Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/upihRqgtiyJp48Up3h3L9t9X1h8.roa
File:                     upihRqgtiyJp48Up3h3L9t9X1h8.roa (raw, json)
Hash identifier:          U7CyYtc6eL36hwHEDbFQMbXCvCQVMQrJ+n1euPKmt38=
Subject key identifier:   BA:98:A1:46:A8:2D:8B:22:69:E3:C5:29:DE:1D:CB:F6:DF:57:D6:1F
Certificate issuer:       /CN=5806da5a59251275ceb18694e17415352aedd6aa
Certificate serial:       01879E2B799518D69C312F841A278D5E317F
Authority key identifier: 58:06:DA:5A:59:25:12:75:CE:B1:86:94:E1:74:15:35:2A:ED:D6:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WAbaWlklEnXOsYaU4XQVNSrt1qo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/upihRqgtiyJp48Up3h3L9t9X1h8.roa
Signing time:             Thu 20 Apr 2023 10:17:41 +0000
ROA not before:           Thu 20 Apr 2023 10:17:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     16509
IP address blocks:        185.255.196.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 20 Jul 2023 03:11:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:9e:2b:79:95:18:d6:9c:31:2f:84:1a:27:8d:5e:31:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5806da5a59251275ceb18694e17415352aedd6aa
        Validity
            Not Before: Apr 20 10:17:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ba98a146a82d8b2269e3c529de1dcbf6df57d61f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:be:ae:ef:e4:e5:70:68:d4:7d:02:06:9b:2c:
                    11:0f:c9:41:ee:25:e7:3a:64:00:6e:5d:18:a7:f5:
                    d8:67:99:47:1a:ae:5f:ca:8f:1a:8b:2c:6f:d5:67:
                    3b:62:92:e7:52:60:3a:70:6b:06:33:fa:90:03:c9:
                    b3:f4:d1:98:c1:48:fa:a9:ac:a8:cf:15:0b:4a:1e:
                    80:1a:97:65:41:a8:0b:f1:c2:6a:c8:b6:f5:8c:1e:
                    3f:7f:5a:8a:76:dd:80:f0:a3:95:80:8a:a3:ef:e0:
                    63:ba:8e:df:85:e5:e9:b6:d2:f4:e2:ed:6a:f9:cd:
                    0c:ec:b4:f8:15:9a:86:77:11:f6:38:3c:af:ab:d7:
                    6a:17:73:19:be:4f:a5:ce:32:b2:b0:78:de:7d:d8:
                    5a:02:47:1a:02:2e:6a:97:2d:c5:b9:cd:d9:2c:65:
                    ec:3a:10:d4:47:f9:81:39:ba:87:1c:5e:1f:ee:0d:
                    59:6d:de:cd:6c:f4:3d:60:26:83:79:a8:cb:c2:79:
                    f9:60:f0:da:e9:b0:d3:95:7e:5f:6f:cd:4b:d3:31:
                    07:46:5d:8f:8c:b1:a1:66:b7:50:e9:a3:50:96:56:
                    ab:cc:cf:35:d1:87:d1:1d:87:de:4f:d0:6b:ba:1e:
                    a4:33:b4:a4:70:29:b2:1d:05:96:c5:2f:e2:a0:97:
                    07:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:98:A1:46:A8:2D:8B:22:69:E3:C5:29:DE:1D:CB:F6:DF:57:D6:1F
            X509v3 Authority Key Identifier:
