Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/Ba28UWG-U8lAvJSiIxoIR6cGd6s.roa
File:                     Ba28UWG-U8lAvJSiIxoIR6cGd6s.roa (raw, json)
Hash identifier:          uCIeJWIPG+CNJFfD/8QNeAtxPxn5pOhQBI4CAerzcR8=
Subject key identifier:   05:AD:BC:51:61:BE:53:C9:40:BC:94:A2:23:1A:08:47:A7:06:77:AB
Certificate issuer:       /CN=3aba1172472ea80265d12982967de0a8b0bc5901
Certificate serial:       0185714C48EF7D97DFE5CCF8DFEF0D17466B
Authority key identifier: 3A:BA:11:72:47:2E:A8:02:65:D1:29:82:96:7D:E0:A8:B0:BC:59:01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OroRckcuqAJl0SmCln3gqLC8WQE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/Ba28UWG-U8lAvJSiIxoIR6cGd6s.roa
Signing time:             Mon 02 Jan 2023 07:05:02 +0000
ROA not before:           Mon 02 Jan 2023 07:05:02 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     213006
IP address blocks:        185.21.135.0/24 maxlen: 24
                          195.182.204.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:29:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:4c:48:ef:7d:97:df:e5:cc:f8:df:ef:0d:17:46:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3aba1172472ea80265d12982967de0a8b0bc5901
        Validity
            Not Before: Jan  2 07:05:02 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=05adbc5161be53c940bc94a2231a0847a70677ab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:38:84:aa:11:ad:fa:3a:5c:14:b7:fe:cb:ad:
                    11:70:20:9d:d5:f9:33:b9:b9:23:d1:85:64:a4:ca:
                    17:77:ef:b4:21:68:d3:97:84:53:77:82:ee:6e:e8:
                    67:7b:9d:df:c8:93:7a:ae:08:90:f0:0b:98:a1:f3:
                    c0:7d:68:97:3a:26:46:57:c5:0a:d4:22:b4:84:75:
                    01:a0:ce:a7:37:3e:18:7c:f4:ec:bc:69:02:ca:78:
                    5d:47:e5:56:cb:4c:81:46:f4:bd:8b:63:4b:b0:29:
                    ae:1c:af:72:98:32:9d:d4:d0:3b:91:ca:0e:9c:4c:
                    a0:7c:df:2c:a2:29:42:b1:2d:01:ff:28:70:ab:14:
                    e7:85:98:8a:e0:98:1e:a4:d3:1c:3d:4c:02:76:a6:
                    bf:31:89:c0:b0:04:62:68:bf:8e:e1:37:d2:6a:c7:
                    21:7e:e5:56:dd:fb:70:0f:58:32:71:c7:37:27:02:
                    1f:5e:63:9a:49:62:3c:c9:7d:88:91:ff:9b:72:fa:
                    3a:0c:1a:fd:14:ac:8d:0c:91:13:d5:da:31:66:16:
                    a3:c4:3c:95:22:90:1c:8d:00:a1:3e:ee:6b:8b:e7:
                    b2:6e:93:54:b1:8e:74:74:7b:54:de:81:dd:dd:b1:
                    73:3b:34:55:40:9a:9a:29:42:d5:19:7c:3d:d3:d7:
                    fd:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:AD:BC:51:61:BE:53:C9:40:BC:94:A2:23:1A:08:47:A7:06:77:AB
            X509v3 Authority Key Identifier:
                keyid:3A:BA:11:72:47:2E:A8:02:65:D1:29:82:96:7D:E0:A8:B0:BC:59:01

