Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/fb5910-fe14-4453-8c9c-83bf70b1fd6b/1/4gkCy7-8g3nWNAkVdDBwLGI7aOA.roa
File:                     4gkCy7-8g3nWNAkVdDBwLGI7aOA.roa (raw, json)
Hash identifier:          gAB93w76WkNdAxvcrRiDYYdd6onho361OYJkPk9rk9M=
Subject key identifier:   E2:09:02:CB:BF:BC:83:79:D6:34:09:15:74:30:70:2C:62:3B:68:E0
Certificate issuer:       /CN=a3608d6b0e80a6430fb6af43fae168a0e8011fee
Certificate serial:       01856FF04B4ACE7DE933FA2E0124FCC3884D
Authority key identifier: A3:60:8D:6B:0E:80:A6:43:0F:B6:AF:43:FA:E1:68:A0:E8:01:1F:EE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/o2CNaw6ApkMPtq9D-uFooOgBH-4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/fb5910-fe14-4453-8c9c-83bf70b1fd6b/1/4gkCy7-8g3nWNAkVdDBwLGI7aOA.roa
Signing time:             Mon 02 Jan 2023 00:44:56 +0000
ROA not before:           Mon 02 Jan 2023 00:44:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     16509
IP address blocks:        185.125.141.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:31:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:f0:4b:4a:ce:7d:e9:33:fa:2e:01:24:fc:c3:88:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a3608d6b0e80a6430fb6af43fae168a0e8011fee
        Validity
            Not Before: Jan  2 00:44:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e20902cbbfbc8379d63409157430702c623b68e0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:3c:e0:f3:25:a6:ac:e1:0c:c3:53:0f:1f:25:
                    2c:da:24:66:a3:ef:3d:5c:93:61:dc:91:40:85:15:
                    19:04:3c:1a:69:61:f1:ec:59:a0:6e:c3:e0:ba:2e:
                    49:0b:25:62:ac:8a:ba:95:fa:22:d7:11:9a:b9:cb:
                    74:e0:86:89:31:6c:3e:22:7b:7c:58:4b:3f:79:a3:
                    8e:7a:32:bf:05:bf:00:8e:9a:97:09:01:63:9d:cb:
                    e9:27:e0:9a:f9:94:f1:99:6f:61:ff:1d:eb:6b:e4:
                    4e:87:4c:69:bc:1c:5a:4f:b8:4f:38:af:89:f8:5b:
                    fd:b6:ff:9b:79:ad:d2:e8:78:47:73:aa:31:8b:12:
                    75:e1:38:48:a3:9f:32:5a:4d:d2:2c:65:52:b0:5d:
                    57:d0:db:d0:36:81:53:8b:0c:9d:d3:18:1c:67:f6:
                    0a:ba:d9:f5:8d:08:e1:70:35:cf:b7:ab:06:3b:0a:
                    9a:e4:c3:4b:4c:71:0b:4b:24:c4:72:f4:4d:95:c8:
                    23:0b:b2:dd:a9:02:ca:ac:8f:27:45:34:61:16:a0:
                    77:49:9d:59:a4:94:15:a3:42:4d:56:44:e9:dc:6d:
                    26:a2:94:5b:ad:b0:a7:97:d6:5f:bb:50:d2:04:0b:
                    fe:7c:58:74:91:3e:52:29:44:b2:f4:90:73:54:d7:
                    17:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:09:02:CB:BF:BC:83:79:D6:34:09:15:74:30:70:2C:62:3B:68:E0
            X509v3 Authority Key Identifier:
                keyid:A3:60:8D:6B:0E:80:A6:43:0F:B6:AF:43:FA:E1:68:A0:E8:01:1F:EE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o2CNaw6ApkMPtq9D-uFooOgBH-4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/fb5910-fe14-4453-8c9c-83bf70b1fd6b/1/4gkCy7-8g3nWNAkVdDBwLGI7aOA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/fb5910-fe14-4453-8c9c-83bf70b1fd6b/1/o2CNaw6ApkMPtq9D-uFooOgBH-4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.125.141.0/24

    Signature Algorithm: sha256WithRSAEncryption
         63:b8:cb:fc:6d:c7:54:2f:b7:b8:7c:ab:3c:c6:65:e7:40:78:
         c9:56:51:2f:90:d9:03:28:b3:02:11:43:c6:07:a4:18:c3:45:
         0e:40:70:dc:84:71:a6:b3:46:af:ba:bd:6e:47:a0:63:56:3d:
         39:c8:c5:7a:93:25:18:2d:ee:36:d0:e4:db:7b:2c:17:9f:f0:
         b3:cb:de:33:da:99:44:10:93:83:d6:e7:6d:93:83:db:73:55:
         3b:8e:16:36:b7:a9:c0:06:04:6b:65:5b:1d:23:ce:25:2f:37:
         94:d5:7c:14:05:6a:2c:0a:bb:fc:9e:65:35:ec:15:26:a2:5d:
         59:65:96:9b:63:cf:2e:68:9f:fc:72:c7:c1:d0:06:e4:c9:d8:
         af:92:74:6f:e6:ec:55:e8:5f:dc:77:6b:ea:a4:af:42:c3:62:
         bc:9c:3b:86:8f:7d:7d:b2:c0:70:20:aa:64:f7:ae:b9:08:52:
         4b:bd:21:f0:9a:88:f6:80:62:78:3f:6b:74:7d:b0:e7:af:5b:
         f8:17:ff:df:ff:31:fa:6f:a8:69:66:06:94:a3:86:e9:a1:58:
         c3:cf:87:46:95:8f:70:4d:f0:8a:43:bb:96:af:3d:b8:33:d0:
         bd:02:05:71:06:de:9c:73:01:80:cc:a1:80:0b:3e:87:e7:78:
         eb:99:ae:5d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv8EtKzn3pM/ouAST8w4hNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNjA4ZDZiMGU4MGE2NDMwZmI2YWY0M2ZhZTE2OGEwZTgw
MTFmZWUwHhcNMjMwMTAyMDA0NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjA5MDJjYmJmYmM4Mzc5ZDYzNDA5MTU3NDMwNzAyYzYyM2I2OGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApTzg8yWmrOEMw1MPHyUs2iRmo+89
XJNh3JFAhRUZBDwaaWHx7FmgbsPgui5JCyVirIq6lfoi1xGauct04IaJMWw+Int8
WEs/eaOOejK/Bb8AjpqXCQFjncvpJ+Ca+ZTxmW9h/x3ra+ROh0xpvBxaT7hPOK+J
+Fv9tv+bea3S6HhHc6oxixJ14ThIo58yWk3SLGVSsF1X0NvQNoFTiwyd0xgcZ/YK
utn1jQjhcDXPt6sGOwqa5MNLTHELSyTEcvRNlcgjC7LdqQLKrI8nRTRhFqB3SZ1Z
pJQVo0JNVkTp3G0mopRbrbCnl9Zfu1DSBAv+fFh0kT5SKUSy9JBzVNcXCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOIJAsu/vIN51jQJFXQwcCxiO2jgMB8GA1UdIwQY
MBaAFKNgjWsOgKZDD7avQ/rhaKDoAR/uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzJDTmF3NkFwa01QdHE5RC11Rm9vT2dCSC00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi9mYjU5MTAtZmUxNC00NDUzLThjOWMt
ODNiZjcwYjFmZDZiLzEvNGdrQ3k3LThnM25XTkFrVmREQndMR0k3YU9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi9mYjU5MTAtZmUxNC00NDUzLThjOWMtODNiZjcwYjFmZDZi
LzEvbzJDTmF3NkFwa01QdHE5RC11Rm9vT2dCSC00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuX2NMA0G
CSqGSIb3DQEBCwUAA4IBAQBjuMv8bcdUL7e4fKs8xmXnQHjJVlEvkNkDKLMCEUPG
B6QYw0UOQHDchHGms0avur1uR6BjVj05yMV6kyUYLe420OTbeywXn/Czy94z2plE
EJOD1udtk4Pbc1U7jhY2t6nABgRrZVsdI84lLzeU1XwUBWosCrv8nmU17BUmol1Z
ZZabY88uaJ/8csfB0AbkydivknRv5uxV6F/cd2vqpK9Cw2K8nDuGj319ssBwIKpk
9665CFJLvSHwmoj2gGJ4P2t0fbDnr1v4F//f/zH6b6hpZgaUo4bpoVjDz4dGlY9w
TfCKQ7uWrz24M9C9AgVxBt6ccwGAzKGACz6H53jrma5d
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:25 2024 by rpki-client on console-ams.rpki-client.org