Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/015e90-5204-4d09-8b26-fceacbd73845/1/oZ_sxth2FEeRF5sRXpVvKFFM5ns.roa
File:                     oZ_sxth2FEeRF5sRXpVvKFFM5ns.roa (raw, json)
Hash identifier:          73Ui9zRTqdZoVMEA53m7agvFF0pXakGQFf2XU6lES8w=
Subject key identifier:   A1:9F:EC:C6:D8:76:14:47:91:17:9B:11:5E:95:6F:28:51:4C:E6:7B
Certificate issuer:       /CN=e5cbde75d536e91b28a23469349d1cf28b884a3b
Certificate serial:       01856CD3900A9A7832CE27B6224391AB68AC
Authority key identifier: E5:CB:DE:75:D5:36:E9:1B:28:A2:34:69:34:9D:1C:F2:8B:88:4A:3B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5cveddU26RsoojRpNJ0c8ouISjs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d4/015e90-5204-4d09-8b26-fceacbd73845/1/oZ_sxth2FEeRF5sRXpVvKFFM5ns.roa
Signing time:             Sun 01 Jan 2023 10:14:42 +0000
ROA not before:           Sun 01 Jan 2023 10:14:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     55195
IP address blocks:        185.159.197.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:31:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:d3:90:0a:9a:78:32:ce:27:b6:22:43:91:ab:68:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e5cbde75d536e91b28a23469349d1cf28b884a3b
        Validity
            Not Before: Jan  1 10:14:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a19fecc6d876144791179b115e956f28514ce67b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:56:37:f8:3d:f6:5a:2e:10:6d:23:39:20:32:
                    9c:ec:d1:88:87:52:cc:75:77:36:d7:fc:61:05:a5:
                    77:e2:1d:11:7a:ef:03:11:5b:f1:57:48:51:c6:64:
                    d8:85:27:5a:e3:1c:e6:da:c9:60:a0:a1:8c:b8:2d:
                    35:c1:e9:12:e1:72:6a:2c:b9:1b:fb:e8:71:bc:9c:
                    97:99:4f:25:33:7f:db:97:93:f5:8a:4e:cd:24:77:
                    66:c6:f3:5d:95:c4:97:77:0d:ec:ba:8a:9d:af:81:
                    e8:05:75:28:60:f9:22:c4:49:88:25:08:18:6e:0a:
                    20:72:f7:45:58:97:d3:f5:c0:c1:c2:85:ad:a7:9e:
                    f4:32:7f:ae:89:24:cd:05:79:ee:c5:bf:b0:66:00:
                    6b:55:05:ca:f7:34:4a:d2:c9:fc:f6:bd:f9:c6:2f:
                    0b:7d:1e:58:9a:90:74:a0:22:62:25:5c:11:18:84:
                    2c:fd:ec:fd:33:d9:ee:c0:1e:e3:87:91:10:8b:ae:
                    4d:f1:af:9c:8b:ae:53:56:aa:51:48:9d:51:a9:22:
                    fe:10:0b:9d:98:8c:98:eb:58:84:8e:e2:25:ea:82:
                    c3:46:b3:80:56:4a:d1:f3:56:f9:6e:35:3a:b7:75:
                    ba:b3:e5:42:68:07:4a:6a:b1:ac:d7:b3:d5:99:38:
                    50:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:9F:EC:C6:D8:76:14:47:91:17:9B:11:5E:95:6F:28:51:4C:E6:7B
            X509v3 Authority Key Identifier:
