Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/sKSfHdO9Y8lGE2TX56SFapra-ys.roa
File:                     sKSfHdO9Y8lGE2TX56SFapra-ys.roa (raw, json)
Hash identifier:          rEf3G5Kko8jXuERFQbgZiQJaWvsZrAW1U9Y7hUOD3+8=
Subject key identifier:   B0:A4:9F:1D:D3:BD:63:C9:46:13:64:D7:E7:A4:85:6A:9A:DA:FB:2B
Certificate issuer:       /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial:       018C0793467080CCF1645E55BDE4F6905895
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/sKSfHdO9Y8lGE2TX56SFapra-ys.roa
Signing time:             Sat 25 Nov 2023 17:42:21 +0000
ROA not before:           Sat 25 Nov 2023 17:42:21 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     131477
IP address blocks:        185.255.152.0/23 maxlen: 32
                          185.255.153.0/24 maxlen: 32

Validation:               Failed, certificate revoked on Sun 26 Nov 2023 06:55:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:07:93:46:70:80:cc:f1:64:5e:55:bd:e4:f6:90:58:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
        Validity
            Not Before: Nov 25 17:42:21 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b0a49f1dd3bd63c9461364d7e7a4856a9adafb2b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:59:81:c7:cf:ac:13:8e:bf:ec:e9:05:78:01:
                    ab:f4:42:e7:ae:d8:81:ec:ad:44:07:97:f2:e3:d6:
                    95:65:75:b5:4e:cd:34:12:87:7c:bb:fb:36:d9:57:
                    0e:a2:4d:9e:c8:bf:f3:6f:a6:1e:6a:8b:d5:d5:c8:
                    8a:66:10:af:fb:22:d7:84:7c:0c:5e:0e:0b:5b:1c:
                    e9:83:b1:d4:de:30:ee:0f:8f:a2:b6:d5:be:73:18:
                    6e:71:61:73:b6:11:de:37:b9:b9:7f:70:47:ff:e1:
                    12:5a:57:bc:dc:80:d8:d6:49:61:0f:73:18:2b:0d:
                    fa:d3:d5:ff:f8:9f:09:67:f1:3f:57:bf:4d:fb:93:
                    61:77:64:10:f0:8d:74:87:ad:f1:db:44:54:f0:6f:
                    12:43:09:c1:54:29:5f:cf:16:d5:8f:ee:4e:29:38:
                    ad:ea:0d:82:12:9f:00:62:af:6a:b0:72:ca:aa:3a:
                    1b:65:fe:f2:52:4e:38:bd:4e:40:4a:5e:a2:8b:33:
                    97:41:78:8b:69:55:91:be:97:8b:ff:63:af:60:13:
                    85:a4:5f:53:a3:38:27:fb:0e:54:fd:91:ec:0d:dd:
                    21:dc:b9:c4:73:f5:7d:bc:a4:02:e8:00:ac:bb:92:
                    6c:bc:1b:0d:5f:1e:59:36:b3:87:13:b5:2d:d9:55:
                    bd:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:A4:9F:1D:D3:BD:63:C9:46:13:64:D7:E7:A4:85:6A:9A:DA:FB:2B
            X509v3 Authority Key Identifier:
                keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/sKSfHdO9Y8lGE2TX56SFapra-ys.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.255.152.0/23

    Signature Algorithm: sha256WithRSAEncryption
         13:c3:29:36:e6:e8:f9:9a:d3:23:b3:5b:71:8c:65:f3:1a:9b:
         39:16:60:1c:5c:11:d3:7f:3d:cc:9e:69:08:9f:ae:d1:36:23:
         cc:9a:28:ac:c0:95:5c:1d:14:73:73:b4:03:e3:97:75:d0:f6:
         9b:35:00:b0:9a:8e:df:41:91:79:e8:df:e7:db:a0:dd:5c:af:
         f9:9e:55:04:cc:df:ba:7b:5b:8a:a9:aa:1b:16:88:92:9d:e6:
         b9:59:33:7e:00:df:ff:49:2b:e5:ae:c5:ae:f7:61:a9:08:64:
         06:d1:ca:03:ab:14:32:a3:57:42:f6:f6:a7:91:c8:8b:38:bc:
         1f:05:d7:ea:de:09:4f:0a:b7:12:09:71:8a:54:39:67:5f:5c:
         b7:2c:61:fb:d2:af:c3:72:e9:5e:7e:33:28:12:47:d5:29:a7:
         67:5e:cc:71:e3:9f:3a:15:fd:aa:0d:20:72:b5:cb:0d:95:43:
         ec:12:3f:aa:4e:35:2d:9c:0c:f8:ce:4e:09:ad:5b:3f:13:4c:
         a5:cc:49:50:8f:98:22:26:fe:24:1f:36:73:6b:4c:0b:5e:e2:
         24:29:20:da:84:89:2d:ba:62:94:75:81:18:18:2f:ae:1f:63:
         c8:cc:17:94:8e:a4:fd:8d:f8:55:36:7c:2b:34:10:3e:f4:e0:
         bb:91:6d:8d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYwHk0ZwgMzxZF5VveT2kFiVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjMxMTI1MTc0MjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGE0OWYxZGQzYmQ2M2M5NDYxMzY0ZDdlN2E0ODU2YTlhZGFmYjJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt1mBx8+sE46/7OkFeAGr9ELnrtiB
7K1EB5fy49aVZXW1Ts00Eod8u/s22VcOok2eyL/zb6YeaovV1ciKZhCv+yLXhHwM
Xg4LWxzpg7HU3jDuD4+ittW+cxhucWFzthHeN7m5f3BH/+ESWle83IDY1klhD3MY
Kw3609X/+J8JZ/E/V79N+5Nhd2QQ8I10h63x20RU8G8SQwnBVClfzxbVj+5OKTit
6g2CEp8AYq9qsHLKqjobZf7yUk44vU5ASl6iizOXQXiLaVWRvpeL/2OvYBOFpF9T
ozgn+w5U/ZHsDd0h3LnEc/V9vKQC6ACsu5JsvBsNXx5ZNrOHE7Ut2VW9ywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLCknx3TvWPJRhNk1+ekhWqa2vsrMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvc0tTZkhkTzlZOGxHRTJUWDU2U0ZhcHJhLXlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuf+YMA0G
CSqGSIb3DQEBCwUAA4IBAQATwyk25uj5mtMjs1txjGXzGps5FmAcXBHTfz3MnmkI
n67RNiPMmiiswJVcHRRzc7QD45d10PabNQCwmo7fQZF56N/n26DdXK/5nlUEzN+6
e1uKqaobFoiSnea5WTN+AN//SSvlrsWu92GpCGQG0coDqxQyo1dC9vankciLOLwf
Bdfq3glPCrcSCXGKVDlnX1y3LGH70q/DculefjMoEkfVKadnXsxx4586Ff2qDSBy
tcsNlUPsEj+qTjUtnAz4zk4JrVs/E0ylzElQj5giJv4kHzZza0wLXuIkKSDahIkt
umKUdYEYGC+uH2PIzBeUjqT9jfhVNnwrNBA+9OC7kW2N
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:33 2024 by rpki-client on console-ams.rpki-client.org