Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/b35513-ebdb-4550-a7d4-12f9f733dc4f/1/OsTHjGS5JgF6S69y-Bc69hlGt4M.roa
File:                     OsTHjGS5JgF6S69y-Bc69hlGt4M.roa (raw, json)
Hash identifier:          +h7Mqboh8fnVr/RhKZRXDzUX0J6v/Jb+aLNGUHPRebg=
Subject key identifier:   3A:C4:C7:8C:64:B9:26:01:7A:4B:AF:72:F8:17:3A:F6:19:46:B7:83
Certificate issuer:       /CN=e2636e02f1554f70d971a656849c01bdff138ce8
Certificate serial:       01892F3B0157D69C99429FB7F5D171F3DDBF
Authority key identifier: E2:63:6E:02:F1:55:4F:70:D9:71:A6:56:84:9C:01:BD:FF:13:8C:E8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4mNuAvFVT3DZcaZWhJwBvf8TjOg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/94/b35513-ebdb-4550-a7d4-12f9f733dc4f/1/OsTHjGS5JgF6S69y-Bc69hlGt4M.roa
Signing time:             Fri 07 Jul 2023 07:22:23 +0000
ROA not before:           Fri 07 Jul 2023 07:22:23 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     29802
IP address blocks:        185.171.160.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:29:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:2f:3b:01:57:d6:9c:99:42:9f:b7:f5:d1:71:f3:dd:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e2636e02f1554f70d971a656849c01bdff138ce8
        Validity
            Not Before: Jul  7 07:22:23 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3ac4c78c64b926017a4baf72f8173af61946b783
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:19:94:04:e8:cf:f5:e4:fa:46:73:14:57:fd:
                    93:52:d8:82:27:15:be:e3:fc:8b:ff:5c:15:18:5d:
                    c3:ef:68:32:22:09:ac:51:03:0f:46:da:ed:62:b6:
                    50:0e:fd:47:af:c8:59:f3:8f:c0:06:e4:fb:e3:95:
                    5e:c9:09:ca:28:fa:9f:7a:53:d8:48:45:d3:16:4b:
                    de:5d:64:ac:67:5d:ab:af:e0:33:06:98:ba:61:13:
                    47:da:a9:e1:c9:ef:80:38:82:73:ab:f9:21:e8:71:
                    28:07:ba:90:b7:d4:9a:67:c6:f4:28:a6:73:dc:d8:
                    6c:63:30:89:ce:6e:1e:76:8b:a4:f1:a8:02:41:b0:
                    31:dc:55:18:65:98:b2:a1:d0:b5:25:0f:43:36:bc:
                    f0:c6:f6:b9:58:b9:6c:e3:4e:88:d1:93:8f:35:83:
                    35:2e:c4:b9:4f:44:c4:b3:01:42:2b:ed:d6:be:41:
                    db:c4:f7:06:4c:7a:33:9f:ae:e6:a2:73:ac:01:02:
                    65:fa:57:48:b1:82:72:bd:64:b9:00:ab:05:31:b7:
                    25:74:9a:7b:e4:51:b1:11:bb:35:2b:76:88:42:28:
                    3f:75:ba:c5:e3:2e:2d:60:40:74:62:24:32:39:c9:
                    46:9c:65:de:e9:66:c3:7e:4b:26:43:c4:7c:41:da:
                    ea:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:C4:C7:8C:64:B9:26:01:7A:4B:AF:72:F8:17:3A:F6:19:46:B7:83
            X509v3 Authority Key Identifier:
