Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/b27ead-96bf-4537-9a99-5be4674b467c/1/DcOfyvc7KZNPtG9SxjfHTR0BkgY.roa
File:                     DcOfyvc7KZNPtG9SxjfHTR0BkgY.roa (raw, json)
Hash identifier:          p/I/9iqu5B0CEDxYJlkYgF24w3UeWQKDTpJA+RCnkhc=
Subject key identifier:   0D:C3:9F:CA:F7:3B:29:93:4F:B4:6F:52:C6:37:C7:4D:1D:01:92:06
Certificate issuer:       /CN=2146e560a3f5cac7c64fe0f13be663d94c871453
Certificate serial:       018F9561684AA7ABBB50CA783B2E82FCC592
Authority key identifier: 21:46:E5:60:A3:F5:CA:C7:C6:4F:E0:F1:3B:E6:63:D9:4C:87:14:53
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IUblYKP1ysfGT-DxO-Zj2UyHFFM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c1/b27ead-96bf-4537-9a99-5be4674b467c/1/DcOfyvc7KZNPtG9SxjfHTR0BkgY.roa
Signing time:             Mon 20 May 2024 09:42:19 +0000
ROA not before:           Mon 20 May 2024 09:42:19 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     49824
IP address blocks:        185.167.78.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 20 May 2024 11:11:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8f:95:61:68:4a:a7:ab:bb:50:ca:78:3b:2e:82:fc:c5:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2146e560a3f5cac7c64fe0f13be663d94c871453
        Validity
            Not Before: May 20 09:42:19 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=0dc39fcaf73b29934fb46f52c637c74d1d019206
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:3d:63:81:0f:18:ff:68:fd:45:e9:2e:98:48:
                    1e:54:7b:c9:1a:59:b6:fe:4b:81:01:5b:7d:c1:72:
                    97:21:9c:66:a3:5d:9d:10:ef:5d:7e:0d:31:fa:24:
                    ba:13:4b:67:df:f0:64:73:fa:7f:cf:c9:71:c9:e1:
                    72:6f:86:87:d6:0b:82:48:63:e8:f8:1c:10:70:bf:
                    84:56:1a:59:cd:d1:e4:0f:b7:6e:1c:15:da:f5:b0:
                    8e:f7:a8:c1:7a:d8:d5:04:0c:a2:54:95:b7:97:4b:
                    65:db:d3:8c:9c:23:f9:47:7c:71:54:dc:89:d1:09:
                    2c:d9:77:48:8b:f5:8f:89:85:f1:98:83:ff:4b:e0:
                    31:be:14:29:f3:33:71:fb:05:c6:34:38:2b:e5:b4:
                    5e:9e:29:d8:18:67:51:03:65:fc:18:02:ca:25:2b:
                    ed:e7:71:c1:6c:e1:81:e6:c1:69:db:df:6f:d5:e4:
                    57:4a:4e:b3:e5:32:03:08:79:ff:25:6d:4f:d8:be:
                    8a:62:5c:43:31:40:ab:ea:a5:91:07:b3:45:4c:54:
                    f5:86:95:4f:6e:b9:34:05:63:47:63:bc:49:53:d4:
                    1e:63:b3:85:ec:78:e8:a5:36:a3:e0:45:81:a3:8f:
                    37:d2:b5:2b:93:9a:a2:1a:0b:f4:33:c4:e8:02:c5:
                    2f:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:C3:9F:CA:F7:3B:29:93:4F:B4:6F:52:C6:37:C7:4D:1D:01:92:06
            X509v3 Authority Key Identifier:
                keyid:21:46:E5:60:A3:F5:CA:C7:C6:4F:E0:F1:3B:E6:63:D9:4C:87:14:53

