Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/B096JfTfqNSIHWRut_22U6YiH80.roa
File:                     B096JfTfqNSIHWRut_22U6YiH80.roa (raw, json)
Hash identifier:          TfdLSH6mjKwDXHYx17fNY/Q6cxm4Y0maoRWBf9T16Ng=
Subject key identifier:   07:4F:7A:25:F4:DF:A8:D4:88:1D:64:6E:B7:FD:B6:53:A6:22:1F:CD
Certificate issuer:       /CN=ae736cafddb6ebb8d7c76943f4a271e038510aa9
Certificate serial:       01856C9CEADE5E710A50470ECAFAC427D96A
Authority key identifier: AE:73:6C:AF:DD:B6:EB:B8:D7:C7:69:43:F4:A2:71:E0:38:51:0A:A9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rnNsr92267jXx2lD9KJx4DhRCqk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/B096JfTfqNSIHWRut_22U6YiH80.roa
Signing time:             Sun 01 Jan 2023 09:15:01 +0000
ROA not before:           Sun 01 Jan 2023 09:15:01 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43160
IP address blocks:        185.232.172.0/22 maxlen: 22
                          185.143.0.0/22 maxlen: 22
                          185.174.212.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:29:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:9c:ea:de:5e:71:0a:50:47:0e:ca:fa:c4:27:d9:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ae736cafddb6ebb8d7c76943f4a271e038510aa9
        Validity
            Not Before: Jan  1 09:15:01 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=074f7a25f4dfa8d4881d646eb7fdb653a6221fcd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:bf:12:fa:ad:3b:0c:70:ea:8c:02:01:23:18:
                    c4:fb:c3:61:e9:54:76:51:43:c9:e4:b9:d9:b1:fb:
                    64:17:5b:0c:b3:74:ff:e6:e5:e7:9b:e0:47:8b:66:
                    ce:f3:18:08:ab:1c:ea:eb:f1:34:80:0a:43:a2:56:
                    d1:de:15:96:6e:b0:49:2c:8b:d9:03:3a:94:d6:a2:
                    2d:c9:9e:8d:79:96:19:30:a2:75:6f:00:05:77:2a:
                    1c:f7:0a:63:8e:1e:b8:2d:2e:e8:61:4e:d7:38:0a:
                    19:97:dc:b4:39:55:98:7e:47:2b:c3:24:1a:de:09:
                    5e:6b:0e:da:c0:dc:39:43:16:e7:1a:1d:71:aa:7f:
                    3a:d4:8d:91:a8:62:1d:42:35:a4:7c:a7:fc:6c:e4:
                    8a:f2:21:13:3f:ae:0b:11:40:75:df:95:26:51:e2:
                    3c:d0:6e:7d:68:39:a9:8c:5b:2f:5a:fb:33:2c:ef:
                    90:5a:51:d4:df:3b:d2:11:37:e8:dd:ee:16:db:06:
                    fb:e6:c8:b8:34:ef:33:4c:1f:5e:80:4d:fe:b6:df:
                    b8:17:42:ff:92:f8:b0:91:5e:f0:58:df:fe:b8:ae:
                    e0:e4:4c:34:a9:e0:cd:1e:88:4f:31:89:1c:a3:5a:
                    08:3d:20:ef:57:30:d0:c3:41:a1:db:56:f9:88:6a:
                    e8:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:4F:7A:25:F4:DF:A8:D4:88:1D:64:6E:B7:FD:B6:53:A6:22:1F:CD
            X509v3 Authority Key Identifier:
                keyid:AE:73:6C:AF:DD:B6:EB:B8:D7:C7:69:43:F4:A2:71:E0:38:51:0A:A9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rnNsr92267jXx2lD9KJx4DhRCqk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/B096JfTfqNSIHWRut_22U6YiH80.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/86e32b-f067-450f-b67c-3aa150a92ab7/1/rnNsr92267jXx2lD9KJx4DhRCqk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.143.0.0/22
