Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/IAVwZfRA5EfL1M6gpMCMW6L_G3U.roa
File:                     IAVwZfRA5EfL1M6gpMCMW6L_G3U.roa (raw, json)
Hash identifier:          g7RDEIZPY56mRvTafar9KZRWM+Bh3ja9xDtA1/dsjaE=
Subject key identifier:   20:05:70:65:F4:40:E4:47:CB:D4:CE:A0:A4:C0:8C:5B:A2:FF:1B:75
Certificate issuer:       /CN=5806da5a59251275ceb18694e17415352aedd6aa
Certificate serial:       01879E2B78E93EBA878DCA742013164F87B0
Authority key identifier: 58:06:DA:5A:59:25:12:75:CE:B1:86:94:E1:74:15:35:2A:ED:D6:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WAbaWlklEnXOsYaU4XQVNSrt1qo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/IAVwZfRA5EfL1M6gpMCMW6L_G3U.roa
Signing time:             Thu 20 Apr 2023 10:17:41 +0000
ROA not before:           Thu 20 Apr 2023 10:17:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     14618
IP address blocks:        185.255.196.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 20 Jul 2023 03:10:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:9e:2b:78:e9:3e:ba:87:8d:ca:74:20:13:16:4f:87:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5806da5a59251275ceb18694e17415352aedd6aa
        Validity
            Not Before: Apr 20 10:17:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=20057065f440e447cbd4cea0a4c08c5ba2ff1b75
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:3b:47:b1:dd:6b:3d:06:db:92:ce:50:b8:cd:
                    0e:45:cf:be:75:b2:00:48:5c:51:f4:9c:4f:fe:0c:
                    d3:45:b3:82:6f:93:9f:e5:60:15:84:12:a5:2d:9b:
                    ab:97:3a:29:97:cb:39:60:7c:ee:eb:59:e3:16:3d:
                    90:3a:22:aa:78:f4:bc:10:96:1d:33:98:20:e1:00:
                    5e:65:d0:f9:1b:ec:03:b4:b4:d7:4b:f4:ed:98:c4:
                    2e:95:b9:1a:a4:70:ef:5a:76:e5:62:8e:7f:6e:7e:
                    3e:16:f2:e3:6a:51:45:d7:9a:11:fc:09:dd:4b:fc:
                    4d:e6:62:2b:b1:6c:cd:4b:c4:5f:c3:01:7c:ed:c5:
                    c7:cc:d0:72:41:11:93:30:3d:26:f5:b3:fc:a1:2a:
                    47:10:d0:f3:15:c1:3b:11:29:66:94:33:e0:cc:0a:
                    49:a2:15:2a:fd:78:d4:9f:bf:ba:30:78:07:5b:b8:
                    83:f8:08:dd:47:98:7a:de:0a:84:bc:2f:fc:8a:8e:
                    6a:24:04:d4:3a:14:fc:5c:11:87:db:42:26:5a:7e:
                    a4:6d:4f:ae:80:e5:71:8b:b4:de:a2:9f:24:b5:3b:
                    e4:b8:58:f9:34:83:44:51:6c:0b:e7:ca:46:3b:16:
                    a4:41:c5:61:55:7a:81:58:4e:6b:e0:67:70:45:96:
                    e9:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:05:70:65:F4:40:E4:47:CB:D4:CE:A0:A4:C0:8C:5B:A2:FF:1B:75
            X509v3 Authority Key Identifier:
                keyid:58:06:DA:5A:59:25:12:75:CE:B1:86:94:E1:74:15:35:2A:ED:D6:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WAbaWlklEnXOsYaU4XQVNSrt1qo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/IAVwZfRA5EfL1M6gpMCMW6L_G3U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/WAbaWlklEnXOsYaU4XQVNSrt1qo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.255.196.0/24

