Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/7bf8a8-e49c-406e-8eb7-c823cc8f3837/1/ppPOxj9r25_R53Ea0akTVaWU09A.roa
File:                     ppPOxj9r25_R53Ea0akTVaWU09A.roa (raw, json)
Hash identifier:          rCNtKl9Cs/DS8ZLZQ0wvwzoG15JHF8KL5MoV4Q+y8G4=
Subject key identifier:   A6:93:CE:C6:3F:6B:DB:9F:D1:E7:71:1A:D1:A9:13:55:A5:94:D3:D0
Certificate issuer:       /CN=3718b734349bf327d9453b96501e44b192e55142
Certificate serial:       01856FC285F1B3440378348AAC53F9CCF7F2
Authority key identifier: 37:18:B7:34:34:9B:F3:27:D9:45:3B:96:50:1E:44:B1:92:E5:51:42
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Nxi3NDSb8yfZRTuWUB5EsZLlUUI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/83/7bf8a8-e49c-406e-8eb7-c823cc8f3837/1/ppPOxj9r25_R53Ea0akTVaWU09A.roa
Signing time:             Sun 01 Jan 2023 23:54:57 +0000
ROA not before:           Sun 01 Jan 2023 23:54:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60721
IP address blocks:        185.155.54.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 09 Nov 2023 12:53:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:c2:85:f1:b3:44:03:78:34:8a:ac:53:f9:cc:f7:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3718b734349bf327d9453b96501e44b192e55142
        Validity
            Not Before: Jan  1 23:54:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a693cec63f6bdb9fd1e7711ad1a91355a594d3d0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:13:e6:09:d7:0e:5e:0f:43:9f:61:d6:27:5b:
                    d4:2b:70:bf:ac:79:9b:22:c4:5f:3e:de:70:5a:27:
                    bd:2a:5b:94:3b:2e:49:ed:99:34:5d:0f:b1:01:33:
                    34:b5:92:ff:16:3f:95:74:2d:5e:93:c8:bb:51:5d:
                    75:b8:9d:88:43:75:79:03:8d:ae:93:ea:8f:9d:c6:
                    e7:31:a6:a5:2a:15:50:04:2e:1d:6c:07:58:d9:7f:
                    4c:73:03:18:4e:35:53:95:39:23:14:a7:d1:56:1a:
                    bc:fc:fc:0d:75:31:84:33:5b:09:fe:da:99:44:93:
                    c0:44:29:99:15:57:80:a4:4e:96:74:50:a7:ed:06:
                    6d:a2:67:02:25:a0:a5:cc:21:4e:40:cd:a6:ec:46:
                    a1:2d:79:9d:ed:47:11:57:d3:f6:ef:6c:45:3d:30:
                    07:70:18:40:b1:61:55:10:ef:ee:5a:3f:2f:89:77:
                    be:f4:a3:9f:d2:c3:6f:5f:5a:a3:2a:5c:54:6b:29:
                    d0:21:d3:36:fe:43:23:0d:99:78:51:90:5c:67:f2:
                    99:ad:6b:0a:ef:b4:6f:0b:07:60:2d:4c:94:0c:8a:
                    b6:38:4d:ab:b9:f9:d8:c2:76:d9:a0:2b:88:92:64:
                    6d:c9:28:84:8b:e9:0f:72:df:5c:71:ef:f0:9f:06:
                    dd:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:93:CE:C6:3F:6B:DB:9F:D1:E7:71:1A:D1:A9:13:55:A5:94:D3:D0
            X509v3 Authority Key Identifier:
                keyid:37:18:B7:34:34:9B:F3:27:D9:45:3B:96:50:1E:44:B1:92:E5:51:42

