Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/bHFkPV-pIBGPZuf-gNGJ2txDsVk.roa
File:                     bHFkPV-pIBGPZuf-gNGJ2txDsVk.roa (raw, json)
Hash identifier:          5eAbqK6jm23nAOX3IkQ8PoROFyvN2jy3Dwn3RfKPMP4=
Subject key identifier:   6C:71:64:3D:5F:A9:20:11:8F:66:E7:FE:80:D1:89:DA:DC:43:B1:59
Certificate issuer:       /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial:       018AC691C83DFB0188B969D5FF17141FB850
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/bHFkPV-pIBGPZuf-gNGJ2txDsVk.roa
Signing time:             Sun 24 Sep 2023 09:42:37 +0000
ROA not before:           Sun 24 Sep 2023 09:42:37 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     216309
IP address blocks:        185.172.128.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:32:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:c6:91:c8:3d:fb:01:88:b9:69:d5:ff:17:14:1f:b8:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
        Validity
            Not Before: Sep 24 09:42:37 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6c71643d5fa920118f66e7fe80d189dadc43b159
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:14:33:ab:6d:8f:2b:c0:29:0c:26:e6:cc:44:
                    17:a9:a6:1a:3f:92:df:f4:16:9e:b8:9b:67:49:cb:
                    3d:ad:4e:7e:c6:21:14:cf:24:71:c1:41:07:45:66:
                    5b:bf:a8:35:aa:e9:f9:87:9d:bb:16:38:83:b1:a0:
                    5b:78:62:ec:5f:54:51:8f:7e:76:6f:69:03:39:f7:
                    33:f9:27:e4:be:38:c2:91:e2:78:84:d8:f3:fe:0e:
                    83:9b:bf:c6:ae:43:ea:1f:db:4e:17:64:71:61:97:
                    b3:44:a6:db:bd:d0:97:22:fa:88:8a:09:7b:4e:98:
                    36:6a:93:db:5b:8c:d2:ac:2f:c6:a2:e7:2d:6d:8f:
                    6c:11:bd:f2:40:28:95:a2:ba:e1:b7:12:82:c0:8f:
                    e7:98:4b:3e:20:0d:1b:ca:35:6c:4b:d6:a3:f1:3c:
                    8f:2b:ed:8d:cf:8e:06:20:64:20:ef:e2:07:b6:d8:
                    ec:92:a3:37:3f:b7:d7:22:de:de:34:d1:1d:56:5d:
                    a7:d5:91:2a:a8:a3:0a:31:50:4c:f0:a2:c1:bc:04:
                    ac:33:09:53:95:e0:8b:4a:6b:2f:c3:4d:74:02:c2:
                    ec:bb:c6:b3:e5:1e:eb:dd:c2:af:31:21:9a:e3:7e:
                    59:7a:68:3a:ec:c7:43:d9:b6:82:63:33:97:84:b2:
                    11:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:71:64:3D:5F:A9:20:11:8F:66:E7:FE:80:D1:89:DA:DC:43:B1:59
            X509v3 Authority Key Identifier:
                keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/bHFkPV-pIBGPZuf-gNGJ2txDsVk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.172.128.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a0:9d:4d:98:af:0e:0a:ad:d0:b8:fc:9c:b5:dd:47:b9:3d:28:
         65:e7:b4:df:03:df:e1:94:e4:47:f3:50:74:7f:5d:95:04:6e:
         e7:d1:ef:1d:c4:61:86:e5:79:a7:0a:29:b4:21:89:8a:2b:3a:
         dd:46:08:2b:ac:05:08:b6:d8:aa:a1:f9:cc:68:76:6f:77:8d:
         ed:40:1b:ec:5b:70:96:ea:94:c0:20:27:b1:00:28:8f:22:76:
         59:91:2c:51:24:05:e3:1e:9d:62:bf:81:b1:76:ea:94:0e:69:
         8c:82:8a:a3:10:52:10:85:e2:9c:a3:97:6f:85:9f:a1:f8:cd:
         0b:8b:4d:d8:c2:a4:b4:2e:13:7b:0f:8f:73:48:d2:df:f5:07:
         17:b1:07:c5:b5:98:e3:9f:2c:d6:4f:95:e4:80:e6:ed:ef:28:
         88:13:c9:cf:7f:4b:a7:22:47:a5:c0:c1:84:2e:0b:8f:d8:6c:
         98:d7:d2:4d:34:1f:ba:fc:04:4e:61:d7:6a:fd:fc:7c:64:2e:
         00:61:22:ea:0e:5a:7b:af:7a:71:2f:0b:fb:c3:54:7e:a1:e2:
         d8:23:d6:de:83:18:1c:0d:38:6a:07:5d:c4:b6:dc:c2:ec:a5:
         27:70:db:b4:3b:60:d0:09:48:bd:9f:d6:61:99:b2:e7:d1:d3:
         8a:cc:c7:71
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYrGkcg9+wGIuWnV/xcUH7hQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjMwOTI0MDk0MjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzcxNjQzZDVmYTkyMDExOGY2NmU3ZmU4MGQxODlkYWRjNDNiMTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvBQzq22PK8ApDCbmzEQXqaYaP5Lf
9BaeuJtnScs9rU5+xiEUzyRxwUEHRWZbv6g1qun5h527FjiDsaBbeGLsX1RRj352
b2kDOfcz+SfkvjjCkeJ4hNjz/g6Dm7/GrkPqH9tOF2RxYZezRKbbvdCXIvqIigl7
Tpg2apPbW4zSrC/GouctbY9sEb3yQCiVorrhtxKCwI/nmEs+IA0byjVsS9aj8TyP
K+2Nz44GIGQg7+IHttjskqM3P7fXIt7eNNEdVl2n1ZEqqKMKMVBM8KLBvASsMwlT
leCLSmsvw010AsLsu8az5R7r3cKvMSGa435Zemg67MdD2baCYzOXhLIRvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGxxZD1fqSARj2bn/oDRidrcQ7FZMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvYkhGa1BWLXBJQkdQWnVmLWdOR0oydHhEc1ZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuayAMA0G
CSqGSIb3DQEBCwUAA4IBAQCgnU2Yrw4KrdC4/Jy13Ue5PShl57TfA9/hlORH81B0
f12VBG7n0e8dxGGG5XmnCim0IYmKKzrdRggrrAUIttiqofnMaHZvd43tQBvsW3CW
6pTAICexACiPInZZkSxRJAXjHp1iv4GxduqUDmmMgoqjEFIQheKco5dvhZ+h+M0L
i03YwqS0LhN7D49zSNLf9QcXsQfFtZjjnyzWT5XkgObt7yiIE8nPf0unIkelwMGE
LguP2GyY19JNNB+6/AROYddq/fx8ZC4AYSLqDlp7r3pxLwv7w1R+oeLYI9begxgc
DThqB13EttzC7KUncNu0O2DQCUi9n9ZhmbLn0dOKzMdx
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:10 2024 by rpki-client on console-ams.rpki-client.org