Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/d7300f-de06-4f7b-a909-6598b4ceb069/1/XLfKzZYlLreYSQ9xouLChopqLqg.roa
File:                     XLfKzZYlLreYSQ9xouLChopqLqg.roa (raw, json)
Hash identifier:          bVwp91IhmFQGIzFl3x9tKIhLiA12QSwkwQvHK47PIk0=
Subject key identifier:   5C:B7:CA:CD:96:25:2E:B7:98:49:0F:71:A2:E2:C2:86:8A:6A:2E:A8
Certificate issuer:       /CN=12694f6945a21d08d30192cfc1a6b780de728e3b
Certificate serial:       01856D53FE75A5A4AB9F30FD3E7142F56C65
Authority key identifier: 12:69:4F:69:45:A2:1D:08:D3:01:92:CF:C1:A6:B7:80:DE:72:8E:3B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EmlPaUWiHQjTAZLPwaa3gN5yjjs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d0/d7300f-de06-4f7b-a909-6598b4ceb069/1/XLfKzZYlLreYSQ9xouLChopqLqg.roa
Signing time:             Sun 01 Jan 2023 12:34:59 +0000
ROA not before:           Sun 01 Jan 2023 12:34:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49907
IP address blocks:        185.75.55.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:31:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:53:fe:75:a5:a4:ab:9f:30:fd:3e:71:42:f5:6c:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=12694f6945a21d08d30192cfc1a6b780de728e3b
        Validity
            Not Before: Jan  1 12:34:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=5cb7cacd96252eb798490f71a2e2c2868a6a2ea8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:e0:d1:66:a3:e3:07:5e:9d:07:f8:cc:0c:66:
                    ef:05:1f:f6:31:0c:cf:35:fa:36:77:9c:00:6b:54:
                    9a:a2:c9:82:51:c7:01:4a:a3:1d:86:82:d2:3b:bf:
                    c8:b4:35:07:d8:0c:9c:ac:13:e0:9a:ff:4d:1a:c3:
                    c7:94:6e:af:93:bf:fd:70:7f:75:cf:f7:c0:9c:fe:
                    38:2f:ae:82:b8:3e:e9:6e:b8:0a:94:aa:e6:4b:c4:
                    81:17:e4:82:fe:c5:23:5d:ac:0f:3a:e6:e4:92:8b:
                    9d:10:2d:c6:5a:02:1b:86:c7:ae:f5:fa:f8:69:1a:
                    52:8c:ff:0a:fe:75:22:82:21:56:aa:d8:0a:3f:83:
                    f6:eb:6b:17:5e:de:4c:2d:f9:83:db:dd:bc:4b:a4:
                    cc:cd:da:ed:1f:a9:30:b5:6b:31:dc:ff:b6:c6:04:
                    1e:ed:33:80:93:7a:12:be:4c:5b:df:86:a9:c9:15:
                    bc:1c:f8:fd:8a:39:45:cf:b4:ff:7b:c5:86:e8:1f:
                    5a:91:ea:9b:c5:6f:76:18:e0:59:60:b3:f6:92:1a:
                    c9:fe:f1:9e:80:d4:12:8e:cf:d8:53:70:2e:6b:0d:
                    27:9e:d6:52:31:a2:b3:2e:f8:56:3c:07:cf:83:3e:
                    00:53:fb:49:f2:eb:26:c6:44:2f:89:ab:7d:c9:04:
                    14:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:B7:CA:CD:96:25:2E:B7:98:49:0F:71:A2:E2:C2:86:8A:6A:2E:A8
            X509v3 Authority Key Identifier:
                keyid:12:69:4F:69:45:A2:1D:08:D3:01:92:CF:C1:A6:B7:80:DE:72:8E:3B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EmlPaUWiHQjTAZLPwaa3gN5yjjs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/d7300f-de06-4f7b-a909-6598b4ceb069/1/XLfKzZYlLreYSQ9xouLChopqLqg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/d7300f-de06-4f7b-a909-6598b4ceb069/1/EmlPaUWiHQjTAZLPwaa3gN5yjjs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.75.55.0/24

    Signature Algorithm: sha256WithRSAEncryption
         41:af:54:45:56:83:85:54:2b:89:b1:9c:dd:20:78:e4:ed:f7:
         05:a1:52:a6:ac:f9:2d:c1:90:ed:65:16:fe:a0:15:04:bf:b5:
         fd:6e:57:49:cd:31:07:49:6d:a7:3e:3c:e6:80:51:d2:f7:bd:
         b3:9c:ce:e6:1a:91:77:a4:d5:45:3e:eb:62:db:80:08:85:ce:
         d0:f0:28:84:13:d9:6f:c6:91:2f:d5:a8:2c:89:fa:26:43:5a:
         f1:a7:a9:c9:6d:b7:a0:bc:cd:11:49:7f:89:80:5e:1b:d8:a1:
         2a:e7:1f:73:f7:be:ed:c6:6a:1e:f9:30:07:45:54:6c:5b:3f:
         98:d1:73:06:48:26:5d:de:ca:2a:92:8f:b8:f0:db:f1:26:07:
         d8:b2:a6:2f:b0:8e:3f:72:7d:9a:68:2e:e8:d2:93:a4:35:30:
         af:f2:67:9d:de:ee:a3:5f:13:7a:38:ed:30:03:42:a7:fa:e5:
         98:4f:80:65:fa:e9:6d:68:4c:39:67:63:fa:a6:d0:84:42:31:
         d7:f2:6d:90:09:dd:44:f4:c5:69:ca:03:d9:b4:24:fc:aa:1a:
         9c:92:92:34:2c:9b:db:8f:31:dc:36:4d:cb:46:e2:20:f0:7a:
         86:81:b4:55:70:9a:91:de:26:92:38:34:7c:10:1c:bb:80:72:
         70:5c:f4:94
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtU/51paSrnzD9PnFC9WxlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyNjk0ZjY5NDVhMjFkMDhkMzAxOTJjZmMxYTZiNzgwZGU3
MjhlM2IwHhcNMjMwMTAxMTIzNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2I3Y2FjZDk2MjUyZWI3OTg0OTBmNzFhMmUyYzI4NjhhNmEyZWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiODRZqPjB16dB/jMDGbvBR/2MQzP
Nfo2d5wAa1SaosmCUccBSqMdhoLSO7/ItDUH2AycrBPgmv9NGsPHlG6vk7/9cH91
z/fAnP44L66CuD7pbrgKlKrmS8SBF+SC/sUjXawPOubkkoudEC3GWgIbhseu9fr4
aRpSjP8K/nUigiFWqtgKP4P262sXXt5MLfmD2928S6TMzdrtH6kwtWsx3P+2xgQe
7TOAk3oSvkxb34apyRW8HPj9ijlFz7T/e8WG6B9akeqbxW92GOBZYLP2khrJ/vGe
gNQSjs/YU3Auaw0nntZSMaKzLvhWPAfPgz4AU/tJ8usmxkQviat9yQQU9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFy3ys2WJS63mEkPcaLiwoaKai6oMB8GA1UdIwQY
MBaAFBJpT2lFoh0I0wGSz8Gmt4Deco47MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRW1sUGFVV2lIUWpUQVpMUHdhYTNnTjV5ampzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9kNzMwMGYtZGUwNi00ZjdiLWE5MDkt
NjU5OGI0Y2ViMDY5LzEvWExmS3paWWxMcmVZU1E5eG91TENob3BxTHFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9kNzMwMGYtZGUwNi00ZjdiLWE5MDktNjU5OGI0Y2ViMDY5
LzEvRW1sUGFVV2lIUWpUQVpMUHdhYTNnTjV5ampzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuUs3MA0G
CSqGSIb3DQEBCwUAA4IBAQBBr1RFVoOFVCuJsZzdIHjk7fcFoVKmrPktwZDtZRb+
oBUEv7X9bldJzTEHSW2nPjzmgFHS972znM7mGpF3pNVFPuti24AIhc7Q8CiEE9lv
xpEv1agsifomQ1rxp6nJbbegvM0RSX+JgF4b2KEq5x9z977txmoe+TAHRVRsWz+Y
0XMGSCZd3soqko+48NvxJgfYsqYvsI4/cn2aaC7o0pOkNTCv8med3u6jXxN6OO0w
A0Kn+uWYT4Bl+ultaEw5Z2P6ptCEQjHX8m2QCd1E9MVpygPZtCT8qhqckpI0LJvb
jzHcNk3LRuIg8HqGgbRVcJqR3iaSODR8EBy7gHJwXPSU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:50 2024 by rpki-client on console-fra.rpki-client.org