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nxi3NDSb8yfZRTuWUB5EsZLlUUI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7bf8a8-e49c-406e-8eb7-c823cc8f3837/1/ppPOxj9r25_R53Ea0akTVaWU09A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7bf8a8-e49c-406e-8eb7-c823cc8f3837/1/Nxi3NDSb8yfZRTuWUB5EsZLlUUI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.155.54.0/24

    Signature Algorithm: sha256WithRSAEncryption
         02:aa:42:d4:0d:91:46:c2:d4:0b:17:ef:0e:f9:19:70:3d:18:
         4f:4b:cd:d0:e8:56:5b:ec:af:16:25:03:6a:0b:58:3f:8b:62:
         81:17:db:fb:fd:3e:26:15:54:91:6c:79:b1:e7:d3:61:51:1e:
         1d:58:bc:4e:fc:50:97:c6:2b:20:a3:39:78:53:6c:02:92:71:
         f2:cf:c2:92:15:c3:5f:19:d7:42:09:da:39:2f:b8:8b:74:04:
         a5:f6:97:25:67:f2:7a:92:bd:ba:e5:e7:b2:50:41:d3:fb:8b:
         09:04:81:52:77:d4:1f:cb:14:8d:a2:c4:2f:11:53:9f:04:41:
         04:c1:e0:a2:97:0e:d3:48:d1:7e:3c:21:b1:3c:b2:4d:c9:dd:
         65:e9:6d:23:e1:e8:07:67:e1:84:d1:97:94:6b:5d:5d:f0:8b:
         fa:88:9d:19:03:23:9f:19:cc:e5:f8:f1:11:21:9e:6e:ab:f1:
         68:9f:29:51:eb:6f:00:66:b1:5e:b8:7e:94:75:06:90:e9:1c:
         d8:a7:c6:52:9c:79:21:1f:7e:20:b1:8f:51:72:59:00:80:c0:
         a6:a6:9f:e3:7a:63:24:ca:56:ea:2b:50:b8:71:17:77:cb:80:
         88:6a:c0:b4:f7:83:ae:04:9d:8f:87:1b:7b:50:f0:82:8b:db:
         97:25:5f:d2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvwoXxs0QDeDSKrFP5zPfyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3MThiNzM0MzQ5YmYzMjdkOTQ1M2I5NjUwMWU0NGIxOTJl
NTUxNDIwHhcNMjMwMTAxMjM1NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjkzY2VjNjNmNmJkYjlmZDFlNzcxMWFkMWE5MTM1NWE1OTRkM2QwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgxPmCdcOXg9Dn2HWJ1vUK3C/rHmb
IsRfPt5wWie9KluUOy5J7Zk0XQ+xATM0tZL/Fj+VdC1ek8i7UV11uJ2IQ3V5A42u
k+qPncbnMaalKhVQBC4dbAdY2X9McwMYTjVTlTkjFKfRVhq8/PwNdTGEM1sJ/tqZ
RJPARCmZFVeApE6WdFCn7QZtomcCJaClzCFOQM2m7EahLXmd7UcRV9P272xFPTAH
cBhAsWFVEO/uWj8viXe+9KOf0sNvX1qjKlxUaynQIdM2/kMjDZl4UZBcZ/KZrWsK
77RvCwdgLUyUDIq2OE2rufnYwnbZoCuIkmRtySiEi+kPct9cce/wnwbdPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKaTzsY/a9uf0edxGtGpE1WllNPQMB8GA1UdIwQY
MBaAFDcYtzQ0m/Mn2UU7llAeRLGS5VFCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnhpM05EU2I4eWZaUlR1V1VCNUVzWkxsVVVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My83YmY4YTgtZTQ5Yy00MDZlLThlYjct
YzgyM2NjOGYzODM3LzEvcHBQT3hqOXIyNV9SNTNFYTBha1RWYVdVMDlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My83YmY4YTgtZTQ5Yy00MDZlLThlYjctYzgyM2NjOGYzODM3
LzEvTnhpM05EU2I4eWZaUlR1V1VCNUVzWkxsVVVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZs2MA0G
CSqGSIb3DQEBCwUAA4IBAQACqkLUDZFGwtQLF+8O+RlwPRhPS83Q6FZb7K8WJQNq
C1g/i2KBF9v7/T4mFVSRbHmx59NhUR4dWLxO/FCXxisgozl4U2wCknHyz8KSFcNf
GddCCdo5L7iLdASl9pclZ/J6kr265eeyUEHT+4sJBIFSd9QfyxSNosQvEVOfBEEE
weCilw7TSNF+PCGxPLJNyd1l6W0j4egHZ+GE0ZeUa11d8Iv6iJ0ZAyOfGczl+PER
IZ5uq/FonylR628AZrFeuH6UdQaQ6RzYp8ZSnHkhH34gsY9RclkAgMCmpp/jemMk
ylbqK1C4cRd3y4CIasC094OuBJ2Phxt7UPCCi9uXJV/S
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:17 2024 by rpki-client on console-fra.rpki-client.org