                  185.174.212.0/24
                  185.232.172.0/22

    Signature Algorithm: sha256WithRSAEncryption
         b9:61:ac:aa:9d:16:b0:26:b0:a6:73:f5:b1:1d:8a:21:2b:32:
         de:a2:d0:c1:29:27:bc:5b:b0:59:fc:64:ba:01:a2:6f:28:1f:
         8f:11:d2:08:cf:a8:58:20:76:97:5b:9f:92:7a:92:4f:e3:42:
         5f:c0:77:1f:c5:d5:55:32:4b:72:93:d7:1e:55:0c:e3:8e:d5:
         4f:45:6b:81:dc:7c:c9:95:8d:06:0b:c0:e9:b8:ce:0d:c8:08:
         ba:77:1b:81:80:52:e3:8e:49:91:35:0e:68:2a:f5:7f:53:58:
         56:b7:4e:8d:ba:0a:cc:1f:a5:0c:4c:f5:7d:c3:37:16:71:46:
         34:55:68:85:75:67:eb:98:01:d8:9f:fb:07:db:a7:68:17:1d:
         67:aa:db:ed:9a:e7:f0:0c:14:3b:55:91:4c:86:41:27:78:55:
         a3:d5:82:64:94:e5:75:41:e8:8d:74:67:7e:a8:4c:76:04:be:
         4c:9e:71:26:e2:33:7c:fe:b7:ca:57:6f:e7:1a:4e:c2:70:2c:
         7e:95:7d:35:6c:66:70:c4:73:45:69:30:43:a4:23:83:88:28:
         97:40:cb:d1:26:9b:65:5e:73:5e:ce:fe:17:ef:fa:b3:ee:d4:
         26:4b:ee:c8:71:e3:f0:24:05:a1:f7:33:66:e6:99:59:c0:6d:
         b8:dd:73:4d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVsnOreXnEKUEcOyvrEJ9lqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlNzM2Y2FmZGRiNmViYjhkN2M3Njk0M2Y0YTI3MWUwMzg1
MTBhYTkwHhcNMjMwMTAxMDkxNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzRmN2EyNWY0ZGZhOGQ0ODgxZDY0NmViN2ZkYjY1M2E2MjIxZmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqL8S+q07DHDqjAIBIxjE+8Nh6VR2
UUPJ5LnZsftkF1sMs3T/5uXnm+BHi2bO8xgIqxzq6/E0gApDolbR3hWWbrBJLIvZ
AzqU1qItyZ6NeZYZMKJ1bwAFdyoc9wpjjh64LS7oYU7XOAoZl9y0OVWYfkcrwyQa
3gleaw7awNw5QxbnGh1xqn861I2RqGIdQjWkfKf8bOSK8iETP64LEUB135UmUeI8
0G59aDmpjFsvWvszLO+QWlHU3zvSETfo3e4W2wb75si4NO8zTB9egE3+tt+4F0L/
kviwkV7wWN/+uK7g5Ew0qeDNHohPMYkco1oIPSDvVzDQw0Gh21b5iGroDwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAdPeiX036jUiB1kbrf9tlOmIh/NMB8GA1UdIwQY
MBaAFK5zbK/dtuu418dpQ/SiceA4UQqpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcm5Oc3I5MjI2N2pYeDJsRDlLSng0RGhSQ3FrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS84NmUzMmItZjA2Ny00NTBmLWI2N2Mt
M2FhMTUwYTkyYWI3LzEvQjA5NkpmVGZxTlNJSFdSdXRfMjJVNllpSDgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS84NmUzMmItZjA2Ny00NTBmLWI2N2MtM2FhMTUwYTkyYWI3
LzEvcm5Oc3I5MjI2N2pYeDJsRDlLSng0RGhSQ3FrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuY8AAwQA
ua7UAwQCueisMA0GCSqGSIb3DQEBCwUAA4IBAQC5YayqnRawJrCmc/WxHYohKzLe
otDBKSe8W7BZ/GS6AaJvKB+PEdIIz6hYIHaXW5+SepJP40JfwHcfxdVVMktyk9ce
VQzjjtVPRWuB3HzJlY0GC8DpuM4NyAi6dxuBgFLjjkmRNQ5oKvV/U1hWt06NugrM
H6UMTPV9wzcWcUY0VWiFdWfrmAHYn/sH26doFx1nqtvtmufwDBQ7VZFMhkEneFWj
1YJklOV1QeiNdGd+qEx2BL5MnnEm4jN8/rfKV2/nGk7CcCx+lX01bGZwxHNFaTBD
pCODiCiXQMvRJptlXnNezv4X7/qz7tQmS+7IcePwJAWh9zNm5plZwG243XNN
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:27 2024 by rpki-client on console-fra.rpki-client.org