Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/XUsB_F3IxV9VdNa1l5Yr0Q8dPms.roa
File:                     XUsB_F3IxV9VdNa1l5Yr0Q8dPms.roa (raw, json)
Hash identifier:          1bFvhSTvIUZNYEsJF4Jboa5YU/AOOWLhwKERzYgde/s=
Subject key identifier:   5D:4B:01:FC:5D:C8:C5:5F:55:74:D6:B5:97:96:2B:D1:0F:1D:3E:6B
Certificate issuer:       /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial:       0185710C3870B270619052635FEADCD6856C
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/XUsB_F3IxV9VdNa1l5Yr0Q8dPms.roa
Signing time:             Mon 02 Jan 2023 05:55:04 +0000
ROA not before:           Mon 02 Jan 2023 05:55:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     207064
IP address blocks:        185.125.48.0/24 maxlen: 24
                          185.125.48.0/23 maxlen: 23
                          185.125.49.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:32:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:0c:38:70:b2:70:61:90:52:63:5f:ea:dc:d6:85:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
        Validity
            Not Before: Jan  2 05:55:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5d4b01fc5dc8c55f5574d6b597962bd10f1d3e6b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:c0:89:54:22:44:e8:00:55:c4:aa:c5:da:a5:
                    97:00:1d:ea:1c:d6:07:9f:29:c1:61:95:84:35:23:
                    05:e2:0f:32:d8:d9:f1:95:c3:09:e3:d8:d8:29:d1:
                    05:f8:8e:74:d3:07:87:73:e3:a9:03:96:6b:eb:be:
                    21:a3:9e:6e:e6:a0:26:c4:67:91:b8:84:51:56:1c:
                    80:c4:1b:47:5a:a9:c1:65:e4:79:28:f0:8f:43:88:
                    76:8c:bd:3f:b9:26:43:4a:09:f6:0f:58:d8:c0:0c:
                    fa:62:f6:fc:49:06:38:60:3a:4e:f0:1e:df:40:ef:
                    03:fa:82:91:c7:46:cc:a6:13:cd:1f:b3:6c:ed:6e:
                    2f:cc:10:81:ea:6f:f5:4d:b5:da:62:56:2c:05:29:
                    39:33:8d:a0:7d:05:db:92:20:cb:01:2a:60:1d:e9:
                    fa:3b:a1:93:a0:00:75:1d:1b:6f:2d:98:b0:1b:fc:
                    6d:75:fa:80:f8:c6:71:ab:72:33:ac:15:60:73:e0:
                    6d:71:ef:fd:27:11:41:cb:41:f5:2e:5e:4a:2f:4e:
                    c5:b8:68:94:bf:1e:78:54:29:9a:87:3d:a0:3c:6f:
                    12:1c:0b:23:b0:36:da:2d:c9:fe:be:32:45:44:02:
                    6b:25:07:c2:db:9b:1f:9e:3e:c2:1d:e6:5a:c0:7b:
                    0e:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:4B:01:FC:5D:C8:C5:5F:55:74:D6:B5:97:96:2B:D1:0F:1D:3E:6B
            X509v3 Authority Key Identifier:
                keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/XUsB_F3IxV9VdNa1l5Yr0Q8dPms.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.125.48.0/23

    Signature Algorithm: sha256WithRSAEncryption
         2c:b7:a4:66:8a:35:ee:5e:67:1f:7d:1c:f2:4d:74:e1:e3:95:
         31:10:b1:9f:13:18:eb:56:1e:ba:81:3d:f1:83:a3:d3:45:6d:
         ed:32:34:a2:c0:be:43:54:90:18:c5:a5:41:95:f5:81:e9:26:
         ab:c7:4f:96:b2:70:f3:63:76:d5:ca:df:3f:c8:3f:2f:c2:fe:
         7d:f3:a7:73:3e:be:05:a7:55:db:ff:45:b1:2e:1d:57:ee:aa:
         8b:76:4c:96:9b:2d:f0:f2:06:49:b9:ce:3b:77:dd:95:28:e9:
         a9:f9:e5:3d:ee:99:31:b6:42:2b:c1:fb:ea:11:ca:f7:91:a2:
         c5:1f:47:ea:a4:f6:1b:ee:c0:90:a3:1a:37:3c:e6:e6:ef:60:
         7c:f4:de:29:f1:03:c7:6d:0c:8f:99:fb:0d:e4:18:22:60:42:
         09:76:e4:84:26:a6:89:a9:e1:13:e4:c4:a9:a0:32:2b:e0:42:
         fc:50:b6:fe:6c:eb:e0:e0:98:f5:57:3e:44:9c:fb:0c:1a:2f:
         33:32:77:72:5e:3a:69:2f:a2:f2:a8:c0:f5:82:2e:71:8a:73:
         fa:2b:d8:3e:3d:8f:8f:7b:94:0c:44:23:53:31:58:31:de:ed:
         85:98:6a:ee:7c:dd:90:aa:0e:72:61:36:9f:79:a9:1e:8e:61:
         3e:71:cc:56
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxDDhwsnBhkFJjX+rc1oVsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjMwMTAyMDU1NTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDRiMDFmYzVkYzhjNTVmNTU3NGQ2YjU5Nzk2MmJkMTBmMWQzZTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAicCJVCJE6ABVxKrF2qWXAB3qHNYH
nynBYZWENSMF4g8y2NnxlcMJ49jYKdEF+I500weHc+OpA5Zr674ho55u5qAmxGeR
uIRRVhyAxBtHWqnBZeR5KPCPQ4h2jL0/uSZDSgn2D1jYwAz6Yvb8SQY4YDpO8B7f
QO8D+oKRx0bMphPNH7Ns7W4vzBCB6m/1TbXaYlYsBSk5M42gfQXbkiDLASpgHen6
O6GToAB1HRtvLZiwG/xtdfqA+MZxq3IzrBVgc+Btce/9JxFBy0H1Ll5KL07FuGiU
vx54VCmahz2gPG8SHAsjsDbaLcn+vjJFRAJrJQfC25sfnj7CHeZawHsOyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF1LAfxdyMVfVXTWtZeWK9EPHT5rMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvWFVzQl9GM0l4VjlWZE5hMWw1WXIwUThkUG1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuX0wMA0G
CSqGSIb3DQEBCwUAA4IBAQAst6RmijXuXmcffRzyTXTh45UxELGfExjrVh66gT3x
g6PTRW3tMjSiwL5DVJAYxaVBlfWB6Sarx0+WsnDzY3bVyt8/yD8vwv5986dzPr4F
p1Xb/0WxLh1X7qqLdkyWmy3w8gZJuc47d92VKOmp+eU97pkxtkIrwfvqEcr3kaLF
H0fqpPYb7sCQoxo3PObm72B89N4p8QPHbQyPmfsN5BgiYEIJduSEJqaJqeET5MSp
oDIr4EL8ULb+bOvg4Jj1Vz5EnPsMGi8zMndyXjppL6LyqMD1gi5xinP6K9g+PY+P
e5QMRCNTMVgx3u2FmGrufN2Qqg5yYTafeakejmE+ccxW
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:10 2024 by rpki-client on console-ams.rpki-client.org