Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/860a5e-e0d0-44f5-9c54-3cc4ff9aa1bc/1/Ru1WQZ2rRx1HBRHrgl6TeU3kdTg.roa
File:                     Ru1WQZ2rRx1HBRHrgl6TeU3kdTg.roa (raw, json)
Hash identifier:          3NKSknT1m6TdmlzelElbycHpAOskmzeLCMh5GpMpqq4=
Subject key identifier:   46:ED:56:41:9D:AB:47:1D:47:05:11:EB:82:5E:93:79:4D:E4:75:38
Certificate issuer:       /CN=638c509cb77b0149b6f66f5019f858b3acf942e9
Certificate serial:       018572D5CBA1E8024F0C50BC086FED5EE75E
Authority key identifier: 63:8C:50:9C:B7:7B:01:49:B6:F6:6F:50:19:F8:58:B3:AC:F9:42:E9
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Y4xQnLd7AUm29m9QGfhYs6z5Quk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/d8/860a5e-e0d0-44f5-9c54-3cc4ff9aa1bc/1/Ru1WQZ2rRx1HBRHrgl6TeU3kdTg.roa
Signing time:             Mon 02 Jan 2023 14:14:51 +0000
ROA not before:           Mon 02 Jan 2023 14:14:51 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     29562
IP address blocks:        185.2.142.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:29:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:d5:cb:a1:e8:02:4f:0c:50:bc:08:6f:ed:5e:e7:5e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=638c509cb77b0149b6f66f5019f858b3acf942e9
        Validity
            Not Before: Jan  2 14:14:51 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=46ed56419dab471d470511eb825e93794de47538
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:b3:40:42:ab:00:60:01:fe:42:69:a1:dc:1e:
                    87:ec:ab:71:bb:b8:0f:34:01:ed:5f:fc:9a:84:fd:
                    c0:2c:24:4a:fa:d4:5c:18:c0:25:4f:14:a4:d9:55:
                    b3:84:24:9a:84:24:84:5b:be:4f:3c:0f:1c:c7:78:
                    24:c4:e1:05:e1:bd:11:01:67:e1:9e:80:79:48:c6:
                    53:bd:b4:d7:be:ee:14:0e:b3:8d:59:18:d8:d3:cb:
                    49:d3:4b:5d:cf:6a:d2:6d:38:06:71:d6:c6:40:40:
                    d8:54:d9:46:b3:6b:03:e5:80:5e:98:52:f2:34:0a:
                    a5:c2:12:b0:18:70:b1:45:0e:2e:f0:e1:79:c9:e6:
                    b5:a4:63:07:56:05:75:78:d5:61:d2:f0:95:01:8c:
                    2c:d6:57:14:04:4d:0a:4a:d4:e4:e6:8d:da:be:c9:
                    a5:11:0f:42:ff:b9:5c:d0:a5:97:44:cb:53:9c:1e:
                    b6:92:27:99:99:eb:99:9e:e9:c7:ef:86:e3:48:25:
                    d6:c4:2b:95:1e:97:e6:3b:e6:86:b7:69:c3:cf:23:
                    20:c1:de:e0:48:f0:04:af:06:84:61:cf:67:15:46:
                    82:98:4c:b5:94:d6:8b:57:3f:4c:a1:7c:5f:ee:35:
                    68:9c:0b:ad:c9:c2:f4:47:b9:43:e8:bb:13:01:7d:
                    f3:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:ED:56:41:9D:AB:47:1D:47:05:11:EB:82:5E:93:79:4D:E4:75:38
            X509v3 Authority Key Identifier:
