Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/65e543-7e7a-4aab-ac74-bc6794e95e5a/1/sAqlcF0dl_nKoiPml3-B2xF1i78.roa
File:                     sAqlcF0dl_nKoiPml3-B2xF1i78.roa (raw, json)
Hash identifier:          VEUeJqGgywhY6UuMVenqV32ntl1FE+iLmRp/hNJTCBw=
Subject key identifier:   B0:0A:A5:70:5D:1D:97:F9:CA:A2:23:E6:97:7F:81:DB:11:75:8B:BF
Certificate issuer:       /CN=17b5042fc20d9bab1676e09af7ff1ba5bfadae75
Certificate serial:       018B1E2A144A5B1E5598DE6B0C288DC19C2D
Authority key identifier: 17:B5:04:2F:C2:0D:9B:AB:16:76:E0:9A:F7:FF:1B:A5:BF:AD:AE:75
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/F7UEL8INm6sWduCa9_8bpb-trnU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b1/65e543-7e7a-4aab-ac74-bc6794e95e5a/1/sAqlcF0dl_nKoiPml3-B2xF1i78.roa
Signing time:             Wed 11 Oct 2023 09:55:56 +0000
ROA not before:           Wed 11 Oct 2023 09:55:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     5511
IP address blocks:        87.236.148.0/24 maxlen: 24
                          185.249.53.0/24 maxlen: 24
                          185.184.219.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:30:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:1e:2a:14:4a:5b:1e:55:98:de:6b:0c:28:8d:c1:9c:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=17b5042fc20d9bab1676e09af7ff1ba5bfadae75
        Validity
            Not Before: Oct 11 09:55:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b00aa5705d1d97f9caa223e6977f81db11758bbf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:47:d9:d3:ef:d7:94:31:17:a6:a0:18:ca:d7:
                    88:9f:10:85:ee:9f:37:1a:bc:7b:9e:36:12:02:2c:
                    ec:4c:fb:98:db:d2:25:14:1c:5f:2f:58:1f:71:ee:
                    27:97:d3:d6:1a:f2:3f:14:df:2e:4e:8d:51:92:ac:
                    35:c0:8b:73:47:af:6c:dc:5d:4c:24:b4:cb:7d:bc:
                    17:0f:d8:ca:0f:bc:88:6e:b4:d9:a1:f7:95:85:5e:
                    0d:c4:3c:77:fd:fa:79:a3:6f:8c:b3:e7:c1:53:5e:
                    65:89:49:54:75:9d:85:65:7b:77:e9:ea:0a:1b:72:
                    64:68:e8:64:4e:62:73:b9:a5:b2:08:85:fe:7d:fd:
                    93:37:43:6b:73:c5:9d:37:ca:29:71:16:65:a4:d1:
                    e6:2a:e4:0f:94:bb:01:b4:91:85:ac:ed:3e:79:21:
                    bd:73:bd:01:64:5a:bb:b3:f9:b0:77:af:af:d9:bf:
                    da:88:6b:17:90:ae:e3:62:24:82:68:68:35:65:8d:
                    5a:e2:1f:ea:37:b1:27:f2:45:b3:dd:bd:56:eb:0d:
                    4d:e1:4d:84:48:c2:5d:15:43:d3:e5:1e:40:80:25:
                    1a:8d:07:51:86:af:94:78:53:88:94:b8:fa:68:ac:
                    b5:17:25:07:71:82:3c:cf:d2:c4:08:73:52:a8:7e:
                    81:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:0A:A5:70:5D:1D:97:F9:CA:A2:23:E6:97:7F:81:DB:11:75:8B:BF
            X509v3 Authority Key Identifier:
                keyid:17:B5:04:2F:C2:0D:9B:AB:16:76:E0:9A:F7:FF:1B:A5:BF:AD:AE:75

