Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/4bc7fa-0462-4cf6-9189-ae4e698664f1/1/oqgSMveMytSWjjl0ssPZ9GvEw9k.roa
File:                     oqgSMveMytSWjjl0ssPZ9GvEw9k.roa (raw, json)
Hash identifier:          HJUT9WZc5kKPfYmR2pdv5Ikqf4ATBpi0I+rUoXpaa9Q=
Subject key identifier:   A2:A8:12:32:F7:8C:CA:D4:96:8E:39:74:B2:C3:D9:F4:6B:C4:C3:D9
Certificate issuer:       /CN=a561ccb03741056715a6be4805321662d88e7e7c
Certificate serial:       0188B501A347A1C94E7621B7FEBFC80205CB
Authority key identifier: A5:61:CC:B0:37:41:05:67:15:A6:BE:48:05:32:16:62:D8:8E:7E:7C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pWHMsDdBBWcVpr5IBTIWYtiOfnw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/90/4bc7fa-0462-4cf6-9189-ae4e698664f1/1/oqgSMveMytSWjjl0ssPZ9GvEw9k.roa
Signing time:             Tue 13 Jun 2023 13:46:03 +0000
ROA not before:           Tue 13 Jun 2023 13:46:03 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     35280
IP address blocks:        185.142.148.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:30:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:b5:01:a3:47:a1:c9:4e:76:21:b7:fe:bf:c8:02:05:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a561ccb03741056715a6be4805321662d88e7e7c
        Validity
            Not Before: Jun 13 13:46:03 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a2a81232f78ccad4968e3974b2c3d9f46bc4c3d9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:35:41:b6:fc:af:3e:89:3f:0e:fa:15:a8:ba:
                    2f:a9:ab:d2:71:77:9e:4c:89:c3:e3:26:e2:45:c7:
                    a5:f0:21:ef:5d:dc:0d:5d:b9:43:c3:98:ce:c9:a0:
                    3b:84:9a:f2:07:7a:9a:8f:ff:85:21:e5:dc:cd:99:
                    76:fe:2f:cb:ff:5d:39:ca:c2:f3:3a:d3:ea:9a:c4:
                    12:68:fb:db:4d:30:e9:5b:ab:1f:d7:8d:85:74:7c:
                    4b:34:c5:4b:99:cd:7b:99:70:11:1e:23:6e:10:4c:
                    2d:6f:ca:f4:74:1a:06:24:6a:5a:61:9e:36:80:a6:
                    e5:25:18:5d:27:e3:09:14:0e:2c:39:aa:96:24:12:
                    17:53:16:c5:1e:ee:52:08:80:7f:24:a9:e9:c6:00:
                    4d:ec:be:98:9f:05:da:90:00:a3:2a:05:bc:2f:41:
                    b2:9e:28:62:6c:b9:64:03:b3:95:e2:bf:6c:88:49:
                    2a:a9:08:cc:47:8e:9b:d5:44:88:c2:da:53:47:a9:
                    0e:32:91:72:e8:d8:3e:c9:7d:41:cb:06:86:57:62:
                    e4:b3:e1:6f:c1:16:41:0a:9a:9f:76:b5:01:ec:ab:
                    7f:c9:41:4d:49:ed:6b:c8:48:17:51:77:61:81:84:
                    46:46:48:2a:58:ab:2e:02:98:22:14:88:3d:3a:e2:
                    02:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:A8:12:32:F7:8C:CA:D4:96:8E:39:74:B2:C3:D9:F4:6B:C4:C3:D9
            X509v3 Authority Key Identifier:
                keyid:A5:61:CC:B0:37:41:05:67:15:A6:BE:48:05:32:16:62:D8:8E:7E:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pWHMsDdBBWcVpr5IBTIWYtiOfnw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/4bc7fa-0462-4cf6-9189-ae4e698664f1/1/oqgSMveMytSWjjl0ssPZ9GvEw9k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/90/4bc7fa-0462-4cf6-9189-ae4e698664f1/1/pWHMsDdBBWcVpr5IBTIWYtiOfnw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.142.148.0/24

    Signature Algorithm: sha256WithRSAEncryption
         02:1e:d3:58:83:67:f4:ef:9a:68:5a:ba:c4:36:72:fd:eb:30:
         e1:9d:5d:ea:e3:58:96:83:6c:c4:1f:8a:7b:27:f5:0d:96:d3:
         7c:8a:df:f6:e3:84:13:8b:35:b2:66:07:9c:52:f7:04:12:bd:
         d7:c1:cf:6a:be:8c:ca:d0:17:eb:02:bc:ec:58:79:49:56:79:
         6c:f3:f1:16:c7:a6:f0:d1:87:d9:52:ad:ee:a0:f8:8f:f7:c4:
         ca:a4:02:57:d0:b7:b9:7e:f7:83:66:24:9a:76:56:b2:32:10:
         f8:d0:df:75:e3:ea:db:b6:87:2d:be:99:3b:78:1e:85:2f:2c:
         96:79:c8:09:21:72:bd:b9:58:6e:98:c2:e2:f0:66:53:f9:dd:
         35:30:77:63:ae:94:10:62:71:86:ae:13:27:b5:5f:89:59:95:
         cd:50:12:c2:63:b7:df:3d:52:36:55:22:1c:46:17:0e:04:97:
         ee:ab:db:b3:7d:79:44:94:4b:c7:7f:01:a7:bc:9c:29:47:7d:
         fc:c8:1c:7f:5a:31:32:ac:51:a2:9d:56:20:0e:e9:1e:dd:cb:
         2e:f0:21:2f:0b:ef:01:1d:e4:34:47:09:84:10:6a:5d:43:fb:
         a5:08:fb:6e:d1:1a:01:a0:ed:5a:97:e5:5c:29:3b:ae:f1:19:
         97:e0:7b:a6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYi1AaNHoclOdiG3/r/IAgXLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NjFjY2IwMzc0MTA1NjcxNWE2YmU0ODA1MzIxNjYyZDg4
ZTdlN2MwHhcNMjMwNjEzMTM0NjAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmE4MTIzMmY3OGNjYWQ0OTY4ZTM5NzRiMmMzZDlmNDZiYzRjM2Q5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApjVBtvyvPok/DvoVqLovqavScXee
TInD4ybiRcel8CHvXdwNXblDw5jOyaA7hJryB3qaj/+FIeXczZl2/i/L/105ysLz
OtPqmsQSaPvbTTDpW6sf142FdHxLNMVLmc17mXARHiNuEEwtb8r0dBoGJGpaYZ42
gKblJRhdJ+MJFA4sOaqWJBIXUxbFHu5SCIB/JKnpxgBN7L6YnwXakACjKgW8L0Gy
nihibLlkA7OV4r9siEkqqQjMR46b1USIwtpTR6kOMpFy6Ng+yX1BywaGV2Lks+Fv
wRZBCpqfdrUB7Kt/yUFNSe1ryEgXUXdhgYRGRkgqWKsuApgiFIg9OuICgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKKoEjL3jMrUlo45dLLD2fRrxMPZMB8GA1UdIwQY
MBaAFKVhzLA3QQVnFaa+SAUyFmLYjn58MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFdITXNEZEJCV2NWcHI1SUJUSVdZdGlPZm53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC80YmM3ZmEtMDQ2Mi00Y2Y2LTkxODkt
YWU0ZTY5ODY2NGYxLzEvb3FnU012ZU15dFNXampsMHNzUFo5R3ZFdzlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC80YmM3ZmEtMDQ2Mi00Y2Y2LTkxODktYWU0ZTY5ODY2NGYx
LzEvcFdITXNEZEJCV2NWcHI1SUJUSVdZdGlPZm53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuY6UMA0G
CSqGSIb3DQEBCwUAA4IBAQACHtNYg2f075poWrrENnL96zDhnV3q41iWg2zEH4p7
J/UNltN8it/244QTizWyZgecUvcEEr3Xwc9qvozK0BfrArzsWHlJVnls8/EWx6bw
0YfZUq3uoPiP98TKpAJX0Le5fveDZiSadlayMhD40N914+rbtoctvpk7eB6FLyyW
ecgJIXK9uVhumMLi8GZT+d01MHdjrpQQYnGGrhMntV+JWZXNUBLCY7ffPVI2VSIc
RhcOBJfuq9uzfXlElEvHfwGnvJwpR338yBx/WjEyrFGinVYgDuke3csu8CEvC+8B
HeQ0RwmEEGpdQ/ulCPtu0RoBoO1al+VcKTuu8RmX4Hum
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:45 2024 by rpki-client on console-ams.rpki-client.org