Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/4alnNsVjSsf4orKtZ5LN8hPR7VI.roa
File:                     4alnNsVjSsf4orKtZ5LN8hPR7VI.roa (raw, json)
Hash identifier:          nw8eesYWkOTxKD+RSs/iAXDuURm7fC4eFgTXZWcwWaM=
Subject key identifier:   E1:A9:67:36:C5:63:4A:C7:F8:A2:B2:AD:67:92:CD:F2:13:D1:ED:52
Certificate issuer:       /CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Certificate serial:       018CC348C18BEA8A7544973061D49070EB16
Authority key identifier: 9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/4alnNsVjSsf4orKtZ5LN8hPR7VI.roa
Signing time:             Mon 01 Jan 2024 04:29:34 +0000
ROA not before:           Mon 01 Jan 2024 04:29:34 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     15402
IP address blocks:        185.126.18.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Wed 01 May 2024 11:16:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c3:48:c1:8b:ea:8a:75:44:97:30:61:d4:90:70:eb:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9a1e69368abd34538fe77ddaabcdc835af595eba
        Validity
            Not Before: Jan  1 04:29:34 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e1a96736c5634ac7f8a2b2ad6792cdf213d1ed52
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:69:59:ab:89:59:6a:49:54:14:8d:96:d9:21:
                    28:ad:c5:8e:31:64:09:fb:e3:f9:bc:0a:24:bd:a6:
                    4f:f4:0d:4d:20:1b:40:83:e5:cd:41:ce:12:bd:06:
                    7b:84:39:2c:c2:a1:e4:c8:ac:40:56:a4:d4:24:dc:
                    a8:f8:f8:03:2e:ea:a4:b4:42:7f:5c:23:c0:09:3f:
                    b4:13:db:be:93:90:ff:7f:83:5e:50:66:71:3b:c1:
                    4a:f8:9c:ee:be:dc:36:1c:3f:cd:98:b6:dc:df:f8:
                    f1:2e:b4:3c:8c:fa:87:dd:4c:d4:37:b4:a5:c0:0f:
                    7b:41:57:0d:33:7b:b6:ad:06:5d:e2:c2:0f:9b:78:
                    8a:f9:23:03:39:64:9a:fe:e8:c8:3a:a4:eb:b0:fa:
                    21:da:4d:26:99:9d:fd:12:02:78:17:cc:fb:fa:37:
                    12:c5:b5:54:02:5e:2d:48:2a:c2:ef:3b:fe:f4:35:
                    29:31:34:15:b8:d1:d6:22:fb:36:68:4e:2d:e8:b7:
                    46:9b:d9:03:7d:37:f9:4c:06:e0:5e:49:8a:f5:e3:
                    93:d7:31:8e:91:13:ea:25:a1:97:21:c4:e1:05:77:
                    10:00:a6:7b:c7:85:44:ff:f7:25:df:f8:e6:37:f6:
                    f0:ad:80:67:6f:90:4c:d2:c0:99:d3:43:7f:ca:bc:
                    08:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:A9:67:36:C5:63:4A:C7:F8:A2:B2:AD:67:92:CD:F2:13:D1:ED:52
            X509v3 Authority Key Identifier:
                keyid:9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/4alnNsVjSsf4orKtZ5LN8hPR7VI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.126.18.0/23

    Signature Algorithm: sha256WithRSAEncryption
         43:8f:e8:a3:f1:fb:53:72:21:3c:db:0b:a0:27:37:7c:84:3f:
         7f:34:b6:25:36:06:ea:f0:53:11:14:d2:c6:5d:42:08:c4:2b:
         c4:54:27:a3:5f:e0:60:9b:39:9c:e2:07:1d:61:b1:59:59:85:
         ed:c0:8c:95:81:d6:0d:d0:6d:9f:ba:52:2c:a6:9f:ad:47:6e:
         26:ec:cc:88:66:10:28:f5:09:ed:9f:f6:27:c8:2f:75:43:f5:
         22:3c:11:ae:c8:56:fb:1d:d8:65:0f:53:b9:d8:d8:36:a8:7c:
         2e:21:4e:b5:1b:6c:38:b3:5c:aa:b0:7f:27:30:5d:6e:57:df:
         ea:40:c2:83:71:81:4c:39:8b:3c:bc:19:de:ff:e1:3f:4c:64:
         3c:0a:19:28:df:84:f5:56:f6:70:a2:d8:37:6d:49:33:87:1f:
         5a:f6:3a:c7:24:69:19:f0:aa:29:89:7d:61:68:1c:a3:73:f5:
         e2:45:08:2a:81:92:90:35:29:c4:e4:cd:d9:af:91:86:a8:4f:
         ca:4c:43:56:ad:09:4c:e9:b3:35:36:02:c5:47:75:c4:1a:89:
         ef:35:a3:a9:b4:4d:01:25:97:67:96:83:7e:5a:ef:ab:93:f6:
         3e:67:7b:a1:af:2d:64:7d:bc:c8:b0:e7:15:f3:c5:ee:50:d8:
         da:bd:4c:f3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSMGL6op1RJcwYdSQcOsWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMWU2OTM2OGFiZDM0NTM4ZmU3N2RkYWFiY2RjODM1YWY1
OTVlYmEwHhcNMjQwMTAxMDQyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWE5NjczNmM1NjM0YWM3ZjhhMmIyYWQ2NzkyY2RmMjEzZDFlZDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwWlZq4lZaklUFI2W2SEorcWOMWQJ
++P5vAokvaZP9A1NIBtAg+XNQc4SvQZ7hDkswqHkyKxAVqTUJNyo+PgDLuqktEJ/
XCPACT+0E9u+k5D/f4NeUGZxO8FK+Jzuvtw2HD/NmLbc3/jxLrQ8jPqH3UzUN7Sl
wA97QVcNM3u2rQZd4sIPm3iK+SMDOWSa/ujIOqTrsPoh2k0mmZ39EgJ4F8z7+jcS
xbVUAl4tSCrC7zv+9DUpMTQVuNHWIvs2aE4t6LdGm9kDfTf5TAbgXkmK9eOT1zGO
kRPqJaGXIcThBXcQAKZ7x4VE//cl3/jmN/bwrYBnb5BM0sCZ00N/yrwIkwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOGpZzbFY0rH+KKyrWeSzfIT0e1SMB8GA1UdIwQY
MBaAFJoeaTaKvTRTj+d92qvNyDWvWV66MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjIt
MTA5ODJlMDQwZDUzLzEvNGFsbk5zVmpTc2Y0b3JLdFo1TE44aFBSN1ZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjItMTA5ODJlMDQwZDUz
LzEvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuX4SMA0G
CSqGSIb3DQEBCwUAA4IBAQBDj+ij8ftTciE82wugJzd8hD9/NLYlNgbq8FMRFNLG
XUIIxCvEVCejX+Bgmzmc4gcdYbFZWYXtwIyVgdYN0G2fulIspp+tR24m7MyIZhAo
9Qntn/YnyC91Q/UiPBGuyFb7HdhlD1O52Ng2qHwuIU61G2w4s1yqsH8nMF1uV9/q
QMKDcYFMOYs8vBne/+E/TGQ8Chko34T1VvZwotg3bUkzhx9a9jrHJGkZ8KopiX1h
aByjc/XiRQgqgZKQNSnE5M3Zr5GGqE/KTENWrQlM6bM1NgLFR3XEGonvNaOptE0B
JZdnloN+Wu+rk/Y+Z3uhry1kfbzIsOcV88XuUNjavUzz
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:33 2024 by rpki-client on console-ams.rpki-client.org