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OroRckcuqAJl0SmCln3gqLC8WQE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/Ba28UWG-U8lAvJSiIxoIR6cGd6s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/OroRckcuqAJl0SmCln3gqLC8WQE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.21.135.0/24
                  195.182.204.0/24

    Signature Algorithm: sha256WithRSAEncryption
         04:94:7d:de:4b:93:35:f5:3d:6e:e6:27:05:30:71:b7:b0:4a:
         75:08:ae:00:3d:71:b0:bc:6b:46:c7:3d:06:bf:92:2d:a1:ab:
         35:5e:d6:58:60:31:5a:16:4e:87:7b:41:b8:c8:2e:45:60:2d:
         1b:5d:c7:9b:ed:22:49:88:9f:1e:7a:5a:18:bc:eb:2a:7f:d4:
         fc:73:10:da:30:32:da:a3:c6:cf:a1:c4:52:1a:aa:42:16:a0:
         4e:b4:63:b2:0a:94:ff:c1:9d:50:3f:92:8d:a4:16:cc:53:6e:
         6e:d5:fa:ca:8f:6a:96:9a:f8:a7:96:51:a5:80:ad:8e:62:bd:
         9d:5c:5e:63:33:7f:4e:04:25:b6:a4:b7:5b:38:33:d2:40:56:
         3a:90:36:95:be:d1:c4:93:c0:b1:99:3f:ac:dd:db:8b:ed:5a:
         a3:92:10:83:4b:bf:c8:ad:35:9c:d2:af:b7:2b:59:7b:de:df:
         23:99:02:cc:e6:04:ca:07:53:28:17:77:89:53:17:e6:2f:1d:
         9a:7b:98:6d:a8:aa:53:ca:c2:df:3d:45:77:d8:56:73:55:a2:
         1a:db:d5:e1:45:78:ea:fb:7f:29:ea:16:ee:98:68:3e:a5:5c:
         18:87:30:92:2c:52:fb:19:ca:8b:15:76:5d:3a:b9:cf:10:9a:
         6a:30:03:79
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxTEjvfZff5cz43+8NF0ZrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhYmExMTcyNDcyZWE4MDI2NWQxMjk4Mjk2N2RlMGE4YjBi
YzU5MDEwHhcNMjMwMTAyMDcwNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWFkYmM1MTYxYmU1M2M5NDBiYzk0YTIyMzFhMDg0N2E3MDY3N2FiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuziEqhGt+jpcFLf+y60RcCCd1fkz
ubkj0YVkpMoXd++0IWjTl4RTd4Lubuhne53fyJN6rgiQ8AuYofPAfWiXOiZGV8UK
1CK0hHUBoM6nNz4YfPTsvGkCynhdR+VWy0yBRvS9i2NLsCmuHK9ymDKd1NA7kcoO
nEygfN8soilCsS0B/yhwqxTnhZiK4JgepNMcPUwCdqa/MYnAsARiaL+O4TfSasch
fuVW3ftwD1gyccc3JwIfXmOaSWI8yX2Ikf+bcvo6DBr9FKyNDJET1doxZhajxDyV
IpAcjQChPu5ri+eybpNUsY50dHtU3oHd3bFzOzRVQJqaKULVGXw909f9nwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAWtvFFhvlPJQLyUoiMaCEenBnerMB8GA1UdIwQY
MBaAFDq6EXJHLqgCZdEpgpZ94KiwvFkBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3JvUmNrY3VxQUpsMFNtQ2xuM2dxTEM4V1FFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My83YjFjNTUtZGRkMC00MjgxLTgzNzgt
NGRkMDQzNDZhYmMzLzEvQmEyOFVXRy1VOGxBdkpTaUl4b0lSNmNHZDZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My83YjFjNTUtZGRkMC00MjgxLTgzNzgtNGRkMDQzNDZhYmMz
LzEvT3JvUmNrY3VxQUpsMFNtQ2xuM2dxTEM4V1FFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuRWHAwQA
w7bMMA0GCSqGSIb3DQEBCwUAA4IBAQAElH3eS5M19T1u5icFMHG3sEp1CK4APXGw
vGtGxz0Gv5Itoas1XtZYYDFaFk6He0G4yC5FYC0bXceb7SJJiJ8eeloYvOsqf9T8
cxDaMDLao8bPocRSGqpCFqBOtGOyCpT/wZ1QP5KNpBbMU25u1frKj2qWmvinllGl
gK2OYr2dXF5jM39OBCW2pLdbODPSQFY6kDaVvtHEk8CxmT+s3duL7VqjkhCDS7/I
rTWc0q+3K1l73t8jmQLM5gTKB1MoF3eJUxfmLx2ae5htqKpTysLfPUV32FZzVaIa
29XhRXjq+38p6hbumGg+pVwYhzCSLFL7GcqLFXZdOrnPEJpqMAN5
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:04 2024 by rpki-client on console-ams.rpki-client.org