Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/006d43-3dbf-4cf8-815d-5dc2fa6a3503/1/LrDEFJeVitjnZAcqlIPMwuhXpo4.roa
File:                     LrDEFJeVitjnZAcqlIPMwuhXpo4.roa (raw, json)
Hash identifier:          YMWBvo0WG7N6YDrjJTdcu5BRUVJyziaUoETBhaIdJxE=
Subject key identifier:   2E:B0:C4:14:97:95:8A:D8:E7:64:07:2A:94:83:CC:C2:E8:57:A6:8E
Certificate issuer:       /CN=cd65ee23bff42ccf679d7377fe4da695d341aef0
Certificate serial:       01856F14CB8CE50FBDFD47F4FD6A92E379E2
Authority key identifier: CD:65:EE:23:BF:F4:2C:CF:67:9D:73:77:FE:4D:A6:95:D3:41:AE:F0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zWXuI7_0LM9nnXN3_k2mldNBrvA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e1/006d43-3dbf-4cf8-815d-5dc2fa6a3503/1/LrDEFJeVitjnZAcqlIPMwuhXpo4.roa
Signing time:             Sun 01 Jan 2023 20:45:11 +0000
ROA not before:           Sun 01 Jan 2023 20:45:11 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     41528
IP address blocks:        185.71.158.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 14 Dec 2023 09:42:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:14:cb:8c:e5:0f:bd:fd:47:f4:fd:6a:92:e3:79:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cd65ee23bff42ccf679d7377fe4da695d341aef0
        Validity
            Not Before: Jan  1 20:45:11 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2eb0c41497958ad8e764072a9483ccc2e857a68e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:a7:99:61:81:a4:84:11:0d:f7:9a:13:75:8f:
                    ae:ed:8a:a5:2b:ed:6c:c7:74:6a:91:8f:9e:56:f2:
                    39:a1:e3:d8:b4:1b:ea:31:5d:35:56:ba:06:98:7f:
                    d7:6c:ad:0b:a2:31:20:d8:53:ea:67:2c:a3:48:96:
                    e8:3c:49:4f:49:57:d9:18:d2:d5:dc:14:25:a9:97:
                    c5:6c:a7:c0:9e:36:96:72:8f:2c:8e:ca:6f:5a:00:
                    37:6d:76:39:d4:74:71:f2:c6:dd:f3:8f:99:62:6d:
                    f3:76:53:fa:8a:1a:4b:09:58:3c:58:f5:a5:9b:d8:
                    28:36:15:ed:e7:c6:cd:f8:84:65:3b:f6:83:9b:76:
                    e6:66:7d:4e:02:ff:23:b3:55:a6:11:c5:0f:0f:e8:
                    c0:59:71:a9:70:e8:31:51:5e:41:d5:cf:06:a6:60:
                    99:a7:95:04:ec:16:13:ce:0a:06:6c:fd:03:5e:fb:
                    2b:e3:2a:89:81:03:64:31:a3:86:01:97:70:83:b6:
                    af:02:87:da:4c:ab:52:58:c2:00:1f:8f:e8:64:f8:
                    ad:0c:b0:6a:03:c0:a8:1c:7b:ad:d7:bf:e0:2f:a0:
                    91:50:5f:01:c1:33:2b:0f:f6:f2:25:bb:f5:94:7d:
                    ab:9f:9e:94:f8:3a:c0:65:67:41:d6:6f:9b:9d:79:
                    f5:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:B0:C4:14:97:95:8A:D8:E7:64:07:2A:94:83:CC:C2:E8:57:A6:8E
            X509v3 Authority Key Identifier:
