Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/7a5fd3-faae-4120-a4a8-1dc2a52368c1/1/RiV2UNM0UeyOaV_O1R7iggF_C-Q.roa
File:                     RiV2UNM0UeyOaV_O1R7iggF_C-Q.roa (raw, json)
Hash identifier:          /BvEB25Td6+GFBDzD96fAFyGJcYnAfJQ8HZ/ra4qskw=
Subject key identifier:   46:25:76:50:D3:34:51:EC:8E:69:5F:CE:D5:1E:E2:82:01:7F:0B:E4
Certificate issuer:       /CN=1af16a3cf8116721afad8c1e5b3e83a2959ceb99
Certificate serial:       018572CCD3FC8099393B7BCBB012157CEFA0
Authority key identifier: 1A:F1:6A:3C:F8:11:67:21:AF:AD:8C:1E:5B:3E:83:A2:95:9C:EB:99
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/GvFqPPgRZyGvrYweWz6DopWc65k.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dc/7a5fd3-faae-4120-a4a8-1dc2a52368c1/1/RiV2UNM0UeyOaV_O1R7iggF_C-Q.roa
Signing time:             Mon 02 Jan 2023 14:05:04 +0000
ROA not before:           Mon 02 Jan 2023 14:05:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     49321
IP address blocks:        185.128.225.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 06:29:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:cc:d3:fc:80:99:39:3b:7b:cb:b0:12:15:7c:ef:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1af16a3cf8116721afad8c1e5b3e83a2959ceb99
        Validity
            Not Before: Jan  2 14:05:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=46257650d33451ec8e695fced51ee282017f0be4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:ff:d8:06:dd:66:f7:cb:84:78:b0:66:9f:11:
                    38:bd:a8:00:65:92:09:6c:ce:b9:e4:50:78:12:c6:
                    52:9e:05:a6:51:46:eb:8f:e3:9f:f4:5e:2f:d1:b6:
                    61:e9:41:9a:da:aa:c6:ab:af:b9:cd:d3:70:40:b8:
                    ee:c6:f3:d8:80:bd:5a:c0:6e:96:91:e9:f2:f0:0a:
                    ac:d4:8c:af:ea:e7:ce:71:43:4f:16:1e:15:7a:37:
                    fc:ff:88:64:86:c2:60:2e:f8:7c:ba:e2:e7:83:c7:
                    93:31:32:6c:b6:59:fa:01:0c:da:ea:9e:a2:a4:c3:
                    23:a2:fc:a9:cb:c3:08:69:d6:02:c6:3e:14:c1:57:
                    83:ef:39:9b:79:72:f6:78:b6:a6:44:d4:b0:38:c4:
                    6d:ae:c9:7b:42:b3:7f:73:ec:79:ba:e2:87:c0:28:
                    ab:86:5c:c0:24:41:68:70:6b:ed:05:10:1d:57:79:
                    4f:86:69:70:dd:75:22:8a:36:44:a3:a8:c3:72:31:
                    da:ca:1f:03:b6:51:73:3a:8a:ea:78:45:32:4f:7c:
                    14:36:59:23:52:ba:ae:f5:32:37:e6:f7:f6:be:0f:
                    5e:e0:9c:37:c6:e5:53:6b:74:23:14:34:b9:c6:4b:
                    6c:02:c3:38:9c:20:31:3c:d4:65:0a:6c:d6:05:16:
                    4e:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:25:76:50:D3:34:51:EC:8E:69:5F:CE:D5:1E:E2:82:01:7F:0B:E4
            X509v3 Authority Key Identifier:
                keyid:1A:F1:6A:3C:F8:11:67:21:AF:AD:8C:1E:5B:3E:83:A2:95:9C:EB:99