                keyid:63:8C:50:9C:B7:7B:01:49:B6:F6:6F:50:19:F8:58:B3:AC:F9:42:E9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y4xQnLd7AUm29m9QGfhYs6z5Quk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/860a5e-e0d0-44f5-9c54-3cc4ff9aa1bc/1/Ru1WQZ2rRx1HBRHrgl6TeU3kdTg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/860a5e-e0d0-44f5-9c54-3cc4ff9aa1bc/1/Y4xQnLd7AUm29m9QGfhYs6z5Quk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.2.142.0/23

    Signature Algorithm: sha256WithRSAEncryption
         1c:1a:c5:46:09:2e:cd:f4:d8:5e:f2:e1:d6:17:4d:fd:55:09:
         be:4d:57:76:76:0e:50:28:7f:f2:25:50:b2:5f:2a:97:d7:b4:
         4f:cd:8e:7e:a9:76:7b:7d:99:35:1f:5b:0b:70:ee:d5:5d:c0:
         b9:21:e2:27:57:3c:87:79:ea:dc:cd:f5:85:ae:53:66:aa:b9:
         6a:5d:83:8d:6c:25:a2:bb:7f:bf:17:10:84:f5:17:25:f2:09:
         f7:b3:c0:21:ab:3f:39:bc:99:05:c5:75:c8:56:2e:d8:49:3a:
         29:86:10:ba:fc:da:4e:1d:74:10:70:a4:16:6b:8e:a8:89:80:
         06:74:7c:55:93:5c:fa:6a:a1:90:32:8a:ca:4e:1a:51:7e:f2:
         e8:c4:a0:40:6d:76:7b:91:b6:2c:62:66:e9:b2:71:13:26:5e:
         46:62:22:32:4c:f9:23:b8:57:7c:da:bd:09:9e:24:f3:e6:39:
         c3:21:3c:98:ea:47:96:20:fc:79:b6:fb:fe:24:1b:2d:13:05:
         65:11:5d:a3:d3:c2:11:d8:57:8f:2a:1d:4c:e8:6a:bf:a1:9d:
         68:fe:1d:6a:61:2e:89:33:04:01:88:09:66:c7:3e:ba:23:37:
         dd:a9:69:08:4a:96:a3:ba:87:24:59:26:0a:2d:7a:7e:2e:bf:
         25:fa:ce:69
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVy1cuh6AJPDFC8CG/tXudeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzOGM1MDljYjc3YjAxNDliNmY2NmY1MDE5Zjg1OGIzYWNm
OTQyZTkwHhcNMjMwMTAyMTQxNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmVkNTY0MTlkYWI0NzFkNDcwNTExZWI4MjVlOTM3OTRkZTQ3NTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz7NAQqsAYAH+Qmmh3B6H7Ktxu7gP
NAHtX/yahP3ALCRK+tRcGMAlTxSk2VWzhCSahCSEW75PPA8cx3gkxOEF4b0RAWfh
noB5SMZTvbTXvu4UDrONWRjY08tJ00tdz2rSbTgGcdbGQEDYVNlGs2sD5YBemFLy
NAqlwhKwGHCxRQ4u8OF5yea1pGMHVgV1eNVh0vCVAYws1lcUBE0KStTk5o3avsml
EQ9C/7lc0KWXRMtTnB62kieZmeuZnunH74bjSCXWxCuVHpfmO+aGt2nDzyMgwd7g
SPAErwaEYc9nFUaCmEy1lNaLVz9MoXxf7jVonAutycL0R7lD6LsTAX3zfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEbtVkGdq0cdRwUR64Jek3lN5HU4MB8GA1UdIwQY
MBaAFGOMUJy3ewFJtvZvUBn4WLOs+ULpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTR4UW5MZDdBVW0yOW05UUdmaFlzNno1UXVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC84NjBhNWUtZTBkMC00NGY1LTljNTQt
M2NjNGZmOWFhMWJjLzEvUnUxV1FaMnJSeDFIQlJIcmdsNlRlVTNrZFRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC84NjBhNWUtZTBkMC00NGY1LTljNTQtM2NjNGZmOWFhMWJj
LzEvWTR4UW5MZDdBVW0yOW05UUdmaFlzNno1UXVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuQKOMA0G
CSqGSIb3DQEBCwUAA4IBAQAcGsVGCS7N9Nhe8uHWF039VQm+TVd2dg5QKH/yJVCy
XyqX17RPzY5+qXZ7fZk1H1sLcO7VXcC5IeInVzyHeerczfWFrlNmqrlqXYONbCWi
u3+/FxCE9Rcl8gn3s8Ahqz85vJkFxXXIVi7YSTophhC6/NpOHXQQcKQWa46oiYAG
dHxVk1z6aqGQMorKThpRfvLoxKBAbXZ7kbYsYmbpsnETJl5GYiIyTPkjuFd82r0J
niTz5jnDITyY6keWIPx5tvv+JBstEwVlEV2j08IR2FePKh1M6Gq/oZ1o/h1qYS6J
MwQBiAlmxz66IzfdqWkISpajuockWSYKLXp+Lr8l+s5p
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:46 2024 by rpki-client on console-fra.rpki-client.org