F3E3654D0A3FDF93FF8E1DB8529B
Authority key identifier: 18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/XvARyZl8T-MBLj59ANDU0l5tZWY.roa
Signing time:             Sun 01 Jan 2023 22:14:56 +0000
ROA not before:           Sun 01 Jan 2023 22:14:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207326
IP address blocks:        185.81.30.0/23 maxlen: 24
                          185.81.28.0/23 maxlen: 24
                          188.64.104.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Thu 12 Jan 2023 08:51:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:66:f3:e3:65:4d:0a:3f:df:93:ff:8e:1d:b8:52:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18101772248996b87d90840c2d27d62549458173
        Validity
            Not Before: Jan  1 22:14:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5ef011c9997c4fe3012e3e7d00d0d4d25e6d6566
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:4f:6b:a1:36:36:0f:cd:d1:bc:2b:69:cb:6f:
                    e8:16:02:d9:9e:b3:45:1a:76:ee:2e:bc:94:12:13:
                    86:ca:f4:bf:ad:29:a7:fa:b0:d9:a2:a6:c6:22:e4:
                    17:f4:dc:3c:60:a6:a2:99:9f:d3:e7:e1:ca:1d:4d:
                    0e:c9:6d:ea:68:be:7d:8e:ae:72:3d:5b:da:43:02:
                    1d:c5:b2:cf:e6:d7:83:86:9a:94:e3:2d:57:25:5d:
                    72:44:f5:8a:9f:77:06:2d:8c:f2:f9:8a:e9:bb:6e:
                    b0:ef:90:a2:bb:79:b6:19:9e:77:c8:18:db:65:b8:
                    b3:b1:dc:cd:04:1e:8c:00:60:3c:e1:3c:41:75:53:
                    a8:5f:0a:7c:4f:93:2d:f3:cf:0b:f8:4f:9a:5f:3e:
                    dc:30:1c:36:f3:ae:3c:f4:8c:a3:76:de:b8:ff:c8:
                    2a:3d:52:9a:cf:7a:27:5a:0a:e1:38:b4:02:5a:0c:
                    cc:cb:46:6f:62:50:18:4a:90:17:d2:7a:d1:90:27:
                    b0:6f:a5:16:78:d2:74:2e:3e:14:e4:ad:bc:e0:96:
                    4d:12:66:c2:8e:e5:b4:f9:3d:f7:ac:df:b7:44:c5:
                    90:b9:a7:b9:14:e2:52:64:db:47:f3:e8:92:f5:34:
                    e9:ce:0b:6e:7f:ed:e8:b0:0b:83:68:72:e7:5a:e4:
                    ef:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:F0:11:C9:99:7C:4F:E3:01:2E:3E:7D:00:D0:D4:D2:5E:6D:65:66
            X509v3 Authority Key Identifier:
                keyid:18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/XvARyZl8T-MBLj59ANDU0l5tZWY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/GBAXciSJlrh9kIQMLSfWJUlFgXM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.81.28.0/22
                  188.64.104.0/22

    Signature Algorithm: sha256WithRSAEncryption
         05:75:70:02:56:99:9e:02:75:e7:17:a2:d1:74:d3:ae:f3:fc:
         0f:b9:83:6f:ef:b9:7a:b0:89:5e:20:fb:2a:37:5c:70:42:b3:
         fe:c5:3c:f3:bc:30:d8:76:dd:44:86:ea:81:ce:b1:53:78:87:
         b1:e5:65:6f:05:05:af:72:e9:79:28:43:28:ac:d6:26:43:6b:
         67:05:50:8b:18:8d:ff:6c:dd:4b:b5:75:a2:68:e4:08:55:99:
         75:2e:a1:12:b8:dd:ed:30:bc:2a:f0:a9:74:db:28:14:68:6e:
         50:b3:dd:8d:4e:29:48:9c:4f:67:0d:41:39:7c:cb:d9:a2:18:
         f2:77:90:42:5c:4f:60:c6:92:07:6c:ae:20:51:57:53:77:58:
         76:a7:f2:cb:66:a0:7e:66:3f:3a:d9:97:d0:bb:5d:bc:0f:1d:
         a4:04:de:93:02:fd:dc:07:bf:d0:ee:0b:e3:e8:dc:46:a3:4b:
         88:4a:b2:f4:79:2f:28:51:4c:4c:dc:a5:29:fc:a0:5f:77:ec:
         24:2c:03:57:27:70:24:7f:cb:97:ea:f5:07:78:8f:30:3b:13:
         bf:56:78:39:bf:4f:b5:54:78:f5:c1:37:52:60:ee:f3:8d:07:
         fd:4c:64:58:63:91:fc:cf:f1:0f:c6:fb:c0:76:13:a1:a4:9f:
         0a:09:db:a0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvZvPjZU0KP9+T/44duFKbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4MTAxNzcyMjQ4OTk2Yjg3ZDkwODQwYzJkMjdkNjI1NDk0
NTgxNzMwHhcNMjMwMTAxMjIxNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWYwMTFjOTk5N2M0ZmUzMDEyZTNlN2QwMGQwZDRkMjVlNmQ2NTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwE9roTY2D83RvCtpy2/oFgLZnrNF
GnbuLryUEhOGyvS/rSmn+rDZoqbGIuQX9Nw8YKaimZ/T5+HKHU0OyW3qaL59jq5y
PVvaQwIdxbLP5teDhpqU4y1XJV1yRPWKn3cGLYzy+Yrpu26w75Ciu3m2GZ53yBjb
ZbizsdzNBB6MAGA84TxBdVOoXwp8T5Mt888L+E+aXz7cMBw286489Iyjdt64/8gq
PVKaz3onWgrhOLQCWgzMy0ZvYlAYSpAX0nrRkCewb6UWeNJ0Lj4U5K284JZNEmbC
juW0+T33rN+3RMWQuae5FOJSZNtH8+iS9TTpzgtuf+3osAuDaHLnWuTvxQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFF7wEcmZfE/jAS4+fQDQ1NJebWVmMB8GA1UdIwQY
MBaAFBgQF3IkiZa4fZCEDC0n1iVJRYFzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0JBWGNpU0pscmg5a0lRTUxTZldKVWxGZ1hNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8yMGE1YTUtMGJhMi00MDUyLWJlYjQt
M2NjODVhZDNjMTkwLzEvWHZBUnlabDhULU1CTGo1OUFORFUwbDV0WldZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8yMGE1YTUtMGJhMi00MDUyLWJlYjQtM2NjODVhZDNjMTkw
LzEvR0JBWGNpU0pscmg5a0lRTUxTZldKVWxGZ1hNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuVEcAwQC
vEBoMA0GCSqGSIb3DQEBCwUAA4IBAQAFdXACVpmeAnXnF6LRdNOu8/wPuYNv77l6
sIleIPsqN1xwQrP+xTzzvDDYdt1EhuqBzrFTeIex5WVvBQWvcul5KEMorNYmQ2tn
BVCLGI3/bN1LtXWiaOQIVZl1LqESuN3tMLwq8Kl02ygUaG5Qs92NTilInE9nDUE5
fMvZohjyd5BCXE9gxpIHbK4gUVdTd1h2p/LLZqB+Zj862ZfQu128Dx2kBN6TAv3c
B7/Q7gvj6NxGo0uISrL0eS8oUUxM3KUp/KBfd+wkLANXJ3Akf8uX6vUHeI8wOxO/
Vng5v0+1VHj1wTdSYO7zjQf9TGRYY5H8z/EPxvvAdhOhpJ8KCdug
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:59 2024 by rpki-client on console-fra.rpki-client.org