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GvFqPPgRZyGvrYweWz6DopWc65k.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/7a5fd3-faae-4120-a4a8-1dc2a52368c1/1/RiV2UNM0UeyOaV_O1R7iggF_C-Q.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/7a5fd3-faae-4120-a4a8-1dc2a52368c1/1/GvFqPPgRZyGvrYweWz6DopWc65k.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.128.225.0/24

    Signature Algorithm: sha256WithRSAEncryption
         66:9b:fb:f0:80:62:21:f1:9e:3a:3c:20:c1:2b:85:57:1c:a9:
         18:ed:3c:a7:4f:02:db:fc:3d:ca:b9:a0:c5:c7:19:40:b8:2c:
         74:61:36:b8:db:43:1a:74:c8:a9:71:cc:a9:40:6a:a7:d0:9c:
         7c:65:db:87:02:1b:aa:18:c2:c3:40:97:71:7f:d7:84:26:b9:
         49:c6:e5:ba:25:f0:95:e7:07:5a:a7:d8:71:93:23:62:e3:90:
         72:6e:eb:3b:e5:4a:8a:78:04:67:ef:ef:28:5c:90:b5:47:2d:
         69:5c:3d:bc:06:a7:5f:ab:66:1d:6b:cc:62:8a:7b:18:b0:74:
         e1:18:b2:3e:08:f1:c3:25:d1:00:c7:53:d8:42:e3:dc:c5:e5:
         1f:e4:04:90:0d:fd:45:46:62:bc:fc:48:ae:89:d9:25:99:4f:
         3d:da:42:c8:69:19:4a:96:65:e0:14:b2:5e:69:c2:c4:83:d7:
         4c:2d:9f:44:cf:b8:07:78:fa:81:68:d9:32:de:fa:15:dc:b4:
         c6:f1:ce:ce:3a:26:29:37:00:ae:e1:94:aa:aa:51:94:8c:3c:
         fc:a8:9b:4c:1f:cf:cf:f6:bb:cd:b2:f7:58:8c:97:c5:2e:31:
         1e:ce:bc:0f:1a:fd:7a:1d:61:1a:3d:35:c9:38:c9:ee:60:34:
         63:78:81:4b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyzNP8gJk5O3vLsBIVfO+gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhZjE2YTNjZjgxMTY3MjFhZmFkOGMxZTViM2U4M2EyOTU5
Y2ViOTkwHhcNMjMwMTAyMTQwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjI1NzY1MGQzMzQ1MWVjOGU2OTVmY2VkNTFlZTI4MjAxN2YwYmU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyP/YBt1m98uEeLBmnxE4vagAZZIJ
bM655FB4EsZSngWmUUbrj+Of9F4v0bZh6UGa2qrGq6+5zdNwQLjuxvPYgL1awG6W
keny8Aqs1Iyv6ufOcUNPFh4Vejf8/4hkhsJgLvh8uuLng8eTMTJstln6AQza6p6i
pMMjovypy8MIadYCxj4UwVeD7zmbeXL2eLamRNSwOMRtrsl7QrN/c+x5uuKHwCir
hlzAJEFocGvtBRAdV3lPhmlw3XUiijZEo6jDcjHayh8DtlFzOorqeEUyT3wUNlkj
Urqu9TI35vf2vg9e4Jw3xuVTa3QjFDS5xktsAsM4nCAxPNRlCmzWBRZOfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEYldlDTNFHsjmlfztUe4oIBfwvkMB8GA1UdIwQY
MBaAFBrxajz4EWchr62MHls+g6KVnOuZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3ZGcVBQZ1JaeUd2cll3ZVd6NkRvcFdjNjVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy83YTVmZDMtZmFhZS00MTIwLWE0YTgt
MWRjMmE1MjM2OGMxLzEvUmlWMlVOTTBVZXlPYVZfTzFSN2lnZ0ZfQy1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy83YTVmZDMtZmFhZS00MTIwLWE0YTgtMWRjMmE1MjM2OGMx
LzEvR3ZGcVBQZ1JaeUd2cll3ZVd6NkRvcFdjNjVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYDhMA0G
CSqGSIb3DQEBCwUAA4IBAQBmm/vwgGIh8Z46PCDBK4VXHKkY7TynTwLb/D3KuaDF
xxlAuCx0YTa420MadMipccypQGqn0Jx8ZduHAhuqGMLDQJdxf9eEJrlJxuW6JfCV
5wdap9hxkyNi45Bybus75UqKeARn7+8oXJC1Ry1pXD28Bqdfq2Yda8xiinsYsHTh
GLI+CPHDJdEAx1PYQuPcxeUf5ASQDf1FRmK8/EiuidklmU892kLIaRlKlmXgFLJe
acLEg9dMLZ9Ez7gHePqBaNky3voV3LTG8c7OOiYpNwCu4ZSqqlGUjDz8qJtMH8/P
9rvNsvdYjJfFLjEezrwPGv16HWEaPTXJOMnuYDRjeIFL
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:46 2024 by rpki-client on console-ams.rpki-client.org