Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/368df0-5c41-49d3-a9a9-c45903c3b329/1/5LStrFdFRv21r4kTLyYHf8Vw5jU.roa
File:                     5LStrFdFRv21r4kTLyYHf8Vw5jU.roa (raw, json)
Hash identifier:          +REYH1LorvRcaTulRvUwCI1GqjByg9kVZoetIv59qk0=
Subject key identifier:   E4:B4:AD:AC:57:45:46:FD:B5:AF:89:13:2F:26:07:7F:C5:70:E6:35
Certificate issuer:       /CN=e9d2721f2e2bd011b8a6860ad2572c405c0b540f
Certificate serial:       01856E020676037758F30253796A5E3F28D4
Authority key identifier: E9:D2:72:1F:2E:2B:D0:11:B8:A6:86:0A:D2:57:2C:40:5C:0B:54:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6dJyHy4r0BG4poYK0lcsQFwLVA8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9d/368df0-5c41-49d3-a9a9-c45903c3b329/1/5LStrFdFRv21r4kTLyYHf8Vw5jU.roa
Signing time:             Sun 01 Jan 2023 15:45:04 +0000
ROA not before:           Sun 01 Jan 2023 15:45:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     14618
IP address blocks:        185.43.192.0/24 maxlen: 24
                          185.43.193.0/24 maxlen: 24
                          185.43.194.0/24 maxlen: 24
                          185.43.195.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:29:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:02:06:76:03:77:58:f3:02:53:79:6a:5e:3f:28:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e9d2721f2e2bd011b8a6860ad2572c405c0b540f
        Validity
            Not Before: Jan  1 15:45:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e4b4adac574546fdb5af89132f26077fc570e635
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:1c:44:af:59:49:23:b5:db:54:69:f7:78:89:
                    48:28:8c:e6:3e:3e:04:95:9d:db:4b:9a:e4:f9:28:
                    cf:67:19:76:ea:3c:4b:37:ab:39:e0:da:ce:b0:c6:
                    59:70:d7:1b:f5:99:9d:23:f7:1a:89:d9:39:0a:ca:
                    81:0f:da:3e:37:b2:cf:93:a8:45:b8:de:18:90:2b:
                    a3:0c:f4:b3:c4:1c:0a:e0:33:12:b6:29:f2:c2:ac:
                    a5:a8:a1:2d:96:21:38:97:59:cc:8a:76:36:05:e1:
                    d6:11:8b:17:44:b5:86:81:0d:a3:93:1b:98:49:e9:
                    09:61:71:76:c9:d3:42:0e:24:32:18:d0:6b:11:a0:
                    15:9f:ad:8f:9d:f6:6e:a7:81:13:b5:5d:97:b8:16:
                    0d:45:20:1c:e1:bb:96:69:2c:48:f3:4f:df:a0:24:
                    bc:dc:c7:5b:f1:23:17:8e:30:3e:f3:bd:bb:18:4c:
                    97:97:82:48:dc:b7:03:d1:4e:ba:59:28:6b:8f:eb:
                    61:89:6b:36:bb:4a:24:2c:e2:ed:71:c0:2c:20:b7:
                    65:5a:33:1c:20:e9:76:3f:2f:65:a1:85:ba:c8:6a:
                    9b:aa:c5:2a:9d:37:5e:e7:53:fe:cc:76:da:63:ee:
                    4b:76:1a:cd:60:4c:be:b7:cb:cd:9c:dc:4f:3e:36:
                    85:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:B4:AD:AC:57:45:46:FD:B5:AF:89:13:2F:26:07:7F:C5:70:E6:35
            X509v3 Authority Key Identifier:
                keyid:E9:D2:72:1F:2E:2B:D0:11:B8:A6:86:0A:D2:57:2C:40:5C:0B:54:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6dJyHy4r0BG4poYK0lcsQFwLVA8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/368df0-5c41-49d3-a9a9-c45903c3b329/1/5LStrFdFRv21r4kTLyYHf8Vw5jU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/368df0-5c41-49d3-a9a9-c45903c3b329/1/6dJyHy4r0BG4poYK0lcsQFwLVA8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.43.192.0/22

    Signature Algorithm: sha256WithRSAEncryption
         0f:ed:90:ac:78:16:e2:f1:a7:1a:12:ac:8d:6e:8f:38:53:80:
         0f:53:3a:d8:14:f9:a0:5c:61:1c:0b:f7:bf:a1:3c:cd:0c:32:
         2e:a4:e9:b7:ad:34:c5:0e:fa:84:2a:91:67:73:9e:d0:38:d4:
         1f:dc:af:ea:95:5a:d4:d8:d7:b7:7a:7b:8c:ea:20:3d:3a:d4:
         62:c9:26:93:a2:2b:af:88:8e:c1:d3:76:61:d5:7c:33:60:b8:
         6e:75:24:58:fc:35:de:4c:be:49:a5:01:30:18:b0:f1:42:9f:
         e2:f8:6c:18:5f:c4:0c:ce:41:99:e7:de:04:c1:79:66:f2:60:
         99:a2:91:32:7d:80:da:4e:ff:d6:e5:8a:c8:0b:d3:55:d0:26:
         6c:3a:c0:48:fc:64:23:f8:af:ea:32:7d:03:4e:35:d0:5e:d7:
         dc:54:21:1f:40:06:d0:a9:a1:0f:95:96:31:f8:dc:e6:32:ff:
         fc:d6:49:8b:75:c6:46:ad:a8:89:c8:db:67:4d:62:2e:ad:19:
         97:2a:6f:47:4f:d4:26:06:e1:68:b2:40:e8:d6:4c:22:a4:d7:
         7b:60:89:46:1c:7d:fc:b8:6a:4a:2b:c3:00:b0:82:bc:98:7b:
         e7:18:fd:7e:81:03:99:cd:3f:fe:ae:13:fa:2f:51:60:1b:35:
         18:b8:aa:9d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuAgZ2A3dY8wJTeWpePyjUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5ZDI3MjFmMmUyYmQwMTFiOGE2ODYwYWQyNTcyYzQwNWMw
YjU0MGYwHhcNMjMwMTAxMTU0NTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGI0YWRhYzU3NDU0NmZkYjVhZjg5MTMyZjI2MDc3ZmM1NzBlNjM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkhxEr1lJI7XbVGn3eIlIKIzmPj4E
lZ3bS5rk+SjPZxl26jxLN6s54NrOsMZZcNcb9ZmdI/caidk5CsqBD9o+N7LPk6hF
uN4YkCujDPSzxBwK4DMStinywqylqKEtliE4l1nMinY2BeHWEYsXRLWGgQ2jkxuY
SekJYXF2ydNCDiQyGNBrEaAVn62PnfZup4ETtV2XuBYNRSAc4buWaSxI80/foCS8
3Mdb8SMXjjA+8727GEyXl4JI3LcD0U66WShrj+thiWs2u0okLOLtccAsILdlWjMc
IOl2Py9loYW6yGqbqsUqnTde51P+zHbaY+5LdhrNYEy+t8vNnNxPPjaFoQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOS0raxXRUb9ta+JEy8mB3/FcOY1MB8GA1UdIwQY
MBaAFOnSch8uK9ARuKaGCtJXLEBcC1QPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmRKeUh5NHIwQkc0cG9ZSzBsY3NRRndMVkE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC8zNjhkZjAtNWM0MS00OWQzLWE5YTkt
YzQ1OTAzYzNiMzI5LzEvNUxTdHJGZEZSdjIxcjRrVEx5WUhmOFZ3NWpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC8zNjhkZjAtNWM0MS00OWQzLWE5YTktYzQ1OTAzYzNiMzI5
LzEvNmRKeUh5NHIwQkc0cG9ZSzBsY3NRRndMVkE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuSvAMA0G
CSqGSIb3DQEBCwUAA4IBAQAP7ZCseBbi8acaEqyNbo84U4APUzrYFPmgXGEcC/e/
oTzNDDIupOm3rTTFDvqEKpFnc57QONQf3K/qlVrU2Ne3enuM6iA9OtRiySaToiuv
iI7B03Zh1XwzYLhudSRY/DXeTL5JpQEwGLDxQp/i+GwYX8QMzkGZ594EwXlm8mCZ
opEyfYDaTv/W5YrIC9NV0CZsOsBI/GQj+K/qMn0DTjXQXtfcVCEfQAbQqaEPlZYx
+NzmMv/81kmLdcZGraiJyNtnTWIurRmXKm9HT9QmBuFoskDo1kwipNd7YIlGHH38
uGpKK8MAsIK8mHvnGP1+gQOZzT/+rhP6L1FgGzUYuKqd
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:55 2024 by rpki-client on console-fra.rpki-client.org