Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/bdkxqBXBkcWBJHCOklHydsT6a00.roa
File:                     bdkxqBXBkcWBJHCOklHydsT6a00.roa (raw, json)
Hash identifier:          Cpjbx6mdl3ii9kO1/4zabPYMa1XAiN1pLtNWdxnrNK4=
Subject key identifier:   6D:D9:31:A8:15:C1:91:C5:81:24:70:8E:92:51:F2:76:C4:FA:6B:4D
Certificate issuer:       /CN=d9efe9d36f5f88fdf04742c4140c7532090ab770
Certificate serial:       018570C2D8889DF0674EAD4512F88CA0421F
Authority key identifier: D9:EF:E9:D3:6F:5F:88:FD:F0:47:42:C4:14:0C:75:32:09:0A:B7:70
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2e_p029fiP3wR0LEFAx1MgkKt3A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/bdkxqBXBkcWBJHCOklHydsT6a00.roa
Signing time:             Mon 02 Jan 2023 04:34:55 +0000
ROA not before:           Mon 02 Jan 2023 04:34:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     12849
IP address blocks:        194.88.108.0/22 maxlen: 24
                          185.131.144.0/24 maxlen: 24
                          185.131.145.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:30:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:c2:d8:88:9d:f0:67:4e:ad:45:12:f8:8c:a0:42:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9efe9d36f5f88fdf04742c4140c7532090ab770
        Validity
            Not Before: Jan  2 04:34:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6dd931a815c191c58124708e9251f276c4fa6b4d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:45:8d:16:a6:3b:8a:af:b3:2a:61:b0:1e:4e:
                    ec:80:ba:f7:07:a2:94:0d:2b:ee:b7:7b:c2:5c:c5:
                    2e:08:d7:ac:2f:34:eb:7c:e3:b2:ea:33:a0:0a:2a:
                    60:33:bb:3c:39:a0:74:3b:52:19:ee:dc:7b:22:6b:
                    a7:47:74:12:f0:9b:e3:55:bf:4b:ff:a6:02:d1:f3:
                    14:47:c7:17:8c:e8:fd:33:66:25:e4:29:59:07:f1:
                    ed:6b:8e:e9:ff:e3:3e:89:15:ae:20:d8:1e:b9:f3:
                    55:0d:ff:f7:53:73:49:b0:7c:3c:48:72:18:b3:79:
                    4d:4d:0a:81:77:66:6f:db:1e:30:46:76:c0:b0:3e:
                    88:fa:9d:8b:64:b8:fd:0e:2e:b1:68:1b:03:53:36:
                    b6:a6:8e:10:28:3d:20:71:f1:56:8c:5c:f1:7b:9f:
                    2f:52:ac:3c:b5:b4:c8:e6:7f:ae:2c:f2:4b:33:d0:
                    2c:6d:7f:37:df:e8:27:2a:4c:ef:a0:95:db:09:a1:
                    12:47:d8:81:57:ae:d3:5a:10:0d:6e:03:c2:9e:30:
                    09:ed:b9:42:8d:64:db:0d:20:71:1c:7b:36:f3:b9:
                    60:7d:df:7c:2d:11:6d:be:86:22:9c:3a:2f:ef:40:
                    03:a0:ee:87:af:93:ca:0d:32:b4:75:67:39:34:17:
                    00:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:D9:31:A8:15:C1:91:C5:81:24:70:8E:92:51:F2:76:C4:FA:6B:4D
            X509v3 Authority Key Identifier:
                keyid:D9:EF:E9:D3:6F:5F:88:FD:F0:47:42:C4:14:0C:75:32:09:0A:B7:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e_p029fiP3wR0LEFAx1MgkKt3A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/bdkxqBXBkcWBJHCOklHydsT6a00.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/2e_p029fiP3wR0LEFAx1MgkKt3A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.131.144.0/23
