Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/u7oRqy1WoqT4kaINhZQl_PKK4do.roa
File:                     u7oRqy1WoqT4kaINhZQl_PKK4do.roa (raw, json)
Hash identifier:          qzkHQKXdL2qBBkwizOO4xKAMTw/X26RtGjM01JoGlHU=
Subject key identifier:   BB:BA:11:AB:2D:56:A2:A4:F8:91:A2:0D:85:94:25:FC:F2:8A:E1:DA
Certificate issuer:       /CN=d9efe9d36f5f88fdf04742c4140c7532090ab770
Certificate serial:       018570C2D71940F9C9F5114C4397DE22667D
Authority key identifier: D9:EF:E9:D3:6F:5F:88:FD:F0:47:42:C4:14:0C:75:32:09:0A:B7:70
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2e_p029fiP3wR0LEFAx1MgkKt3A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/u7oRqy1WoqT4kaINhZQl_PKK4do.roa
Signing time:             Mon 02 Jan 2023 04:34:55 +0000
ROA not before:           Mon 02 Jan 2023 04:34:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     12400
IP address blocks:        185.151.196.0/23 maxlen: 23
                          185.151.198.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:30:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:c2:d7:19:40:f9:c9:f5:11:4c:43:97:de:22:66:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9efe9d36f5f88fdf04742c4140c7532090ab770
        Validity
            Not Before: Jan  2 04:34:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=bbba11ab2d56a2a4f891a20d859425fcf28ae1da
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:8a:2f:b3:7a:75:21:dc:f5:c6:0b:fc:c1:0b:
                    ab:e7:d2:01:72:f1:13:9f:d3:0b:a7:28:56:12:7c:
                    83:f4:0b:ac:fe:cb:b9:5e:5f:8a:98:2a:f0:02:1c:
                    38:d5:20:21:c6:04:ef:75:51:5d:0e:fb:36:b4:33:
                    60:38:fc:44:94:7b:49:d5:40:37:12:0d:3a:15:96:
                    5f:11:19:ed:cc:c1:3c:3f:b7:04:c9:d9:a8:68:9b:
                    7a:b2:13:59:7a:3e:41:66:8f:6d:82:7b:43:68:1d:
                    55:90:1f:93:62:2b:88:c3:fc:6b:cf:34:a3:c2:2d:
                    92:5a:ba:83:d6:f1:9f:4d:29:b4:0e:ad:29:c9:c7:
                    11:92:0b:79:fa:ce:9b:9a:09:93:d5:98:f4:a9:2f:
                    b3:db:67:a7:8d:5c:7a:e3:37:b5:a1:a4:81:26:a0:
                    1d:39:ef:7b:86:67:b3:bd:09:98:bd:dd:1c:ba:86:
                    1a:9b:36:37:e5:69:ef:82:cf:a0:83:bb:67:2e:8c:
                    d0:6c:95:d0:a2:1a:cd:97:56:c2:ed:be:26:bc:6b:
                    10:1e:ab:86:d0:b1:57:9e:83:8c:f3:e1:e6:32:2a:
                    21:19:56:d2:f9:ea:da:86:6f:76:e8:29:ce:6e:bc:
                    43:41:ad:c1:a0:13:c4:38:6d:9b:90:d0:b5:d3:40:
                    49:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:BA:11:AB:2D:56:A2:A4:F8:91:A2:0D:85:94:25:FC:F2:8A:E1:DA
            X509v3 Authority Key Identifier:
                keyid:D9:EF:E9:D3:6F:5F:88:FD:F0:47:42:C4:14:0C:75:32:09:0A:B7:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e_p029fiP3wR0LEFAx1MgkKt3A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/u7oRqy1WoqT4kaINhZQl_PKK4do.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/2e_p029fiP3wR0LEFAx1MgkKt3A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.151.196.0-185.151.198.255

