Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/9002e2-dc04-4c39-9235-54d5d04e346d/1/VIG72cEI4OiTF42KfEZUlyA9MyA.roa
File:                     VIG72cEI4OiTF42KfEZUlyA9MyA.roa (raw, json)
Hash identifier:          8nD6eD9MlIuVy1VLX/Fgb5m/Dtn1o8l7W3Iqn/vh9oI=
Subject key identifier:   54:81:BB:D9:C1:08:E0:E8:93:17:8D:8A:7C:46:54:97:20:3D:33:20
Certificate issuer:       /CN=d922d8d45f985dc3896c9176a7d48d7658cb4f68
Certificate serial:       01856F700E038471A00322543E2EC5F658A5
Authority key identifier: D9:22:D8:D4:5F:98:5D:C3:89:6C:91:76:A7:D4:8D:76:58:CB:4F:68
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2SLY1F-YXcOJbJF2p9SNdljLT2g.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b4/9002e2-dc04-4c39-9235-54d5d04e346d/1/VIG72cEI4OiTF42KfEZUlyA9MyA.roa
Signing time:             Sun 01 Jan 2023 22:24:52 +0000
ROA not before:           Sun 01 Jan 2023 22:24:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43790
IP address blocks:        185.154.71.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:32:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:70:0e:03:84:71:a0:03:22:54:3e:2e:c5:f6:58:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d922d8d45f985dc3896c9176a7d48d7658cb4f68
        Validity
            Not Before: Jan  1 22:24:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5481bbd9c108e0e893178d8a7c465497203d3320
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:aa:da:34:8d:66:ee:15:8c:42:cf:d3:6c:22:
                    70:83:1a:f5:50:ed:4c:80:e6:f7:cc:e3:60:28:a1:
                    9e:20:f6:75:e5:74:93:3a:6a:55:52:dc:2f:04:32:
                    72:16:c7:d6:24:e2:1e:f4:ec:e4:94:5b:19:c1:eb:
                    54:d1:10:f8:17:ff:7a:ee:9a:fd:8b:b2:93:19:b9:
                    7e:d5:d4:f8:49:f8:e0:d0:07:ce:ab:97:db:da:d5:
                    f6:df:a2:7e:ca:33:4f:10:4b:a1:5b:4b:17:d6:25:
                    f0:76:3d:82:f6:bd:eb:45:4c:78:b1:26:4d:39:f3:
                    48:63:d0:d7:61:97:b6:98:e2:bc:19:57:d0:fd:ef:
                    e6:dc:88:83:67:7e:f0:d6:82:83:11:9d:3a:6b:5d:
                    2a:e8:9f:e3:30:33:3c:e6:d3:33:e5:29:43:f6:8a:
                    70:0a:a2:52:5c:5b:b5:bc:4a:42:03:96:46:e3:f7:
                    94:12:78:c3:76:a1:85:8c:59:a4:8b:a1:b3:f8:97:
                    a1:68:89:fd:c9:a0:e6:23:58:da:bc:9e:95:e3:c5:
                    7e:80:5b:1f:63:9c:8f:75:a2:a0:2c:3b:15:c5:ed:
                    0d:c0:98:ac:0b:99:c7:06:10:af:e3:7a:29:9f:6d:
                    ab:d8:4c:c7:97:cd:d2:81:a1:4c:20:d3:b2:f0:02:
                    66:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:81:BB:D9:C1:08:E0:E8:93:17:8D:8A:7C:46:54:97:20:3D:33:20
            X509v3 Authority Key Identifier:
                keyid:D9:22:D8:D4:5F:98:5D:C3:89:6C:91:76:A7:D4:8D:76:58:CB:4F:68

