Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/0f92bd-35d0-4570-b5d3-6f31f6f7f16b/1/xtle1i8FyDByf9AK4G2pnb52M3w.roa
File:                     xtle1i8FyDByf9AK4G2pnb52M3w.roa (raw, json)
Hash identifier:          LpEeW2sQE3bJGam/+ksFfjGCN70p3fnNWGSmT7CrLnU=
Subject key identifier:   C6:D9:5E:D6:2F:05:C8:30:72:7F:D0:0A:E0:6D:A9:9D:BE:76:33:7C
Certificate issuer:       /CN=ca5e3ec5a90623ccb97784d3cef24212a31cbaf1
Certificate serial:       01856D0188E1E5AFB20DF75DDD6605FAB605
Authority key identifier: CA:5E:3E:C5:A9:06:23:CC:B9:77:84:D3:CE:F2:42:12:A3:1C:BA:F1
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/yl4-xakGI8y5d4TTzvJCEqMcuvE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e3/0f92bd-35d0-4570-b5d3-6f31f6f7f16b/1/xtle1i8FyDByf9AK4G2pnb52M3w.roa
Signing time:             Sun 01 Jan 2023 11:04:54 +0000
ROA not before:           Sun 01 Jan 2023 11:04:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     204529
IP address blocks:        185.114.218.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:31:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:01:88:e1:e5:af:b2:0d:f7:5d:dd:66:05:fa:b6:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ca5e3ec5a90623ccb97784d3cef24212a31cbaf1
        Validity
            Not Before: Jan  1 11:04:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c6d95ed62f05c830727fd00ae06da99dbe76337c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:47:5d:c8:71:f8:76:45:de:85:7f:fe:5e:7a:
                    a4:f8:54:56:5a:bf:55:ca:84:d7:e6:d9:c4:1e:32:
                    4a:50:03:af:32:04:46:3f:c7:07:d1:6a:06:54:49:
                    e0:61:40:b9:c4:ad:52:a6:f1:24:90:43:76:66:6d:
                    6f:80:3e:2e:38:0b:97:f3:32:09:4b:ae:b6:76:de:
                    57:9c:c3:cf:11:87:4c:5b:c8:1a:38:0e:82:2e:9a:
                    1a:4a:2c:f3:8b:48:3b:32:8e:99:51:41:51:63:e5:
                    3c:3f:8e:c0:63:4c:6f:ff:a4:cf:3a:c8:2c:15:df:
                    b0:76:8a:55:c5:a8:3b:1a:b9:ce:66:28:7b:16:23:
                    f8:04:f0:f5:7e:a0:dc:87:4c:ba:4d:6b:ec:32:45:
                    d3:32:70:4a:10:6a:d6:d1:a2:21:8c:8f:6e:f8:f9:
                    21:7f:50:a3:47:d4:f6:98:87:bc:50:46:f5:6e:d1:
                    c4:13:7e:13:09:f6:e8:69:8b:0d:c4:ef:b4:81:67:
                    56:d2:e2:67:51:43:1c:78:03:7d:6c:ed:5f:9e:90:
                    6b:2f:61:d3:d2:3d:15:aa:69:52:a3:f3:28:64:a4:
                    16:ac:8f:e0:56:04:13:ef:2e:01:f2:bc:62:77:31:
                    5a:ea:5d:21:29:28:e3:32:a3:10:a9:63:67:7e:51:
                    07:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:D9:5E:D6:2F:05:C8:30:72:7F:D0:0A:E0:6D:A9:9D:BE:76:33:7C
            X509v3 Authority Key Identifier:
                keyid:CA:5E:3E:C5:A9:06:23:CC:B9:77:84:D3:CE:F2:42:12:A3:1C:BA:F1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yl4-xakGI8y5d4TTzvJCEqMcuvE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/0f92bd-35d0-4570-b5d3-6f31f6f7f16b/1/xtle1i8FyDByf9AK4G2pnb52M3w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/0f92bd-35d0-4570-b5d3-6f31f6f7f16b/1/yl4-xakGI8y5d4TTzvJCEqMcuvE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.114.218.0/24

    Signature Algorithm: sha256WithRSAEncryption
         64:8f:f3:7d:38:aa:1e:79:6b:89:08:86:95:c5:85:59:88:2e:
         ac:ab:9d:cf:74:8d:71:e0:35:c7:11:96:d8:83:21:fb:74:17:
         bf:c5:0c:0e:f5:a9:d8:bd:6e:7d:9b:cd:84:2d:0b:de:9d:b7:
         16:d2:3e:99:f1:26:00:c7:24:3d:e1:0d:44:55:ae:be:e2:79:
         76:34:bf:4e:17:38:85:24:c1:a8:a7:d7:08:3e:e4:fa:4a:cc:
         90:1e:69:1a:0c:ff:a1:ef:ba:ae:5f:4c:55:c5:34:cc:90:d0:
         27:c3:fd:5c:7e:d2:0a:c8:91:a9:7f:43:10:52:f9:4b:c8:90:
         74:91:8f:4c:f0:76:b3:ee:77:ba:71:2e:07:b1:ef:88:36:eb:
         23:ae:11:d8:9b:9a:b7:b3:eb:37:0b:93:cb:f3:88:d6:ef:bb:
         1f:67:c6:4b:8c:2f:15:84:48:3b:13:36:d8:43:8c:3d:ed:29:
         f0:e3:8f:35:96:20:9d:91:63:bd:cc:7c:16:2e:86:7f:7a:21:
         b2:b8:19:ae:46:89:0e:2c:8a:8c:fa:83:17:fb:b6:99:ed:9d:
         47:57:1f:1f:e8:81:fa:fd:2c:3b:96:7d:ff:c7:fb:4d:54:ba:
         9b:d6:e4:37:51:51:2e:ee:f8:ba:46:c5:56:fb:27:fa:63:10:
         75:da:bc:55
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtAYjh5a+yDfdd3WYF+rYFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhNWUzZWM1YTkwNjIzY2NiOTc3ODRkM2NlZjI0MjEyYTMx
Y2JhZjEwHhcNMjMwMTAxMTEwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmQ5NWVkNjJmMDVjODMwNzI3ZmQwMGFlMDZkYTk5ZGJlNzYzMzdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApkddyHH4dkXehX/+Xnqk+FRWWr9V
yoTX5tnEHjJKUAOvMgRGP8cH0WoGVEngYUC5xK1SpvEkkEN2Zm1vgD4uOAuX8zIJ
S662dt5XnMPPEYdMW8gaOA6CLpoaSizzi0g7Mo6ZUUFRY+U8P47AY0xv/6TPOsgs
Fd+wdopVxag7GrnOZih7FiP4BPD1fqDch0y6TWvsMkXTMnBKEGrW0aIhjI9u+Pkh
f1CjR9T2mIe8UEb1btHEE34TCfboaYsNxO+0gWdW0uJnUUMceAN9bO1fnpBrL2HT
0j0VqmlSo/MoZKQWrI/gVgQT7y4B8rxidzFa6l0hKSjjMqMQqWNnflEHMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMbZXtYvBcgwcn/QCuBtqZ2+djN8MB8GA1UdIwQY
MBaAFMpePsWpBiPMuXeE087yQhKjHLrxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWw0LXhha0dJOHk1ZDRUVHp2SkNFcU1jdXZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy8wZjkyYmQtMzVkMC00NTcwLWI1ZDMt
NmYzMWY2ZjdmMTZiLzEveHRsZTFpOEZ5REJ5ZjlBSzRHMnBuYjUyTTN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy8wZjkyYmQtMzVkMC00NTcwLWI1ZDMtNmYzMWY2ZjdmMTZi
LzEveWw0LXhha0dJOHk1ZDRUVHp2SkNFcU1jdXZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuXLaMA0G
CSqGSIb3DQEBCwUAA4IBAQBkj/N9OKoeeWuJCIaVxYVZiC6sq53PdI1x4DXHEZbY
gyH7dBe/xQwO9anYvW59m82ELQvenbcW0j6Z8SYAxyQ94Q1EVa6+4nl2NL9OFziF
JMGop9cIPuT6SsyQHmkaDP+h77quX0xVxTTMkNAnw/1cftIKyJGpf0MQUvlLyJB0
kY9M8Haz7ne6cS4Hse+INusjrhHYm5q3s+s3C5PL84jW77sfZ8ZLjC8VhEg7EzbY
Q4w97Snw4481liCdkWO9zHwWLoZ/eiGyuBmuRokOLIqM+oMX+7aZ7Z1HVx8f6IH6
/Sw7ln3/x/tNVLqb1uQ3UVEu7vi6RsVW+yf6YxB12rxV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:15 2024 by rpki-client on console-fra.rpki-client.org