                  194.88.108.0/22

    Signature Algorithm: sha256WithRSAEncryption
         0a:07:48:5c:f6:ea:ed:9c:b4:bf:b2:31:f1:24:18:1c:02:04:
         14:b0:88:44:54:c4:cd:73:0a:9d:b7:70:96:77:2e:51:d2:63:
         6d:18:86:d8:06:d2:9a:86:ac:d4:9a:b6:7e:ed:79:d2:a6:1c:
         f5:b1:40:be:3c:40:da:04:1f:d1:e9:75:cd:8f:08:fa:44:dc:
         9e:35:0a:16:9b:7c:e1:59:57:81:82:6d:c6:49:22:28:4d:9d:
         db:f0:f1:80:eb:75:45:b5:ff:2c:d7:25:33:2b:ab:b3:32:a5:
         4c:0a:5f:ec:5a:71:8f:23:da:dc:18:ee:28:81:8f:65:a1:fd:
         c3:68:6b:b5:8d:95:db:0e:c4:9f:4f:82:71:86:f7:7c:6d:dc:
         df:15:e9:0c:61:14:a0:79:51:23:1c:63:69:89:f2:f6:bf:c8:
         40:ec:3b:8e:a4:b1:7a:ff:69:2d:87:48:a9:ca:c4:d2:24:3f:
         12:b6:15:49:34:8c:48:fb:6b:41:bd:c6:9a:b4:ab:e1:7c:21:
         49:8f:87:f7:30:9e:f0:38:7f:ce:50:cb:85:32:07:c1:6a:ad:
         5b:6e:e6:59:c1:1b:1d:b8:93:a5:ca:0b:45:32:9c:7a:e1:ae:
         83:36:e6:a6:aa:b4:ec:52:ed:8a:1b:be:f5:f7:4d:48:42:c0:
         46:b6:c1:b2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwwtiInfBnTq1FEviMoEIfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZWZlOWQzNmY1Zjg4ZmRmMDQ3NDJjNDE0MGM3NTMyMDkw
YWI3NzAwHhcNMjMwMTAyMDQzNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGQ5MzFhODE1YzE5MWM1ODEyNDcwOGU5MjUxZjI3NmM0ZmE2YjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmUWNFqY7iq+zKmGwHk7sgLr3B6KU
DSvut3vCXMUuCNesLzTrfOOy6jOgCipgM7s8OaB0O1IZ7tx7ImunR3QS8JvjVb9L
/6YC0fMUR8cXjOj9M2Yl5ClZB/Hta47p/+M+iRWuINgeufNVDf/3U3NJsHw8SHIY
s3lNTQqBd2Zv2x4wRnbAsD6I+p2LZLj9Di6xaBsDUza2po4QKD0gcfFWjFzxe58v
Uqw8tbTI5n+uLPJLM9AsbX833+gnKkzvoJXbCaESR9iBV67TWhANbgPCnjAJ7blC
jWTbDSBxHHs287lgfd98LRFtvoYinDov70ADoO6Hr5PKDTK0dWc5NBcAmwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFG3ZMagVwZHFgSRwjpJR8nbE+mtNMB8GA1UdIwQY
MBaAFNnv6dNvX4j98EdCxBQMdTIJCrdwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmVfcDAyOWZpUDN3UjBMRUZBeDFNZ2tLdDNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC81NWRiMzQtZmM3OS00MDA0LTk1Yzkt
MzlmNmQ2NDI1MzM4LzEvYmRreHFCWEJrY1dCSkhDT2tsSHlkc1Q2YTAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC81NWRiMzQtZmM3OS00MDA0LTk1YzktMzlmNmQ2NDI1MzM4
LzEvMmVfcDAyOWZpUDN3UjBMRUZBeDFNZ2tLdDNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBuYOQAwQC
wlhsMA0GCSqGSIb3DQEBCwUAA4IBAQAKB0hc9urtnLS/sjHxJBgcAgQUsIhEVMTN
cwqdt3CWdy5R0mNtGIbYBtKahqzUmrZ+7XnSphz1sUC+PEDaBB/R6XXNjwj6RNye
NQoWm3zhWVeBgm3GSSIoTZ3b8PGA63VFtf8s1yUzK6uzMqVMCl/sWnGPI9rcGO4o
gY9lof3DaGu1jZXbDsSfT4Jxhvd8bdzfFekMYRSgeVEjHGNpifL2v8hA7DuOpLF6
/2kth0ipysTSJD8SthVJNIxI+2tBvcaatKvhfCFJj4f3MJ7wOH/OUMuFMgfBaq1b
buZZwRsduJOlygtFMpx64a6DNuamqrTsUu2KG771901IQsBGtsGy
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:55 2024 by rpki-client on console-fra.rpki-client.org