Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/sgkrrqKnGmm-YU2GXvhsF2tyMPM.roa
File:                     sgkrrqKnGmm-YU2GXvhsF2tyMPM.roa (raw, json)
Hash identifier:          kPRre6ZIemed6KubCK+6Djqhblg+ZxPINNN7T1OzEgA=
Subject key identifier:   B2:09:2B:AE:A2:A7:1A:69:BE:61:4D:86:5E:F8:6C:17:6B:72:30:F3
Certificate issuer:       /CN=18101772248996b87d90840c2d27d62549458173
Certificate serial:       018AF50D1D9DEDE3AEE6418A0728F2A83C62
Authority key identifier: 18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/sgkrrqKnGmm-YU2GXvhsF2tyMPM.roa
Signing time:             Tue 03 Oct 2023 10:19:51 +0000
ROA not before:           Tue 03 Oct 2023 10:19:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61112
IP address blocks:        185.81.28.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:29:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:f5:0d:1d:9d:ed:e3:ae:e6:41:8a:07:28:f2:a8:3c:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18101772248996b87d90840c2d27d62549458173
        Validity
            Not Before: Oct  3 10:19:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b2092baea2a71a69be614d865ef86c176b7230f3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:b4:b5:1d:fd:8e:a1:5e:ac:6d:48:e1:b0:13:
                    86:e3:68:17:d1:98:99:8e:01:e4:e8:e3:50:d5:a4:
                    ad:21:8b:04:e7:e8:0e:cf:74:f3:bb:88:8a:9d:bc:
                    52:8d:d5:e5:68:f3:42:8f:06:1d:c2:34:38:65:45:
                    52:47:3b:47:80:a9:4a:6e:d4:43:93:24:b7:e0:07:
                    9a:39:15:63:1c:a3:c0:c3:29:ec:cc:86:34:51:e8:
                    37:0d:fc:53:eb:e1:66:cf:6c:d9:d9:25:29:cd:98:
                    35:76:98:c6:95:6d:82:ca:d8:fa:a5:da:ab:fa:af:
                    40:6f:b4:00:fc:a4:6d:ac:c8:83:36:7a:00:43:dc:
                    93:c4:10:d1:8f:34:8b:67:b3:8c:cb:49:8e:04:89:
                    c4:8b:39:50:c7:72:a6:ba:38:a7:89:cc:bf:44:ef:
                    72:0c:d3:d7:37:6c:50:61:4e:45:ff:e8:9c:24:13:
                    94:bb:97:7a:95:f9:da:01:c9:f8:20:65:56:bc:dd:
                    1c:c4:7d:b1:cb:c0:bd:0a:fc:11:63:f2:0f:57:30:
                    89:ed:a6:b0:c3:3d:2d:ff:ce:6a:f6:81:d8:ac:07:
                    c3:32:06:ac:ca:2a:2d:50:09:3b:f7:4a:5d:cf:1b:
                    25:d3:36:c4:9a:e6:88:c8:d5:b9:5d:6a:30:a1:ff:
                    1d:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:09:2B:AE:A2:A7:1A:69:BE:61:4D:86:5E:F8:6C:17:6B:72:30:F3
            X509v3 Authority Key Identifier:
                keyid:18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/sgkrrqKnGmm-YU2GXvhsF2tyMPM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/GBAXciSJlrh9kIQMLSfWJUlFgXM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.81.28.0/23

