Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/ca5c19-e496-49e8-8b93-72a1f37719bb/1/rAKVhdHgZBQu7rS35EvqsBf_VaA.roa
File:                     rAKVhdHgZBQu7rS35EvqsBf_VaA.roa (raw, json)
Hash identifier:          EAVSXPBYy07WmPbjt/etng8r7LJlO//MxgD8zaX2RM8=
Subject key identifier:   AC:02:95:85:D1:E0:64:14:2E:EE:B4:B7:E4:4B:EA:B0:17:FF:55:A0
Certificate issuer:       /CN=d0f4fa80758753b243a2165eddea75dbeee826c4
Certificate serial:       018A60283E951D9F6CAB683FCA2100149099
Authority key identifier: D0:F4:FA:80:75:87:53:B2:43:A2:16:5E:DD:EA:75:DB:EE:E8:26:C4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0PT6gHWHU7JDohZe3ep12-7oJsQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/af/ca5c19-e496-49e8-8b93-72a1f37719bb/1/rAKVhdHgZBQu7rS35EvqsBf_VaA.roa
Signing time:             Mon 04 Sep 2023 12:26:04 +0000
ROA not before:           Mon 04 Sep 2023 12:26:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     12637
IP address blocks:        185.255.138.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:29:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:60:28:3e:95:1d:9f:6c:ab:68:3f:ca:21:00:14:90:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d0f4fa80758753b243a2165eddea75dbeee826c4
        Validity
            Not Before: Sep  4 12:26:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ac029585d1e064142eeeb4b7e44beab017ff55a0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:6d:3a:08:11:70:6b:11:f0:c5:bf:5d:90:76:
                    12:3d:e3:21:6a:b0:f0:a5:a0:5a:56:96:ab:23:92:
                    ce:0d:20:ff:7c:33:7b:49:fa:39:92:c4:bf:7e:60:
                    09:03:eb:8c:33:54:52:53:aa:67:6d:fe:eb:45:06:
                    8b:5d:f9:d2:fc:a8:a2:03:d4:17:3c:d5:5e:4e:81:
                    17:72:e3:04:75:57:f7:32:5d:26:73:44:80:0c:f8:
                    d7:d3:bf:86:8e:7e:c4:d5:e8:b3:46:f2:0a:26:a3:
                    d2:c0:8c:8d:37:ae:74:4b:f4:94:81:31:13:09:b6:
                    86:4a:4a:cf:4f:d5:9b:ca:68:db:7c:3d:5c:35:66:
                    ea:e7:56:18:e6:a4:1e:90:dc:88:9c:32:7a:c9:e5:
                    f5:de:2d:8a:b1:a0:be:43:63:01:d8:68:8e:2a:4c:
                    8a:95:74:a3:4e:6e:d8:e1:13:95:e1:48:31:f5:de:
                    8a:8a:ba:14:65:56:b3:78:5e:fd:58:05:96:d8:94:
                    3f:a7:18:18:8e:7d:e6:dc:ea:1c:fd:26:cc:33:67:
                    eb:dd:e4:ee:ec:db:1e:f3:c4:e9:53:43:9d:18:a9:
                    b9:cf:f6:e0:8f:e1:a2:e1:74:82:f6:2b:a1:61:7d:
                    a6:ac:95:36:9a:6a:84:ac:8f:6f:28:9f:9f:57:d0:
                    a5:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:02:95:85:D1:E0:64:14:2E:EE:B4:B7:E4:4B:EA:B0:17:FF:55:A0
            X509v3 Authority Key Identifier:
                keyid:D0:F4:FA:80:75:87:53:B2:43:A2:16:5E:DD:EA:75:DB:EE:E8:26:C4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0PT6gHWHU7JDohZe3ep12-7oJsQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/ca5c19-e496-49e8-8b93-72a1f37719bb/1/rAKVhdHgZBQu7rS35EvqsBf_VaA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/af/ca5c19-e496-49e8-8b93-72a1f37719bb/1/0PT6gHWHU7JDohZe3ep12-7oJsQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.255.138.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3c:74:91:a8:06:06:8a:bb:e8:e5:ce:8e:fe:3c:c6:8a:d4:3e:
         e8:09:c5:ba:c5:d9:8b:98:43:99:d7:8d:63:32:07:18:44:6d:
         25:f9:39:fe:4f:b9:b5:e7:e7:e1:94:1e:1b:3d:2d:a0:f3:ec:
         de:c7:d0:7a:4e:4b:c9:fc:f5:65:d3:e5:dc:c3:64:8e:12:4d:
         2f:01:49:65:51:12:d4:03:a5:87:31:2a:e8:3d:f8:4e:3b:95:
         e5:3a:dc:30:75:97:b5:79:95:ff:b4:19:dd:c1:f8:6a:8c:98:
         04:f8:88:60:44:a9:3b:14:96:0b:a6:6f:15:70:9f:d5:2f:eb:
         9a:34:d7:d3:91:7a:e9:7f:34:cf:94:c8:fa:7f:42:97:53:67:
         63:6d:45:75:19:dd:8f:cb:fb:c8:a2:7f:11:0e:31:89:fe:a6:
         e3:c1:e2:dd:82:ef:3d:1c:30:bc:ee:94:b1:6d:d1:d8:84:ad:
         48:a0:a5:bf:6a:39:f4:d9:19:df:e8:0e:d2:ce:ae:1a:a1:ec:
         5d:d0:1c:40:18:42:ac:3c:38:a1:35:b6:ed:b1:6e:26:b6:6c:
         c9:81:87:4c:c9:28:69:db:33:fe:96:c3:7a:56:58:12:c8:8b:
         97:c1:32:78:83:f0:48:90:9e:5e:7d:0b:bc:38:d5:88:4c:f8:
         3d:bb:d1:f9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYpgKD6VHZ9sq2g/yiEAFJCZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwZjRmYTgwNzU4NzUzYjI0M2EyMTY1ZWRkZWE3NWRiZWVl
ODI2YzQwHhcNMjMwOTA0MTIyNjA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzAyOTU4NWQxZTA2NDE0MmVlZWI0YjdlNDRiZWFiMDE3ZmY1NWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi206CBFwaxHwxb9dkHYSPeMharDw
paBaVparI5LODSD/fDN7Sfo5ksS/fmAJA+uMM1RSU6pnbf7rRQaLXfnS/KiiA9QX
PNVeToEXcuMEdVf3Ml0mc0SADPjX07+Gjn7E1eizRvIKJqPSwIyNN650S/SUgTET
CbaGSkrPT9WbymjbfD1cNWbq51YY5qQekNyInDJ6yeX13i2KsaC+Q2MB2GiOKkyK
lXSjTm7Y4ROV4Ugx9d6KiroUZVazeF79WAWW2JQ/pxgYjn3m3Ooc/SbMM2fr3eTu
7Nse88TpU0OdGKm5z/bgj+Gi4XSC9iuhYX2mrJU2mmqErI9vKJ+fV9ClvwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKwClYXR4GQULu60t+RL6rAX/1WgMB8GA1UdIwQY
MBaAFND0+oB1h1OyQ6IWXt3qddvu6CbEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFBUNmdIV0hVN0pEb2haZTNlcDEyLTdvSnNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9jYTVjMTktZTQ5Ni00OWU4LThiOTMt
NzJhMWYzNzcxOWJiLzEvckFLVmhkSGdaQlF1N3JTMzVFdnFzQmZfVmFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9jYTVjMTktZTQ5Ni00OWU4LThiOTMtNzJhMWYzNzcxOWJi
LzEvMFBUNmdIV0hVN0pEb2haZTNlcDEyLTdvSnNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuf+KMA0G
CSqGSIb3DQEBCwUAA4IBAQA8dJGoBgaKu+jlzo7+PMaK1D7oCcW6xdmLmEOZ141j
MgcYRG0l+Tn+T7m15+fhlB4bPS2g8+zex9B6TkvJ/PVl0+Xcw2SOEk0vAUllURLU
A6WHMSroPfhOO5XlOtwwdZe1eZX/tBndwfhqjJgE+IhgRKk7FJYLpm8VcJ/VL+ua
NNfTkXrpfzTPlMj6f0KXU2djbUV1Gd2Py/vIon8RDjGJ/qbjweLdgu89HDC87pSx
bdHYhK1IoKW/ajn02Rnf6A7Szq4aoexd0BxAGEKsPDihNbbtsW4mtmzJgYdMyShp
2zP+lsN6VlgSyIuXwTJ4g/BIkJ5efQu8ONWITPg9u9H5
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:34 2024 by rpki-client on console-ams.rpki-client.org