Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/18d132-9951-4055-b5a6-dc0e1a725221/1/jGZbuV-A21IFUxeLp5oDcfCgIEA.roa
File:                     jGZbuV-A21IFUxeLp5oDcfCgIEA.roa (raw, json)
Hash identifier:          N+kQtKnkxXk56/e1f6RUtH5deF6prFM+X/pzYQMd14M=
Subject key identifier:   8C:66:5B:B9:5F:80:DB:52:05:53:17:8B:A7:9A:03:71:F0:A0:20:40
Certificate issuer:       /CN=d03046d16cfc391b028b88743773ce005cf97b1d
Certificate serial:       01856DB878A6F584B8E4AB548598151C2DD2
Authority key identifier: D0:30:46:D1:6C:FC:39:1B:02:8B:88:74:37:73:CE:00:5C:F9:7B:1D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0DBG0Wz8ORsCi4h0N3POAFz5ex0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ba/18d132-9951-4055-b5a6-dc0e1a725221/1/jGZbuV-A21IFUxeLp5oDcfCgIEA.roa
Signing time:             Sun 01 Jan 2023 14:24:43 +0000
ROA not before:           Sun 01 Jan 2023 14:24:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     58003
IP address blocks:        185.163.152.0/24 maxlen: 24
                          185.163.153.0/24 maxlen: 24
                          185.163.154.0/24 maxlen: 24
                          185.163.155.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:30:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:b8:78:a6:f5:84:b8:e4:ab:54:85:98:15:1c:2d:d2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d03046d16cfc391b028b88743773ce005cf97b1d
        Validity
            Not Before: Jan  1 14:24:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8c665bb95f80db520553178ba79a0371f0a02040
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:fe:af:46:59:57:2f:b3:1d:5c:4a:74:86:ad:
                    41:0e:7c:80:83:b5:22:02:4e:19:13:eb:4e:87:cf:
                    46:4f:d8:42:d7:24:19:72:57:6c:82:47:3d:e2:ff:
                    aa:d9:d7:12:2c:c7:d2:07:d3:de:1b:ed:c1:7c:92:
                    7c:57:0d:e9:9f:ad:7d:f5:58:94:bb:33:28:d6:73:
                    ff:71:cf:1f:a0:17:d1:38:20:80:c5:1a:64:d0:ff:
                    7b:aa:5b:7a:38:e4:35:23:4a:1b:dd:e2:11:1f:46:
                    d5:12:09:5e:04:71:19:8a:9b:6a:81:fe:d4:39:f4:
                    25:26:56:ff:31:dd:c8:e8:c8:eb:e2:cf:82:08:5e:
                    de:de:05:69:46:59:5e:10:d3:51:db:85:00:12:93:
                    3f:0f:63:83:a1:d6:59:8d:78:95:61:2b:34:94:1e:
                    80:66:98:c7:b4:6c:be:83:b8:b4:45:b8:9b:f1:1b:
                    a9:a9:ef:16:5e:8b:26:e7:28:ad:f7:19:61:ed:cb:
                    06:ad:bb:f4:79:96:27:7f:67:ec:e9:52:df:18:ab:
                    7c:af:f5:c7:a4:d2:e4:f3:02:e8:f0:63:06:8d:d4:
                    80:cc:bb:3d:0e:cc:92:b4:6d:30:1d:f0:ae:af:3e:
                    e9:60:10:68:47:16:95:ae:ff:16:7e:51:0c:ca:b9:
                    f9:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:66:5B:B9:5F:80:DB:52:05:53:17:8B:A7:9A:03:71:F0:A0:20:40
            X509v3 Authority Key Identifier:
                keyid:D0:30:46:D1:6C:FC:39:1B:02:8B:88:74:37:73:CE:00:5C:F9:7B:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0DBG0Wz8ORsCi4h0N3POAFz5ex0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/18d132-9951-4055-b5a6-dc0e1a725221/1/jGZbuV-A21IFUxeLp5oDcfCgIEA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/18d132-9951-4055-b5a6-dc0e1a725221/1/0DBG0Wz8ORsCi4h0N3POAFz5ex0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.163.152.0/22

    Signature Algorithm: sha256WithRSAEncryption
         7f:c2:8e:ba:17:15:eb:f0:09:14:f1:a6:a6:79:c1:bc:21:e8:
         b9:cf:f9:65:b8:70:fa:b4:df:47:d0:d5:a1:e0:b1:33:ce:41:
         b0:2a:83:1d:19:01:7e:be:a5:e0:ae:b4:c8:7c:20:93:94:0e:
         6c:6e:5d:67:fd:6a:ed:06:bb:b3:d9:89:31:c4:4d:d8:30:6d:
         03:af:e5:3e:d5:9d:cc:6f:ea:52:32:b7:11:86:73:a8:0a:5c:
         fd:53:98:7a:6d:97:82:dc:56:0c:0f:f0:af:98:7f:56:a8:c4:
         7b:74:46:b3:01:ac:5e:b0:78:67:e0:b4:31:a7:d4:b4:71:87:
         7e:96:99:7d:04:28:14:a0:9e:b4:ec:1f:02:ac:f1:dc:c1:52:
         08:0a:13:2f:a9:b9:5f:d6:e7:c6:8c:ee:2c:d0:8d:7f:98:cf:
         4a:b5:af:d8:7c:c8:c2:50:89:b6:c6:a1:ab:c4:97:74:6f:76:
         e0:9c:27:3a:ae:e6:bb:fd:5f:88:18:b7:79:5a:fa:dd:6b:91:
         af:e6:ef:af:a0:ad:a9:74:86:1b:29:16:15:8b:b0:51:19:85:
         6b:96:2d:47:6e:23:a9:94:ec:2e:1b:9a:a5:39:6a:45:69:8b:
         08:9e:c6:fd:f6:4c:48:71:e7:1e:e4:dc:b3:1a:cd:10:16:26:
         7b:be:81:46
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtuHim9YS45KtUhZgVHC3SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMzA0NmQxNmNmYzM5MWIwMjhiODg3NDM3NzNjZTAwNWNm
OTdiMWQwHhcNMjMwMTAxMTQyNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzY2NWJiOTVmODBkYjUyMDU1MzE3OGJhNzlhMDM3MWYwYTAyMDQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAov6vRllXL7MdXEp0hq1BDnyAg7Ui
Ak4ZE+tOh89GT9hC1yQZcldsgkc94v+q2dcSLMfSB9PeG+3BfJJ8Vw3pn6199ViU
uzMo1nP/cc8foBfROCCAxRpk0P97qlt6OOQ1I0ob3eIRH0bVEgleBHEZiptqgf7U
OfQlJlb/Md3I6Mjr4s+CCF7e3gVpRlleENNR24UAEpM/D2ODodZZjXiVYSs0lB6A
ZpjHtGy+g7i0Rbib8Rupqe8WXosm5yit9xlh7csGrbv0eZYnf2fs6VLfGKt8r/XH
pNLk8wLo8GMGjdSAzLs9DsyStG0wHfCurz7pYBBoRxaVrv8WflEMyrn55QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIxmW7lfgNtSBVMXi6eaA3HwoCBAMB8GA1UdIwQY
MBaAFNAwRtFs/DkbAouIdDdzzgBc+XsdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMERCRzBXejhPUnNDaTRoME4zUE9BRno1ZXgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS8xOGQxMzItOTk1MS00MDU1LWI1YTYt
ZGMwZTFhNzI1MjIxLzEvakdaYnVWLUEyMUlGVXhlTHA1b0RjZkNnSUVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS8xOGQxMzItOTk1MS00MDU1LWI1YTYtZGMwZTFhNzI1MjIx
LzEvMERCRzBXejhPUnNDaTRoME4zUE9BRno1ZXgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuaOYMA0G
CSqGSIb3DQEBCwUAA4IBAQB/wo66FxXr8AkU8aamecG8Iei5z/lluHD6tN9H0NWh
4LEzzkGwKoMdGQF+vqXgrrTIfCCTlA5sbl1n/WrtBruz2YkxxE3YMG0Dr+U+1Z3M
b+pSMrcRhnOoClz9U5h6bZeC3FYMD/CvmH9WqMR7dEazAaxesHhn4LQxp9S0cYd+
lpl9BCgUoJ607B8CrPHcwVIIChMvqblf1ufGjO4s0I1/mM9Kta/YfMjCUIm2xqGr
xJd0b3bgnCc6rua7/V+IGLd5Wvrda5Gv5u+voK2pdIYbKRYVi7BRGYVrli1HbiOp
lOwuG5qlOWpFaYsInsb99kxIcece5NyzGs0QFiZ7voFG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:27 2024 by rpki-client on console-fra.rpki-client.org