Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/31a0ec-d9b8-49e4-b436-8b4215e58028/1/Bh53SCEctZYjzqaOqhXfM0qxTis.roa
File:                     Bh53SCEctZYjzqaOqhXfM0qxTis.roa (raw, json)
Hash identifier:          c/XL0f3a6Y4jbzZypboq6eyb0JGUZrgZyJ6ffFPDH0U=
Subject key identifier:   06:1E:77:48:21:1C:B5:96:23:CE:A6:8E:AA:15:DF:33:4A:B1:4E:2B
Certificate issuer:       /CN=b00e25f55ebbacb069f103acb0866703835cfccd
Certificate serial:       01856ECB5D6C1A952FCF0338117004CEB2EC
Authority key identifier: B0:0E:25:F5:5E:BB:AC:B0:69:F1:03:AC:B0:86:67:03:83:5C:FC:CD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sA4l9V67rLBp8QOssIZnA4Nc_M0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e1/31a0ec-d9b8-49e4-b436-8b4215e58028/1/Bh53SCEctZYjzqaOqhXfM0qxTis.roa
Signing time:             Sun 01 Jan 2023 19:24:59 +0000
ROA not before:           Sun 01 Jan 2023 19:24:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     35369
IP address blocks:        185.197.181.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 04:30:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:cb:5d:6c:1a:95:2f:cf:03:38:11:70:04:ce:b2:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b00e25f55ebbacb069f103acb0866703835cfccd
        Validity
            Not Before: Jan  1 19:24:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=061e7748211cb59623cea68eaa15df334ab14e2b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:2e:dd:8d:40:77:96:75:d1:5b:98:ed:5d:eb:
                    08:4e:fc:d8:75:22:f5:79:98:09:f4:e3:58:c2:fe:
                    cb:fb:90:6c:16:77:0f:ae:55:83:30:97:9f:4c:e4:
                    ee:25:45:3b:10:89:30:a1:85:1a:07:9a:41:e4:fa:
                    9f:9e:c4:95:1a:dd:95:1c:49:be:85:f1:4b:f5:82:
                    bb:59:d3:79:8a:ec:e3:af:f2:d1:8c:5e:79:c9:20:
                    f1:f4:bc:71:77:a8:23:9b:9f:68:86:6b:f5:49:9f:
                    e9:9e:96:ad:56:86:56:2e:de:e8:78:f5:39:88:d7:
                    34:e9:5e:88:40:50:7c:4e:1a:45:58:39:84:3c:32:
                    a2:5e:74:f7:46:10:97:47:bd:cb:81:db:82:ab:e0:
                    6c:95:b1:93:89:f3:2a:68:39:53:e3:ce:19:26:d4:
                    ea:48:7c:34:ca:39:58:8b:4a:33:c7:3d:5e:6f:06:
                    8d:01:cb:68:dc:5f:b6:75:5b:a6:d1:ca:05:50:dd:
                    f3:a0:2b:c4:92:82:61:2b:f9:8f:0b:2a:c1:86:eb:
                    f9:88:2e:38:42:ff:7d:be:42:ec:cf:7b:96:24:1c:
                    f6:38:cb:92:ff:50:55:45:f0:78:a0:f3:42:7a:be:
                    da:4b:de:2a:45:ab:c7:97:71:10:c4:6c:41:94:6e:
                    e1:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:1E:77:48:21:1C:B5:96:23:CE:A6:8E:AA:15:DF:33:4A:B1:4E:2B
            X509v3 Authority Key Identifier:
                keyid:B0:0E:25:F5:5E:BB:AC:B0:69:F1:03:AC:B0:86:67:03:83:5C:FC:CD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sA4l9V67rLBp8QOssIZnA4Nc_M0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/31a0ec-d9b8-49e4-b436-8b4215e58028/1/Bh53SCEctZYjzqaOqhXfM0qxTis.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/31a0ec-d9b8-49e4-b436-8b4215e58028/1/sA4l9V67rLBp8QOssIZnA4Nc_M0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.197.181.0/24

    Signature Algorithm: sha256WithRSAEncryption
         26:be:56:0c:2c:71:22:08:d7:4b:e0:11:73:a9:47:02:e4:0f:
         32:c9:00:61:f2:af:f7:f1:f8:56:e6:a8:c0:5c:8a:ce:74:24:
         34:1f:f1:5f:df:4f:d9:62:ec:d9:58:8e:0d:d5:d8:c2:54:0f:
         32:1a:db:f1:1e:2a:b6:02:26:ae:bf:76:91:c7:70:ab:19:15:
         68:46:d5:16:7c:73:f3:9e:bf:59:56:f4:82:0c:85:d7:81:16:
         99:7b:0b:f4:a0:8c:64:4d:42:d3:c8:e6:c9:cf:ad:fa:58:f5:
         fb:ac:60:77:f7:de:15:d7:97:c0:10:73:0f:4a:72:75:56:0a:
         26:08:59:e2:ce:d6:47:aa:d8:a1:6d:93:42:64:ae:1c:ad:63:
         5f:53:f6:4e:c9:2a:5b:5a:59:27:98:18:96:08:6a:ef:11:92:
         cc:21:79:bf:df:da:84:a2:99:6e:49:4e:57:a8:bf:ba:54:9e:
         48:c0:c6:fa:71:2a:d0:59:35:54:68:db:32:2a:33:60:57:e8:
         20:31:77:e5:c4:87:ae:1a:9b:a9:4b:ec:33:b0:ff:4e:b4:ad:
         a2:23:6c:7d:c3:e4:3f:a0:f6:f5:46:40:e9:1f:06:d1:01:bf:
         f3:70:8c:b0:57:59:89:79:4c:5c:cb:1b:d8:cf:ee:e3:b0:dc:
         18:29:b8:cf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuy11sGpUvzwM4EXAEzrLsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwMGUyNWY1NWViYmFjYjA2OWYxMDNhY2IwODY2NzAzODM1
Y2ZjY2QwHhcNMjMwMTAxMTkyNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjFlNzc0ODIxMWNiNTk2MjNjZWE2OGVhYTE1ZGYzMzRhYjE0ZTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgy7djUB3lnXRW5jtXesITvzYdSL1
eZgJ9ONYwv7L+5BsFncPrlWDMJefTOTuJUU7EIkwoYUaB5pB5PqfnsSVGt2VHEm+
hfFL9YK7WdN5iuzjr/LRjF55ySDx9Lxxd6gjm59ohmv1SZ/pnpatVoZWLt7oePU5
iNc06V6IQFB8ThpFWDmEPDKiXnT3RhCXR73LgduCq+BslbGTifMqaDlT484ZJtTq
SHw0yjlYi0ozxz1ebwaNActo3F+2dVum0coFUN3zoCvEkoJhK/mPCyrBhuv5iC44
Qv99vkLsz3uWJBz2OMuS/1BVRfB4oPNCer7aS94qRavHl3EQxGxBlG7h/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAYed0ghHLWWI86mjqoV3zNKsU4rMB8GA1UdIwQY
MBaAFLAOJfVeu6ywafEDrLCGZwODXPzNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0E0bDlWNjdyTEJwOFFPc3NJWm5BNE5jX00wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS8zMWEwZWMtZDliOC00OWU0LWI0MzYt
OGI0MjE1ZTU4MDI4LzEvQmg1M1NDRWN0WllqenFhT3FoWGZNMHF4VGlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS8zMWEwZWMtZDliOC00OWU0LWI0MzYtOGI0MjE1ZTU4MDI4
LzEvc0E0bDlWNjdyTEJwOFFPc3NJWm5BNE5jX00wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAucW1MA0G
CSqGSIb3DQEBCwUAA4IBAQAmvlYMLHEiCNdL4BFzqUcC5A8yyQBh8q/38fhW5qjA
XIrOdCQ0H/Ff30/ZYuzZWI4N1djCVA8yGtvxHiq2Aiauv3aRx3CrGRVoRtUWfHPz
nr9ZVvSCDIXXgRaZewv0oIxkTULTyObJz636WPX7rGB3994V15fAEHMPSnJ1Vgom
CFniztZHqtihbZNCZK4crWNfU/ZOySpbWlknmBiWCGrvEZLMIXm/39qEopluSU5X
qL+6VJ5IwMb6cSrQWTVUaNsyKjNgV+ggMXflxIeuGpupS+wzsP9OtK2iI2x9w+Q/
oPb1RkDpHwbRAb/zcIywV1mJeUxcyxvYz+7jsNwYKbjP
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:48 2024 by rpki-client on console-ams.rpki-client.org