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IUblYKP1ysfGT-DxO-Zj2UyHFFM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/b27ead-96bf-4537-9a99-5be4674b467c/1/DcOfyvc7KZNPtG9SxjfHTR0BkgY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/b27ead-96bf-4537-9a99-5be4674b467c/1/IUblYKP1ysfGT-DxO-Zj2UyHFFM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.167.78.0/24

    Signature Algorithm: sha256WithRSAEncryption
         97:d2:02:19:5c:73:4a:c2:da:ec:bc:b7:62:9e:08:a6:04:d0:
         cc:bf:9c:7c:1f:23:c9:e6:9e:3f:53:3e:b7:a9:03:4e:04:b6:
         2a:68:c9:7b:b7:b8:9d:f3:10:2d:a9:33:5f:3b:4f:c8:8a:c1:
         2b:bb:17:de:bf:82:bf:c3:56:3f:0c:29:01:a5:0d:10:a3:cc:
         32:4c:9f:92:b4:62:90:bb:21:47:e3:93:30:d3:1b:b5:17:d3:
         d9:89:45:91:46:95:54:ae:d4:ae:1d:51:3d:82:a1:08:e3:24:
         3a:70:d2:a4:07:fa:f6:a6:92:ba:a3:c9:a2:f7:ce:18:bf:29:
         1a:f9:48:4c:91:85:f4:98:77:46:62:d4:a5:3c:6f:52:8a:91:
         f2:a5:8f:98:f6:8e:21:21:9e:05:a4:e1:72:e4:d4:e7:5b:e1:
         f4:54:d9:6a:e5:7b:09:b6:cb:5b:11:05:83:fc:ed:75:40:4c:
         28:ab:b5:d1:5c:76:dd:f6:fc:c7:9f:ce:7a:f1:8e:a1:a7:74:
         01:3b:e9:6c:ca:3b:a4:77:23:ec:22:c0:f2:48:01:3a:ca:df:
         d4:20:f6:a5:a8:a3:07:81:1f:09:55:ca:0b:28:69:28:73:47:
         72:2a:63:d1:0b:30:13:28:a2:4c:f3:55:e3:be:55:6f:41:ab:
         67:8d:2a:6d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY+VYWhKp6u7UMp4Oy6C/MWSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNDZlNTYwYTNmNWNhYzdjNjRmZTBmMTNiZTY2M2Q5NGM4
NzE0NTMwHhcNMjQwNTIwMDk0MjE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGMzOWZjYWY3M2IyOTkzNGZiNDZmNTJjNjM3Yzc0ZDFkMDE5MjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyD1jgQ8Y/2j9RekumEgeVHvJGlm2
/kuBAVt9wXKXIZxmo12dEO9dfg0x+iS6E0tn3/Bkc/p/z8lxyeFyb4aH1guCSGPo
+BwQcL+EVhpZzdHkD7duHBXa9bCO96jBetjVBAyiVJW3l0tl29OMnCP5R3xxVNyJ
0Qks2XdIi/WPiYXxmIP/S+AxvhQp8zNx+wXGNDgr5bReninYGGdRA2X8GALKJSvt
53HBbOGB5sFp299v1eRXSk6z5TIDCHn/JW1P2L6KYlxDMUCr6qWRB7NFTFT1hpVP
brk0BWNHY7xJU9QeY7OF7HjopTaj4EWBo4830rUrk5qiGgv0M8ToAsUvbQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA3Dn8r3OymTT7RvUsY3x00dAZIGMB8GA1UdIwQY
MBaAFCFG5WCj9crHxk/g8TvmY9lMhxRTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVVibFlLUDF5c2ZHVC1EeE8tWmoyVXlIRkZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9iMjdlYWQtOTZiZi00NTM3LTlhOTkt
NWJlNDY3NGI0NjdjLzEvRGNPZnl2YzdLWk5QdEc5U3hqZkhUUjBCa2dZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS9iMjdlYWQtOTZiZi00NTM3LTlhOTktNWJlNDY3NGI0Njdj
LzEvSVVibFlLUDF5c2ZHVC1EeE8tWmoyVXlIRkZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuadOMA0G
CSqGSIb3DQEBCwUAA4IBAQCX0gIZXHNKwtrsvLdingimBNDMv5x8HyPJ5p4/Uz63
qQNOBLYqaMl7t7id8xAtqTNfO0/IisEruxfev4K/w1Y/DCkBpQ0Qo8wyTJ+StGKQ
uyFH45Mw0xu1F9PZiUWRRpVUrtSuHVE9gqEI4yQ6cNKkB/r2ppK6o8mi984Yvyka
+UhMkYX0mHdGYtSlPG9SipHypY+Y9o4hIZ4FpOFy5NTnW+H0VNlq5XsJtstbEQWD
/O11QEwoq7XRXHbd9vzHn8568Y6hp3QBO+lsyjukdyPsIsDySAE6yt/UIPalqKMH
gR8JVcoLKGkoc0dyKmPRCzATKKJM81XjvlVvQatnjSpt
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:36 2024 by rpki-client on console-fra.rpki-client.org