    Signature Algorithm: sha256WithRSAEncryption
         38:cc:c0:f1:99:08:f7:e8:71:19:fb:56:14:ed:5c:03:02:f9:
         60:6c:06:15:a1:d2:ca:33:8e:3b:16:61:30:99:b3:09:68:e6:
         a4:12:0f:fb:4e:88:37:04:2f:66:32:94:ac:03:38:82:37:a1:
         0e:23:14:77:71:53:ea:a9:9f:cb:c0:1f:00:e3:23:a0:01:0d:
         f7:21:0b:3c:35:15:a9:12:ef:27:4c:93:11:24:2a:a7:21:15:
         73:90:cb:83:68:d0:a4:ca:b5:eb:ec:64:9f:80:e3:10:42:d9:
         d5:55:ad:0b:4c:f4:d2:ed:53:4b:a5:f2:be:39:00:5b:fb:3e:
         a7:3c:30:53:66:4a:5d:41:e8:0b:5d:a1:e1:c5:84:3e:5b:f9:
         8e:cc:be:79:c5:65:c4:f5:0c:7f:bf:49:c4:a8:7d:a6:30:c4:
         8a:6a:0f:30:fe:52:33:0e:da:4c:15:34:79:c3:f4:25:03:27:
         ae:1f:51:61:8b:8c:34:26:c3:a5:fd:e2:e9:7f:8d:e3:82:9f:
         6a:42:24:1b:d7:9a:82:7b:4b:9b:45:4b:c8:52:23:03:e4:ef:
         6c:6d:41:a3:af:bd:ff:73:f6:02:35:f7:03:bb:e1:f9:5c:4e:
         ab:11:f0:09:6a:1a:6d:0c:cb:50:35:66:ed:c1:69:24:d3:68:
         de:8f:dc:1b
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVwwtcZQPnJ9RFMQ5feImZ9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZWZlOWQzNmY1Zjg4ZmRmMDQ3NDJjNDE0MGM3NTMyMDkw
YWI3NzAwHhcNMjMwMTAyMDQzNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmJhMTFhYjJkNTZhMmE0Zjg5MWEyMGQ4NTk0MjVmY2YyOGFlMWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApIovs3p1Idz1xgv8wQur59IBcvET
n9MLpyhWEnyD9Aus/su5Xl+KmCrwAhw41SAhxgTvdVFdDvs2tDNgOPxElHtJ1UA3
Eg06FZZfERntzME8P7cEydmoaJt6shNZej5BZo9tgntDaB1VkB+TYiuIw/xrzzSj
wi2SWrqD1vGfTSm0Dq0pyccRkgt5+s6bmgmT1Zj0qS+z22enjVx64ze1oaSBJqAd
Oe97hmezvQmYvd0cuoYamzY35Wnvgs+gg7tnLozQbJXQohrNl1bC7b4mvGsQHquG
0LFXnoOM8+HmMiohGVbS+erahm926CnObrxDQa3BoBPEOG2bkNC100BJsQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFLu6EastVqKk+JGiDYWUJfzyiuHaMB8GA1UdIwQY
MBaAFNnv6dNvX4j98EdCxBQMdTIJCrdwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmVfcDAyOWZpUDN3UjBMRUZBeDFNZ2tLdDNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC81NWRiMzQtZmM3OS00MDA0LTk1Yzkt
MzlmNmQ2NDI1MzM4LzEvdTdvUnF5MVdvcVQ0a2FJTmhaUWxfUEtLNGRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC81NWRiMzQtZmM3OS00MDA0LTk1YzktMzlmNmQ2NDI1MzM4
LzEvMmVfcDAyOWZpUDN3UjBMRUZBeDFNZ2tLdDNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAK5l8QD
BAC5l8YwDQYJKoZIhvcNAQELBQADggEBADjMwPGZCPfocRn7VhTtXAMC+WBsBhWh
0sozjjsWYTCZswlo5qQSD/tOiDcEL2YylKwDOII3oQ4jFHdxU+qpn8vAHwDjI6AB
DfchCzw1FakS7ydMkxEkKqchFXOQy4No0KTKtevsZJ+A4xBC2dVVrQtM9NLtU0ul
8r45AFv7Pqc8MFNmSl1B6AtdoeHFhD5b+Y7MvnnFZcT1DH+/ScSofaYwxIpqDzD+
UjMO2kwVNHnD9CUDJ64fUWGLjDQmw6X94ul/jeOCn2pCJBvXmoJ7S5tFS8hSIwPk
72xtQaOvvf9z9gI19wO74flcTqsR8AlqGm0My1A1Zu3BaSTTaN6P3Bs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:55 2024 by rpki-client on console-fra.rpki-client.org