Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/7090a9-feed-4ea1-8459-ee810b83adcd/1/eiEHhpobvBGVmbdF1eFDu-K_nak.roa
File:                     eiEHhpobvBGVmbdF1eFDu-K_nak.roa (raw, json)
Hash identifier:          JMmM/+vuKtSbDE1P+k35orSnXy7ZEuLbryWdvjj6jJY=
Subject key identifier:   7A:21:07:86:9A:1B:BC:11:95:99:B7:45:D5:E1:43:BB:E2:BF:9D:A9
Certificate issuer:       /CN=4801a5b816158f07a8ca8acb37e97e2f20b06911
Certificate serial:       018CC726B68D76265B6CCAA7A9D8DD4A9FB6
Authority key identifier: 48:01:A5:B8:16:15:8F:07:A8:CA:8A:CB:37:E9:7E:2F:20:B0:69:11
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SAGluBYVjweoyorLN-l-LyCwaRE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ba/7090a9-feed-4ea1-8459-ee810b83adcd/1/eiEHhpobvBGVmbdF1eFDu-K_nak.roa
Signing time:             Mon 01 Jan 2024 22:30:52 +0000
ROA not before:           Mon 01 Jan 2024 22:30:52 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     206388
IP address blocks:        185.186.243.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 14 Apr 2024 07:31:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:26:b6:8d:76:26:5b:6c:ca:a7:a9:d8:dd:4a:9f:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4801a5b816158f07a8ca8acb37e97e2f20b06911
        Validity
            Not Before: Jan  1 22:30:52 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=7a2107869a1bbc119599b745d5e143bbe2bf9da9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:c8:5b:ae:4f:a9:a9:6e:8d:7d:7d:46:1b:4a:
                    38:47:cf:82:23:7a:45:7c:ac:33:b9:95:b9:de:19:
                    1f:54:70:59:32:5a:84:df:84:54:6e:a1:ae:ef:d7:
                    bd:2c:d1:f8:40:3b:18:78:fb:f2:24:cc:58:0a:d1:
                    fa:76:4f:4f:52:d0:eb:aa:1e:0c:d6:7d:95:66:50:
                    2a:00:61:7a:c7:b5:d5:74:d2:b8:6d:90:f6:31:4b:
                    2c:69:d1:32:83:19:b1:b2:b6:0e:23:c2:52:3e:75:
                    45:5b:cf:51:cc:51:e5:5d:17:65:1d:44:e1:dd:98:
                    95:78:bf:4d:ce:0a:42:65:46:21:d8:2e:a3:cb:05:
                    f3:2d:76:5f:f1:55:ef:0e:f4:0b:ea:41:7d:14:8f:
                    6b:ae:6d:4a:82:7c:34:3d:42:b5:29:68:b9:85:b2:
                    31:6e:b2:65:81:86:0a:5c:5b:68:90:67:b2:fa:49:
                    f0:58:48:7d:be:7c:7a:51:ab:4f:d1:83:14:65:28:
                    8f:51:25:a3:21:52:fd:f4:5c:66:07:36:f6:81:c8:
                    49:1b:17:b9:7a:ce:de:61:24:03:2f:be:06:8a:37:
                    03:30:69:95:06:b8:f7:f3:bb:9c:ec:f2:e6:51:b8:
                    5b:fd:a3:5f:46:b4:1c:01:eb:18:d6:01:4b:f3:af:
                    c0:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:21:07:86:9A:1B:BC:11:95:99:B7:45:D5:E1:43:BB:E2:BF:9D:A9
            X509v3 Authority Key Identifier:
                keyid:48:01:A5:B8:16:15:8F:07:A8:CA:8A:CB:37:E9:7E:2F:20:B0:69:11

