Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/30f5e0-a04f-4993-983c-715f09817341/1/0Z_KMlcZV4-2q-BlIXZEUGmcahY.roa
File:                     0Z_KMlcZV4-2q-BlIXZEUGmcahY.roa (raw, json)
Hash identifier:          d5wpuOIoMGrNuqz6fmUjFcOYXeI6qCIeFa9W7NNZ6WM=
Subject key identifier:   D1:9F:CA:32:57:19:57:8F:B6:AB:E0:65:21:76:44:50:69:9C:6A:16
Certificate issuer:       /CN=bf5db811b5d5d05bec37ee9d09a4ec52eeed1ad5
Certificate serial:       01856F392B28FA07BB131D9FD57CCD337824
Authority key identifier: BF:5D:B8:11:B5:D5:D0:5B:EC:37:EE:9D:09:A4:EC:52:EE:ED:1A:D5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/v124EbXV0FvsN-6dCaTsUu7tGtU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/c8/30f5e0-a04f-4993-983c-715f09817341/1/0Z_KMlcZV4-2q-BlIXZEUGmcahY.roa
Signing time:             Sun 01 Jan 2023 21:24:55 +0000
ROA not before:           Sun 01 Jan 2023 21:24:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     48159
IP address blocks:        185.66.229.0/24 maxlen: 24
                          185.66.228.0/24 maxlen: 24
                          185.66.231.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 22:31:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:39:2b:28:fa:07:bb:13:1d:9f:d5:7c:cd:33:78:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bf5db811b5d5d05bec37ee9d09a4ec52eeed1ad5
        Validity
            Not Before: Jan  1 21:24:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d19fca325719578fb6abe06521764450699c6a16
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:d6:09:7e:93:62:63:5e:c3:0d:87:f3:61:6b:
                    02:a0:8f:77:37:56:c4:2c:bd:77:07:37:2f:ef:24:
                    d8:c9:3d:a9:86:66:e6:74:20:e6:40:b2:e8:81:77:
                    91:c6:2a:af:3e:01:ba:7a:43:c2:01:35:02:26:4e:
                    bf:34:d0:c7:0d:55:08:da:d9:5b:04:27:6f:b9:7a:
                    6f:2c:79:8f:bc:70:33:28:9e:7e:71:29:58:88:58:
                    2b:2f:85:62:72:c2:eb:45:b1:f2:12:77:c2:ec:36:
                    9e:d0:6f:8c:af:7a:b7:e3:5a:73:8f:51:87:11:8e:
                    3f:fd:88:d8:2a:1f:aa:38:1a:b2:3d:8a:c8:83:2d:
                    cd:71:8b:11:07:c2:7a:a0:96:01:0b:c2:1b:06:ba:
                    32:ef:3c:63:f2:c3:91:72:9f:41:be:46:56:3b:3b:
                    2d:7a:ff:30:a5:f0:58:7a:97:a6:50:ae:dc:0d:9b:
                    43:81:9e:10:d1:74:2f:18:a5:c3:2a:07:78:56:3b:
                    3b:03:6f:a5:55:a4:68:07:f4:09:9b:8d:f7:90:f1:
                    9a:af:94:72:e8:44:bb:38:61:1a:18:1b:a8:b7:f2:
                    63:82:81:cb:7a:3f:73:cb:99:44:66:c1:55:97:4e:
                    a0:d0:cf:48:2a:54:68:e2:07:f7:69:4f:6c:8d:09:
                    ec:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:9F:CA:32:57:19:57:8F:B6:AB:E0:65:21:76:44:50:69:9C:6A:16
            X509v3 Authority Key Identifier:
                keyid:BF:5D:B8:11:B5:D5:D0:5B:EC:37:EE:9D:09:A4:EC:52:EE:ED:1A:D5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v124EbXV0FvsN-6dCaTsUu7tGtU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/30f5e0-a04f-4993-983c-715f09817341/1/0Z_KMlcZV4-2q-BlIXZEUGmcahY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/30f5e0-a04f-4993-983c-715f09817341/1/v124EbXV0FvsN-6dCaTsUu7tGtU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.66.228.0/23
                  185.66.231.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4e:e7:c7:f2:76:ef:2b:c0:85:d2:81:bd:5e:f4:c2:ad:6b:c7:
         1c:28:0a:96:04:cf:5e:78:d7:c8:23:b7:ba:ed:0c:81:e1:45:
         43:25:40:09:67:59:3c:cf:a1:1b:4a:c5:34:a5:4b:54:e0:ec:
         16:ef:f3:e9:fc:e5:ec:34:16:22:ff:dc:1d:1a:3c:6e:2b:9c:
         68:49:af:21:24:0e:85:fd:e3:9c:62:ec:fa:e7:ce:c2:6a:f1:
         31:34:11:28:c0:55:85:da:8e:ad:9c:5b:5b:27:52:7e:af:bd:
         cc:ea:7c:4e:f3:95:bc:58:66:b6:3c:20:10:c9:1b:4a:06:80:
         b8:91:0e:ef:7e:04:fd:74:64:5b:a2:e7:ad:31:7e:c9:15:41:
         ea:1d:68:fb:85:11:ac:05:5b:9d:c2:56:11:2e:bd:78:81:a3:
         ce:99:37:7d:52:c6:24:db:43:66:0a:03:61:15:f1:f8:99:7f:
         3b:a1:56:96:64:88:8b:8b:c5:73:91:f8:22:12:12:1a:d8:2b:
         cf:5a:fc:79:59:35:32:eb:93:c3:6e:57:f4:11:71:dd:18:a5:
         a6:61:22:8e:0e:88:11:bd:ce:9c:ad:0c:c1:9a:d3:43:0f:0e:
         97:3e:89:a7:c9:87:83:ca:70:00:8e:f5:00:f3:7a:e3:5a:ac:
         65:c8:57:79
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvOSso+ge7Ex2f1XzNM3gkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmNWRiODExYjVkNWQwNWJlYzM3ZWU5ZDA5YTRlYzUyZWVl
ZDFhZDUwHhcNMjMwMTAxMjEyNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTlmY2EzMjU3MTk1NzhmYjZhYmUwNjUyMTc2NDQ1MDY5OWM2YTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjNYJfpNiY17DDYfzYWsCoI93N1bE
LL13Bzcv7yTYyT2phmbmdCDmQLLogXeRxiqvPgG6ekPCATUCJk6/NNDHDVUI2tlb
BCdvuXpvLHmPvHAzKJ5+cSlYiFgrL4VicsLrRbHyEnfC7Dae0G+Mr3q341pzj1GH
EY4//YjYKh+qOBqyPYrIgy3NcYsRB8J6oJYBC8IbBroy7zxj8sORcp9BvkZWOzst
ev8wpfBYepemUK7cDZtDgZ4Q0XQvGKXDKgd4Vjs7A2+lVaRoB/QJm433kPGar5Ry
6ES7OGEaGBuot/JjgoHLej9zy5lEZsFVl06g0M9IKlRo4gf3aU9sjQnsawIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNGfyjJXGVePtqvgZSF2RFBpnGoWMB8GA1UdIwQY
MBaAFL9duBG11dBb7DfunQmk7FLu7RrVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjEyNEViWFYwRnZzTi02ZENhVHNVdTd0R3RVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC8zMGY1ZTAtYTA0Zi00OTkzLTk4M2Mt
NzE1ZjA5ODE3MzQxLzEvMFpfS01sY1pWNC0ycS1CbElYWkVVR21jYWhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC8zMGY1ZTAtYTA0Zi00OTkzLTk4M2MtNzE1ZjA5ODE3MzQx
LzEvdjEyNEViWFYwRnZzTi02ZENhVHNVdTd0R3RVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBuULkAwQA
uULnMA0GCSqGSIb3DQEBCwUAA4IBAQBO58fydu8rwIXSgb1e9MKta8ccKAqWBM9e
eNfII7e67QyB4UVDJUAJZ1k8z6EbSsU0pUtU4OwW7/Pp/OXsNBYi/9wdGjxuK5xo
Sa8hJA6F/eOcYuz6587CavExNBEowFWF2o6tnFtbJ1J+r73M6nxO85W8WGa2PCAQ
yRtKBoC4kQ7vfgT9dGRbouetMX7JFUHqHWj7hRGsBVudwlYRLr14gaPOmTd9UsYk
20NmCgNhFfH4mX87oVaWZIiLi8VzkfgiEhIa2CvPWvx5WTUy65PDblf0EXHdGKWm
YSKODogRvc6crQzBmtNDDw6XPomnyYeDynAAjvUA83rjWqxlyFd5
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:43 2024 by rpki-client on console-ams.rpki-client.org