Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/944f2a-f673-42bf-9e3d-edcef7451ef4/1/ruhprBJfZpdGaoxwOaXk-zFpO0w.roa
File:                     ruhprBJfZpdGaoxwOaXk-zFpO0w.roa (raw, json)
Hash identifier:          SMoID4EVln1VA94u1cTNng5rMtDV01XGcu9tIR9N9JI=
Subject key identifier:   AE:E8:69:AC:12:5F:66:97:46:6A:8C:70:39:A5:E4:FB:31:69:3B:4C
Certificate issuer:       /CN=cd4065967dec092b5fc90152e4a95339ba1d2289
Certificate serial:       0187B84B64883CF367BFB67316611612D32A
Authority key identifier: CD:40:65:96:7D:EC:09:2B:5F:C9:01:52:E4:A9:53:39:BA:1D:22:89
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zUBlln3sCStfyQFS5KlTObodIok.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/944f2a-f673-42bf-9e3d-edcef7451ef4/1/ruhprBJfZpdGaoxwOaXk-zFpO0w.roa
Signing time:             Tue 25 Apr 2023 12:02:41 +0000
ROA not before:           Tue 25 Apr 2023 12:02:41 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212609
IP address blocks:        185.144.12.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 27 Oct 2023 06:06:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:87:b8:4b:64:88:3c:f3:67:bf:b6:73:16:61:16:12:d3:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cd4065967dec092b5fc90152e4a95339ba1d2289
        Validity
            Not Before: Apr 25 12:02:41 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=aee869ac125f6697466a8c7039a5e4fb31693b4c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:49:97:e7:e6:59:70:38:6c:82:ec:3d:67:42:
                    dd:ec:3d:7c:ec:b6:d6:28:49:7c:0d:31:48:84:c3:
                    9e:41:61:d9:0c:f4:77:9c:5d:48:9e:ba:7a:46:d0:
                    d9:ea:0a:a4:b1:c6:90:64:6f:db:22:5f:31:96:24:
                    ef:f7:5f:ad:ee:79:11:eb:3d:82:b9:cf:06:1e:b7:
                    4c:46:34:f0:78:6a:2b:15:cf:51:66:90:aa:7a:84:
                    16:d1:ad:ba:a6:a1:71:c0:11:a2:6a:38:82:5e:60:
                    ca:07:b3:ad:a6:bb:cb:b8:56:0c:09:7e:87:61:ec:
                    b9:8c:39:17:e7:d0:a7:84:5c:ef:89:a0:7e:f2:8c:
                    33:a8:f4:9e:0c:87:e4:a1:9d:b3:47:88:4c:f4:c4:
                    1d:e0:f7:f8:32:e8:c6:61:0f:2d:db:c8:bb:a9:92:
                    e0:d9:d3:a6:e4:59:bb:c4:2e:7f:c1:f4:51:e2:66:
                    a8:6a:a1:c7:a4:f8:15:99:71:7d:71:a7:45:97:a5:
                    2b:f7:11:4c:66:37:79:37:f5:78:64:7b:19:74:0d:
                    40:18:99:79:ab:27:2c:65:74:5e:2c:8f:1f:2c:0b:
                    b4:68:e1:1d:d1:99:b3:4c:2e:20:d4:cb:18:0a:e7:
                    eb:08:4a:d8:19:d3:22:5a:2e:16:97:f3:1f:b2:2e:
                    a2:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:E8:69:AC:12:5F:66:97:46:6A:8C:70:39:A5:E4:FB:31:69:3B:4C
            X509v3 Authority Key Identifier:
                keyid:CD:40:65:96:7D:EC:09:2B:5F:C9:01:52:E4:A9:53:39:BA:1D:22:89