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2SLY1F-YXcOJbJF2p9SNdljLT2g.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/9002e2-dc04-4c39-9235-54d5d04e346d/1/VIG72cEI4OiTF42KfEZUlyA9MyA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/9002e2-dc04-4c39-9235-54d5d04e346d/1/2SLY1F-YXcOJbJF2p9SNdljLT2g.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.154.71.0/24

    Signature Algorithm: sha256WithRSAEncryption
         56:a8:11:98:4d:d5:4b:49:3a:07:83:b3:9a:15:42:1d:36:99:
         8a:97:3e:c6:22:27:d9:65:66:b4:da:6a:f4:65:6f:f3:81:c8:
         d3:9d:42:e7:5d:1d:d8:3d:ee:73:c4:3f:da:6a:1c:ac:6b:7c:
         99:4b:73:1f:9c:3e:71:a2:bd:fa:55:12:4c:96:e1:c7:ad:9c:
         84:a6:89:b7:a5:0d:2e:92:39:06:65:37:a2:24:df:dd:5f:b1:
         d2:b0:be:aa:e7:4b:b5:a2:30:91:01:5f:3f:f5:d0:c8:9c:92:
         05:5b:ab:27:bf:67:09:fa:04:9f:ce:ac:58:57:4d:3a:b6:58:
         e4:cd:1c:8f:37:f0:92:4e:fb:81:68:55:6b:eb:bf:72:93:70:
         25:c2:80:aa:db:15:e7:eb:51:10:63:5a:0e:5d:c8:c0:13:2f:
         1d:67:e1:b2:6b:24:2e:00:b3:f9:16:2a:dc:10:41:49:ae:fa:
         3b:04:44:32:5d:f1:7c:f7:0b:21:1e:1b:22:07:ba:62:15:91:
         d9:96:61:df:88:8f:ac:3c:07:cc:ed:12:7d:a3:50:e2:a9:32:
         65:3d:91:f8:fb:b3:de:16:ac:97:61:68:d3:23:d6:63:16:ae:
         ae:ad:5e:0c:47:0d:b5:a7:00:cf:40:50:c3:0b:33:6d:ea:20:
         c3:32:4b:6e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvcA4DhHGgAyJUPi7F9lilMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5MjJkOGQ0NWY5ODVkYzM4OTZjOTE3NmE3ZDQ4ZDc2NThj
YjRmNjgwHhcNMjMwMTAxMjIyNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDgxYmJkOWMxMDhlMGU4OTMxNzhkOGE3YzQ2NTQ5NzIwM2QzMzIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvqraNI1m7hWMQs/TbCJwgxr1UO1M
gOb3zONgKKGeIPZ15XSTOmpVUtwvBDJyFsfWJOIe9OzklFsZwetU0RD4F/967pr9
i7KTGbl+1dT4Sfjg0AfOq5fb2tX236J+yjNPEEuhW0sX1iXwdj2C9r3rRUx4sSZN
OfNIY9DXYZe2mOK8GVfQ/e/m3IiDZ37w1oKDEZ06a10q6J/jMDM85tMz5SlD9opw
CqJSXFu1vEpCA5ZG4/eUEnjDdqGFjFmki6Gz+JehaIn9yaDmI1javJ6V48V+gFsf
Y5yPdaKgLDsVxe0NwJisC5nHBhCv43opn22r2EzHl83SgaFMINOy8AJm/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFSBu9nBCODokxeNinxGVJcgPTMgMB8GA1UdIwQY
MBaAFNki2NRfmF3DiWyRdqfUjXZYy09oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlNMWTFGLVlYY09KYkpGMnA5U05kbGpMVDJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC85MDAyZTItZGMwNC00YzM5LTkyMzUt
NTRkNWQwNGUzNDZkLzEvVklHNzJjRUk0T2lURjQyS2ZFWlVseUE5TXlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC85MDAyZTItZGMwNC00YzM5LTkyMzUtNTRkNWQwNGUzNDZk
LzEvMlNMWTFGLVlYY09KYkpGMnA5U05kbGpMVDJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZpHMA0G
CSqGSIb3DQEBCwUAA4IBAQBWqBGYTdVLSToHg7OaFUIdNpmKlz7GIifZZWa02mr0
ZW/zgcjTnULnXR3YPe5zxD/aahysa3yZS3MfnD5xor36VRJMluHHrZyEpom3pQ0u
kjkGZTeiJN/dX7HSsL6q50u1ojCRAV8/9dDInJIFW6snv2cJ+gSfzqxYV006tljk
zRyPN/CSTvuBaFVr679yk3AlwoCq2xXn61EQY1oOXcjAEy8dZ+GyayQuALP5Firc
EEFJrvo7BEQyXfF89wshHhsiB7piFZHZlmHfiI+sPAfM7RJ9o1DiqTJlPZH4+7Pe
FqyXYWjTI9ZjFq6urV4MRw21pwDPQFDDCzNt6iDDMktu
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:41 2024 by rpki-client on console-ams.rpki-client.org