Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/U9JdFPaE0lxf6rfVccR7uYUs7WA.roa
File:                     U9JdFPaE0lxf6rfVccR7uYUs7WA.roa (raw, json)
Hash identifier:          acQDyC1KivlhxNgMY/kiV5Ch/MwIfZJCbLwGwLYyeuY=
Subject key identifier:   53:D2:5D:14:F6:84:D2:5C:5F:EA:B7:D5:71:C4:7B:B9:85:2C:ED:60
Certificate issuer:       /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial:       0186E15594703A4A951BA165F9F8C915D078
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/U9JdFPaE0lxf6rfVccR7uYUs7WA.roa
Signing time:             Tue 14 Mar 2023 18:15:27 +0000
ROA not before:           Tue 14 Mar 2023 18:15:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211529
IP address blocks:        194.5.95.0/24 maxlen: 24
                          45.129.185.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:29:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:e1:55:94:70:3a:4a:95:1b:a1:65:f9:f8:c9:15:d0:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
        Validity
            Not Before: Mar 14 18:15:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=53d25d14f684d25c5feab7d571c47bb9852ced60
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:df:06:d0:34:3e:d3:c3:84:b0:5a:1b:4a:99:
                    10:61:3e:3d:94:2e:36:00:54:1c:e2:36:2c:61:3f:
                    e5:4b:2d:b8:cf:8f:c4:ac:04:68:fe:14:f7:28:0e:
                    3a:c2:64:ca:dd:50:58:99:99:39:54:aa:59:cc:83:
                    91:27:86:1d:39:eb:a9:e7:64:d9:e4:10:b8:4b:a1:
                    98:8b:a0:be:87:5f:fb:4b:58:11:b3:e7:3d:98:f8:
                    42:64:ab:bd:d7:90:e6:a4:f7:b7:fc:ab:df:8c:4c:
                    39:cc:31:d8:1c:83:f1:44:a6:6d:6b:5d:a6:4e:c0:
                    26:20:cc:9b:e1:6e:fd:dc:cc:4d:ec:ff:28:55:a3:
                    88:85:44:6e:83:d2:95:d7:05:a1:e6:91:5e:21:5c:
                    89:09:f7:cb:14:c3:ad:d4:47:29:c6:da:d5:de:03:
                    9f:fa:69:24:55:88:9e:91:ec:53:1b:66:9f:94:5f:
                    f5:f8:18:93:7b:b2:9a:19:66:7d:3b:21:44:12:56:
                    36:0e:a0:13:65:84:41:97:e2:9f:e4:be:01:d3:f6:
                    1d:63:88:a8:4c:63:17:f1:d4:31:07:a3:b8:71:b9:
                    13:c2:1a:66:f2:16:b1:f8:87:91:9b:53:d6:dc:34:
                    13:7d:6c:d5:83:a1:98:3e:09:c1:a4:d1:fb:7d:c4:
                    30:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:D2:5D:14:F6:84:D2:5C:5F:EA:B7:D5:71:C4:7B:B9:85:2C:ED:60
            X509v3 Authority Key Identifier:
                keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/U9JdFPaE0lxf6rfVccR7uYUs7WA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.129.185.0/24
                  194.5.95.0/24

    Signature Algorithm: sha256WithRSAEncryption
         51:8b:88:fb:21:f4:1c:fd:4b:9e:7a:e1:3d:90:10:2f:79:38:
         f3:58:2b:5b:5a:39:f3:05:8d:45:45:50:e0:17:fe:49:97:b2:
         f0:60:89:1f:69:80:ae:76:18:54:7d:e5:c1:db:ae:25:9d:34:
         80:d1:1a:8d:34:ba:4d:f4:fa:fd:10:7f:02:37:44:35:42:99:
         c9:23:db:ec:e2:83:f3:97:dc:44:37:c6:b8:a6:ee:92:43:d9:
         7c:bb:5f:c2:76:69:0c:5a:c1:c0:9b:56:32:8e:83:29:5e:df:
         f1:96:f7:35:95:f6:a1:0a:34:ac:a7:59:12:a4:40:6d:ac:73:
         4d:45:7b:44:7f:8f:c8:ce:7a:7b:4f:2a:c5:3c:fb:6f:3b:67:
         6e:69:a1:12:99:eb:36:41:79:75:e1:41:bb:a6:c0:81:c4:04:
         6a:eb:35:b5:5d:bc:b5:5a:a5:e1:fc:30:90:ae:57:5b:41:3d:
         c1:96:ae:91:25:bd:8c:50:8b:9c:9e:fa:4c:bb:45:e3:4f:e4:
         da:5e:e5:7d:c8:b3:dc:c0:22:de:0b:0b:77:bd:a9:20:06:ba:
         05:57:d5:be:c2:64:d9:43:39:b6:8b:60:26:fa:51:12:60:a5:
         53:64:80:a4:a4:79:ec:73:83:22:bc:e1:ce:43:53:62:99:19:
         23:e2:af:51
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYbhVZRwOkqVG6Fl+fjJFdB4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjMwMzE0MTgxNTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2QyNWQxNGY2ODRkMjVjNWZlYWI3ZDU3MWM0N2JiOTg1MmNlZDYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgd8G0DQ+08OEsFobSpkQYT49lC42
AFQc4jYsYT/lSy24z4/ErARo/hT3KA46wmTK3VBYmZk5VKpZzIORJ4YdOeup52TZ
5BC4S6GYi6C+h1/7S1gRs+c9mPhCZKu915DmpPe3/KvfjEw5zDHYHIPxRKZta12m
TsAmIMyb4W793MxN7P8oVaOIhURug9KV1wWh5pFeIVyJCffLFMOt1EcpxtrV3gOf
+mkkVYiekexTG2aflF/1+BiTe7KaGWZ9OyFEElY2DqATZYRBl+Kf5L4B0/YdY4io
TGMX8dQxB6O4cbkTwhpm8hax+IeRm1PW3DQTfWzVg6GYPgnBpNH7fcQwRwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFPSXRT2hNJcX+q31XHEe7mFLO1gMB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvVTlKZEZQYUUwbHhmNnJmVmNjUjd1WVVzN1dBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALYG5AwQA
wgVfMA0GCSqGSIb3DQEBCwUAA4IBAQBRi4j7IfQc/UueeuE9kBAveTjzWCtbWjnz
BY1FRVDgF/5Jl7LwYIkfaYCudhhUfeXB264lnTSA0RqNNLpN9Pr9EH8CN0Q1QpnJ
I9vs4oPzl9xEN8a4pu6SQ9l8u1/CdmkMWsHAm1YyjoMpXt/xlvc1lfahCjSsp1kS
pEBtrHNNRXtEf4/Iznp7TyrFPPtvO2duaaESmes2QXl14UG7psCBxARq6zW1Xby1
WqXh/DCQrldbQT3Blq6RJb2MUIucnvpMu0XjT+TaXuV9yLPcwCLeCwt3vakgBroF
V9W+wmTZQzm2i2Am+lESYKVTZICkpHnsc4MivOHOQ1NimRkj4q9R
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:54 2024 by rpki-client on console-fra.rpki-client.org