Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/1-mm894VBz4ZydcYPhAC-lYIrcjM.roa
File:                     1-mm894VBz4ZydcYPhAC-lYIrcjM.roa (raw, json)
Hash identifier:          htdVBrhXd1Xgx6BXJPvPsthn0Y4+RO01KGEQ78u5NTk=
Subject key identifier:   FA:69:BC:F7:85:41:CF:86:72:75:C6:0F:84:00:BE:95:82:2B:72:33
Certificate issuer:       /CN=3aba1172472ea80265d12982967de0a8b0bc5901
Certificate serial:       018D7E43E5D2EECEC9D5D0CF6A9A871A16A7
Authority key identifier: 3A:BA:11:72:47:2E:A8:02:65:D1:29:82:96:7D:E0:A8:B0:BC:59:01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OroRckcuqAJl0SmCln3gqLC8WQE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/1-mm894VBz4ZydcYPhAC-lYIrcjM.roa
Signing time:             Tue 06 Feb 2024 11:53:15 +0000
ROA not before:           Tue 06 Feb 2024 11:53:15 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     398465
IP address blocks:        185.243.152.0/24 maxlen: 24
                          185.243.153.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 06 Mar 2024 18:26:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8d:7e:43:e5:d2:ee:ce:c9:d5:d0:cf:6a:9a:87:1a:16:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3aba1172472ea80265d12982967de0a8b0bc5901
        Validity
            Not Before: Feb  6 11:53:15 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=fa69bcf78541cf867275c60f8400be95822b7233
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:31:d2:0e:46:a7:ff:f9:90:58:4e:de:bd:fe:
                    3b:94:f9:aa:83:c3:60:99:b0:46:68:2c:25:3d:dd:
                    1c:b9:c9:2a:2f:fa:f6:0f:44:69:7c:e2:a6:2c:69:
                    e6:44:de:34:84:6e:10:b1:e1:39:70:24:92:d8:b7:
                    95:36:18:78:f5:22:92:a3:97:57:75:bc:43:f0:12:
                    e7:b9:a7:1d:fc:a6:65:af:81:87:0a:d8:32:fb:d1:
                    f3:ad:c8:65:06:1f:33:90:85:27:b1:f9:7b:15:6f:
                    53:0b:a0:a5:59:1e:0b:d2:7f:9e:31:76:8e:59:8c:
                    1f:78:81:44:d9:3d:e1:e9:4c:a1:92:1d:21:57:f4:
                    98:de:0c:1a:ff:b7:cf:d2:d4:1d:38:3a:23:ba:aa:
                    47:56:60:d1:61:03:43:59:e4:c8:34:3a:10:71:1b:
                    fc:76:cb:d4:a9:6a:02:d5:c9:72:4e:42:1a:7a:92:
                    ca:c0:53:1f:66:30:e7:f9:a4:e1:a6:ba:73:93:7b:
                    1d:fa:20:86:62:6d:5a:3c:06:7c:42:28:b9:03:cc:
                    c1:25:4d:91:5a:4d:16:b4:bb:4a:8e:b9:17:a6:72:
                    1b:f7:b8:f8:2f:b4:08:e3:06:08:27:59:09:ec:1a:
                    75:6a:9e:35:0b:35:02:44:c2:e2:ee:f0:46:04:27:
                    38:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:69:BC:F7:85:41:CF:86:72:75:C6:0F:84:00:BE:95:82:2B:72:33
            X509v3 Authority Key Identifier:
                keyid:3A:BA:11:72:47:2E:A8:02:65:D1:29:82:96:7D:E0:A8:B0:BC:59:01

