Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/c861c8-c89a-4043-a02d-664f04d2a68d/1/vx0YqWPLK9WIcLfCPEkWr2vghJM.roa
File:                     vx0YqWPLK9WIcLfCPEkWr2vghJM.roa (raw, json)
Hash identifier:          0bDSweVT5/a7jPeBIK5EqGQYxmJ5uPp5sY1vmB7EDII=
Subject key identifier:   BF:1D:18:A9:63:CB:2B:D5:88:70:B7:C2:3C:49:16:AF:6B:E0:84:93
Certificate issuer:       /CN=dc02b18f588a50b9274fe3469ff8bd4a1649d74d
Certificate serial:       0189ABBFE526AC0656D744B0EF4B8E223858
Authority key identifier: DC:02:B1:8F:58:8A:50:B9:27:4F:E3:46:9F:F8:BD:4A:16:49:D7:4D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3AKxj1iKULknT-NGn_i9ShZJ100.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e5/c861c8-c89a-4043-a02d-664f04d2a68d/1/vx0YqWPLK9WIcLfCPEkWr2vghJM.roa
Signing time:             Mon 31 Jul 2023 11:40:27 +0000
ROA not before:           Mon 31 Jul 2023 11:40:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212573
IP address blocks:        185.52.117.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 04 Aug 2023 14:55:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:ab:bf:e5:26:ac:06:56:d7:44:b0:ef:4b:8e:22:38:58
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc02b18f588a50b9274fe3469ff8bd4a1649d74d
        Validity
            Not Before: Jul 31 11:40:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=bf1d18a963cb2bd58870b7c23c4916af6be08493
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:1b:7c:59:5d:21:5e:84:f6:85:6c:01:7f:ee:
                    37:4a:97:ca:47:64:77:ca:d0:b7:22:a1:e3:e7:5d:
                    23:c3:14:74:a1:1e:24:f1:79:28:4a:c0:37:c0:96:
                    ae:08:15:b8:9f:c9:78:b8:5d:d8:93:71:c6:4b:7e:
                    d3:60:2f:6f:76:c0:60:19:8c:79:6c:4b:0d:2f:54:
                    27:32:db:2e:6a:7d:81:35:0c:7b:22:15:8a:79:49:
                    09:5e:f3:b5:4d:de:53:b4:ac:44:99:ad:ab:bd:43:
                    af:7c:07:ae:f5:a8:04:15:97:01:a3:42:5f:76:72:
                    e2:bf:d0:e2:a7:31:9c:9a:7c:98:a6:04:8c:eb:1e:
                    85:51:81:e1:1e:9f:8d:0d:1f:86:3b:57:e0:55:75:
                    ff:93:d8:bb:35:aa:cb:51:5d:e6:fd:17:7b:33:12:
                    2c:29:69:df:83:e1:a6:f9:45:ec:f2:67:47:f9:ed:
                    10:af:e8:c7:d7:67:6e:8c:ad:70:45:30:f5:2d:00:
                    05:13:2e:f4:a2:60:03:d7:40:e5:27:26:a0:0c:c6:
                    4c:54:d7:51:cf:0c:5a:3f:ff:98:da:24:19:fd:b2:
                    3a:02:67:fa:b2:e7:ca:41:c6:33:cb:bb:f6:b7:b9:
                    a9:72:65:18:2d:7d:19:c1:93:47:48:b0:5f:44:33:
                    db:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:1D:18:A9:63:CB:2B:D5:88:70:B7:C2:3C:49:16:AF:6B:E0:84:93
            X509v3 Authority Key Identifier:
                keyid:DC:02:B1:8F:58:8A:50:B9:27:4F:E3:46:9F:F8:BD:4A:16:49:D7:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3AKxj1iKULknT-NGn_i9ShZJ100.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/c861c8-c89a-4043-a02d-664f04d2a68d/1/vx0YqWPLK9WIcLfCPEkWr2vghJM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/c861c8-c89a-4043-a02d-664f04d2a68d/1/3AKxj1iKULknT-NGn_i9ShZJ100.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.52.117.0/24

    Signature Algorithm: sha256WithRSAEncryption
         00:02:c6:f9:96:3c:92:0a:15:1d:5d:20:5b:25:52:f9:82:12:
         fb:32:34:9c:10:b3:0d:23:f4:19:51:37:bf:69:de:bc:34:07:
         52:29:c7:4e:36:c0:6f:11:de:24:61:b3:52:1e:fd:5f:91:2b:
         50:d1:47:54:c9:4e:79:3c:a9:d2:7a:72:16:ba:06:3c:07:92:
         0b:fa:2e:f5:53:a3:f6:db:39:fc:81:77:cb:39:c7:4f:18:64:
         3e:8a:88:61:c4:63:2c:9f:89:1e:fd:5b:95:8f:ca:17:ef:ae:
         bd:d2:8a:5b:45:d1:b4:34:46:59:61:87:77:0a:f3:09:33:0b:
         07:b7:b5:cb:a8:78:32:04:e5:e7:2e:87:ba:6e:32:7d:d6:c2:
         41:6b:4b:71:e2:b1:d8:53:84:d9:05:f3:9b:e0:23:37:91:7d:
         ba:d5:92:8a:c4:fd:a0:78:09:ba:d6:b7:5e:f1:e3:76:b2:55:
         a4:c2:94:9e:d6:24:c0:27:8d:80:b3:31:ea:2f:88:21:5f:32:
         08:0b:f6:02:13:a1:c6:33:b3:53:7b:74:72:d0:25:33:2f:d9:
         4e:c2:eb:8a:96:da:28:a3:33:f5:b4:90:7e:9a:e6:29:d2:37:
         c7:08:5b:87:af:fa:af:4f:23:61:6e:d2:7e:dd:24:d6:2b:81:
         8e:af:ee:31
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYmrv+UmrAZW10Sw70uOIjhYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMDJiMThmNTg4YTUwYjkyNzRmZTM0NjlmZjhiZDRhMTY0
OWQ3NGQwHhcNMjMwNzMxMTE0MDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjFkMThhOTYzY2IyYmQ1ODg3MGI3YzIzYzQ5MTZhZjZiZTA4NDkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAght8WV0hXoT2hWwBf+43SpfKR2R3
ytC3IqHj510jwxR0oR4k8XkoSsA3wJauCBW4n8l4uF3Yk3HGS37TYC9vdsBgGYx5
bEsNL1QnMtsuan2BNQx7IhWKeUkJXvO1Td5TtKxEma2rvUOvfAeu9agEFZcBo0Jf
dnLiv9DipzGcmnyYpgSM6x6FUYHhHp+NDR+GO1fgVXX/k9i7NarLUV3m/Rd7MxIs
KWnfg+Gm+UXs8mdH+e0Qr+jH12dujK1wRTD1LQAFEy70omAD10DlJyagDMZMVNdR
zwxaP/+Y2iQZ/bI6Amf6sufKQcYzy7v2t7mpcmUYLX0ZwZNHSLBfRDPbTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL8dGKljyyvViHC3wjxJFq9r4ISTMB8GA1UdIwQY
MBaAFNwCsY9YilC5J0/jRp/4vUoWSddNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0FLeGoxaUtVTGtuVC1OR25faTlTaFpKMTAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9jODYxYzgtYzg5YS00MDQzLWEwMmQt
NjY0ZjA0ZDJhNjhkLzEvdngwWXFXUExLOVdJY0xmQ1BFa1dyMnZnaEpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9jODYxYzgtYzg5YS00MDQzLWEwMmQtNjY0ZjA0ZDJhNjhk
LzEvM0FLeGoxaUtVTGtuVC1OR25faTlTaFpKMTAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuTR1MA0G
CSqGSIb3DQEBCwUAA4IBAQAAAsb5ljySChUdXSBbJVL5ghL7MjScELMNI/QZUTe/
ad68NAdSKcdONsBvEd4kYbNSHv1fkStQ0UdUyU55PKnSenIWugY8B5IL+i71U6P2
2zn8gXfLOcdPGGQ+iohhxGMsn4ke/VuVj8oX76690opbRdG0NEZZYYd3CvMJMwsH
t7XLqHgyBOXnLoe6bjJ91sJBa0tx4rHYU4TZBfOb4CM3kX261ZKKxP2geAm61rde
8eN2slWkwpSe1iTAJ42AszHqL4ghXzIIC/YCE6HGM7NTe3Ry0CUzL9lOwuuKltoo
ozP1tJB+muYp0jfHCFuHr/qvTyNhbtJ+3STWK4GOr+4x
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:42 2024 by rpki-client on console-ams.rpki-client.org