Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/O3XUl0F5UXz4igshheI4G9Rc6lI.roa
File:                     O3XUl0F5UXz4igshheI4G9Rc6lI.roa (raw, json)
Hash identifier:          paD28KiC5Ysnc0Gnl5tFtCeYpSeJVLfn/TVoPF5U0PU=
Subject key identifier:   3B:75:D4:97:41:79:51:7C:F8:8A:0B:21:85:E2:38:1B:D4:5C:EA:52
Certificate issuer:       /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial:       01856C53F6873DF5F77731EE8F0345F59C0C
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/O3XUl0F5UXz4igshheI4G9Rc6lI.roa
Signing time:             Sun 01 Jan 2023 07:55:19 +0000
ROA not before:           Sun 01 Jan 2023 07:55:19 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     48105
IP address blocks:        185.142.141.0/24 maxlen: 32
                          2a06:7a04::/43 maxlen: 128

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:34:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:53:f6:87:3d:f5:f7:77:31:ee:8f:03:45:f5:9c:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
        Validity
            Not Before: Jan  1 07:55:19 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3b75d4974179517cf88a0b2185e2381bd45cea52
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:81:f3:bc:a1:08:37:eb:f1:65:10:1b:b3:55:b2:
                    8b:1b:b6:d9:9e:18:c2:87:3a:ed:18:42:ff:c3:ae:
                    3c:4f:87:eb:c5:7c:62:38:75:ce:4a:0f:17:41:20:
                    3a:0f:66:d6:63:00:0d:cb:23:9f:8d:ed:20:c6:60:
                    62:1f:16:af:55:02:99:0a:45:90:39:ac:48:e3:9c:
                    91:08:bf:c4:41:36:15:28:b3:5e:e0:86:66:61:de:
                    e1:0c:81:c6:c0:fe:95:53:5b:2f:a0:a1:aa:c7:18:
                    6d:7e:46:84:e4:19:89:e2:9d:8c:3a:d1:96:f5:63:
                    9a:4e:e3:b9:0f:12:10:b4:21:a6:c7:26:34:28:d0:
                    38:25:6d:af:71:4d:e5:ee:b2:3f:99:87:09:92:4c:
                    2b:8c:2b:12:c6:79:96:32:45:34:72:32:0e:fc:bb:
                    30:7e:85:8a:93:33:c0:9c:bf:17:f5:6a:0d:21:95:
                    c2:ea:01:26:a6:b7:3c:9e:62:70:c8:21:1d:b0:34:
                    e9:02:7d:84:e9:b8:11:1d:a9:ce:78:e2:12:b5:38:
                    eb:8a:3a:ee:da:d4:66:46:68:08:42:8f:1e:13:5b:
                    6d:ab:14:e6:e2:5c:71:52:d1:b8:07:04:86:9b:1d:
                    d2:7f:bd:cb:de:04:e3:9b:89:6b:8e:ab:78:f6:0e:
                    0f:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:75:D4:97:41:79:51:7C:F8:8A:0B:21:85:E2:38:1B:D4:5C:EA:52
            X509v3 Authority Key Identifier:
                keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/O3XUl0F5UXz4igshheI4G9Rc6lI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.142.141.0/24
                IPv6:
                  2a06:7a04::/43

    Signature Algorithm: sha256WithRSAEncryption
         80:a2:22:d7:c3:98:91:b4:ed:f5:e5:cc:8e:a5:8d:56:83:5c:
         b3:d6:5c:e5:6b:91:89:aa:89:ab:54:ef:e9:d9:57:b4:f8:9a:
         95:98:25:81:ba:ef:00:24:c9:b4:3e:6a:1c:da:fc:16:92:e1:
         98:9e:8f:4b:f7:fe:e6:cb:07:98:42:a0:22:ea:11:16:a3:aa:
         34:02:54:61:03:70:55:a9:70:74:a4:33:d8:09:f2:bc:f7:57:
         82:6a:38:40:82:36:13:4e:31:60:f0:67:af:5a:6a:af:a6:74:
         6d:57:e0:1c:cc:87:a8:1a:d9:e9:81:0c:37:01:7f:a8:9a:5e:
         e1:a9:1a:59:0b:17:5a:0d:18:eb:e7:0e:1c:86:4d:c0:b0:79:
         ba:93:1c:be:9a:c2:ce:fa:01:df:b4:e7:d5:80:21:12:df:43:
         eb:12:4b:b1:9e:e2:a8:18:1a:26:2d:15:d3:04:1d:ab:00:cb:
         ab:59:e2:4b:7f:ef:f2:70:0b:60:ef:a0:d8:de:e3:b1:78:97:
         f7:ce:8e:13:e3:24:4b:79:5e:1d:cc:ef:f7:66:b2:c3:42:0b:
         e8:50:79:65:77:15:f2:3a:3f:42:1a:46:da:d8:cc:ad:6e:0b:
         16:84:3e:45:07:28:44:c4:78:95:2b:de:a7:f2:7e:dc:79:8b:
         72:24:06:e2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVsU/aHPfX3dzHujwNF9ZwMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjMwMTAxMDc1NTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjc1ZDQ5NzQxNzk1MTdjZjg4YTBiMjE4NWUyMzgxYmQ0NWNlYTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgfO8oQg36/FlEBuzVbKLG7bZnhjC
hzrtGEL/w648T4frxXxiOHXOSg8XQSA6D2bWYwANyyOfje0gxmBiHxavVQKZCkWQ
OaxI45yRCL/EQTYVKLNe4IZmYd7hDIHGwP6VU1svoKGqxxhtfkaE5BmJ4p2MOtGW
9WOaTuO5DxIQtCGmxyY0KNA4JW2vcU3l7rI/mYcJkkwrjCsSxnmWMkU0cjIO/Lsw
foWKkzPAnL8X9WoNIZXC6gEmprc8nmJwyCEdsDTpAn2E6bgRHanOeOIStTjrijru
2tRmRmgIQo8eE1ttqxTm4lxxUtG4BwSGmx3Sf73L3gTjm4lrjqt49g4PvwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDt11JdBeVF8+IoLIYXiOBvUXOpSMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvTzNYVWwwRjVVWHo0aWdzaGhlSTRHOVJjNmxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuY6NMA8E
AgACMAkDBwUqBnoEAAAwDQYJKoZIhvcNAQELBQADggEBAICiItfDmJG07fXlzI6l
jVaDXLPWXOVrkYmqiatU7+nZV7T4mpWYJYG67wAkybQ+ahza/BaS4Ziej0v3/ubL
B5hCoCLqERajqjQCVGEDcFWpcHSkM9gJ8rz3V4JqOECCNhNOMWDwZ69aaq+mdG1X
4BzMh6ga2emBDDcBf6iaXuGpGlkLF1oNGOvnDhyGTcCwebqTHL6aws76Ad+059WA
IRLfQ+sSS7Ge4qgYGiYtFdMEHasAy6tZ4kt/7/JwC2DvoNje47F4l/fOjhPjJEt5
Xh3M7/dmssNCC+hQeWV3FfI6P0IaRtrYzK1uCxaEPkUHKETEeJUr3qfyftx5i3Ik
BuI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:45 2024 by rpki-client on console-fra.rpki-client.org