Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/958c2c-b4c3-432d-9ab1-0cc83b00fc58/1/ZuQuMvuht2RAb8Iwj5LVha6cUCk.roa
File:                     ZuQuMvuht2RAb8Iwj5LVha6cUCk.roa (raw, json)
Hash identifier:          ycecGLCg5gSLXkTr15gAUys7DPlbalSZTFPQCc2Roug=
Subject key identifier:   66:E4:2E:32:FB:A1:B7:64:40:6F:C2:30:8F:92:D5:85:AE:9C:50:29
Certificate issuer:       /CN=79101035d53377c5a72bedca522fc1456e0b8419
Certificate serial:       018570307C138A73C6AA59F54CF1F12210E3
Authority key identifier: 79:10:10:35:D5:33:77:C5:A7:2B:ED:CA:52:2F:C1:45:6E:0B:84:19
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eRAQNdUzd8WnK-3KUi_BRW4LhBk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ba/958c2c-b4c3-432d-9ab1-0cc83b00fc58/1/ZuQuMvuht2RAb8Iwj5LVha6cUCk.roa
Signing time:             Mon 02 Jan 2023 01:55:03 +0000
ROA not before:           Mon 02 Jan 2023 01:55:03 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211487
IP address blocks:        185.15.156.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:30:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:30:7c:13:8a:73:c6:aa:59:f5:4c:f1:f1:22:10:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=79101035d53377c5a72bedca522fc1456e0b8419
        Validity
            Not Before: Jan  2 01:55:03 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=66e42e32fba1b764406fc2308f92d585ae9c5029
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:ac:a1:26:4e:67:2c:cc:b2:56:1d:1f:ba:2a:
                    a3:ee:37:72:54:fb:1a:c5:10:02:53:46:ad:68:c0:
                    2c:1b:d9:41:77:c9:7f:62:4d:29:a1:88:33:a2:98:
                    0a:46:57:4e:ff:73:a7:9f:29:20:36:5f:40:68:d6:
                    ea:0d:e2:8e:d0:7b:a9:51:69:7f:74:3d:91:0d:26:
                    0d:01:5e:0d:80:bb:31:cd:c9:45:83:e6:0f:35:00:
                    40:1b:8e:8d:0b:4f:4a:49:d2:39:86:88:70:bd:ea:
                    65:3a:a6:09:6a:7b:be:d2:51:10:7c:48:bb:2b:13:
                    02:83:06:34:bb:f4:7c:71:73:33:2c:d4:3f:52:1d:
                    de:8d:da:a5:61:59:a0:7f:79:46:32:d0:26:54:c0:
                    c8:1c:95:7a:00:5d:47:c4:6d:5e:3b:9c:89:58:e6:
                    41:6e:ef:fc:9b:54:ad:d5:e1:92:12:64:85:d0:98:
                    4f:41:2c:d6:3b:68:28:33:3a:bc:21:0f:21:f7:96:
                    2a:e1:91:24:8d:90:bc:e8:8a:ca:ac:17:f3:ec:a4:
                    e8:2c:a5:6a:94:bc:3a:ff:54:06:6f:92:ba:e0:c5:
                    48:a9:a6:c0:e9:c9:9b:6d:5d:20:e8:8b:07:84:e3:
                    bc:f3:ba:56:55:79:2e:73:0b:de:dc:c0:dc:69:f4:
                    20:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:E4:2E:32:FB:A1:B7:64:40:6F:C2:30:8F:92:D5:85:AE:9C:50:29
            X509v3 Authority Key Identifier:
                keyid:79:10:10:35:D5:33:77:C5:A7:2B:ED:CA:52:2F:C1:45:6E:0B:84:19

