Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/ef3e43-7bf7-404f-a9a3-b3e9255d2b3e/1/u7Nfhfpo-4O7QSeboCUUGcSKLRM.roa
File:                     u7Nfhfpo-4O7QSeboCUUGcSKLRM.roa (raw, json)
Hash identifier:          dm2uchNPebHk0+tvAn2YkcjAyAezMm7xeWwqNmXV0s4=
Subject key identifier:   BB:B3:5F:85:FA:68:FB:83:BB:41:27:9B:A0:25:14:19:C4:8A:2D:13
Certificate issuer:       /CN=b8d5b3d379d21162e2b522c43801fb9603988245
Certificate serial:       018BFCB069994DCF91115B33FD70A9449C17
Authority key identifier: B8:D5:B3:D3:79:D2:11:62:E2:B5:22:C4:38:01:FB:96:03:98:82:45
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uNWz03nSEWLitSLEOAH7lgOYgkU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c5/ef3e43-7bf7-404f-a9a3-b3e9255d2b3e/1/u7Nfhfpo-4O7QSeboCUUGcSKLRM.roa
Signing time:             Thu 23 Nov 2023 14:58:21 +0000
ROA not before:           Thu 23 Nov 2023 14:58:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     19905
IP address blocks:        185.243.128.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:29:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:fc:b0:69:99:4d:cf:91:11:5b:33:fd:70:a9:44:9c:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b8d5b3d379d21162e2b522c43801fb9603988245
        Validity
            Not Before: Nov 23 14:58:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=bbb35f85fa68fb83bb41279ba0251419c48a2d13
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:29:ae:be:0c:96:88:7d:7e:36:1d:5b:cf:fd:
                    1c:2b:9a:15:d6:43:a3:1c:a9:fa:cc:36:8a:31:77:
                    70:68:31:58:1a:e2:bf:5a:f9:3e:ca:5c:91:07:28:
                    3a:9f:92:d7:46:bc:15:06:00:1c:55:37:ea:81:89:
                    64:77:32:a0:5c:98:c0:ce:ce:f7:6e:82:16:2a:61:
                    f0:ba:e2:7c:6d:29:17:bb:fb:88:ad:9b:0c:ef:8f:
                    22:c2:5a:a7:b3:02:d5:5d:53:11:68:05:9c:96:d1:
                    02:03:eb:d1:9b:47:1c:9e:63:07:2c:ad:2c:a3:05:
                    1e:ed:a3:a3:71:ca:a0:af:0f:b9:3f:ce:b9:88:46:
                    fd:ce:08:e4:01:fe:74:fe:92:ad:22:b3:a5:04:dc:
                    b1:c8:eb:83:da:50:24:ee:98:a9:71:07:b4:8a:07:
                    98:07:48:41:f0:6f:2c:a9:e0:15:4a:4b:8d:37:21:
                    a3:1c:d6:16:8a:4a:fd:8e:8e:6a:66:40:40:24:3f:
                    5f:11:19:70:64:f6:0b:8c:5d:7c:6e:e6:79:e8:62:
                    b1:35:cf:1d:72:b8:a9:e6:fb:65:90:4d:84:8e:be:
                    0d:e5:3a:02:8d:d9:ae:1c:bb:1f:12:66:44:10:21:
                    26:b7:91:31:07:e3:7a:1d:3f:4d:00:db:9d:64:90:
                    11:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:B3:5F:85:FA:68:FB:83:BB:41:27:9B:A0:25:14:19:C4:8A:2D:13
            X509v3 Authority Key Identifier:
                keyid:B8:D5:B3:D3:79:D2:11:62:E2:B5:22:C4:38:01:FB:96:03:98:82:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uNWz03nSEWLitSLEOAH7lgOYgkU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/ef3e43-7bf7-404f-a9a3-b3e9255d2b3e/1/u7Nfhfpo-4O7QSeboCUUGcSKLRM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/ef3e43-7bf7-404f-a9a3-b3e9255d2b3e/1/uNWz03nSEWLitSLEOAH7lgOYgkU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.243.128.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2a:ac:c9:38:e4:0a:94:53:4f:7a:ae:53:02:ef:cb:f0:bf:e9:
         64:3f:90:e1:d9:20:b7:bb:ab:91:16:b5:36:5a:28:80:d6:cc:
         68:52:69:53:e7:ef:55:dd:0f:8d:7c:3e:c0:73:fc:55:3b:b0:
         f4:0e:45:f4:be:2f:cd:0e:55:d9:31:23:dd:1c:bc:fd:31:5b:
         88:99:dd:08:94:8c:d5:20:c4:35:da:13:67:04:f5:50:5c:e2:
         1d:54:4d:4e:c9:50:e4:ec:45:30:f0:63:79:46:a0:23:2f:07:
         fb:bc:75:83:e7:c6:79:aa:54:fe:ee:8a:a2:6b:cc:1e:6c:c2:
         29:54:90:05:78:ae:ae:02:ae:9a:6a:dd:4d:4c:97:ad:c4:67:
         1d:fd:43:26:e0:02:2a:80:67:45:0b:1f:ad:5f:0e:3c:d9:42:
         7d:1d:b8:84:fc:f1:e7:e9:2e:76:9f:23:1d:a5:e1:24:04:18:
         eb:14:3c:8e:70:c8:79:9f:7c:d3:3c:36:7c:71:c0:c5:d8:5e:
         06:90:31:50:2c:77:b9:ad:3a:c1:53:24:55:c0:f4:df:4c:48:
         21:2b:a5:8c:e2:70:ca:2c:77:db:bb:9b:b2:b5:d5:fc:7c:e3:
         29:73:11:de:99:2a:00:55:c3:cf:87:7b:11:8e:fb:0f:b9:bc:
         17:bc:a1:fb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYv8sGmZTc+REVsz/XCpRJwXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4ZDViM2QzNzlkMjExNjJlMmI1MjJjNDM4MDFmYjk2MDM5
ODgyNDUwHhcNMjMxMTIzMTQ1ODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmIzNWY4NWZhNjhmYjgzYmI0MTI3OWJhMDI1MTQxOWM0OGEyZDEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArSmuvgyWiH1+Nh1bz/0cK5oV1kOj
HKn6zDaKMXdwaDFYGuK/Wvk+ylyRByg6n5LXRrwVBgAcVTfqgYlkdzKgXJjAzs73
boIWKmHwuuJ8bSkXu/uIrZsM748iwlqnswLVXVMRaAWcltECA+vRm0ccnmMHLK0s
owUe7aOjccqgrw+5P865iEb9zgjkAf50/pKtIrOlBNyxyOuD2lAk7pipcQe0igeY
B0hB8G8sqeAVSkuNNyGjHNYWikr9jo5qZkBAJD9fERlwZPYLjF18buZ56GKxNc8d
crip5vtlkE2Ejr4N5ToCjdmuHLsfEmZEECEmt5ExB+N6HT9NANudZJARrQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLuzX4X6aPuDu0Enm6AlFBnEii0TMB8GA1UdIwQY
MBaAFLjVs9N50hFi4rUixDgB+5YDmIJFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdU5XejAzblNFV0xpdFNMRU9BSDdsZ09ZZ2tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS9lZjNlNDMtN2JmNy00MDRmLWE5YTMt
YjNlOTI1NWQyYjNlLzEvdTdOZmhmcG8tNE83UVNlYm9DVVVHY1NLTFJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS9lZjNlNDMtN2JmNy00MDRmLWE5YTMtYjNlOTI1NWQyYjNl
LzEvdU5XejAzblNFV0xpdFNMRU9BSDdsZ09ZZ2tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufOAMA0G
CSqGSIb3DQEBCwUAA4IBAQAqrMk45AqUU096rlMC78vwv+lkP5Dh2SC3u6uRFrU2
WiiA1sxoUmlT5+9V3Q+NfD7Ac/xVO7D0DkX0vi/NDlXZMSPdHLz9MVuImd0IlIzV
IMQ12hNnBPVQXOIdVE1OyVDk7EUw8GN5RqAjLwf7vHWD58Z5qlT+7oqia8webMIp
VJAFeK6uAq6aat1NTJetxGcd/UMm4AIqgGdFCx+tXw482UJ9HbiE/PHn6S52nyMd
peEkBBjrFDyOcMh5n3zTPDZ8ccDF2F4GkDFQLHe5rTrBUyRVwPTfTEghK6WM4nDK
LHfbu5uytdX8fOMpcxHemSoAVcPPh3sRjvsPubwXvKH7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:11 2024 by rpki-client on console-fra.rpki-client.org