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zUBlln3sCStfyQFS5KlTObodIok.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/944f2a-f673-42bf-9e3d-edcef7451ef4/1/ruhprBJfZpdGaoxwOaXk-zFpO0w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/944f2a-f673-42bf-9e3d-edcef7451ef4/1/zUBlln3sCStfyQFS5KlTObodIok.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.144.12.0/24

    Signature Algorithm: sha256WithRSAEncryption
         28:8c:05:38:45:d2:16:f3:21:21:cd:f9:6e:59:8c:c0:dd:8e:
         a3:07:c7:cb:d2:1e:58:a8:43:41:d4:39:31:5f:2e:f3:2e:1a:
         85:9f:39:c0:ee:a8:89:49:16:36:50:8c:57:db:18:39:cb:1e:
         a6:01:f7:a4:11:fa:e6:33:3d:ea:14:b4:48:50:85:a9:09:23:
         1a:b6:47:5a:be:98:99:8b:ba:96:8a:ec:51:fa:ba:67:5d:f9:
         e4:50:cf:f6:36:d0:ea:19:36:94:40:95:ea:b2:5a:a5:b7:3d:
         5b:db:74:07:f6:cc:5b:42:a0:00:8e:13:33:1c:bc:8f:f1:57:
         08:d1:d0:ed:8a:5a:6a:85:a0:fc:c3:47:bc:50:c8:f9:8d:5c:
         85:d9:9f:d4:54:4f:41:1e:27:62:01:09:2e:18:7f:c4:4a:f8:
         1d:ea:6b:39:c2:6d:27:15:93:db:83:51:e9:f1:69:93:2a:45:
         1c:76:ea:fe:4d:31:40:8c:c3:e7:90:ad:e8:e5:76:f8:df:47:
         56:30:0b:71:95:71:e7:06:e5:76:43:47:9b:fe:7e:cb:d3:a7:
         6a:e6:34:cd:83:00:52:cf:73:5c:15:7b:cc:11:64:0c:d4:20:
         5d:36:b7:e3:b9:8a:e9:7a:6c:d4:ed:78:de:a8:5e:98:38:d5:
         20:21:2f:1e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYe4S2SIPPNnv7ZzFmEWEtMqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNDA2NTk2N2RlYzA5MmI1ZmM5MDE1MmU0YTk1MzM5YmEx
ZDIyODkwHhcNMjMwNDI1MTIwMjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWU4NjlhYzEyNWY2Njk3NDY2YThjNzAzOWE1ZTRmYjMxNjkzYjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm0mX5+ZZcDhsguw9Z0Ld7D187LbW
KEl8DTFIhMOeQWHZDPR3nF1Inrp6RtDZ6gqkscaQZG/bIl8xliTv91+t7nkR6z2C
uc8GHrdMRjTweGorFc9RZpCqeoQW0a26pqFxwBGiajiCXmDKB7OtprvLuFYMCX6H
Yey5jDkX59CnhFzviaB+8owzqPSeDIfkoZ2zR4hM9MQd4Pf4MujGYQ8t28i7qZLg
2dOm5Fm7xC5/wfRR4maoaqHHpPgVmXF9cadFl6Ur9xFMZjd5N/V4ZHsZdA1AGJl5
qycsZXReLI8fLAu0aOEd0ZmzTC4g1MsYCufrCErYGdMiWi4Wl/Mfsi6iqwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK7oaawSX2aXRmqMcDml5PsxaTtMMB8GA1UdIwQY
MBaAFM1AZZZ97AkrX8kBUuSpUzm6HSKJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelVCbGxuM3NDU3RmeVFGUzVLbFRPYm9kSW9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS85NDRmMmEtZjY3My00MmJmLTllM2Qt
ZWRjZWY3NDUxZWY0LzEvcnVocHJCSmZacGRHYW94d09hWGstekZwTzB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS85NDRmMmEtZjY3My00MmJmLTllM2QtZWRjZWY3NDUxZWY0
LzEvelVCbGxuM3NDU3RmeVFGUzVLbFRPYm9kSW9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZAMMA0G
CSqGSIb3DQEBCwUAA4IBAQAojAU4RdIW8yEhzfluWYzA3Y6jB8fL0h5YqENB1Dkx
Xy7zLhqFnznA7qiJSRY2UIxX2xg5yx6mAfekEfrmMz3qFLRIUIWpCSMatkdavpiZ
i7qWiuxR+rpnXfnkUM/2NtDqGTaUQJXqslqltz1b23QH9sxbQqAAjhMzHLyP8VcI
0dDtilpqhaD8w0e8UMj5jVyF2Z/UVE9BHidiAQkuGH/ESvgd6ms5wm0nFZPbg1Hp
8WmTKkUcdur+TTFAjMPnkK3o5Xb430dWMAtxlXHnBuV2Q0eb/n7L06dq5jTNgwBS
z3NcFXvMEWQM1CBdNrfjuYrpemzU7XjeqF6YONUgIS8e
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:12 2024 by rpki-client on console-ams.rpki-client.org