                keyid:58:06:DA:5A:59:25:12:75:CE:B1:86:94:E1:74:15:35:2A:ED:D6:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WAbaWlklEnXOsYaU4XQVNSrt1qo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/upihRqgtiyJp48Up3h3L9t9X1h8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5df119-b1df-4ceb-bd4f-f79ccc3f4eaf/1/WAbaWlklEnXOsYaU4XQVNSrt1qo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.255.196.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2d:53:0b:9f:87:9c:84:19:c1:52:ca:fc:6f:56:f7:c4:14:04:
         ea:73:35:b4:32:b4:0a:aa:f8:5c:99:ee:0b:56:e2:76:94:ea:
         99:85:ec:04:31:b5:b7:c7:b1:ba:fc:38:9e:e0:b2:2d:93:81:
         87:9a:3f:38:29:02:a9:b5:8c:54:85:b7:1f:72:fc:2c:9d:b2:
         9e:5a:1c:d3:fd:ef:91:69:41:3e:94:27:5c:96:2e:11:6c:07:
         d3:a1:e8:f2:07:3e:2c:4e:29:43:19:da:ff:7a:9b:0f:2b:90:
         52:15:5e:67:21:13:fd:29:e1:82:cc:4b:61:7c:c4:85:6e:75:
         24:ff:73:fc:82:e2:0e:58:da:46:be:d4:30:6a:73:c4:23:4e:
         b3:8a:1f:f1:97:c4:9d:bc:bc:be:cf:cf:25:6f:53:ae:9e:54:
         89:d4:e7:9b:3d:b8:20:1c:d2:1a:31:90:69:df:8c:2f:5b:1f:
         05:50:b2:d6:28:e4:de:1e:26:22:57:1f:cc:bb:bb:be:a7:e7:
         d7:a4:1a:20:18:a4:ee:c1:1f:38:8e:61:a1:cc:0e:89:e0:44:
         d9:8f:1e:97:8d:7a:39:8f:82:b4:a6:eb:03:a1:d4:ed:e3:c2:
         21:55:e5:15:62:91:24:fd:c2:21:85:d2:03:c0:27:21:2e:69:
         32:99:79:55
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYeeK3mVGNacMS+EGieNXjF/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4MDZkYTVhNTkyNTEyNzVjZWIxODY5NGUxNzQxNTM1MmFl
ZGQ2YWEwHhcNMjMwNDIwMTAxNzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTk4YTE0NmE4MmQ4YjIyNjllM2M1MjlkZTFkY2JmNmRmNTdkNjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA276u7+TlcGjUfQIGmywRD8lB7iXn
OmQAbl0Yp/XYZ5lHGq5fyo8aiyxv1Wc7YpLnUmA6cGsGM/qQA8mz9NGYwUj6qayo
zxULSh6AGpdlQagL8cJqyLb1jB4/f1qKdt2A8KOVgIqj7+Bjuo7fheXpttL04u1q
+c0M7LT4FZqGdxH2ODyvq9dqF3MZvk+lzjKysHjefdhaAkcaAi5qly3Fuc3ZLGXs
OhDUR/mBObqHHF4f7g1Zbd7NbPQ9YCaDeajLwnn5YPDa6bDTlX5fb81L0zEHRl2P
jLGhZrdQ6aNQllarzM810YfRHYfeT9Bruh6kM7SkcCmyHQWWxS/ioJcHEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLqYoUaoLYsiaePFKd4dy/bfV9YfMB8GA1UdIwQY
MBaAFFgG2lpZJRJ1zrGGlOF0FTUq7daqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0FiYVdsa2xFblhPc1lhVTRYUVZOU3J0MXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi81ZGYxMTktYjFkZi00Y2ViLWJkNGYt
Zjc5Y2NjM2Y0ZWFmLzEvdXBpaFJxZ3RpeUpwNDhVcDNoM0w5dDlYMWg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi81ZGYxMTktYjFkZi00Y2ViLWJkNGYtZjc5Y2NjM2Y0ZWFm
LzEvV0FiYVdsa2xFblhPc1lhVTRYUVZOU3J0MXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuf/EMA0G
CSqGSIb3DQEBCwUAA4IBAQAtUwufh5yEGcFSyvxvVvfEFATqczW0MrQKqvhcme4L
VuJ2lOqZhewEMbW3x7G6/Die4LItk4GHmj84KQKptYxUhbcfcvwsnbKeWhzT/e+R
aUE+lCdcli4RbAfToejyBz4sTilDGdr/epsPK5BSFV5nIRP9KeGCzEthfMSFbnUk
/3P8guIOWNpGvtQwanPEI06zih/xl8SdvLy+z88lb1OunlSJ1OebPbggHNIaMZBp
34wvWx8FULLWKOTeHiYiVx/Mu7u+p+fXpBogGKTuwR84jmGhzA6J4ETZjx6XjXo5
j4K0pusDodTt48IhVeUVYpEk/cIhhdIDwCchLmkymXlV
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:58 2024 by rpki-client on console-ams.rpki-client.org