Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/fb5910-fe14-4453-8c9c-83bf70b1fd6b/1/X8dkhbYFE_cQ95JDVB8qhQqv6c4.roa
File:                     X8dkhbYFE_cQ95JDVB8qhQqv6c4.roa (raw, json)
Hash identifier:          H+/MhH0phmTLxehFeePIL0rHZ2VexYYeSkTZYRjI9gY=
Subject key identifier:   5F:C7:64:85:B6:05:13:F7:10:F7:92:43:54:1F:2A:85:0A:AF:E9:CE
Certificate issuer:       /CN=a3608d6b0e80a6430fb6af43fae168a0e8011fee
Certificate serial:       01856FF04A1A61B681CADD7805146E35F706
Authority key identifier: A3:60:8D:6B:0E:80:A6:43:0F:B6:AF:43:FA:E1:68:A0:E8:01:1F:EE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/o2CNaw6ApkMPtq9D-uFooOgBH-4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b2/fb5910-fe14-4453-8c9c-83bf70b1fd6b/1/X8dkhbYFE_cQ95JDVB8qhQqv6c4.roa
Signing time:             Mon 02 Jan 2023 00:44:56 +0000
ROA not before:           Mon 02 Jan 2023 00:44:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     14618
IP address blocks:        185.125.141.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:31:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:f0:4a:1a:61:b6:81:ca:dd:78:05:14:6e:35:f7:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a3608d6b0e80a6430fb6af43fae168a0e8011fee
        Validity
            Not Before: Jan  2 00:44:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5fc76485b60513f710f79243541f2a850aafe9ce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:82:93:e9:cf:81:e6:b6:fc:c7:23:ff:5a:15:
                    0c:ea:b9:f5:09:a3:37:d6:5d:8a:d9:35:2a:f2:01:
                    0e:f8:43:83:52:6d:af:e5:fe:0c:28:fc:94:79:bb:
                    d5:fa:ed:33:73:db:cd:94:13:62:c2:d7:53:06:6b:
                    d5:00:4a:08:4b:f8:9b:24:41:77:4c:a3:03:bb:dd:
                    8a:a1:ed:f0:05:82:e5:dc:52:11:f1:ed:2e:e4:db:
                    f6:1b:b2:0a:57:83:02:f8:a3:6e:67:e3:73:cf:ff:
                    29:d6:b2:db:61:ee:4e:8d:fb:45:49:fe:ec:5f:f9:
                    87:d5:76:86:90:f1:26:07:c2:a9:37:b3:7c:5b:76:
                    ce:96:69:81:85:bb:1c:44:3e:d9:14:69:e9:57:fc:
                    54:67:b0:c7:e4:5d:ed:57:bb:38:3f:71:48:11:57:
                    84:2c:2c:84:4c:e8:4b:a8:b9:11:18:ea:6c:07:c7:
                    d6:cc:d9:d5:8a:fa:fa:54:b6:a9:d4:33:d1:90:86:
                    d5:e5:85:fb:10:8a:1a:e7:ae:f7:17:fe:97:30:cd:
                    27:cf:a3:70:28:9b:f1:ee:2c:05:99:16:9b:6c:c4:
                    ab:e5:26:d3:c7:89:cb:cd:1d:83:a6:fb:a4:2d:d0:
                    51:a0:0d:aa:58:4e:69:9f:3c:45:4c:9a:4a:fd:43:
                    03:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:C7:64:85:B6:05:13:F7:10:F7:92:43:54:1F:2A:85:0A:AF:E9:CE
            X509v3 Authority Key Identifier:
                keyid:A3:60:8D:6B:0E:80:A6:43:0F:B6:AF:43:FA:E1:68:A0:E8:01:1F:EE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o2CNaw6ApkMPtq9D-uFooOgBH-4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/fb5910-fe14-4453-8c9c-83bf70b1fd6b/1/X8dkhbYFE_cQ95JDVB8qhQqv6c4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/fb5910-fe14-4453-8c9c-83bf70b1fd6b/1/o2CNaw6ApkMPtq9D-uFooOgBH-4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.125.141.0/24

    Signature Algorithm: sha256WithRSAEncryption
         dd:83:f1:16:37:44:0b:aa:6d:93:d7:eb:62:fb:17:df:c7:bb:
         50:0c:60:a4:b8:66:83:68:9f:43:4f:1f:7c:e0:4a:86:4d:97:
         40:70:ce:ca:34:ce:5c:c4:06:d1:ce:99:6b:8b:66:e1:aa:1d:
         be:9f:f8:74:8f:05:ca:e1:80:7b:c2:e1:38:3b:3c:0c:61:57:
         6c:30:f9:da:9b:6f:2a:ea:6d:a6:3c:24:b6:6f:45:86:7f:6b:
         85:e6:73:53:33:0e:10:50:9c:2e:72:35:1c:31:d9:9e:5d:86:
         8a:15:fb:af:00:f9:2e:67:c5:d9:32:f4:75:22:70:4a:52:b8:
         ef:75:d2:ae:d6:04:60:b3:3c:2b:73:4f:3e:ad:19:4e:df:79:
         f3:73:cf:c2:17:13:50:4b:4e:e1:59:ff:1f:f7:c8:89:c7:d4:
         3f:35:0e:79:86:ed:22:07:39:c2:71:1e:eb:69:2b:cf:1d:eb:
         2a:4c:d7:dd:36:d1:04:00:d5:f9:de:ec:2a:ed:cf:1e:4c:cb:
         2a:cd:f8:3b:ec:55:9c:fc:0f:d5:23:36:a1:ca:89:36:d7:20:
         e2:c9:54:3d:5c:9a:d7:e5:0d:9f:f6:04:47:50:f5:43:a8:1e:
         68:03:cd:33:67:b1:e8:f4:a4:a0:01:eb:00:4b:37:7c:82:71:
         27:bd:14:ec
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv8EoaYbaByt14BRRuNfcGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNjA4ZDZiMGU4MGE2NDMwZmI2YWY0M2ZhZTE2OGEwZTgw
MTFmZWUwHhcNMjMwMTAyMDA0NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmM3NjQ4NWI2MDUxM2Y3MTBmNzkyNDM1NDFmMmE4NTBhYWZlOWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0YKT6c+B5rb8xyP/WhUM6rn1CaM3
1l2K2TUq8gEO+EODUm2v5f4MKPyUebvV+u0zc9vNlBNiwtdTBmvVAEoIS/ibJEF3
TKMDu92Koe3wBYLl3FIR8e0u5Nv2G7IKV4MC+KNuZ+Nzz/8p1rLbYe5OjftFSf7s
X/mH1XaGkPEmB8KpN7N8W3bOlmmBhbscRD7ZFGnpV/xUZ7DH5F3tV7s4P3FIEVeE
LCyETOhLqLkRGOpsB8fWzNnVivr6VLap1DPRkIbV5YX7EIoa5673F/6XMM0nz6Nw
KJvx7iwFmRabbMSr5SbTx4nLzR2DpvukLdBRoA2qWE5pnzxFTJpK/UMDoQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF/HZIW2BRP3EPeSQ1QfKoUKr+nOMB8GA1UdIwQY
MBaAFKNgjWsOgKZDD7avQ/rhaKDoAR/uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzJDTmF3NkFwa01QdHE5RC11Rm9vT2dCSC00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi9mYjU5MTAtZmUxNC00NDUzLThjOWMt
ODNiZjcwYjFmZDZiLzEvWDhka2hiWUZFX2NROTVKRFZCOHFoUXF2NmM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi9mYjU5MTAtZmUxNC00NDUzLThjOWMtODNiZjcwYjFmZDZi
LzEvbzJDTmF3NkFwa01QdHE5RC11Rm9vT2dCSC00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuX2NMA0G
CSqGSIb3DQEBCwUAA4IBAQDdg/EWN0QLqm2T1+ti+xffx7tQDGCkuGaDaJ9DTx98
4EqGTZdAcM7KNM5cxAbRzplri2bhqh2+n/h0jwXK4YB7wuE4OzwMYVdsMPnam28q
6m2mPCS2b0WGf2uF5nNTMw4QUJwucjUcMdmeXYaKFfuvAPkuZ8XZMvR1InBKUrjv
ddKu1gRgszwrc08+rRlO33nzc8/CFxNQS07hWf8f98iJx9Q/NQ55hu0iBznCcR7r
aSvPHesqTNfdNtEEANX53uwq7c8eTMsqzfg77FWc/A/VIzahyok21yDiyVQ9XJrX
5Q2f9gRHUPVDqB5oA80zZ7Ho9KSgAesASzd8gnEnvRTs
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:25 2024 by rpki-client on console-ams.rpki-client.org