                keyid:E5:CB:DE:75:D5:36:E9:1B:28:A2:34:69:34:9D:1C:F2:8B:88:4A:3B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5cveddU26RsoojRpNJ0c8ouISjs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/015e90-5204-4d09-8b26-fceacbd73845/1/oZ_sxth2FEeRF5sRXpVvKFFM5ns.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/015e90-5204-4d09-8b26-fceacbd73845/1/5cveddU26RsoojRpNJ0c8ouISjs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.159.197.0/24

    Signature Algorithm: sha256WithRSAEncryption
         15:55:8c:0e:09:32:62:2a:df:cb:b6:1f:5a:e5:97:89:cf:a5:
         6b:19:0f:68:89:2d:1f:e3:e0:71:4e:a8:62:83:4f:96:3d:c6:
         9a:26:34:d1:3a:6d:78:58:a7:fe:b4:4e:7c:64:2a:09:5c:e6:
         79:e4:f6:04:60:66:1f:18:e3:5f:b9:6c:ac:ff:45:63:31:aa:
         c2:08:8e:3e:c5:44:1f:34:3e:7e:f1:e1:25:33:c4:ed:16:7f:
         1a:61:f0:aa:66:55:6a:9b:ad:33:21:26:aa:0d:d3:3e:3f:83:
         cd:ad:4f:cf:39:95:3a:2b:74:d5:9e:cc:dd:4d:25:4c:79:a9:
         97:98:25:08:06:5f:4d:04:71:8b:e3:3c:0c:2c:46:c6:cf:04:
         81:64:d1:4d:ac:82:60:e8:11:86:73:cf:ce:5c:76:a4:eb:01:
         cd:72:27:36:4d:89:ba:00:4c:25:98:da:d3:64:d4:40:94:5a:
         a3:71:c0:d0:8a:db:3a:2b:22:3e:23:fe:7e:56:0f:bf:f2:61:
         ef:6d:59:19:db:98:ea:70:bf:25:44:51:6a:ac:09:6d:6b:4a:
         48:50:dd:6f:fc:85:ea:1d:cb:09:90:9c:9b:4b:28:8e:0e:b1:
         f2:d2:40:68:54:42:e3:a2:83:c5:3b:18:8f:61:8a:53:34:54:
         62:08:66:1a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVs05AKmngyzie2IkORq2isMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1Y2JkZTc1ZDUzNmU5MWIyOGEyMzQ2OTM0OWQxY2YyOGI4
ODRhM2IwHhcNMjMwMTAxMTAxNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTlmZWNjNmQ4NzYxNDQ3OTExNzliMTE1ZTk1NmYyODUxNGNlNjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApFY3+D32Wi4QbSM5IDKc7NGIh1LM
dXc21/xhBaV34h0Reu8DEVvxV0hRxmTYhSda4xzm2slgoKGMuC01wekS4XJqLLkb
++hxvJyXmU8lM3/bl5P1ik7NJHdmxvNdlcSXdw3suoqdr4HoBXUoYPkixEmIJQgY
bgogcvdFWJfT9cDBwoWtp570Mn+uiSTNBXnuxb+wZgBrVQXK9zRK0sn89r35xi8L
fR5YmpB0oCJiJVwRGIQs/ez9M9nuwB7jh5EQi65N8a+ci65TVqpRSJ1RqSL+EAud
mIyY61iEjuIl6oLDRrOAVkrR81b5bjU6t3W6s+VCaAdKarGs17PVmThQawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKGf7MbYdhRHkRebEV6VbyhRTOZ7MB8GA1UdIwQY
MBaAFOXL3nXVNukbKKI0aTSdHPKLiEo7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWN2ZWRkVTI2UnNvb2pScE5KMGM4b3VJU2pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC8wMTVlOTAtNTIwNC00ZDA5LThiMjYt
ZmNlYWNiZDczODQ1LzEvb1pfc3h0aDJGRWVSRjVzUlhwVnZLRkZNNW5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC8wMTVlOTAtNTIwNC00ZDA5LThiMjYtZmNlYWNiZDczODQ1
LzEvNWN2ZWRkVTI2UnNvb2pScE5KMGM4b3VJU2pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZ/FMA0G
CSqGSIb3DQEBCwUAA4IBAQAVVYwOCTJiKt/Lth9a5ZeJz6VrGQ9oiS0f4+BxTqhi
g0+WPcaaJjTROm14WKf+tE58ZCoJXOZ55PYEYGYfGONfuWys/0VjMarCCI4+xUQf
ND5+8eElM8TtFn8aYfCqZlVqm60zISaqDdM+P4PNrU/POZU6K3TVnszdTSVMeamX
mCUIBl9NBHGL4zwMLEbGzwSBZNFNrIJg6BGGc8/OXHak6wHNcic2TYm6AEwlmNrT
ZNRAlFqjccDQits6KyI+I/5+Vg+/8mHvbVkZ25jqcL8lRFFqrAlta0pIUN1v/IXq
HcsJkJybSyiODrHy0kBoVELjooPFOxiPYYpTNFRiCGYa
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:15 2024 by rpki-client on console-ams.rpki-client.org