    Signature Algorithm: sha256WithRSAEncryption
         06:0e:3e:99:d5:34:f8:a4:d3:ac:b4:f4:46:fd:ac:c7:84:86:
         7f:7b:e9:eb:92:d8:51:c2:20:5e:09:38:d6:c5:0c:a7:f6:6b:
         7e:dd:4f:69:11:f7:85:83:1d:6a:1d:70:c1:1f:f8:e6:14:a5:
         89:90:3e:54:80:f7:0a:1d:34:19:a2:32:3e:aa:6e:e3:e5:ca:
         3d:dd:6d:43:e8:73:20:ad:06:5e:07:45:bb:31:bd:bf:78:e8:
         7d:bd:6b:e4:6b:bd:f0:1c:ce:91:f1:55:86:1e:ca:25:a4:5f:
         d7:3d:57:80:86:59:1a:c3:2d:9d:87:2c:57:ad:59:fa:73:2b:
         5b:09:c4:ed:a3:12:ff:89:85:44:48:44:5e:82:14:e7:bc:a1:
         6c:2f:9a:a8:ce:4f:34:9e:16:09:42:a4:b4:72:6e:d8:97:3c:
         eb:7f:e6:dd:49:d0:10:a9:ec:c0:20:35:f2:a9:e3:c3:9b:74:
         f1:ca:04:f4:49:bd:4c:f8:bf:03:7d:04:cd:ff:5e:29:14:56:
         03:48:08:b2:f8:50:23:89:af:6a:18:df:4c:eb:7d:18:8c:bb:
         e4:36:68:48:15:94:60:ae:18:12:c3:73:ce:0d:3d:56:b4:89:
         54:e5:0f:dd:4e:9a:f7:76:e3:cd:7e:1b:c5:54:f6:c6:35:d1:
         8f:89:1a:02
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYeeK3jpPrqHjcp0IBMWT4ewMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4MDZkYTVhNTkyNTEyNzVjZWIxODY5NGUxNzQxNTM1MmFl
ZGQ2YWEwHhcNMjMwNDIwMTAxNzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDA1NzA2NWY0NDBlNDQ3Y2JkNGNlYTBhNGMwOGM1YmEyZmYxYjc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxDtHsd1rPQbbks5QuM0ORc++dbIA
SFxR9JxP/gzTRbOCb5Of5WAVhBKlLZurlzopl8s5YHzu61njFj2QOiKqePS8EJYd
M5gg4QBeZdD5G+wDtLTXS/TtmMQulbkapHDvWnblYo5/bn4+FvLjalFF15oR/And
S/xN5mIrsWzNS8RfwwF87cXHzNByQRGTMD0m9bP8oSpHENDzFcE7ESlmlDPgzApJ
ohUq/XjUn7+6MHgHW7iD+AjdR5h63gqEvC/8io5qJATUOhT8XBGH20ImWn6kbU+u
gOVxi7Teop8ktTvkuFj5NINEUWwL58pGOxakQcVhVXqBWE5r4GdwRZbpawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCAFcGX0QORHy9TOoKTAjFui/xt1MB8GA1UdIwQY
MBaAFFgG2lpZJRJ1zrGGlOF0FTUq7daqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0FiYVdsa2xFblhPc1lhVTRYUVZOU3J0MXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi81ZGYxMTktYjFkZi00Y2ViLWJkNGYt
Zjc5Y2NjM2Y0ZWFmLzEvSUFWd1pmUkE1RWZMMU02Z3BNQ01XNkxfRzNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi81ZGYxMTktYjFkZi00Y2ViLWJkNGYtZjc5Y2NjM2Y0ZWFm
LzEvV0FiYVdsa2xFblhPc1lhVTRYUVZOU3J0MXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuf/EMA0G
CSqGSIb3DQEBCwUAA4IBAQAGDj6Z1TT4pNOstPRG/azHhIZ/e+nrkthRwiBeCTjW
xQyn9mt+3U9pEfeFgx1qHXDBH/jmFKWJkD5UgPcKHTQZojI+qm7j5co93W1D6HMg
rQZeB0W7Mb2/eOh9vWvka73wHM6R8VWGHsolpF/XPVeAhlkawy2dhyxXrVn6cytb
CcTtoxL/iYVESEReghTnvKFsL5qozk80nhYJQqS0cm7Ylzzrf+bdSdAQqezAIDXy
qePDm3TxygT0Sb1M+L8DfQTN/14pFFYDSAiy+FAjia9qGN9M630YjLvkNmhIFZRg
rhgSw3PODT1WtIlU5Q/dTpr3duPNfhvFVPbGNdGPiRoC
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:58 2024 by rpki-client on console-ams.rpki-client.org