Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/6ef4b9-5e35-423c-bbc4-0a2ebfc2c850/1/rYt-hDtY6NhlQHcFcEw-UvIN-vY.roa
File:                     rYt-hDtY6NhlQHcFcEw-UvIN-vY.roa (raw, json)
Hash identifier:          APT3/SkR0fultILF9UbbD+mi7GgiiZBIDTsYilumZrE=
Subject key identifier:   AD:8B:7E:84:3B:58:E8:D8:65:40:77:05:70:4C:3E:52:F2:0D:FA:F6
Certificate issuer:       /CN=5a15823b86adc7eebeee7a2d8b70e12dc9bbf5b5
Certificate serial:       01856EEFCB946605E68D13B9B250B5436E12
Authority key identifier: 5A:15:82:3B:86:AD:C7:EE:BE:EE:7A:2D:8B:70:E1:2D:C9:BB:F5:B5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WhWCO4atx-6-7noti3DhLcm79bU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a4/6ef4b9-5e35-423c-bbc4-0a2ebfc2c850/1/rYt-hDtY6NhlQHcFcEw-UvIN-vY.roa
Signing time:             Sun 01 Jan 2023 20:04:46 +0000
ROA not before:           Sun 01 Jan 2023 20:04:46 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     202766
IP address blocks:        185.224.78.0/24 maxlen: 24
                          185.224.77.0/24 maxlen: 24
                          185.224.76.0/24 maxlen: 24
                          185.224.79.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 14:34:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:ef:cb:94:66:05:e6:8d:13:b9:b2:50:b5:43:6e:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5a15823b86adc7eebeee7a2d8b70e12dc9bbf5b5
        Validity
            Not Before: Jan  1 20:04:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ad8b7e843b58e8d865407705704c3e52f20dfaf6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:41:8c:4c:f9:67:f8:07:f9:31:44:71:44:c1:
                    c7:bd:8f:8a:9e:11:89:c8:8d:66:58:1f:2a:5e:e7:
                    3d:c1:81:87:34:7e:2d:7f:07:8e:20:c5:17:c5:83:
                    a4:4e:10:bf:8e:dc:88:18:29:fd:b0:5f:e0:ed:f9:
                    48:6a:bc:94:62:7b:e3:dd:43:f1:e4:80:49:29:24:
                    22:01:2f:d4:3f:bc:20:ec:72:12:b1:a5:69:69:87:
                    6d:75:b3:70:e6:c0:70:31:b5:bf:03:ec:31:f9:16:
                    a4:b1:2a:90:5c:a2:e1:65:18:eb:e0:12:39:a0:3b:
                    d7:c0:02:95:bf:d9:18:f3:ba:04:2c:b0:78:5b:af:
                    df:74:52:99:44:af:ee:ee:0e:fb:26:e7:41:03:b0:
                    3b:06:02:98:18:27:42:54:8b:4a:45:09:e3:23:01:
                    b7:1e:90:aa:66:c9:16:f6:de:5e:5d:8d:bf:49:8f:
                    9e:06:8c:87:bc:d0:7e:38:81:e7:aa:ac:56:1a:d3:
                    86:b6:0c:19:9e:03:b2:e1:1d:ed:f4:9b:33:16:6b:
                    28:0a:7b:af:b2:2e:1a:9d:ea:9b:9c:c7:79:96:3e:
                    9c:8c:89:de:60:17:27:13:c9:61:64:a9:7c:20:cc:
                    cc:f7:3d:1b:7b:11:21:5c:14:e5:26:fa:bf:86:ce:
                    ee:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:8B:7E:84:3B:58:E8:D8:65:40:77:05:70:4C:3E:52:F2:0D:FA:F6
            X509v3 Authority Key Identifier:
                keyid:5A:15:82:3B:86:AD:C7:EE:BE:EE:7A:2D:8B:70:E1:2D:C9:BB:F5:B5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WhWCO4atx-6-7noti3DhLcm79bU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/6ef4b9-5e35-423c-bbc4-0a2ebfc2c850/1/rYt-hDtY6NhlQHcFcEw-UvIN-vY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/6ef4b9-5e35-423c-bbc4-0a2ebfc2c850/1/WhWCO4atx-6-7noti3DhLcm79bU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.224.76.0/22

    Signature Algorithm: sha256WithRSAEncryption
         b3:6e:1b:e4:8c:9d:6e:8a:ba:58:30:a4:71:59:4d:f8:14:d6:
         85:cb:ff:c6:fe:bf:2f:df:00:85:fa:64:3d:7b:4f:20:16:6b:
         ac:59:d7:69:15:02:45:96:34:4a:e0:71:4a:a2:ca:60:d4:a1:
         95:3c:d5:e7:ba:8e:5c:b6:a4:7a:71:d6:b0:f0:40:80:47:1f:
         51:9f:e1:0e:9f:95:56:1f:c4:40:26:28:31:4d:39:2f:bc:76:
         a2:8e:8d:5e:6f:47:54:4a:9a:83:c7:9c:f7:32:3e:6e:6a:a7:
         c4:70:4b:f5:a3:0e:b7:da:89:b2:08:47:1c:10:a7:59:9c:54:
         84:b3:a1:6d:44:c4:f7:ca:a7:4b:20:3a:a7:32:2d:c7:7f:f0:
         3f:20:4c:ec:36:16:ed:93:d9:f7:54:7a:1e:da:26:f4:38:93:
         b8:aa:18:42:28:20:d9:6a:20:16:1a:9e:06:f1:84:a7:51:0f:
         77:31:e1:b8:b8:3c:8b:dd:e8:60:33:c3:44:ab:6c:e2:70:a6:
         05:26:f0:d8:25:e6:e1:9a:92:3a:cd:1a:de:73:27:a5:7d:88:
         49:f4:ae:b0:f7:61:ce:db:de:ed:b6:67:33:3d:b3:f8:db:a3:
         be:91:15:d6:a4:14:73:d8:70:ee:f0:42:5a:47:ae:e5:88:6c:
         36:64:9a:eb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVu78uUZgXmjRO5slC1Q24SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhMTU4MjNiODZhZGM3ZWViZWVlN2EyZDhiNzBlMTJkYzli
YmY1YjUwHhcNMjMwMTAxMjAwNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDhiN2U4NDNiNThlOGQ4NjU0MDc3MDU3MDRjM2U1MmYyMGRmYWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi0GMTPln+Af5MURxRMHHvY+KnhGJ
yI1mWB8qXuc9wYGHNH4tfweOIMUXxYOkThC/jtyIGCn9sF/g7flIaryUYnvj3UPx
5IBJKSQiAS/UP7wg7HISsaVpaYdtdbNw5sBwMbW/A+wx+RaksSqQXKLhZRjr4BI5
oDvXwAKVv9kY87oELLB4W6/fdFKZRK/u7g77JudBA7A7BgKYGCdCVItKRQnjIwG3
HpCqZskW9t5eXY2/SY+eBoyHvNB+OIHnqqxWGtOGtgwZngOy4R3t9JszFmsoCnuv
si4aneqbnMd5lj6cjIneYBcnE8lhZKl8IMzM9z0bexEhXBTlJvq/hs7ulQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK2LfoQ7WOjYZUB3BXBMPlLyDfr2MB8GA1UdIwQY
MBaAFFoVgjuGrcfuvu56LYtw4S3Ju/W1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2hXQ080YXR4LTYtN25vdGkzRGhMY203OWJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC82ZWY0YjktNWUzNS00MjNjLWJiYzQt
MGEyZWJmYzJjODUwLzEvcll0LWhEdFk2TmhsUUhjRmNFdy1VdklOLXZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC82ZWY0YjktNWUzNS00MjNjLWJiYzQtMGEyZWJmYzJjODUw
LzEvV2hXQ080YXR4LTYtN25vdGkzRGhMY203OWJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCueBMMA0G
CSqGSIb3DQEBCwUAA4IBAQCzbhvkjJ1uirpYMKRxWU34FNaFy//G/r8v3wCF+mQ9
e08gFmusWddpFQJFljRK4HFKospg1KGVPNXnuo5ctqR6cdaw8ECARx9Rn+EOn5VW
H8RAJigxTTkvvHaijo1eb0dUSpqDx5z3Mj5uaqfEcEv1ow632omyCEccEKdZnFSE
s6FtRMT3yqdLIDqnMi3Hf/A/IEzsNhbtk9n3VHoe2ib0OJO4qhhCKCDZaiAWGp4G
8YSnUQ93MeG4uDyL3ehgM8NEq2zicKYFJvDYJebhmpI6zRrecyelfYhJ9K6w92HO
297ttmczPbP426O+kRXWpBRz2HDu8EJaR67liGw2ZJrr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:19 2024 by rpki-client on console-fra.rpki-client.org