Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/LejT6uDOYXSHFNfGHvicKAsiqh8.roa
File:                     LejT6uDOYXSHFNfGHvicKAsiqh8.roa (raw, json)
Hash identifier:          n1SvIoG7nk13Z2qJuqUtXr0qa3EZQMvbcnxDb67TWck=
Subject key identifier:   2D:E8:D3:EA:E0:CE:61:74:87:14:D7:C6:1E:F8:9C:28:0B:22:AA:1F
Certificate issuer:       /CN=5124fba1e401c03e5ba1cd77ae9ee39cfd631bfb
Certificate serial:       018F76C7542B10761DA2903E70AA92CC84E6
Authority key identifier: 51:24:FB:A1:E4:01:C0:3E:5B:A1:CD:77:AE:9E:E3:9C:FD:63:1B:FB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/LejT6uDOYXSHFNfGHvicKAsiqh8.roa
Signing time:             Tue 14 May 2024 11:05:25 +0000
ROA not before:           Tue 14 May 2024 11:05:25 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     35761
IP address blocks:        185.58.20.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jul 2024 16:08:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:76:c7:54:2b:10:76:1d:a2:90:3e:70:aa:92:cc:84:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5124fba1e401c03e5ba1cd77ae9ee39cfd631bfb
        Validity
            Not Before: May 14 11:05:25 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=2de8d3eae0ce61748714d7c61ef89c280b22aa1f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:82:fa:e4:93:7a:1c:c8:0f:cc:8f:c8:bb:b4:
                    74:27:19:53:14:51:1e:28:e1:f6:2b:a8:70:d5:cc:
                    84:2c:a5:1a:fa:59:74:ae:bb:f5:79:2f:5e:4f:41:
                    70:4b:26:63:38:02:66:6f:a8:00:2a:c5:a3:94:9f:
                    6a:8a:a4:b7:14:4a:67:4a:1a:a8:26:8e:35:41:34:
                    88:6d:01:bd:86:82:5e:08:c3:de:10:e0:19:67:4a:
                    a5:29:8c:c0:86:a2:0b:39:48:24:ea:c7:9d:60:98:
                    cc:8b:05:c0:c3:4f:4f:e3:29:64:b7:80:1c:d3:2b:
                    b4:2f:01:b9:c6:2e:39:6c:16:b2:9f:5b:eb:64:e3:
                    62:16:a3:88:47:44:fb:47:4e:65:d7:82:74:3d:1d:
                    09:b2:1e:90:fd:98:d6:9b:fe:bd:b0:50:19:21:9f:
                    fa:2d:68:a2:c6:da:47:85:3f:bf:ad:c6:6b:d8:9c:
                    ae:00:4d:4c:66:89:b9:26:49:f1:81:d4:e7:24:d5:
                    a9:a5:41:e1:02:0e:db:73:31:10:69:f1:dc:72:30:
                    d4:8c:27:0f:56:47:1b:d0:fe:87:78:40:05:cf:a9:
                    ea:60:da:16:ab:e2:53:da:07:08:76:56:f1:1b:3c:
                    1f:16:7a:b4:f9:02:7e:63:06:b5:54:47:3c:9d:f8:
                    30:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:E8:D3:EA:E0:CE:61:74:87:14:D7:C6:1E:F8:9C:28:0B:22:AA:1F
            X509v3 Authority Key Identifier:
                keyid:51:24:FB:A1:E4:01:C0:3E:5B:A1:CD:77:AE:9E:E3:9C:FD:63:1B:FB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/LejT6uDOYXSHFNfGHvicKAsiqh8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/UST7oeQBwD5boc13rp7jnP1jG_s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.58.20.0/22

