Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/f0f5e3-6050-4e2d-a4ea-a4ea0a63f766/1/LBpJiNG0M0u1N-VehSqhux8pfOQ.roa
File:                     LBpJiNG0M0u1N-VehSqhux8pfOQ.roa (raw, json)
Hash identifier:          +mYzQMxFD80LqjoqeZ+nk23jG0h+2uPbK2eBTKpp6MQ=
Subject key identifier:   2C:1A:49:88:D1:B4:33:4B:B5:37:E5:5E:85:2A:A1:BB:1F:29:7C:E4
Certificate issuer:       /CN=a5c6373eab19cf43dd2f43111398383ee2bad030
Certificate serial:       01856FD52DDA4B33BF25CBFCA94ECE783214
Authority key identifier: A5:C6:37:3E:AB:19:CF:43:DD:2F:43:11:13:98:38:3E:E2:BA:D0:30
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pcY3PqsZz0PdL0MRE5g4PuK60DA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e2/f0f5e3-6050-4e2d-a4ea-a4ea0a63f766/1/LBpJiNG0M0u1N-VehSqhux8pfOQ.roa
Signing time:             Mon 02 Jan 2023 00:15:19 +0000
ROA not before:           Mon 02 Jan 2023 00:15:19 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     3356
IP address blocks:        185.228.2.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 27 Jul 2023 09:01:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:d5:2d:da:4b:33:bf:25:cb:fc:a9:4e:ce:78:32:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a5c6373eab19cf43dd2f43111398383ee2bad030
        Validity
            Not Before: Jan  2 00:15:19 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2c1a4988d1b4334bb537e55e852aa1bb1f297ce4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:3f:a2:f4:01:87:8b:00:22:03:ec:77:2e:ac:
                    cb:da:2e:bd:dd:ab:d6:31:59:1e:a6:c3:ca:28:4d:
                    f5:60:d3:61:21:bf:14:07:da:5a:03:fd:9f:7a:7a:
                    6e:1c:5c:70:23:94:b8:da:cd:45:b3:da:ba:2d:3d:
                    46:60:6b:b0:f9:66:c3:fb:f6:4a:2a:6a:9b:fd:36:
                    11:43:18:f8:70:8b:ca:41:b6:a3:4d:52:68:de:0d:
                    78:35:0f:52:1c:10:2f:1d:e3:76:d7:91:bb:37:ea:
                    c2:37:85:2f:18:30:17:82:6c:db:3b:dd:97:8c:5a:
                    6b:7f:d5:4e:31:df:d4:13:be:e6:fb:51:05:b1:c6:
                    40:29:60:e5:bb:54:3e:4e:fe:7e:5e:bc:ae:47:c9:
                    cf:37:5a:ca:e6:f2:06:59:f9:d7:8e:27:9c:70:a6:
                    1a:86:c5:70:08:f6:65:56:3d:ef:d9:b2:4a:87:55:
                    6f:84:66:ab:b5:65:07:14:4c:74:03:76:a3:66:04:
                    71:8d:2a:c4:0b:c4:55:23:37:0e:25:a3:c0:72:3f:
                    71:24:75:b7:c7:92:3d:b6:d3:f2:e0:e9:1a:a2:6b:
                    ee:40:9f:43:e2:22:26:d6:2a:fe:d4:9c:59:86:b8:
                    5f:11:3a:e1:8e:6a:1e:5f:20:ef:65:8f:44:ed:99:
                    9e:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:1A:49:88:D1:B4:33:4B:B5:37:E5:5E:85:2A:A1:BB:1F:29:7C:E4
            X509v3 Authority Key Identifier:
                keyid:A5:C6:37:3E:AB:19:CF:43:DD:2F:43:11:13:98:38:3E:E2:BA:D0:30

