Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/235396-0e42-4377-855a-4565f04f8d85/1/qK3shfCtwx2bGCdI3yRR6X_Nlw8.roa
File:                     qK3shfCtwx2bGCdI3yRR6X_Nlw8.roa (raw, json)
Hash identifier:          gXm9g3I/QdwtKtwgm0c1UHworsADLd6+jo7AsojobdM=
Subject key identifier:   A8:AD:EC:85:F0:AD:C3:1D:9B:18:27:48:DF:24:51:E9:7F:CD:97:0F
Certificate issuer:       /CN=954a2aee086174b01272fae779ad431eb092aeb7
Certificate serial:       01856FC269060E55D426638B7AF2FE3713F6
Authority key identifier: 95:4A:2A:EE:08:61:74:B0:12:72:FA:E7:79:AD:43:1E:B0:92:AE:B7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lUoq7ghhdLAScvrnea1DHrCSrrc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ae/235396-0e42-4377-855a-4565f04f8d85/1/qK3shfCtwx2bGCdI3yRR6X_Nlw8.roa
Signing time:             Sun 01 Jan 2023 23:54:49 +0000
ROA not before:           Sun 01 Jan 2023 23:54:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49981
IP address blocks:        185.7.81.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:30:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:c2:69:06:0e:55:d4:26:63:8b:7a:f2:fe:37:13:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=954a2aee086174b01272fae779ad431eb092aeb7
        Validity
            Not Before: Jan  1 23:54:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a8adec85f0adc31d9b182748df2451e97fcd970f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:05:63:27:dc:aa:33:2c:29:50:9e:71:fd:24:
                    b7:19:b9:e1:65:5d:15:ff:69:e9:0e:b9:1e:e4:67:
                    c7:fa:1e:12:37:9d:52:1b:92:b1:ce:25:7f:1b:52:
                    25:d2:a7:be:bb:3d:e0:2d:f8:58:0a:cd:ea:8d:c6:
                    26:9d:6c:eb:de:77:13:e6:37:23:17:7f:da:94:11:
                    60:31:ee:c4:01:48:7e:c5:05:bc:bf:a8:0f:f4:a0:
                    cb:6a:e7:6e:0c:d5:5f:c4:99:5b:ec:eb:ad:27:86:
                    7d:bc:15:eb:16:c6:24:21:86:17:b2:40:2c:26:68:
                    97:9d:33:7c:dc:ca:94:a0:5f:38:f5:43:f2:8f:40:
                    a2:28:c2:56:71:67:05:d2:69:5e:bb:48:a7:78:7a:
                    31:48:8b:2e:1f:bf:3c:90:1a:38:c1:a3:9a:af:70:
                    ea:d0:f0:fa:cc:33:20:5e:21:19:e3:e3:1c:78:a3:
                    a1:35:a5:ba:4d:cd:f1:d7:39:43:a5:77:45:6d:89:
                    78:9c:ce:d6:8d:12:08:0e:f2:c4:01:fd:f9:57:3a:
                    a5:e2:97:5c:25:22:cf:65:af:fa:37:0a:1b:6d:5a:
                    47:81:44:95:16:b1:48:2f:57:87:29:be:2e:8e:51:
                    7e:2b:b9:7a:fc:a1:b9:23:15:15:ae:39:bb:7d:60:
                    83:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:AD:EC:85:F0:AD:C3:1D:9B:18:27:48:DF:24:51:E9:7F:CD:97:0F
            X509v3 Authority Key Identifier:
