Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/17b797-2e66-40df-868a-0a275a6763ce/1/RJBvRnVW_nujJlF4Fw65SG03Sbs.roa
File:                     RJBvRnVW_nujJlF4Fw65SG03Sbs.roa (raw, json)
Hash identifier:          UmvXRExhEuQsBmf0vSD/UVGKuOZPY9ITBJVHQ6APo4k=
Subject key identifier:   44:90:6F:46:75:56:FE:7B:A3:26:51:78:17:0E:B9:48:6D:37:49:BB
Certificate issuer:       /CN=bfe57cc3db1840470c73a09605d187d7bd9595cb
Certificate serial:       018A8A2AB848AD5B0AC52EE08A443FA84387
Authority key identifier: BF:E5:7C:C3:DB:18:40:47:0C:73:A0:96:05:D1:87:D7:BD:95:95:CB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/v-V8w9sYQEcMc6CWBdGH172Vlcs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d1/17b797-2e66-40df-868a-0a275a6763ce/1/RJBvRnVW_nujJlF4Fw65SG03Sbs.roa
Signing time:             Tue 12 Sep 2023 16:12:50 +0000
ROA not before:           Tue 12 Sep 2023 16:12:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     205544
IP address blocks:        185.245.124.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 02:29:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:8a:2a:b8:48:ad:5b:0a:c5:2e:e0:8a:44:3f:a8:43:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bfe57cc3db1840470c73a09605d187d7bd9595cb
        Validity
            Not Before: Sep 12 16:12:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=44906f467556fe7ba3265178170eb9486d3749bb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:82:60:78:fa:69:66:bf:49:66:e0:2e:14:63:
                    bc:7e:b5:33:d5:6e:6c:74:b9:7d:5d:66:f4:09:ef:
                    84:b3:da:54:56:f8:72:81:e2:ba:2b:3b:b1:a7:61:
                    7a:f9:f6:2a:83:5b:7a:dd:0c:60:35:e3:b7:98:63:
                    02:6d:0a:95:b5:e1:bd:ba:f9:fe:07:f2:0a:ed:a9:
                    ee:a0:4e:7a:41:0c:38:9c:1c:94:3a:3f:83:b2:b5:
                    d4:dd:02:a7:b6:b2:64:aa:2a:2f:50:07:b9:88:f1:
                    c6:1e:ed:af:03:d2:58:bd:24:8e:00:56:27:1e:fb:
                    9b:74:33:4b:dd:6b:36:4d:cd:da:2c:72:8b:60:a9:
                    5f:66:13:8a:50:f8:d1:21:10:de:f3:22:4f:1d:d5:
                    19:d5:33:c1:43:75:20:d7:b5:51:64:61:7e:9b:cf:
                    cc:16:56:81:ca:0c:0a:aa:8a:bb:88:fe:b8:69:c7:
                    c2:7a:48:81:af:10:f6:b2:ba:e5:5f:62:6b:e6:36:
                    82:05:4c:0a:fb:17:89:4c:82:71:73:41:bc:fe:dc:
                    3f:cd:a4:3a:97:2a:e2:a4:44:3d:31:10:e5:23:f3:
                    68:ba:cf:08:ad:67:2a:a8:1e:5d:a7:14:cb:6a:9f:
                    6d:5f:f7:a0:84:02:30:b8:f9:0a:52:63:72:77:6b:
                    7f:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:90:6F:46:75:56:FE:7B:A3:26:51:78:17:0E:B9:48:6D:37:49:BB
            X509v3 Authority Key Identifier:
                keyid:BF:E5:7C:C3:DB:18:40:47:0C:73:A0:96:05:D1:87:D7:BD:95:95:CB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v-V8w9sYQEcMc6CWBdGH172Vlcs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/17b797-2e66-40df-868a-0a275a6763ce/1/RJBvRnVW_nujJlF4Fw65SG03Sbs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/17b797-2e66-40df-868a-0a275a6763ce/1/v-V8w9sYQEcMc6CWBdGH172Vlcs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.245.124.0/22

    Signature Algorithm: sha256WithRSAEncryption
         69:ef:be:d6:07:d7:58:25:8b:3f:b6:16:e5:63:51:e8:72:45:
         3a:90:26:4d:ea:2a:81:f6:0c:2f:a1:cd:34:bd:82:2c:c8:d8:
         09:f2:19:ef:34:f2:3d:ff:7e:ce:1e:70:2e:3b:3d:e4:de:0a:
         7e:5a:6f:4d:6d:24:4e:97:ca:9d:31:d5:ce:dc:c8:08:23:03:
         02:c4:2a:e3:70:43:fc:fc:62:4f:ee:fe:15:13:1f:63:ce:cb:
         71:f0:64:fd:5f:c9:9f:77:38:0c:96:6e:98:b7:aa:5c:a9:c0:
         bc:fa:bc:d8:e6:dc:ba:eb:77:fa:9e:42:59:75:a0:83:41:fb:
         ab:a7:d0:cc:93:8f:80:99:46:35:51:8b:93:d4:92:26:f7:04:
         59:10:4b:b9:73:f5:ea:84:16:36:dc:45:e6:30:52:53:b2:b1:
         45:a3:44:a4:f9:e7:9f:09:d6:60:08:02:69:bd:7f:67:e4:7c:
         f3:d5:22:fe:c1:f4:a2:36:ad:a3:f1:9a:63:12:ea:bb:6e:f7:
         f7:4a:3f:33:a8:21:31:8b:4b:1b:66:74:c6:7a:1c:1a:1d:d6:
         de:eb:8d:cf:e0:f3:97:f9:0c:b8:6c:a4:2f:6c:98:91:0f:77:
         77:ee:4b:d1:97:ca:3e:b4:47:5d:c4:e8:13:ee:77:f6:60:ad:
         2a:77:d3:0d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYqKKrhIrVsKxS7gikQ/qEOHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmZTU3Y2MzZGIxODQwNDcwYzczYTA5NjA1ZDE4N2Q3YmQ5
NTk1Y2IwHhcNMjMwOTEyMTYxMjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDkwNmY0Njc1NTZmZTdiYTMyNjUxNzgxNzBlYjk0ODZkMzc0OWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr4JgePppZr9JZuAuFGO8frUz1W5s
dLl9XWb0Ce+Es9pUVvhygeK6Kzuxp2F6+fYqg1t63QxgNeO3mGMCbQqVteG9uvn+
B/IK7anuoE56QQw4nByUOj+DsrXU3QKntrJkqiovUAe5iPHGHu2vA9JYvSSOAFYn
HvubdDNL3Ws2Tc3aLHKLYKlfZhOKUPjRIRDe8yJPHdUZ1TPBQ3Ug17VRZGF+m8/M
FlaBygwKqoq7iP64acfCekiBrxD2srrlX2Jr5jaCBUwK+xeJTIJxc0G8/tw/zaQ6
lyripEQ9MRDlI/Nous8IrWcqqB5dpxTLap9tX/eghAIwuPkKUmNyd2t/twIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFESQb0Z1Vv57oyZReBcOuUhtN0m7MB8GA1UdIwQY
MBaAFL/lfMPbGEBHDHOglgXRh9e9lZXLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdi1WOHc5c1lRRWNNYzZDV0JkR0gxNzJWbGNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS8xN2I3OTctMmU2Ni00MGRmLTg2OGEt
MGEyNzVhNjc2M2NlLzEvUkpCdlJuVldfbnVqSmxGNEZ3NjVTRzAzU2JzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS8xN2I3OTctMmU2Ni00MGRmLTg2OGEtMGEyNzVhNjc2M2Nl
LzEvdi1WOHc5c1lRRWNNYzZDV0JkR0gxNzJWbGNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCufV8MA0G
CSqGSIb3DQEBCwUAA4IBAQBp777WB9dYJYs/thblY1HockU6kCZN6iqB9gwvoc00
vYIsyNgJ8hnvNPI9/37OHnAuOz3k3gp+Wm9NbSROl8qdMdXO3MgIIwMCxCrjcEP8
/GJP7v4VEx9jzstx8GT9X8mfdzgMlm6Yt6pcqcC8+rzY5ty663f6nkJZdaCDQfur
p9DMk4+AmUY1UYuT1JIm9wRZEEu5c/XqhBY23EXmMFJTsrFFo0Sk+eefCdZgCAJp
vX9n5Hzz1SL+wfSiNq2j8ZpjEuq7bvf3Sj8zqCExi0sbZnTGehwaHdbe643P4POX
+Qy4bKQvbJiRD3d37kvRl8o+tEddxOgT7nf2YK0qd9MN
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:52 2024 by rpki-client on console-fra.rpki-client.org