Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/RDfP4nmeWB6DLc48Y9uiQ954DO0.roa
File:                     RDfP4nmeWB6DLc48Y9uiQ954DO0.roa (raw, json)
Hash identifier:          excFRlhCxSr6Z0A6pj8KxGdq3t1KPJDTBUV2M4KfaM8=
Subject key identifier:   44:37:CF:E2:79:9E:58:1E:83:2D:CE:3C:63:DB:A2:43:DE:78:0C:ED
Certificate issuer:       /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial:       0186E14344FA5CFDB9A7D1F251FFC7C9DAAC
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/RDfP4nmeWB6DLc48Y9uiQ954DO0.roa
Signing time:             Tue 14 Mar 2023 17:55:27 +0000
ROA not before:           Tue 14 Mar 2023 17:55:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     201138
IP address blocks:        185.102.137.0/24 maxlen: 24
                          185.125.229.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:32:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:e1:43:44:fa:5c:fd:b9:a7:d1:f2:51:ff:c7:c9:da:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
        Validity
            Not Before: Mar 14 17:55:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4437cfe2799e581e832dce3c63dba243de780ced
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:69:0e:d7:05:b1:c7:03:42:8f:2a:af:b7:f3:
                    09:9b:98:71:ec:b0:f8:c8:62:9b:ed:a2:40:9a:75:
                    d2:b3:d8:d5:f2:3f:3e:37:2b:e5:fe:df:73:7c:a3:
                    b1:60:aa:7c:fc:b9:26:7f:25:62:21:50:e9:62:a1:
                    47:77:d1:46:7a:9b:a1:f7:f4:26:a5:44:45:6f:5f:
                    a0:45:ca:b5:2e:56:d0:8b:98:02:e5:8f:61:ae:5d:
                    e6:ad:52:5d:48:a1:99:ea:c9:40:56:ce:69:03:c5:
                    a2:ee:ad:a7:b3:98:f5:c3:a4:2e:02:a1:37:e9:a0:
                    4b:54:e2:e7:75:d9:2f:c7:3c:04:cd:83:95:66:b4:
                    c9:16:be:35:a7:f0:05:6c:36:19:91:9c:73:cc:6c:
                    c4:0c:35:a6:72:e8:70:c7:34:4e:aa:97:5a:45:34:
                    9c:be:e1:73:a5:65:5a:d4:da:f2:93:88:10:ee:21:
                    2b:b3:93:a7:8e:7b:15:0d:10:1f:9d:cf:ec:ed:ba:
                    2f:c2:54:b6:96:b3:f4:8d:5e:0d:28:5e:0a:e6:36:
                    dc:58:28:13:b9:6a:af:38:b4:ca:81:8c:03:e1:4a:
                    fe:2a:04:d3:dd:3c:c9:ca:dd:72:10:5a:24:79:81:
                    1b:01:bb:52:ab:ff:90:88:d8:d5:43:30:db:1a:4e:
                    ca:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:37:CF:E2:79:9E:58:1E:83:2D:CE:3C:63:DB:A2:43:DE:78:0C:ED
            X509v3 Authority Key Identifier:
                keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/RDfP4nmeWB6DLc48Y9uiQ954DO0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.102.137.0/24
                  185.125.229.0/24

    Signature Algorithm: sha256WithRSAEncryption
         95:66:53:3f:64:c1:b7:01:f2:1c:d5:8b:cb:f8:64:6d:ad:dd:
         b4:d5:7c:ef:a8:13:a2:ca:21:c3:b5:85:7c:e9:db:15:cd:69:
         93:3b:da:18:59:b7:fd:90:ec:52:58:d4:3b:30:37:37:16:a7:
         ac:ab:52:93:32:e0:f6:ad:dd:af:9f:8c:eb:84:39:d8:62:0c:
         d4:7a:53:11:48:c4:1f:02:e8:5f:6c:a9:ee:2c:b3:96:c7:15:
         dd:a7:00:1d:64:10:ab:24:23:09:a1:f3:54:65:0f:b4:e8:6f:
         0b:5b:09:e3:88:1e:e3:78:3e:f8:ca:83:ad:5b:9d:2f:aa:a4:
         96:d9:b7:42:5a:eb:cc:e6:49:2d:b2:fc:01:ec:30:ed:76:60:
         8b:93:9b:7c:aa:42:ce:cd:46:70:ba:17:8e:6b:91:c8:ed:73:
         a3:65:b1:9b:0b:50:6f:f7:96:93:2c:a5:8b:12:46:39:f8:ab:
         ff:a4:65:50:a5:e0:bc:f2:42:84:24:7d:73:72:cf:30:44:8b:
         5f:67:e0:34:7d:40:05:73:6f:36:e9:67:74:65:41:bb:7a:97:
         27:8c:fb:f8:38:79:28:14:40:eb:fb:5e:c3:8d:4a:3f:27:73:
         2f:1b:06:13:9b:a3:fa:a5:ec:73:fb:94:1e:03:a8:25:38:b2:
         55:8b:55:42
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYbhQ0T6XP25p9HyUf/HydqsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjMwMzE0MTc1NTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDM3Y2ZlMjc5OWU1ODFlODMyZGNlM2M2M2RiYTI0M2RlNzgwY2VkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGkO1wWxxwNCjyqvt/MJm5hx7LD4
yGKb7aJAmnXSs9jV8j8+Nyvl/t9zfKOxYKp8/LkmfyViIVDpYqFHd9FGepuh9/Qm
pURFb1+gRcq1LlbQi5gC5Y9hrl3mrVJdSKGZ6slAVs5pA8Wi7q2ns5j1w6QuAqE3
6aBLVOLnddkvxzwEzYOVZrTJFr41p/AFbDYZkZxzzGzEDDWmcuhwxzROqpdaRTSc
vuFzpWVa1Nryk4gQ7iErs5OnjnsVDRAfnc/s7bovwlS2lrP0jV4NKF4K5jbcWCgT
uWqvOLTKgYwD4Ur+KgTT3TzJyt1yEFokeYEbAbtSq/+QiNjVQzDbGk7KGwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEQ3z+J5nlgegy3OPGPbokPeeAztMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvUkRmUDRubWVXQjZETGM0OFk5dWlROTU0RE8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuWaJAwQA
uX3lMA0GCSqGSIb3DQEBCwUAA4IBAQCVZlM/ZMG3AfIc1YvL+GRtrd201XzvqBOi
yiHDtYV86dsVzWmTO9oYWbf9kOxSWNQ7MDc3Fqesq1KTMuD2rd2vn4zrhDnYYgzU
elMRSMQfAuhfbKnuLLOWxxXdpwAdZBCrJCMJofNUZQ+06G8LWwnjiB7jeD74yoOt
W50vqqSW2bdCWuvM5kktsvwB7DDtdmCLk5t8qkLOzUZwuheOa5HI7XOjZbGbC1Bv
95aTLKWLEkY5+Kv/pGVQpeC88kKEJH1zcs8wRItfZ+A0fUAFc2826Wd0ZUG7epcn
jPv4OHkoFEDr+17DjUo/J3MvGwYTm6P6pexz+5QeA6glOLJVi1VC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:08 2024 by rpki-client on console-fra.rpki-client.org