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pcY3PqsZz0PdL0MRE5g4PuK60DA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/f0f5e3-6050-4e2d-a4ea-a4ea0a63f766/1/LBpJiNG0M0u1N-VehSqhux8pfOQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/f0f5e3-6050-4e2d-a4ea-a4ea0a63f766/1/pcY3PqsZz0PdL0MRE5g4PuK60DA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.228.2.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4f:7c:05:ef:66:65:57:77:1c:b4:60:2d:c3:12:ee:14:26:3f:
         e9:9b:cf:81:ee:63:59:b0:0d:f3:00:88:24:cf:ab:7b:5a:5d:
         b4:75:3a:b0:80:f3:ac:9c:ed:f3:e1:a8:fa:fb:69:30:1b:5d:
         99:53:f8:24:84:9a:68:81:7e:bd:15:80:63:7f:ba:65:00:4b:
         cc:27:71:c9:5a:37:82:13:c7:26:30:86:37:c8:f4:c3:aa:d1:
         4e:5e:55:15:6d:a9:cc:75:e9:6d:4e:80:1d:b0:c4:07:69:1a:
         7c:fd:c2:f5:b7:40:ac:ea:90:dd:83:fe:ba:26:b5:32:f6:64:
         76:6a:c6:68:96:c5:c5:26:ab:53:0e:c6:61:12:95:33:08:ab:
         f5:23:4a:6d:66:59:b6:d4:ef:e1:b7:5f:81:8d:89:9f:53:e8:
         df:4e:5f:64:d8:94:fe:2a:a6:bf:af:df:cd:0c:81:e6:a5:04:
         c9:38:9d:87:4a:fc:3e:4e:9b:09:2c:e4:b7:2e:01:9b:15:06:
         7b:4c:46:be:a0:99:fd:20:bf:3e:e9:4e:f0:44:db:70:ad:26:
         91:fd:49:80:dd:4d:60:78:e3:ad:51:fa:79:c2:6e:2b:b9:7a:
         9c:22:eb:45:41:c2:dd:43:66:3b:a0:c9:ae:52:b6:02:a9:a1:
         62:04:f7:f1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv1S3aSzO/Jcv8qU7OeDIUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1YzYzNzNlYWIxOWNmNDNkZDJmNDMxMTEzOTgzODNlZTJi
YWQwMzAwHhcNMjMwMTAyMDAxNTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzFhNDk4OGQxYjQzMzRiYjUzN2U1NWU4NTJhYTFiYjFmMjk3Y2U0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhj+i9AGHiwAiA+x3LqzL2i693avW
MVkepsPKKE31YNNhIb8UB9paA/2fenpuHFxwI5S42s1Fs9q6LT1GYGuw+WbD+/ZK
Kmqb/TYRQxj4cIvKQbajTVJo3g14NQ9SHBAvHeN215G7N+rCN4UvGDAXgmzbO92X
jFprf9VOMd/UE77m+1EFscZAKWDlu1Q+Tv5+XryuR8nPN1rK5vIGWfnXjieccKYa
hsVwCPZlVj3v2bJKh1VvhGartWUHFEx0A3ajZgRxjSrEC8RVIzcOJaPAcj9xJHW3
x5I9ttPy4OkaomvuQJ9D4iIm1ir+1JxZhrhfETrhjmoeXyDvZY9E7ZmecQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCwaSYjRtDNLtTflXoUqobsfKXzkMB8GA1UdIwQY
MBaAFKXGNz6rGc9D3S9DEROYOD7iutAwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGNZM1Bxc1p6MFBkTDBNUkU1ZzRQdUs2MERBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9mMGY1ZTMtNjA1MC00ZTJkLWE0ZWEt
YTRlYTBhNjNmNzY2LzEvTEJwSmlORzBNMHUxTi1WZWhTcWh1eDhwZk9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9mMGY1ZTMtNjA1MC00ZTJkLWE0ZWEtYTRlYTBhNjNmNzY2
LzEvcGNZM1Bxc1p6MFBkTDBNUkU1ZzRQdUs2MERBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueQCMA0G
CSqGSIb3DQEBCwUAA4IBAQBPfAXvZmVXdxy0YC3DEu4UJj/pm8+B7mNZsA3zAIgk
z6t7Wl20dTqwgPOsnO3z4aj6+2kwG12ZU/gkhJpogX69FYBjf7plAEvMJ3HJWjeC
E8cmMIY3yPTDqtFOXlUVbanMdeltToAdsMQHaRp8/cL1t0Cs6pDdg/66JrUy9mR2
asZolsXFJqtTDsZhEpUzCKv1I0ptZlm21O/ht1+BjYmfU+jfTl9k2JT+Kqa/r9/N
DIHmpQTJOJ2HSvw+TpsJLOS3LgGbFQZ7TEa+oJn9IL8+6U7wRNtwrSaR/UmA3U1g
eOOtUfp5wm4ruXqcIutFQcLdQ2Y7oMmuUrYCqaFiBPfx
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:12 2024 by rpki-client on console-ams.rpki-client.org