                keyid:CD:65:EE:23:BF:F4:2C:CF:67:9D:73:77:FE:4D:A6:95:D3:41:AE:F0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zWXuI7_0LM9nnXN3_k2mldNBrvA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/006d43-3dbf-4cf8-815d-5dc2fa6a3503/1/LrDEFJeVitjnZAcqlIPMwuhXpo4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/006d43-3dbf-4cf8-815d-5dc2fa6a3503/1/zWXuI7_0LM9nnXN3_k2mldNBrvA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.71.158.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2a:69:16:c6:ec:03:37:cd:ba:4f:05:22:79:c2:1e:54:54:89:
         8d:e2:10:01:59:aa:e3:65:eb:cc:21:34:f0:0b:05:75:01:4a:
         92:48:83:16:1b:39:2a:fd:93:95:03:f1:02:59:e3:c0:e0:b0:
         ec:1d:0a:c3:32:bb:02:9e:1c:41:f9:67:ec:c7:29:1a:f1:c5:
         56:89:f2:33:87:48:de:bc:77:3f:b1:cc:8c:ed:26:04:2d:cb:
         88:d5:2a:42:58:91:64:ae:ec:6d:41:76:96:b2:72:45:5c:d5:
         06:0e:eb:ab:1e:36:00:91:03:9a:2f:4f:93:12:a5:6d:07:e0:
         e4:a5:55:26:35:d7:9d:74:1a:8a:3d:30:0f:08:2b:e4:57:ed:
         e9:75:6c:37:f0:1f:33:e7:98:7b:cd:84:a2:ab:3d:07:6f:9c:
         78:5e:e7:69:28:e1:a2:4a:c2:b6:8f:27:0a:0a:c5:c4:6d:b9:
         1a:c0:0d:8a:39:4a:23:bd:27:25:b4:1a:6d:a1:df:87:ba:68:
         e2:5c:53:b3:f5:91:89:2d:e5:a3:a5:3b:71:92:b4:f9:81:7c:
         e0:67:5b:1e:6b:86:eb:a5:29:87:be:2a:10:17:c4:db:ef:b7:
         e5:fc:78:a7:b7:b7:35:2c:da:54:7e:fc:88:e1:69:e6:e7:44:
         3d:e7:da:22
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvFMuM5Q+9/Uf0/WqS43niMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNjVlZTIzYmZmNDJjY2Y2NzlkNzM3N2ZlNGRhNjk1ZDM0
MWFlZjAwHhcNMjMwMTAxMjA0NTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWIwYzQxNDk3OTU4YWQ4ZTc2NDA3MmE5NDgzY2NjMmU4NTdhNjhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuaeZYYGkhBEN95oTdY+u7YqlK+1s
x3RqkY+eVvI5oePYtBvqMV01VroGmH/XbK0LojEg2FPqZyyjSJboPElPSVfZGNLV
3BQlqZfFbKfAnjaWco8sjspvWgA3bXY51HRx8sbd84+ZYm3zdlP6ihpLCVg8WPWl
m9goNhXt58bN+IRlO/aDm3bmZn1OAv8js1WmEcUPD+jAWXGpcOgxUV5B1c8GpmCZ
p5UE7BYTzgoGbP0DXvsr4yqJgQNkMaOGAZdwg7avAofaTKtSWMIAH4/oZPitDLBq
A8CoHHut17/gL6CRUF8BwTMrD/byJbv1lH2rn56U+DrAZWdB1m+bnXn1wwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC6wxBSXlYrY52QHKpSDzMLoV6aOMB8GA1UdIwQY
MBaAFM1l7iO/9CzPZ51zd/5NppXTQa7wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveldYdUk3XzBMTTlublhOM19rMm1sZE5CcnZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS8wMDZkNDMtM2RiZi00Y2Y4LTgxNWQt
NWRjMmZhNmEzNTAzLzEvTHJERUZKZVZpdGpuWkFjcWxJUE13dWhYcG80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS8wMDZkNDMtM2RiZi00Y2Y4LTgxNWQtNWRjMmZhNmEzNTAz
LzEveldYdUk3XzBMTTlublhOM19rMm1sZE5CcnZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuUeeMA0G
CSqGSIb3DQEBCwUAA4IBAQAqaRbG7AM3zbpPBSJ5wh5UVImN4hABWarjZevMITTw
CwV1AUqSSIMWGzkq/ZOVA/ECWePA4LDsHQrDMrsCnhxB+Wfsxyka8cVWifIzh0je
vHc/scyM7SYELcuI1SpCWJFkruxtQXaWsnJFXNUGDuurHjYAkQOaL0+TEqVtB+Dk
pVUmNdeddBqKPTAPCCvkV+3pdWw38B8z55h7zYSiqz0Hb5x4XudpKOGiSsK2jycK
CsXEbbkawA2KOUojvScltBptod+HumjiXFOz9ZGJLeWjpTtxkrT5gXzgZ1sea4br
pSmHvioQF8Tb77fl/Hint7c1LNpUfvyI4Wnm50Q959oi
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:45 2024 by rpki-client on console-ams.rpki-client.org