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F7UEL8INm6sWduCa9_8bpb-trnU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/65e543-7e7a-4aab-ac74-bc6794e95e5a/1/sAqlcF0dl_nKoiPml3-B2xF1i78.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/65e543-7e7a-4aab-ac74-bc6794e95e5a/1/F7UEL8INm6sWduCa9_8bpb-trnU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  87.236.148.0/24
                  185.184.219.0/24
                  185.249.53.0/24

    Signature Algorithm: sha256WithRSAEncryption
         17:18:42:c9:b6:35:52:cb:d6:68:58:bf:82:9c:4b:04:d6:4a:
         8b:d7:00:58:81:5e:df:f0:2f:f5:4a:78:10:3d:29:f7:cc:2b:
         2a:a9:8d:f0:81:46:14:b9:a3:d5:51:86:94:fc:c9:e0:2a:ac:
         4e:42:c4:d1:18:b1:2c:49:09:e6:77:42:bf:c1:61:8d:64:0f:
         f8:5c:aa:71:6f:1f:2b:44:9c:09:25:d3:40:75:fc:99:5f:25:
         d5:e4:86:4a:c2:d2:0e:35:cd:6c:54:37:44:f5:34:4d:a6:0b:
         b8:f4:e2:ca:b4:54:52:e8:d1:3f:59:f7:55:4d:9e:ee:cc:e6:
         df:79:77:e3:89:c2:f9:fc:58:f9:a2:5d:67:69:bb:43:36:99:
         75:ec:e4:01:ce:3e:10:47:89:b5:3c:8c:58:1d:45:04:4a:3e:
         ad:32:23:b6:0e:0b:d1:b9:c7:2d:2f:26:91:a0:21:b9:d1:d4:
         3a:2b:bc:57:63:f7:c8:5a:54:36:6d:32:01:d9:0e:ad:66:66:
         29:44:7a:3a:22:f4:00:ab:d5:f2:a3:cc:17:93:e1:60:a8:94:
         12:b8:c7:c4:3e:82:f8:1c:3d:ef:f6:d9:e4:9a:11:0f:a5:6c:
         83:cf:f1:4c:44:50:d0:32:34:51:fb:de:0e:45:e1:5d:9a:94:
         58:c5:0d:5b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYseKhRKWx5VmN5rDCiNwZwtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3YjUwNDJmYzIwZDliYWIxNjc2ZTA5YWY3ZmYxYmE1YmZh
ZGFlNzUwHhcNMjMxMDExMDk1NTU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDBhYTU3MDVkMWQ5N2Y5Y2FhMjIzZTY5NzdmODFkYjExNzU4YmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArUfZ0+/XlDEXpqAYyteInxCF7p83
Grx7njYSAizsTPuY29IlFBxfL1gfce4nl9PWGvI/FN8uTo1Rkqw1wItzR69s3F1M
JLTLfbwXD9jKD7yIbrTZofeVhV4NxDx3/fp5o2+Ms+fBU15liUlUdZ2FZXt36eoK
G3JkaOhkTmJzuaWyCIX+ff2TN0Nrc8WdN8opcRZlpNHmKuQPlLsBtJGFrO0+eSG9
c70BZFq7s/mwd6+v2b/aiGsXkK7jYiSCaGg1ZY1a4h/qN7En8kWz3b1W6w1N4U2E
SMJdFUPT5R5AgCUajQdRhq+UeFOIlLj6aKy1FyUHcYI8z9LECHNSqH6BmwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLAKpXBdHZf5yqIj5pd/gdsRdYu/MB8GA1UdIwQY
MBaAFBe1BC/CDZurFnbgmvf/G6W/ra51MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjdVRUw4SU5tNnNXZHVDYTlfOGJwYi10cm5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS82NWU1NDMtN2U3YS00YWFiLWFjNzQt
YmM2Nzk0ZTk1ZTVhLzEvc0FxbGNGMGRsX25Lb2lQbWwzLUIyeEYxaTc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS82NWU1NDMtN2U3YS00YWFiLWFjNzQtYmM2Nzk0ZTk1ZTVh
LzEvRjdVRUw4SU5tNnNXZHVDYTlfOGJwYi10cm5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAV+yUAwQA
ubjbAwQAufk1MA0GCSqGSIb3DQEBCwUAA4IBAQAXGELJtjVSy9ZoWL+CnEsE1kqL
1wBYgV7f8C/1SngQPSn3zCsqqY3wgUYUuaPVUYaU/MngKqxOQsTRGLEsSQnmd0K/
wWGNZA/4XKpxbx8rRJwJJdNAdfyZXyXV5IZKwtIONc1sVDdE9TRNpgu49OLKtFRS
6NE/WfdVTZ7uzObfeXfjicL5/Fj5ol1nabtDNpl17OQBzj4QR4m1PIxYHUUESj6t
MiO2DgvRucctLyaRoCG50dQ6K7xXY/fIWlQ2bTIB2Q6tZmYpRHo6IvQAq9Xyo8wX
k+FgqJQSuMfEPoL4HD3v9tnkmhEPpWyDz/FMRFDQMjRR+94OReFdmpRYxQ1b
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:06 2024 by rpki-client on console-ams.rpki-client.org