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAGluBYVjweoyorLN-l-LyCwaRE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/7090a9-feed-4ea1-8459-ee810b83adcd/1/eiEHhpobvBGVmbdF1eFDu-K_nak.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/7090a9-feed-4ea1-8459-ee810b83adcd/1/SAGluBYVjweoyorLN-l-LyCwaRE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.186.243.0/24

    Signature Algorithm: sha256WithRSAEncryption
         46:7c:a8:e5:0e:86:6e:9c:a9:e5:00:d7:56:30:8b:b9:96:4a:
         aa:d0:8f:d4:4d:0f:b5:7a:d2:0a:51:b7:ec:75:56:51:6d:dd:
         34:cf:f9:f3:29:75:a7:a0:59:e9:c1:6b:09:73:0e:1f:04:7e:
         57:cd:92:a3:d1:fc:5e:1e:79:ca:f6:23:cb:cd:7e:30:56:84:
         91:5a:48:57:5f:9f:67:78:69:9a:f4:f2:6d:a8:db:31:dc:35:
         b3:8d:d1:b1:72:26:1b:84:4e:09:6c:a8:8d:f2:06:6e:fe:b1:
         0d:ef:0d:cd:3e:eb:74:e9:e2:75:2b:21:0a:ed:50:69:23:6b:
         97:d1:ec:c1:f9:5c:3c:c6:e1:e0:54:42:fb:b3:ff:60:9f:e8:
         10:2c:7a:30:f8:af:1e:bc:fd:dc:1b:e2:8a:e1:62:d7:9f:78:
         53:e5:72:76:25:57:be:40:0a:9c:fe:09:9a:3a:ec:c9:f5:1b:
         1d:d6:3c:e1:02:f7:b7:0c:d4:83:61:ff:c7:b0:8c:14:f9:0f:
         5a:60:17:87:10:83:b1:9b:0e:42:7c:e4:38:d6:85:7f:5b:b1:
         8f:2c:c5:96:0b:ca:a8:0d:41:62:ad:d9:0f:dd:6e:3b:78:22:
         cc:6f:9a:7c:32:f9:aa:b4:41:f5:c0:3b:a5:86:21:0b:e0:a0:
         f0:55:da:bf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJraNdiZbbMqnqdjdSp+2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MDFhNWI4MTYxNThmMDdhOGNhOGFjYjM3ZTk3ZTJmMjBi
MDY5MTEwHhcNMjQwMTAxMjIzMDUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTIxMDc4NjlhMWJiYzExOTU5OWI3NDVkNWUxNDNiYmUyYmY5ZGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiMhbrk+pqW6NfX1GG0o4R8+CI3pF
fKwzuZW53hkfVHBZMlqE34RUbqGu79e9LNH4QDsYePvyJMxYCtH6dk9PUtDrqh4M
1n2VZlAqAGF6x7XVdNK4bZD2MUssadEygxmxsrYOI8JSPnVFW89RzFHlXRdlHUTh
3ZiVeL9NzgpCZUYh2C6jywXzLXZf8VXvDvQL6kF9FI9rrm1Kgnw0PUK1KWi5hbIx
brJlgYYKXFtokGey+knwWEh9vnx6UatP0YMUZSiPUSWjIVL99FxmBzb2gchJGxe5
es7eYSQDL74GijcDMGmVBrj387uc7PLmUbhb/aNfRrQcAesY1gFL86/AbQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHohB4aaG7wRlZm3RdXhQ7viv52pMB8GA1UdIwQY
MBaAFEgBpbgWFY8HqMqKyzfpfi8gsGkRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0FHbHVCWVZqd2VveW9yTE4tbC1MeUN3YVJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS83MDkwYTktZmVlZC00ZWExLTg0NTkt
ZWU4MTBiODNhZGNkLzEvZWlFSGhwb2J2QkdWbWJkRjFlRkR1LUtfbmFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS83MDkwYTktZmVlZC00ZWExLTg0NTktZWU4MTBiODNhZGNk
LzEvU0FHbHVCWVZqd2VveW9yTE4tbC1MeUN3YVJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAubrzMA0G
CSqGSIb3DQEBCwUAA4IBAQBGfKjlDoZunKnlANdWMIu5lkqq0I/UTQ+1etIKUbfs
dVZRbd00z/nzKXWnoFnpwWsJcw4fBH5XzZKj0fxeHnnK9iPLzX4wVoSRWkhXX59n
eGma9PJtqNsx3DWzjdGxciYbhE4JbKiN8gZu/rEN7w3NPut06eJ1KyEK7VBpI2uX
0ezB+Vw8xuHgVEL7s/9gn+gQLHow+K8evP3cG+KK4WLXn3hT5XJ2JVe+QAqc/gma
OuzJ9Rsd1jzhAve3DNSDYf/HsIwU+Q9aYBeHEIOxmw5CfOQ41oV/W7GPLMWWC8qo
DUFirdkP3W47eCLMb5p8MvmqtEH1wDulhiEL4KDwVdq/
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:46 2024 by rpki-client on console-ams.rpki-client.org