    Signature Algorithm: sha256WithRSAEncryption
         9b:3e:d3:62:5f:12:57:52:38:dd:37:19:a0:42:72:8c:09:94:
         58:31:bd:86:a5:43:3f:b3:13:f0:cb:f9:27:26:1a:50:53:a2:
         ff:d3:12:ca:f3:20:5c:9f:02:87:fc:ec:a6:20:eb:33:b4:0e:
         c0:4d:09:11:b8:7e:32:5b:4e:e6:3b:03:25:a7:bb:4d:10:0d:
         07:56:9a:bb:b0:09:84:30:f5:94:49:c7:09:8d:67:45:84:f1:
         f9:29:7d:45:49:ca:41:bf:bc:f1:e8:19:11:fb:34:fd:98:dd:
         75:11:07:13:e1:57:df:6b:37:3f:97:6f:5c:4f:a7:68:df:38:
         23:03:18:94:46:45:78:92:95:57:45:ed:65:37:92:d9:1c:83:
         de:b9:65:c6:04:c6:02:d0:0c:eb:cc:0f:7d:7d:34:ae:e4:08:
         1b:a3:6f:e8:e6:0b:3f:20:f6:d6:6a:6e:db:34:f6:ed:0e:2a:
         2f:a7:29:1c:5b:6c:96:08:37:41:11:d4:41:56:a7:4f:44:be:
         81:30:3a:66:62:4b:58:72:b6:5f:02:c1:17:61:e9:4a:6c:0a:
         e7:62:7c:6e:dd:77:04:1c:64:51:ab:ae:85:3a:26:46:27:a2:
         ca:84:21:8e:a3:c4:c6:e7:90:35:6c:dd:21:f6:da:63:73:b3:
         c8:6f:e6:4b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYr1DR2d7eOu5kGKByjyqDxiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4MTAxNzcyMjQ4OTk2Yjg3ZDkwODQwYzJkMjdkNjI1NDk0
NTgxNzMwHhcNMjMxMDAzMTAxOTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjA5MmJhZWEyYTcxYTY5YmU2MTRkODY1ZWY4NmMxNzZiNzIzMGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhLS1Hf2OoV6sbUjhsBOG42gX0ZiZ
jgHk6ONQ1aStIYsE5+gOz3Tzu4iKnbxSjdXlaPNCjwYdwjQ4ZUVSRztHgKlKbtRD
kyS34AeaORVjHKPAwynszIY0Ueg3DfxT6+Fmz2zZ2SUpzZg1dpjGlW2Cytj6pdqr
+q9Ab7QA/KRtrMiDNnoAQ9yTxBDRjzSLZ7OMy0mOBInEizlQx3Kmujinicy/RO9y
DNPXN2xQYU5F/+icJBOUu5d6lfnaAcn4IGVWvN0cxH2xy8C9CvwRY/IPVzCJ7aaw
wz0t/85q9oHYrAfDMgasyiotUAk790pdzxsl0zbEmuaIyNW5XWowof8dwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLIJK66ipxppvmFNhl74bBdrcjDzMB8GA1UdIwQY
MBaAFBgQF3IkiZa4fZCEDC0n1iVJRYFzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0JBWGNpU0pscmg5a0lRTUxTZldKVWxGZ1hNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8yMGE1YTUtMGJhMi00MDUyLWJlYjQt
M2NjODVhZDNjMTkwLzEvc2drcnJxS25HbW0tWVUyR1h2aHNGMnR5TVBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8yMGE1YTUtMGJhMi00MDUyLWJlYjQtM2NjODVhZDNjMTkw
LzEvR0JBWGNpU0pscmg5a0lRTUxTZldKVWxGZ1hNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuVEcMA0G
CSqGSIb3DQEBCwUAA4IBAQCbPtNiXxJXUjjdNxmgQnKMCZRYMb2GpUM/sxPwy/kn
JhpQU6L/0xLK8yBcnwKH/OymIOsztA7ATQkRuH4yW07mOwMlp7tNEA0HVpq7sAmE
MPWUSccJjWdFhPH5KX1FScpBv7zx6BkR+zT9mN11EQcT4Vffazc/l29cT6do3zgj
AxiURkV4kpVXRe1lN5LZHIPeuWXGBMYC0AzrzA99fTSu5Agbo2/o5gs/IPbWam7b
NPbtDiovpykcW2yWCDdBEdRBVqdPRL6BMDpmYktYcrZfAsEXYelKbArnYnxu3XcE
HGRRq66FOiZGJ6LKhCGOo8TG55A1bN0h9tpjc7PIb+ZL
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:59 2024 by rpki-client on console-fra.rpki-client.org