Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/dd9c90-31a9-4995-9da3-4efde6eb32d4/1/Xv8eUkZprTV3U81hNJTRyzfpOPA.roa
File:                     Xv8eUkZprTV3U81hNJTRyzfpOPA.roa (raw, json)
Hash identifier:          gIkhC6mmILdrnRA6VW2ENpe96VuKKI5uqxeFTWEIv6I=
Subject key identifier:   5E:FF:1E:52:46:69:AD:35:77:53:CD:61:34:94:D1:CB:37:E9:38:F0
Certificate issuer:       /CN=356d9a95bace19785c40647663f31d9056261c2f
Certificate serial:       018AE30F37BCDA8CC6F03AD43DC96C5A4468
Authority key identifier: 35:6D:9A:95:BA:CE:19:78:5C:40:64:76:63:F3:1D:90:56:26:1C:2F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NW2albrOGXhcQGR2Y_MdkFYmHC8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ba/dd9c90-31a9-4995-9da3-4efde6eb32d4/1/Xv8eUkZprTV3U81hNJTRyzfpOPA.roa
Signing time:             Fri 29 Sep 2023 22:28:59 +0000
ROA not before:           Fri 29 Sep 2023 22:28:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     62739
IP address blocks:        185.32.194.0/24 maxlen: 24
                          185.32.193.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:29:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:e3:0f:37:bc:da:8c:c6:f0:3a:d4:3d:c9:6c:5a:44:68
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=356d9a95bace19785c40647663f31d9056261c2f
        Validity
            Not Before: Sep 29 22:28:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5eff1e524669ad357753cd613494d1cb37e938f0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:73:dc:be:51:d2:3b:f0:ff:6a:00:fb:c5:47:
                    a1:58:b3:bb:1e:90:d6:8f:ad:9a:26:d8:b1:95:33:
                    99:dc:87:b0:90:78:8b:5d:3c:94:a8:cf:e3:51:83:
                    ac:e4:8d:d4:2c:19:f7:83:59:f2:1e:47:f0:ff:9b:
                    f0:21:6a:e8:78:ab:b1:b0:42:2b:42:e1:4d:d8:ea:
                    d6:02:00:8a:b0:5d:18:dc:f4:e7:22:1d:ff:7d:28:
                    b2:0b:c1:5c:e7:92:c9:e4:40:d5:91:02:a8:8c:e6:
                    52:78:4b:6c:40:84:7d:3b:cd:3a:29:85:82:39:71:
                    2e:41:d5:34:32:27:76:da:e4:8c:67:4f:6b:c5:07:
                    22:ef:c9:1d:f2:be:0c:fd:f2:52:17:69:a4:71:e3:
                    41:9a:c8:7b:55:e3:8a:60:c5:c1:ee:c6:58:32:9d:
                    29:55:d2:4a:34:69:0f:0c:16:00:27:ec:a3:ab:da:
                    b2:28:17:b4:30:14:74:66:74:5c:dc:e7:c2:e2:a9:
                    eb:71:fd:49:25:df:8a:e8:c0:f7:7e:b5:b2:bc:02:
                    d0:f9:aa:e7:41:7c:35:64:23:a0:28:08:b4:f7:98:
                    c4:8e:d0:17:85:28:33:c6:cb:98:c6:fb:20:0e:bd:
                    94:94:6c:56:9f:be:b7:b6:99:c6:bd:5e:3f:64:a9:
                    53:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:FF:1E:52:46:69:AD:35:77:53:CD:61:34:94:D1:CB:37:E9:38:F0
            X509v3 Authority Key Identifier:
                keyid:35:6D:9A:95:BA:CE:19:78:5C:40:64:76:63:F3:1D:90:56:26:1C:2F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NW2albrOGXhcQGR2Y_MdkFYmHC8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/dd9c90-31a9-4995-9da3-4efde6eb32d4/1/Xv8eUkZprTV3U81hNJTRyzfpOPA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/dd9c90-31a9-4995-9da3-4efde6eb32d4/1/NW2albrOGXhcQGR2Y_MdkFYmHC8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.32.193.0-185.32.194.255

    Signature Algorithm: sha256WithRSAEncryption
         56:f1:6a:a7:9c:7a:b5:db:60:51:c1:8c:7e:13:bc:92:41:50:
         16:a6:33:c6:2c:4a:48:56:4b:b0:f3:09:a3:e4:80:d5:56:47:
         e8:90:fa:b0:ce:d7:bc:07:b2:02:97:49:be:00:23:52:00:ed:
         44:09:e3:95:59:bb:b0:e4:70:ff:86:56:e1:26:90:84:5d:34:
         9f:71:ce:c2:57:0a:c6:83:9e:45:52:a1:fb:ed:d0:03:42:77:
         b1:f2:e0:a0:78:39:4b:fa:65:3e:3d:54:3c:9b:57:9d:1e:0e:
         ff:e3:fb:f4:72:90:e2:4e:b8:c2:e8:1d:5c:ee:a5:47:92:fe:
         26:c0:c8:a8:e8:3d:8f:28:22:f3:e2:84:8c:63:1a:45:b8:eb:
         f7:a7:8c:c0:ed:81:14:2b:03:4c:ba:26:67:01:1f:bc:c9:8b:
         e1:31:b6:9b:7d:a1:f9:4c:35:46:fe:f1:32:6d:8c:14:da:60:
         76:93:6f:c0:ab:03:81:b8:27:f1:9e:6b:05:3c:40:af:45:3e:
         87:4f:fd:af:fa:ad:7f:b6:94:d1:06:18:42:67:fc:53:13:a1:
         69:2a:9d:75:47:e7:44:04:02:24:77:d5:2e:5e:da:46:25:77:
         3b:00:fb:2b:31:bf:83:22:dc:35:67:91:00:aa:5d:ba:fb:62:
         49:ea:36:25
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYrjDze82ozG8DrUPclsWkRoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NmQ5YTk1YmFjZTE5Nzg1YzQwNjQ3NjYzZjMxZDkwNTYy
NjFjMmYwHhcNMjMwOTI5MjIyODU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWZmMWU1MjQ2NjlhZDM1Nzc1M2NkNjEzNDk0ZDFjYjM3ZTkzOGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXPcvlHSO/D/agD7xUehWLO7HpDW
j62aJtixlTOZ3IewkHiLXTyUqM/jUYOs5I3ULBn3g1nyHkfw/5vwIWroeKuxsEIr
QuFN2OrWAgCKsF0Y3PTnIh3/fSiyC8Fc55LJ5EDVkQKojOZSeEtsQIR9O806KYWC
OXEuQdU0Mid22uSMZ09rxQci78kd8r4M/fJSF2mkceNBmsh7VeOKYMXB7sZYMp0p
VdJKNGkPDBYAJ+yjq9qyKBe0MBR0ZnRc3OfC4qnrcf1JJd+K6MD3frWyvALQ+arn
QXw1ZCOgKAi095jEjtAXhSgzxsuYxvsgDr2UlGxWn763tpnGvV4/ZKlTfQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFF7/HlJGaa01d1PNYTSU0cs36TjwMB8GA1UdIwQY
MBaAFDVtmpW6zhl4XEBkdmPzHZBWJhwvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlcyYWxick9HWGhjUUdSMllfTWRrRlltSEM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9kZDljOTAtMzFhOS00OTk1LTlkYTMt
NGVmZGU2ZWIzMmQ0LzEvWHY4ZVVrWnByVFYzVTgxaE5KVFJ5emZwT1BBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9kZDljOTAtMzFhOS00OTk1LTlkYTMtNGVmZGU2ZWIzMmQ0
LzEvTlcyYWxick9HWGhjUUdSMllfTWRrRlltSEM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAC5IMED
BAC5IMIwDQYJKoZIhvcNAQELBQADggEBAFbxaqecerXbYFHBjH4TvJJBUBamM8Ys
SkhWS7DzCaPkgNVWR+iQ+rDO17wHsgKXSb4AI1IA7UQJ45VZu7DkcP+GVuEmkIRd
NJ9xzsJXCsaDnkVSofvt0ANCd7Hy4KB4OUv6ZT49VDybV50eDv/j+/RykOJOuMLo
HVzupUeS/ibAyKjoPY8oIvPihIxjGkW46/enjMDtgRQrA0y6JmcBH7zJi+Extpt9
oflMNUb+8TJtjBTaYHaTb8CrA4G4J/GeawU8QK9FPodP/a/6rX+2lNEGGEJn/FMT
oWkqnXVH50QEAiR31S5e2kYldzsA+ysxv4Mi3DVnkQCqXbr7YknqNiU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:31 2024 by rpki-client on console-fra.rpki-client.org