    Signature Algorithm: sha256WithRSAEncryption
         8d:ba:cc:1e:ae:a3:0d:82:b6:8e:33:be:f4:51:d7:cf:4d:68:
         98:f0:c3:4d:1a:60:4c:18:6e:c0:95:5d:ea:12:fb:61:90:e5:
         b5:c2:75:b6:78:92:76:2c:3f:41:4a:a0:72:4b:88:89:14:45:
         01:37:6c:d0:c4:fe:c3:06:d8:48:cf:f2:d9:19:75:bd:21:d2:
         36:db:62:d6:51:8a:db:9e:1f:be:00:c6:db:6f:46:ba:8c:90:
         74:f6:20:4e:04:bf:61:83:c6:12:03:f5:62:88:95:12:db:43:
         58:90:bb:a3:ee:0c:7a:7a:fe:c7:4c:95:3d:e9:88:2a:e5:c7:
         fd:97:33:c2:8c:99:0c:26:2c:bd:55:3d:c5:28:95:70:18:64:
         b1:95:3a:ed:3b:22:c3:01:1c:9c:1d:cf:73:9b:4f:20:e5:21:
         25:06:a7:e2:53:61:95:2e:cc:a0:09:c6:4a:a7:70:37:b1:39:
         7c:69:de:88:21:0e:3b:05:cd:ae:8b:7b:2b:3e:7c:63:8c:13:
         d6:f4:b2:ae:87:b5:56:f7:3b:e1:7a:86:12:90:63:b7:7a:4b:
         2e:f0:6f:96:ce:bd:69:ad:8c:23:df:46:89:09:33:43:2a:19:
         07:53:5c:f9:78:62:8e:b0:f2:6e:b0:01:8e:e8:53:97:f8:54:
         f0:8c:18:48
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY92x1QrEHYdopA+cKqSzITmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMjRmYmExZTQwMWMwM2U1YmExY2Q3N2FlOWVlMzljZmQ2
MzFiZmIwHhcNMjQwNTE0MTEwNTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGU4ZDNlYWUwY2U2MTc0ODcxNGQ3YzYxZWY4OWMyODBiMjJhYTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsIL65JN6HMgPzI/Iu7R0JxlTFFEe
KOH2K6hw1cyELKUa+ll0rrv1eS9eT0FwSyZjOAJmb6gAKsWjlJ9qiqS3FEpnShqo
Jo41QTSIbQG9hoJeCMPeEOAZZ0qlKYzAhqILOUgk6sedYJjMiwXAw09P4ylkt4Ac
0yu0LwG5xi45bBayn1vrZONiFqOIR0T7R05l14J0PR0Jsh6Q/ZjWm/69sFAZIZ/6
LWiixtpHhT+/rcZr2JyuAE1MZom5JknxgdTnJNWppUHhAg7bczEQafHccjDUjCcP
Vkcb0P6HeEAFz6nqYNoWq+JT2gcIdlbxGzwfFnq0+QJ+Ywa1VEc8nfgwBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC3o0+rgzmF0hxTXxh74nCgLIqofMB8GA1UdIwQY
MBaAFFEk+6HkAcA+W6HNd66e45z9Yxv7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVNUN29lUUJ3RDVib2MxM3JwN2puUDFqR19zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9iNzE0YWQtMWY3OC00YTEwLThlNjEt
YWI4ZjFmMzM4N2VlLzEvTGVqVDZ1RE9ZWFNIRk5mR0h2aWNLQXNpcWg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9iNzE0YWQtMWY3OC00YTEwLThlNjEtYWI4ZjFmMzM4N2Vl
LzEvVVNUN29lUUJ3RDVib2MxM3JwN2puUDFqR19zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuToUMA0G
CSqGSIb3DQEBCwUAA4IBAQCNuswerqMNgraOM770UdfPTWiY8MNNGmBMGG7AlV3q
EvthkOW1wnW2eJJ2LD9BSqByS4iJFEUBN2zQxP7DBthIz/LZGXW9IdI222LWUYrb
nh++AMbbb0a6jJB09iBOBL9hg8YSA/ViiJUS20NYkLuj7gx6ev7HTJU96Ygq5cf9
lzPCjJkMJiy9VT3FKJVwGGSxlTrtOyLDARycHc9zm08g5SElBqfiU2GVLsygCcZK
p3A3sTl8ad6IIQ47Bc2ui3srPnxjjBPW9LKuh7VW9zvheoYSkGO3eksu8G+Wzr1p
rYwj30aJCTNDKhkHU1z5eGKOsPJusAGO6FOX+FTwjBhI
-----END CERTIFICATE-----
Generated at Mon Jul 1 17:35:14 2024 by rpki-client on console-fra.rpki-client.org