Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/c4b7a0-1e50-403c-b24e-13ed633f922a/1/DSOmjdM669U1gxtdRkFqI7mZB7U.roa
File:                     DSOmjdM669U1gxtdRkFqI7mZB7U.roa (raw, json)
Hash identifier:          6hKFHD64/6rVK/15SDBSnno/auf6+2EOUt5A5WPihjQ=
Subject key identifier:   0D:23:A6:8D:D3:3A:EB:D5:35:83:1B:5D:46:41:6A:23:B9:99:07:B5
Certificate issuer:       /CN=52a5c90ca928313bc70d2683bb0f64d632b273a1
Certificate serial:       0186373DE34682957CAB3016B4AA76D64D4F
Authority key identifier: 52:A5:C9:0C:A9:28:31:3B:C7:0D:26:83:BB:0F:64:D6:32:B2:73:A1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UqXJDKkoMTvHDSaDuw9k1jKyc6E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c4/c4b7a0-1e50-403c-b24e-13ed633f922a/1/DSOmjdM669U1gxtdRkFqI7mZB7U.roa
Signing time:             Thu 09 Feb 2023 17:34:07 +0000
ROA not before:           Thu 09 Feb 2023 17:34:07 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     8100
IP address blocks:        185.76.43.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 05 Apr 2023 21:03:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:37:3d:e3:46:82:95:7c:ab:30:16:b4:aa:76:d6:4d:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=52a5c90ca928313bc70d2683bb0f64d632b273a1
        Validity
            Not Before: Feb  9 17:34:07 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0d23a68dd33aebd535831b5d46416a23b99907b5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:ee:98:2d:30:4c:7b:f8:09:da:1c:99:31:16:
                    6f:9e:08:b8:3a:73:76:f2:a2:ab:8d:a1:11:80:ae:
                    6b:a9:6a:72:3d:5e:d8:01:a6:bf:47:52:f7:37:7c:
                    f1:87:12:85:5e:42:0c:0e:1f:7a:ba:a9:0b:c6:73:
                    f4:72:5a:08:ec:d4:12:79:51:fa:0b:e8:4c:78:74:
                    fc:8a:5f:0d:12:1a:06:be:45:5d:6f:12:4f:5c:ff:
                    b1:1c:b4:10:4b:29:40:90:eb:43:fd:5d:15:a6:b6:
                    4b:79:be:8a:98:bb:f3:22:62:ea:6d:83:08:9c:5d:
                    8e:1f:8e:05:ae:31:f8:b1:cf:05:c3:69:92:98:ff:
                    a7:ad:6b:0d:37:ca:bf:f1:0b:31:59:3a:0d:b7:da:
                    ab:85:1e:dc:25:fc:66:9a:14:76:15:ba:89:fe:f8:
                    4a:63:d5:51:9e:ed:66:84:73:ab:90:7f:05:f0:c9:
                    90:e2:a0:cf:26:41:0b:ad:8d:a0:21:1c:df:50:18:
                    89:3c:0c:51:3f:cd:ec:6c:6e:f5:0a:b7:bb:4d:d4:
                    a6:ac:20:7b:57:9a:c9:c5:8e:3d:7f:4a:d7:8a:a6:
                    68:93:46:e3:ac:59:c3:7c:4d:64:67:39:b7:bb:59:
                    3d:aa:91:7f:bc:c5:46:da:f3:c3:bf:a5:96:cb:ce:
                    3b:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:23:A6:8D:D3:3A:EB:D5:35:83:1B:5D:46:41:6A:23:B9:99:07:B5
            X509v3 Authority Key Identifier:
                keyid:52:A5:C9:0C:A9:28:31:3B:C7:0D:26:83:BB:0F:64:D6:32:B2:73:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UqXJDKkoMTvHDSaDuw9k1jKyc6E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/c4b7a0-1e50-403c-b24e-13ed633f922a/1/DSOmjdM669U1gxtdRkFqI7mZB7U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/c4b7a0-1e50-403c-b24e-13ed633f922a/1/UqXJDKkoMTvHDSaDuw9k1jKyc6E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.76.43.0/24

    Signature Algorithm: sha256WithRSAEncryption
         31:7d:79:99:30:1e:19:a5:25:0a:0d:25:0f:fa:c5:3c:cf:c3:
         27:20:cf:23:67:0d:39:7a:14:71:82:1e:93:b2:cb:46:cf:ce:
         09:6f:12:35:68:be:1d:6b:b0:5a:65:45:78:da:df:e7:35:80:
         72:7a:be:0e:ef:56:d8:ce:62:1e:ca:3f:c7:0e:82:bf:02:90:
         b9:8c:43:a4:36:6e:5b:f6:6c:97:98:72:c2:4f:cd:0a:28:f3:
         7d:07:d5:f3:5b:41:26:c7:6e:13:e3:6f:7d:44:12:40:29:da:
         6a:f8:ae:15:d8:7e:30:da:e4:38:4d:41:6d:0b:71:c2:07:d9:
         70:c5:46:76:9c:41:f4:f6:e0:d4:53:69:6f:16:e9:37:09:75:
         7b:3c:ab:1c:5b:3a:e5:22:44:2b:81:76:85:b0:3b:db:55:ae:
         d4:7a:27:53:92:5c:18:35:db:f5:6e:9a:20:bb:5b:73:3a:54:
         49:74:de:c6:64:38:c4:b2:9c:43:2b:ee:ab:ce:85:bd:82:91:
         89:c9:d9:f5:12:54:c1:6e:b1:85:6c:08:53:bb:ce:49:92:17:
         aa:3d:6f:6f:db:e7:2f:7c:f7:3d:96:84:5d:c4:43:08:aa:16:
         77:1a:18:51:9c:c7:cc:b3:52:73:22:fd:69:54:f3:9d:ee:dd:
         90:a3:82:8d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYY3PeNGgpV8qzAWtKp21k1PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyYTVjOTBjYTkyODMxM2JjNzBkMjY4M2JiMGY2NGQ2MzJi
MjczYTEwHhcNMjMwMjA5MTczNDA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDIzYTY4ZGQzM2FlYmQ1MzU4MzFiNWQ0NjQxNmEyM2I5OTkwN2I1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAre6YLTBMe/gJ2hyZMRZvngi4OnN2
8qKrjaERgK5rqWpyPV7YAaa/R1L3N3zxhxKFXkIMDh96uqkLxnP0cloI7NQSeVH6
C+hMeHT8il8NEhoGvkVdbxJPXP+xHLQQSylAkOtD/V0VprZLeb6KmLvzImLqbYMI
nF2OH44FrjH4sc8Fw2mSmP+nrWsNN8q/8QsxWToNt9qrhR7cJfxmmhR2FbqJ/vhK
Y9VRnu1mhHOrkH8F8MmQ4qDPJkELrY2gIRzfUBiJPAxRP83sbG71Cre7TdSmrCB7
V5rJxY49f0rXiqZok0bjrFnDfE1kZzm3u1k9qpF/vMVG2vPDv6WWy8475wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA0jpo3TOuvVNYMbXUZBaiO5mQe1MB8GA1UdIwQY
MBaAFFKlyQypKDE7xw0mg7sPZNYysnOhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXFYSkRLa29NVHZIRFNhRHV3OWsxakt5YzZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9jNGI3YTAtMWU1MC00MDNjLWIyNGUt
MTNlZDYzM2Y5MjJhLzEvRFNPbWpkTTY2OVUxZ3h0ZFJrRnFJN21aQjdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9jNGI3YTAtMWU1MC00MDNjLWIyNGUtMTNlZDYzM2Y5MjJh
LzEvVXFYSkRLa29NVHZIRFNhRHV3OWsxakt5YzZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuUwrMA0G
CSqGSIb3DQEBCwUAA4IBAQAxfXmZMB4ZpSUKDSUP+sU8z8MnIM8jZw05ehRxgh6T
sstGz84JbxI1aL4da7BaZUV42t/nNYByer4O71bYzmIeyj/HDoK/ApC5jEOkNm5b
9myXmHLCT80KKPN9B9XzW0Emx24T4299RBJAKdpq+K4V2H4w2uQ4TUFtC3HCB9lw
xUZ2nEH09uDUU2lvFuk3CXV7PKscWzrlIkQrgXaFsDvbVa7UeidTklwYNdv1bpog
u1tzOlRJdN7GZDjEspxDK+6rzoW9gpGJydn1ElTBbrGFbAhTu85JkheqPW9v2+cv
fPc9loRdxEMIqhZ3GhhRnMfMs1JzIv1pVPOd7t2Qo4KN
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:59 2024 by rpki-client on console-ams.rpki-client.org