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eRAQNdUzd8WnK-3KUi_BRW4LhBk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/958c2c-b4c3-432d-9ab1-0cc83b00fc58/1/ZuQuMvuht2RAb8Iwj5LVha6cUCk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/958c2c-b4c3-432d-9ab1-0cc83b00fc58/1/eRAQNdUzd8WnK-3KUi_BRW4LhBk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.15.156.0/24

    Signature Algorithm: sha256WithRSAEncryption
         80:e7:94:9f:01:aa:24:c6:df:7c:a4:78:59:6a:be:43:03:ae:
         b2:7c:f0:5e:50:f8:68:c3:94:f8:60:57:1f:35:dd:69:ae:33:
         58:17:3b:07:d2:cd:f3:a1:cb:86:aa:c6:fb:32:a7:3a:17:fc:
         c1:a3:76:8a:36:bd:2f:02:28:9a:fe:76:0c:9a:b4:af:37:b2:
         f6:50:01:cc:7f:29:c0:42:e0:27:c6:77:c8:22:01:31:be:89:
         bf:93:72:10:28:28:0c:d9:8e:cb:f9:be:99:11:4d:06:3c:e6:
         29:31:87:ea:a3:54:23:69:fc:95:ce:a6:a8:b1:74:85:9f:2c:
         99:c0:8d:7f:74:0a:bf:15:64:31:09:c7:fa:f5:53:5e:4d:9a:
         8a:2d:b9:3b:39:ed:fa:a4:5d:2a:6c:cc:70:bb:37:bf:f4:61:
         a2:86:5c:60:86:16:2e:b7:41:3f:06:f6:77:af:55:c7:cb:23:
         23:18:ba:6f:ce:1e:c6:5b:c7:96:03:d3:59:e4:90:79:a0:05:
         ad:97:d6:77:e5:95:32:6f:9e:55:8c:38:bb:1a:b0:84:64:2b:
         99:dc:7f:64:01:1b:0d:af:0a:61:fb:ba:ad:7a:c2:eb:52:41:
         57:08:3e:2d:93:84:2c:a4:a7:98:33:35:05:1b:dc:c9:6f:76:
         ae:3b:6f:5c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwMHwTinPGqln1TPHxIhDjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5MTAxMDM1ZDUzMzc3YzVhNzJiZWRjYTUyMmZjMTQ1NmUw
Yjg0MTkwHhcNMjMwMTAyMDE1NTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmU0MmUzMmZiYTFiNzY0NDA2ZmMyMzA4ZjkyZDU4NWFlOWM1MDI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7KyhJk5nLMyyVh0fuiqj7jdyVPsa
xRACU0ataMAsG9lBd8l/Yk0poYgzopgKRldO/3OnnykgNl9AaNbqDeKO0HupUWl/
dD2RDSYNAV4NgLsxzclFg+YPNQBAG46NC09KSdI5hohwveplOqYJanu+0lEQfEi7
KxMCgwY0u/R8cXMzLNQ/Uh3ejdqlYVmgf3lGMtAmVMDIHJV6AF1HxG1eO5yJWOZB
bu/8m1St1eGSEmSF0JhPQSzWO2goMzq8IQ8h95Yq4ZEkjZC86IrKrBfz7KToLKVq
lLw6/1QGb5K64MVIqabA6cmbbV0g6IsHhOO887pWVXkucwve3MDcafQg0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGbkLjL7obdkQG/CMI+S1YWunFApMB8GA1UdIwQY
MBaAFHkQEDXVM3fFpyvtylIvwUVuC4QZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVJBUU5kVXpkOFduSy0zS1VpX0JSVzRMaEJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS85NThjMmMtYjRjMy00MzJkLTlhYjEt
MGNjODNiMDBmYzU4LzEvWnVRdU12dWh0MlJBYjhJd2o1TFZoYTZjVUNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS85NThjMmMtYjRjMy00MzJkLTlhYjEtMGNjODNiMDBmYzU4
LzEvZVJBUU5kVXpkOFduSy0zS1VpX0JSVzRMaEJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuQ+cMA0G
CSqGSIb3DQEBCwUAA4IBAQCA55SfAaokxt98pHhZar5DA66yfPBeUPhow5T4YFcf
Nd1prjNYFzsH0s3zocuGqsb7Mqc6F/zBo3aKNr0vAiia/nYMmrSvN7L2UAHMfynA
QuAnxnfIIgExvom/k3IQKCgM2Y7L+b6ZEU0GPOYpMYfqo1QjafyVzqaosXSFnyyZ
wI1/dAq/FWQxCcf69VNeTZqKLbk7Oe36pF0qbMxwuze/9GGihlxghhYut0E/BvZ3
r1XHyyMjGLpvzh7GW8eWA9NZ5JB5oAWtl9Z35ZUyb55VjDi7GrCEZCuZ3H9kARsN
rwph+7qtesLrUkFXCD4tk4QspKeYMzUFG9zJb3auO29c
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:48 2024 by rpki-client on console-ams.rpki-client.org