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OroRckcuqAJl0SmCln3gqLC8WQE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/1-mm894VBz4ZydcYPhAC-lYIrcjM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/OroRckcuqAJl0SmCln3gqLC8WQE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.243.152.0/23

    Signature Algorithm: sha256WithRSAEncryption
         5a:97:65:b2:8e:a5:2b:0d:cf:c3:30:cf:9d:61:d2:64:e4:8f:
         67:73:ac:71:f4:fa:4e:91:4b:95:4d:96:a6:f0:c7:7c:37:bb:
         c5:76:9c:3b:59:f3:95:66:57:48:60:f4:02:73:0d:55:5f:e9:
         0b:35:81:4d:f3:02:4d:f2:01:c8:37:78:6e:91:5b:a0:a0:70:
         de:b6:9c:b4:1b:0b:61:46:af:41:45:d5:52:ff:92:9c:ac:26:
         5d:ec:64:8a:a8:5d:48:17:3d:ee:94:11:2d:5b:e9:55:54:fb:
         d3:33:8e:22:bd:2e:03:f4:c3:96:2d:fc:b3:df:3e:b9:fc:ac:
         e3:1f:be:b1:87:81:f1:f3:e8:99:98:d8:70:23:e4:d0:24:50:
         c7:f7:54:8b:ff:ab:fa:53:2b:46:6b:8f:8e:bb:dc:9b:76:84:
         ae:6a:18:64:93:a8:24:83:9a:5a:a8:8d:79:6c:7a:7b:5c:11:
         ea:a9:42:bb:86:3b:07:7b:eb:59:13:67:56:d1:ad:96:93:53:
         61:4b:af:54:d0:19:fd:e0:ee:28:12:61:d9:13:a6:67:90:a3:
         b1:c9:b5:fe:09:a9:a8:28:ea:50:17:0d:11:c7:e8:c8:fd:d7:
         43:38:04:de:77:96:8b:4c:86:d7:3e:3a:c0:a9:1d:cd:6a:25:
         82:7c:0c:44
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY1+Q+XS7s7J1dDPapqHGhanMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhYmExMTcyNDcyZWE4MDI2NWQxMjk4Mjk2N2RlMGE4YjBi
YzU5MDEwHhcNMjQwMjA2MTE1MzE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTY5YmNmNzg1NDFjZjg2NzI3NWM2MGY4NDAwYmU5NTgyMmI3MjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhTHSDkan//mQWE7evf47lPmqg8Ng
mbBGaCwlPd0cuckqL/r2D0RpfOKmLGnmRN40hG4QseE5cCSS2LeVNhh49SKSo5dX
dbxD8BLnuacd/KZlr4GHCtgy+9HzrchlBh8zkIUnsfl7FW9TC6ClWR4L0n+eMXaO
WYwfeIFE2T3h6Uyhkh0hV/SY3gwa/7fP0tQdODojuqpHVmDRYQNDWeTINDoQcRv8
dsvUqWoC1clyTkIaepLKwFMfZjDn+aThprpzk3sd+iCGYm1aPAZ8Qii5A8zBJU2R
Wk0WtLtKjrkXpnIb97j4L7QI4wYIJ1kJ7Bp1ap41CzUCRMLi7vBGBCc45wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPppvPeFQc+GcnXGD4QAvpWCK3IzMB8GA1UdIwQY
MBaAFDq6EXJHLqgCZdEpgpZ94KiwvFkBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3JvUmNrY3VxQUpsMFNtQ2xuM2dxTEM4V1FFLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My83YjFjNTUtZGRkMC00MjgxLTgzNzgt
NGRkMDQzNDZhYmMzLzEvMS1tbTg5NFZCejRaeWRjWVBoQUMtbFlJcmNqTS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvODMvN2IxYzU1LWRkZDAtNDI4MS04Mzc4LTRkZDA0MzQ2YWJj
My8xL09yb1Jja2N1cUFKbDBTbUNsbjNncUxDOFdRRS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbnzmDAN
BgkqhkiG9w0BAQsFAAOCAQEAWpdlso6lKw3PwzDPnWHSZOSPZ3OscfT6TpFLlU2W
pvDHfDe7xXacO1nzlWZXSGD0AnMNVV/pCzWBTfMCTfIByDd4bpFboKBw3ractBsL
YUavQUXVUv+SnKwmXexkiqhdSBc97pQRLVvpVVT70zOOIr0uA/TDli38s98+ufys
4x++sYeB8fPomZjYcCPk0CRQx/dUi/+r+lMrRmuPjrvcm3aErmoYZJOoJIOaWqiN
eWx6e1wR6qlCu4Y7B3vrWRNnVtGtlpNTYUuvVNAZ/eDuKBJh2ROmZ5Cjscm1/gmp
qCjqUBcNEcfoyP3XQzgE3neWi0yG1z46wKkdzWolgnwMRA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:17 2024 by rpki-client on console-fra.rpki-client.org