Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/9da366-fb0a-43a7-83ba-c983b1fed79e/1/1Q9VxaIBVpQa8eMjE1Zc7iBbU28.roa
File:                     1Q9VxaIBVpQa8eMjE1Zc7iBbU28.roa (raw, json)
Hash identifier:          dsw2aqGDLa/itqBnYk6cDqYTImcHBmH5zCaTpSpvpJc=
Subject key identifier:   D5:0F:55:C5:A2:01:56:94:1A:F1:E3:23:13:56:5C:EE:20:5B:53:6F
Certificate issuer:       /CN=58e408c857c7f825ff77bc91eca7ffc921ad4dff
Certificate serial:       018CC5DBF7D75440E028A9337AF6C6CF9B88
Authority key identifier: 58:E4:08:C8:57:C7:F8:25:FF:77:BC:91:EC:A7:FF:C9:21:AD:4D:FF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/WOQIyFfH-CX_d7yR7Kf_ySGtTf8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/cb/9da366-fb0a-43a7-83ba-c983b1fed79e/1/1Q9VxaIBVpQa8eMjE1Zc7iBbU28.roa
Signing time:             Mon 01 Jan 2024 16:29:36 +0000
ROA not before:           Mon 01 Jan 2024 16:29:36 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     207092
IP address blocks:        185.193.15.0/24 maxlen: 24
                          185.193.12.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Thu 15 Feb 2024 11:41:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:db:f7:d7:54:40:e0:28:a9:33:7a:f6:c6:cf:9b:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=58e408c857c7f825ff77bc91eca7ffc921ad4dff
        Validity
            Not Before: Jan  1 16:29:36 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=d50f55c5a20156941af1e32313565cee205b536f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:7e:20:0b:39:26:94:50:d2:7b:a0:26:fa:51:
                    6a:03:07:ab:4d:e4:95:e8:90:8a:7b:34:52:71:a8:
                    c2:5e:d9:9d:ec:ed:cd:61:a6:8f:b0:0c:9a:dc:d7:
                    84:52:a4:6a:1a:43:c6:7f:0e:88:70:3c:21:a5:af:
                    03:b2:84:4c:1d:5b:2c:d1:30:9c:c0:1f:08:67:8e:
                    5e:0a:19:56:b8:3a:b5:08:d9:1d:d9:a8:13:27:20:
                    97:0b:7e:68:88:24:de:e4:47:ba:04:dc:d5:46:21:
                    4e:81:c2:42:f3:84:9d:8c:1d:21:f1:59:3e:2b:85:
                    c4:00:5d:ce:2a:8c:7f:1e:92:97:30:09:86:b6:4f:
                    7b:50:29:db:42:f8:33:9b:d9:9f:43:ce:12:a3:f4:
                    8a:e9:7d:74:85:81:be:87:77:f3:bb:9c:d8:02:da:
                    03:e2:32:2b:31:a8:6b:aa:01:33:8e:bc:0c:da:d9:
                    f8:fd:ec:ca:70:f9:23:9a:e2:2a:98:47:03:c9:93:
                    00:aa:b1:fa:33:e3:aa:8f:90:8d:4a:54:41:76:4e:
                    32:25:21:b9:df:c3:e6:1b:ec:bb:4e:9d:0a:cc:2e:
                    d8:58:9d:02:62:51:2b:94:6a:38:49:9d:66:6f:45:
                    22:88:64:67:c5:e6:d1:72:79:b1:34:d9:0d:aa:61:
                    d7:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:0F:55:C5:A2:01:56:94:1A:F1:E3:23:13:56:5C:EE:20:5B:53:6F
            X509v3 Authority Key Identifier:
                keyid:58:E4:08:C8:57:C7:F8:25:FF:77:BC:91:EC:A7:FF:C9:21:AD:4D:FF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WOQIyFfH-CX_d7yR7Kf_ySGtTf8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/9da366-fb0a-43a7-83ba-c983b1fed79e/1/1Q9VxaIBVpQa8eMjE1Zc7iBbU28.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/9da366-fb0a-43a7-83ba-c983b1fed79e/1/WOQIyFfH-CX_d7yR7Kf_ySGtTf8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.193.12.0/23
                  185.193.15.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1e:2a:9c:fa:cb:34:da:98:cd:f0:05:67:32:1a:90:43:e3:17:
         eb:35:b2:b9:ef:e0:bc:fd:90:c5:58:68:90:a8:1e:1f:e1:88:
         de:0a:0a:af:95:c5:6e:8b:17:55:a1:1c:07:cd:01:a8:d9:a1:
         48:80:98:77:88:0d:ef:48:99:4b:de:8b:e6:6c:0d:80:2f:d8:
         5f:10:e7:d0:1e:f3:2d:e8:be:12:20:81:e0:ab:64:2c:0e:5c:
         6f:c0:d8:1d:55:25:fa:ce:74:9c:21:49:1a:31:be:a0:0c:17:
         7a:c5:27:f2:07:93:a5:68:27:aa:5d:be:87:bb:c5:3c:ff:e2:
         bf:e1:3e:70:04:45:82:8c:ff:8d:e2:04:49:97:d9:23:dd:e6:
         5b:df:ed:2f:b7:ac:84:17:27:f6:9a:bb:3f:57:f8:25:6c:c4:
         5c:67:d8:b8:0d:f7:28:c0:00:14:50:5b:fc:dd:78:28:fc:c9:
         d1:6e:7f:96:9d:d7:5d:41:36:27:2c:75:d1:d5:51:50:23:e7:
         0e:82:cf:2e:cf:18:d6:6e:f2:40:ea:cd:19:d8:76:31:0e:8d:
         ad:c7:5e:34:64:ab:a6:c9:13:f5:c8:f7:95:36:a6:92:39:a5:
         ac:88:cd:7d:b0:fc:8f:57:81:8b:3c:cf:1d:97:4b:0c:ff:7a:
         95:ba:86:b3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzF2/fXVEDgKKkzevbGz5uIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ZTQwOGM4NTdjN2Y4MjVmZjc3YmM5MWVjYTdmZmM5MjFh
ZDRkZmYwHhcNMjQwMTAxMTYyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTBmNTVjNWEyMDE1Njk0MWFmMWUzMjMxMzU2NWNlZTIwNWI1MzZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt34gCzkmlFDSe6Am+lFqAwerTeSV
6JCKezRScajCXtmd7O3NYaaPsAya3NeEUqRqGkPGfw6IcDwhpa8DsoRMHVss0TCc
wB8IZ45eChlWuDq1CNkd2agTJyCXC35oiCTe5Ee6BNzVRiFOgcJC84SdjB0h8Vk+
K4XEAF3OKox/HpKXMAmGtk97UCnbQvgzm9mfQ84So/SK6X10hYG+h3fzu5zYAtoD
4jIrMahrqgEzjrwM2tn4/ezKcPkjmuIqmEcDyZMAqrH6M+Oqj5CNSlRBdk4yJSG5
38PmG+y7Tp0KzC7YWJ0CYlErlGo4SZ1mb0UiiGRnxebRcnmxNNkNqmHXlQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNUPVcWiAVaUGvHjIxNWXO4gW1NvMB8GA1UdIwQY
MBaAFFjkCMhXx/gl/3e8keyn/8khrU3/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV09RSXlGZkgtQ1hfZDd5UjdLZl95U0d0VGY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi85ZGEzNjYtZmIwYS00M2E3LTgzYmEt
Yzk4M2IxZmVkNzllLzEvMVE5VnhhSUJWcFFhOGVNakUxWmM3aUJiVTI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi85ZGEzNjYtZmIwYS00M2E3LTgzYmEtYzk4M2IxZmVkNzll
LzEvV09RSXlGZkgtQ1hfZDd5UjdLZl95U0d0VGY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBucEMAwQA
ucEPMA0GCSqGSIb3DQEBCwUAA4IBAQAeKpz6yzTamM3wBWcyGpBD4xfrNbK57+C8
/ZDFWGiQqB4f4YjeCgqvlcVuixdVoRwHzQGo2aFIgJh3iA3vSJlL3ovmbA2AL9hf
EOfQHvMt6L4SIIHgq2QsDlxvwNgdVSX6znScIUkaMb6gDBd6xSfyB5OlaCeqXb6H
u8U8/+K/4T5wBEWCjP+N4gRJl9kj3eZb3+0vt6yEFyf2mrs/V/glbMRcZ9i4Dfco
wAAUUFv83Xgo/MnRbn+WndddQTYnLHXR1VFQI+cOgs8uzxjWbvJA6s0Z2HYxDo2t
x140ZKumyRP1yPeVNqaSOaWsiM19sPyPV4GLPM8dl0sM/3qVuoaz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:03 2024 by rpki-client on console-fra.rpki-client.org