                keyid:E2:63:6E:02:F1:55:4F:70:D9:71:A6:56:84:9C:01:BD:FF:13:8C:E8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4mNuAvFVT3DZcaZWhJwBvf8TjOg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/b35513-ebdb-4550-a7d4-12f9f733dc4f/1/OsTHjGS5JgF6S69y-Bc69hlGt4M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/94/b35513-ebdb-4550-a7d4-12f9f733dc4f/1/4mNuAvFVT3DZcaZWhJwBvf8TjOg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.171.160.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a6:e9:09:4a:53:23:0f:92:3e:79:3e:f2:b0:61:3f:30:33:16:
         ab:4a:48:17:a5:48:6c:4e:45:d7:4d:03:0d:2f:61:11:dc:ce:
         e5:92:cd:31:c6:f7:18:af:73:db:fd:eb:23:1e:3b:f6:8e:21:
         74:79:0b:b2:dc:e1:41:2b:49:51:4f:87:d2:8c:8e:21:39:33:
         70:13:a9:a0:25:7e:f8:2e:c7:65:36:e9:50:fb:bd:0b:4c:43:
         67:b9:7f:a3:99:00:89:c9:e9:78:cb:d2:02:59:8f:33:cd:f2:
         79:ab:63:46:4d:ae:5e:3f:e7:8f:47:9f:e9:12:d7:19:eb:cb:
         e8:95:c4:b6:4a:52:52:0f:a0:b9:a5:ef:e9:fd:e7:30:5f:ae:
         dd:d8:cd:43:ca:e2:1e:e3:6c:41:fc:f5:43:2a:35:bd:dd:55:
         91:93:fa:bb:81:e6:76:29:0c:ea:26:06:68:30:b8:69:da:60:
         84:48:0c:5b:8e:15:6c:94:df:d1:01:59:8d:74:de:e3:fc:c4:
         f9:25:50:54:18:e0:61:b4:ce:ba:d6:19:a5:ff:13:51:30:62:
         e4:7e:94:82:c7:82:04:cb:8b:70:82:c3:5e:fe:f7:f7:56:9f:
         83:43:ec:69:14:36:4c:79:64:93:01:48:71:b4:c6:e5:b3:37:
         24:ef:82:37
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYkvOwFX1pyZQp+39dFx892/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyNjM2ZTAyZjE1NTRmNzBkOTcxYTY1Njg0OWMwMWJkZmYx
MzhjZTgwHhcNMjMwNzA3MDcyMjIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWM0Yzc4YzY0YjkyNjAxN2E0YmFmNzJmODE3M2FmNjE5NDZiNzgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjBmUBOjP9eT6RnMUV/2TUtiCJxW+
4/yL/1wVGF3D72gyIgmsUQMPRtrtYrZQDv1Hr8hZ84/ABuT745VeyQnKKPqfelPY
SEXTFkveXWSsZ12rr+AzBpi6YRNH2qnhye+AOIJzq/kh6HEoB7qQt9SaZ8b0KKZz
3NhsYzCJzm4edouk8agCQbAx3FUYZZiyodC1JQ9DNrzwxva5WLls406I0ZOPNYM1
LsS5T0TEswFCK+3WvkHbxPcGTHozn67monOsAQJl+ldIsYJyvWS5AKsFMbcldJp7
5FGxEbs1K3aIQig/dbrF4y4tYEB0YiQyOclGnGXe6WbDfksmQ8R8QdrqaQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDrEx4xkuSYBekuvcvgXOvYZRreDMB8GA1UdIwQY
MBaAFOJjbgLxVU9w2XGmVoScAb3/E4zoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNG1OdUF2RlZUM0RaY2FaV2hKd0J2ZjhUak9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9iMzU1MTMtZWJkYi00NTUwLWE3ZDQt
MTJmOWY3MzNkYzRmLzEvT3NUSGpHUzVKZ0Y2UzY5eS1CYzY5aGxHdDRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9iMzU1MTMtZWJkYi00NTUwLWE3ZDQtMTJmOWY3MzNkYzRm
LzEvNG1OdUF2RlZUM0RaY2FaV2hKd0J2ZjhUak9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuaugMA0G
CSqGSIb3DQEBCwUAA4IBAQCm6QlKUyMPkj55PvKwYT8wMxarSkgXpUhsTkXXTQMN
L2ER3M7lks0xxvcYr3Pb/esjHjv2jiF0eQuy3OFBK0lRT4fSjI4hOTNwE6mgJX74
LsdlNulQ+70LTENnuX+jmQCJyel4y9ICWY8zzfJ5q2NGTa5eP+ePR5/pEtcZ68vo
lcS2SlJSD6C5pe/p/ecwX67d2M1DyuIe42xB/PVDKjW93VWRk/q7geZ2KQzqJgZo
MLhp2mCESAxbjhVslN/RAVmNdN7j/MT5JVBUGOBhtM661hml/xNRMGLkfpSCx4IE
y4twgsNe/vf3Vp+DQ+xpFDZMeWSTAUhxtMblszck74I3
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:28 2024 by rpki-client on console-ams.rpki-client.org