Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/I5OZDIyVNalcJFbom6dULNJOhs0.roa
File:                     I5OZDIyVNalcJFbom6dULNJOhs0.roa (raw, json)
Hash identifier:          9ew5Sc3Lqhf+g6bxVK+3BIAzauiy15NVX0G8bSbchEU=
Subject key identifier:   23:93:99:0C:8C:95:35:A9:5C:24:56:E8:9B:A7:54:2C:D2:4E:86:CD
Certificate issuer:       /CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Certificate serial:       01892C64FF2EB8843F3E1C1B1F0AC8389096
Authority key identifier: 6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/I5OZDIyVNalcJFbom6dULNJOhs0.roa
Signing time:             Thu 06 Jul 2023 18:09:23 +0000
ROA not before:           Thu 06 Jul 2023 18:09:23 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     198697
IP address blocks:        185.177.72.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:30:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:2c:64:ff:2e:b8:84:3f:3e:1c:1b:1f:0a:c8:38:90:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
        Validity
            Not Before: Jul  6 18:09:23 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2393990c8c9535a95c2456e89ba7542cd24e86cd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:8e:38:f5:06:71:b7:71:39:f7:df:1f:41:dc:
                    70:a6:49:9f:23:05:06:2a:b3:e5:1d:62:99:34:13:
                    ab:2b:23:e8:4e:96:ac:58:09:31:f6:56:45:71:37:
                    0c:e4:0b:28:a7:aa:99:b9:a3:a6:89:ea:65:56:c0:
                    93:4f:16:11:35:8e:54:28:56:06:92:4d:b0:13:d9:
                    e8:11:c7:8a:78:5e:24:7f:96:77:2c:ef:c4:11:bc:
                    58:37:72:58:c8:8a:b1:44:c8:3b:83:2e:67:f0:37:
                    a7:cf:ee:4c:b6:96:32:84:5f:f7:21:7a:28:75:33:
                    dc:ff:9d:81:15:e8:93:44:06:58:b4:ca:e6:2d:81:
                    3c:29:3e:95:f9:bb:25:22:44:a1:01:38:68:f7:99:
                    02:7a:21:01:a2:ec:ee:5c:3b:24:9c:04:b4:63:66:
                    58:c0:13:76:f5:ee:3a:b3:ef:66:d8:48:3c:0e:05:
                    97:c5:45:e2:16:fb:b6:9e:9f:39:75:76:e4:2d:d1:
                    61:b1:df:01:5c:6f:47:00:cf:0a:d2:36:b6:b8:04:
                    f9:96:4b:62:50:48:95:28:93:0f:7e:a3:e2:e9:bb:
                    72:60:21:d6:c3:07:78:74:cf:79:aa:00:45:59:4c:
                    4b:db:bf:13:7c:fc:97:4b:55:fd:57:e2:0a:22:2b:
                    11:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:93:99:0C:8C:95:35:A9:5C:24:56:E8:9B:A7:54:2C:D2:4E:86:CD
            X509v3 Authority Key Identifier:
                keyid:6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/I5OZDIyVNalcJFbom6dULNJOhs0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/a8XefXJVt9WCYMZaEgsWTvEO-QM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.177.72.0/24

    Signature Algorithm: sha256WithRSAEncryption
         53:5b:8b:47:a8:a7:86:c9:6d:11:e2:bd:62:e6:66:79:d4:9b:
         07:41:a9:0a:c4:fc:ce:75:c7:51:17:b7:a9:7b:b6:39:46:52:
         8f:aa:fd:b5:03:53:0f:7c:cc:13:1c:87:9f:cc:47:99:43:0f:
         c5:de:84:c2:3b:31:cb:ac:6e:dd:c3:3f:96:b0:83:2f:27:9b:
         de:c8:11:41:84:92:ab:97:5b:5e:d3:be:4e:10:ef:b4:48:c6:
         e0:bc:5d:31:f1:3b:1a:99:fb:f4:53:23:52:29:a9:c6:bc:64:
         e4:39:15:8f:fc:2b:7d:9b:40:04:24:d7:91:ba:47:03:f7:64:
         3c:f0:07:60:7a:ec:a0:b3:40:89:30:18:4e:3f:24:76:2f:f2:
         1d:9a:70:da:64:ae:97:c1:21:b5:42:ed:24:0e:a6:f6:a6:3b:
         bc:67:67:c9:a7:8e:1d:8f:99:3d:ed:5a:7b:d1:a0:57:d6:b1:
         82:d6:e0:e7:15:b4:ad:3e:9d:7d:06:eb:ca:13:8a:af:c6:65:
         2f:7f:00:72:da:13:b2:9b:f2:c5:fe:1c:47:c2:13:58:d0:ae:
         39:00:11:c6:d9:3d:9b:84:7d:cb:ba:ab:e6:2e:78:8c:e3:63:
         8e:0c:ea:23:01:a5:42:b4:63:84:bb:ba:1c:bf:e2:ef:f0:8b:
         60:e0:8d:74
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYksZP8uuIQ/PhwbHwrIOJCWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYzVkZTdkNzI1NWI3ZDU4MjYwYzY1YTEyMGIxNjRlZjEw
ZWY5MDMwHhcNMjMwNzA2MTgwOTIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzkzOTkwYzhjOTUzNWE5NWMyNDU2ZTg5YmE3NTQyY2QyNGU4NmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh4449QZxt3E5998fQdxwpkmfIwUG
KrPlHWKZNBOrKyPoTpasWAkx9lZFcTcM5Asop6qZuaOmieplVsCTTxYRNY5UKFYG
kk2wE9noEceKeF4kf5Z3LO/EEbxYN3JYyIqxRMg7gy5n8Denz+5MtpYyhF/3IXoo
dTPc/52BFeiTRAZYtMrmLYE8KT6V+bslIkShATho95kCeiEBouzuXDsknAS0Y2ZY
wBN29e46s+9m2Eg8DgWXxUXiFvu2np85dXbkLdFhsd8BXG9HAM8K0ja2uAT5lkti
UEiVKJMPfqPi6btyYCHWwwd4dM95qgBFWUxL278TfPyXS1X9V+IKIisRRwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCOTmQyMlTWpXCRW6JunVCzSTobNMB8GA1UdIwQY
MBaAFGvF3n1yVbfVgmDGWhILFk7xDvkDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgt
ZmRmNjYzOGQyYzA0LzEvSTVPWkRJeVZOYWxjSkZib202ZFVMTkpPaHMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgtZmRmNjYzOGQyYzA0
LzEvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAubFIMA0G
CSqGSIb3DQEBCwUAA4IBAQBTW4tHqKeGyW0R4r1i5mZ51JsHQakKxPzOdcdRF7ep
e7Y5RlKPqv21A1MPfMwTHIefzEeZQw/F3oTCOzHLrG7dwz+WsIMvJ5veyBFBhJKr
l1te075OEO+0SMbgvF0x8Tsamfv0UyNSKanGvGTkORWP/Ct9m0AEJNeRukcD92Q8
8Adgeuygs0CJMBhOPyR2L/IdmnDaZK6XwSG1Qu0kDqb2pju8Z2fJp44dj5k97Vp7
0aBX1rGC1uDnFbStPp19BuvKE4qvxmUvfwBy2hOym/LF/hxHwhNY0K45ABHG2T2b
hH3LuqvmLniM42OODOojAaVCtGOEu7ocv+Lv8Itg4I10
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:34 2024 by rpki-client on console-fra.rpki-client.org