                keyid:95:4A:2A:EE:08:61:74:B0:12:72:FA:E7:79:AD:43:1E:B0:92:AE:B7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lUoq7ghhdLAScvrnea1DHrCSrrc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/235396-0e42-4377-855a-4565f04f8d85/1/qK3shfCtwx2bGCdI3yRR6X_Nlw8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/235396-0e42-4377-855a-4565f04f8d85/1/lUoq7ghhdLAScvrnea1DHrCSrrc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.7.81.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b0:65:1d:01:24:9d:a7:d1:a0:da:c5:0a:4d:ce:f2:a6:e0:01:
         de:cc:0b:e4:a3:65:56:27:9e:ab:dd:ca:2b:31:2a:a1:79:3c:
         2f:ef:93:11:be:5a:a2:50:73:6c:78:54:f8:3d:55:d0:41:78:
         5b:5a:ee:60:78:96:94:c9:03:25:34:34:09:a0:87:41:de:ff:
         0c:4d:84:fb:d7:28:d1:5f:b5:c2:13:65:b6:8a:a8:e4:7f:10:
         f5:f2:9f:45:df:3f:b9:c0:01:75:7a:8d:97:97:11:f0:5e:7d:
         14:3e:a0:d3:49:ed:96:33:3c:f0:16:d3:f4:fc:c8:f5:67:e3:
         b0:12:7d:d0:4e:44:e7:c8:af:23:e7:66:30:2a:f1:b8:84:21:
         39:12:4c:61:b1:5a:c0:5b:2a:5c:cc:45:9a:c5:05:36:fd:cb:
         dc:cf:84:83:dc:a9:30:9b:48:73:4b:f5:9c:12:8b:da:27:99:
         7d:ba:93:1f:21:1a:9b:ad:3b:73:7f:70:25:08:f8:a1:54:6c:
         4f:8d:c4:bf:23:7b:26:60:8d:8e:d7:12:26:ac:5b:4b:24:21:
         7c:16:b3:ce:db:45:cc:34:b6:8c:e0:c2:ca:48:98:0f:95:c3:
         5e:bc:de:bb:fb:d7:ab:de:55:d8:93:5a:42:9b:9a:1e:2b:54:
         5e:b0:65:39
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvwmkGDlXUJmOLevL+NxP2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1NGEyYWVlMDg2MTc0YjAxMjcyZmFlNzc5YWQ0MzFlYjA5
MmFlYjcwHhcNMjMwMTAxMjM1NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGFkZWM4NWYwYWRjMzFkOWIxODI3NDhkZjI0NTFlOTdmY2Q5NzBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkQVjJ9yqMywpUJ5x/SS3GbnhZV0V
/2npDrke5GfH+h4SN51SG5KxziV/G1Il0qe+uz3gLfhYCs3qjcYmnWzr3ncT5jcj
F3/alBFgMe7EAUh+xQW8v6gP9KDLauduDNVfxJlb7OutJ4Z9vBXrFsYkIYYXskAs
JmiXnTN83MqUoF849UPyj0CiKMJWcWcF0mleu0ineHoxSIsuH788kBo4waOar3Dq
0PD6zDMgXiEZ4+MceKOhNaW6Tc3x1zlDpXdFbYl4nM7WjRIIDvLEAf35Vzql4pdc
JSLPZa/6NwobbVpHgUSVFrFIL1eHKb4ujlF+K7l6/KG5IxUVrjm7fWCDXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKit7IXwrcMdmxgnSN8kUel/zZcPMB8GA1UdIwQY
MBaAFJVKKu4IYXSwEnL653mtQx6wkq63MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFVvcTdnaGhkTEFTY3ZybmVhMURIckNTcnJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS8yMzUzOTYtMGU0Mi00Mzc3LTg1NWEt
NDU2NWYwNGY4ZDg1LzEvcUszc2hmQ3R3eDJiR0NkSTN5UlI2WF9ObHc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS8yMzUzOTYtMGU0Mi00Mzc3LTg1NWEtNDU2NWYwNGY4ZDg1
LzEvbFVvcTdnaGhkTEFTY3ZybmVhMURIckNTcnJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuQdRMA0G
CSqGSIb3DQEBCwUAA4IBAQCwZR0BJJ2n0aDaxQpNzvKm4AHezAvko2VWJ56r3cor
MSqheTwv75MRvlqiUHNseFT4PVXQQXhbWu5geJaUyQMlNDQJoIdB3v8MTYT71yjR
X7XCE2W2iqjkfxD18p9F3z+5wAF1eo2XlxHwXn0UPqDTSe2WMzzwFtP0/Mj1Z+Ow
En3QTkTnyK8j52YwKvG4hCE5EkxhsVrAWypczEWaxQU2/cvcz4SD3Kkwm0hzS/Wc
EovaJ5l9upMfIRqbrTtzf3AlCPihVGxPjcS/I3smYI2O1xImrFtLJCF8FrPO20XM
NLaM4MLKSJgPlcNevN67+9er3lXYk1pCm5oeK1ResGU5
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:18 2024 by rpki-client on console-ams.rpki-client.org