Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/VTllRo7v5Ld-52nRhz0p7dizM24.roa
File:                     VTllRo7v5Ld-52nRhz0p7dizM24.roa (raw, json)
Hash identifier:          bQ0ohKXCOcjasZTJlDrcjY7fdiUbMqkgqLJatVLvs+E=
Subject key identifier:   55:39:65:46:8E:EF:E4:B7:7E:E7:69:D1:87:3D:29:ED:D8:B3:33:6E
Certificate issuer:       /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial:       0185710300A3C92A7D77991548B31E89E67B
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/VTllRo7v5Ld-52nRhz0p7dizM24.roa
Signing time:             Mon 02 Jan 2023 05:45:00 +0000
ROA not before:           Mon 02 Jan 2023 05:45:00 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     16247
IP address blocks:        185.192.16.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 31 Aug 2023 05:16:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:03:00:a3:c9:2a:7d:77:99:15:48:b3:1e:89:e6:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
        Validity
            Not Before: Jan  2 05:45:00 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=553965468eefe4b77ee769d1873d29edd8b3336e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:5b:29:5a:57:29:dc:17:83:60:f1:8a:57:dc:
                    13:ec:c0:22:c3:0c:10:26:e1:7f:3b:44:e7:4b:a8:
                    55:10:4e:29:f6:5e:cd:cd:78:68:20:b6:7a:1f:06:
                    bd:5d:5b:3b:a5:82:33:f6:1c:77:0d:ab:61:dc:f9:
                    2d:ad:b5:4e:04:52:3d:2b:c2:b1:e4:1d:48:ec:ee:
                    87:e2:fc:07:b0:51:4f:9a:96:93:7d:d1:c1:c6:2c:
                    2f:86:64:0f:9c:71:15:4b:af:79:fd:de:70:44:28:
                    06:ff:e6:0f:7c:b7:4c:de:08:40:86:41:45:54:86:
                    d9:2e:ac:54:94:0f:da:84:04:99:c2:ed:ea:2e:3a:
                    92:cc:13:15:b9:b6:11:96:6f:1a:30:b3:f8:3c:44:
                    43:62:e9:0c:2a:34:72:80:b2:1f:04:76:a3:12:aa:
                    5a:42:c2:4f:1a:50:45:96:b3:76:8c:c3:42:b0:fc:
                    db:88:87:cb:97:28:36:69:d2:69:c1:29:ab:c3:9c:
                    c2:00:7f:09:41:c5:98:1c:63:e6:28:63:bd:e4:c8:
                    16:4c:91:05:7e:fe:2f:fb:90:40:16:13:bc:af:0e:
                    37:63:6d:65:fb:5c:38:a5:03:94:0a:9a:e8:94:2c:
                    67:68:65:40:a2:9e:c8:8f:af:50:fd:6b:83:9c:05:
                    21:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:39:65:46:8E:EF:E4:B7:7E:E7:69:D1:87:3D:29:ED:D8:B3:33:6E
            X509v3 Authority Key Identifier:
                keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/VTllRo7v5Ld-52nRhz0p7dizM24.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.192.16.0/24

    Signature Algorithm: sha256WithRSAEncryption
         07:3b:c6:ba:44:45:b7:72:cc:69:5d:0e:3f:29:04:e2:5c:5e:
         73:cb:bd:c9:71:4a:e2:b4:18:f1:f7:90:97:17:88:5c:2c:88:
         0c:d1:40:47:f8:95:11:04:9c:a3:74:45:51:5f:2c:3e:46:02:
         0a:23:71:b9:f1:5d:e6:7d:04:83:9c:dc:47:29:72:63:82:72:
         e1:ac:b7:fc:a0:fd:01:12:be:56:62:7f:fb:a8:f9:05:71:84:
         4b:9e:c7:09:03:66:ed:87:e0:f2:b8:54:92:e9:23:9a:a0:cd:
         9b:1d:93:6a:ba:99:7c:ed:93:11:3e:4e:cf:35:cb:32:6a:08:
         02:0e:f3:9d:af:57:69:17:74:9a:1b:39:04:28:d3:95:b1:7e:
         46:93:1a:f3:1c:5c:2b:8b:64:65:16:14:5a:06:e6:d2:b3:23:
         96:44:2f:5d:0a:e3:39:10:b8:1c:6f:69:b8:e9:8e:cd:f3:31:
         3b:6f:83:8a:b5:46:56:7c:88:8c:16:8c:95:e5:c4:8d:83:93:
         49:51:33:af:80:34:76:3c:f9:89:e7:20:fc:95:f4:b0:4a:20:
         5f:fa:8a:2c:2b:07:23:2c:1d:08:fc:c5:11:28:60:35:3c:f1:
         47:a7:8f:60:d7:da:fd:a3:8d:0e:b5:92:73:1d:66:33:25:d6:
         b2:ee:bc:af
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxAwCjySp9d5kVSLMeieZ7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMTAyMDU0NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTM5NjU0NjhlZWZlNGI3N2VlNzY5ZDE4NzNkMjllZGQ4YjMzMzZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi1spWlcp3BeDYPGKV9wT7MAiwwwQ
JuF/O0TnS6hVEE4p9l7NzXhoILZ6Hwa9XVs7pYIz9hx3Dath3PktrbVOBFI9K8Kx
5B1I7O6H4vwHsFFPmpaTfdHBxiwvhmQPnHEVS695/d5wRCgG/+YPfLdM3ghAhkFF
VIbZLqxUlA/ahASZwu3qLjqSzBMVubYRlm8aMLP4PERDYukMKjRygLIfBHajEqpa
QsJPGlBFlrN2jMNCsPzbiIfLlyg2adJpwSmrw5zCAH8JQcWYHGPmKGO95MgWTJEF
fv4v+5BAFhO8rw43Y21l+1w4pQOUCprolCxnaGVAop7Ij69Q/WuDnAUhhQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFU5ZUaO7+S3fudp0Yc9Ke3YszNuMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvVlRsbFJvN3Y1TGQtNTJuUmh6MHA3ZGl6TTI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAucAQMA0G
CSqGSIb3DQEBCwUAA4IBAQAHO8a6REW3csxpXQ4/KQTiXF5zy73JcUritBjx95CX
F4hcLIgM0UBH+JURBJyjdEVRXyw+RgIKI3G58V3mfQSDnNxHKXJjgnLhrLf8oP0B
Er5WYn/7qPkFcYRLnscJA2bth+DyuFSS6SOaoM2bHZNqupl87ZMRPk7PNcsyaggC
DvOdr1dpF3SaGzkEKNOVsX5GkxrzHFwri2RlFhRaBubSsyOWRC9dCuM5ELgcb2m4
6Y7N8zE7b4OKtUZWfIiMFoyV5cSNg5NJUTOvgDR2PPmJ5yD8lfSwSiBf+oosKwcj
LB0I/MURKGA1PPFHp49g19r9o40OtZJzHWYzJday7ryv
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:46 2024 by rpki-client on console-fra.rpki-client.org