Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/fbd911-8d37-4e3e-9599-fc29caa5db7a/1/E2tCsa489WkrFlI3HXelLyPWsJU.roa
File:                     E2tCsa489WkrFlI3HXelLyPWsJU.roa (raw, json)
Hash identifier:          CyF8NnqJrtmtx8LKp2j8tIaxoAE3YJ8ko+bYrREY8SM=
Subject key identifier:   13:6B:42:B1:AE:3C:F5:69:2B:16:52:37:1D:77:A5:2F:23:D6:B0:95
Certificate issuer:       /CN=bdb143996dfeff5f49cd2b09b941d0d5e578b3ff
Certificate serial:       0185735F04828AEDA2A3FEC0F1B37BAF1951
Authority key identifier: BD:B1:43:99:6D:FE:FF:5F:49:CD:2B:09:B9:41:D0:D5:E5:78:B3:FF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/vbFDmW3-_19JzSsJuUHQ1eV4s_8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e8/fbd911-8d37-4e3e-9599-fc29caa5db7a/1/E2tCsa489WkrFlI3HXelLyPWsJU.roa
Signing time:             Mon 02 Jan 2023 16:44:45 +0000
ROA not before:           Mon 02 Jan 2023 16:44:45 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     16509
IP address blocks:        185.135.128.0/24 maxlen: 24
                          195.191.165.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:29:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:5f:04:82:8a:ed:a2:a3:fe:c0:f1:b3:7b:af:19:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bdb143996dfeff5f49cd2b09b941d0d5e578b3ff
        Validity
            Not Before: Jan  2 16:44:45 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=136b42b1ae3cf5692b1652371d77a52f23d6b095
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:c6:ae:a9:ce:7c:43:6f:91:37:89:d8:6e:e3:
                    a4:69:ea:dd:4d:0d:e0:3c:37:15:72:5f:47:92:11:
                    8d:31:f6:72:cd:bc:d1:dc:a3:f0:00:c7:ad:ae:7d:
                    0e:9c:63:4a:14:4e:70:70:62:30:c2:e2:d9:6f:bf:
                    8d:3b:67:c2:6a:be:dd:42:54:65:09:ae:e7:16:dc:
                    42:18:2e:68:6c:24:6e:95:57:3f:13:31:05:96:68:
                    a7:2a:f3:ee:17:89:6b:3f:27:34:7f:01:ed:46:ab:
                    f0:af:e7:d4:6d:ad:69:1b:67:33:6d:ef:d3:4b:08:
                    15:e3:e9:72:0b:49:1d:49:51:6c:a8:1e:48:46:f9:
                    34:2a:38:05:a2:3f:97:64:f6:a4:8d:8c:ff:01:3f:
                    51:e3:3b:c1:6a:9a:f4:24:fd:6f:6e:de:e6:4a:f2:
                    d2:db:9f:e6:04:ca:27:31:a5:83:4c:a9:5b:03:60:
                    63:4a:6a:13:01:7e:53:b2:d4:30:3a:f4:cd:bd:a5:
                    89:76:2c:ef:ca:f2:3f:d4:00:6f:c1:08:2c:c7:f1:
                    0a:d3:e3:41:00:e4:a5:ae:b9:bc:19:f0:48:22:c9:
                    45:fe:2d:e5:27:5a:9e:83:7d:ea:1c:bb:c6:42:77:
                    dc:84:05:81:08:8d:08:5c:99:bd:6b:16:b7:f7:0f:
                    e2:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:6B:42:B1:AE:3C:F5:69:2B:16:52:37:1D:77:A5:2F:23:D6:B0:95
            X509v3 Authority Key Identifier:
                keyid:BD:B1:43:99:6D:FE:FF:5F:49:CD:2B:09:B9:41:D0:D5:E5:78:B3:FF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vbFDmW3-_19JzSsJuUHQ1eV4s_8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/fbd911-8d37-4e3e-9599-fc29caa5db7a/1/E2tCsa489WkrFlI3HXelLyPWsJU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/fbd911-8d37-4e3e-9599-fc29caa5db7a/1/vbFDmW3-_19JzSsJuUHQ1eV4s_8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.135.128.0/24
                  195.191.165.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5f:4d:13:61:8c:f5:65:fd:9b:48:06:cf:89:02:93:01:fb:d4:
         bf:a1:b7:38:e4:82:92:61:ca:63:03:2e:1d:d4:98:80:a7:50:
         28:8e:3d:3d:53:3c:33:7a:90:72:f6:15:f3:65:44:ac:e1:2a:
         90:cb:cb:e5:1c:56:c5:c3:a0:93:51:57:2b:ad:99:9b:c8:29:
         c2:b7:be:b6:6f:b2:c1:f2:69:86:9b:6d:15:f5:e6:5e:af:db:
         95:41:b9:a7:0b:23:18:5e:da:2c:76:f3:a0:18:29:5e:22:31:
         0e:c0:59:8d:5a:4b:52:6f:4f:6d:17:77:10:51:a2:ee:2a:e2:
         78:b1:5d:79:28:ef:3b:5b:00:41:f2:27:25:8a:83:b0:4d:2e:
         0e:4d:e5:2e:28:73:12:87:bc:52:e1:6d:f4:1d:6f:72:16:34:
         05:73:56:65:90:9d:0a:20:57:fe:83:83:82:23:f7:28:ec:e9:
         a3:b5:2f:ae:d5:53:eb:3d:75:81:1d:2d:ef:bc:ee:02:7e:d6:
         91:ee:f1:54:57:c6:5d:0e:3a:92:bf:40:ae:5b:58:8c:51:44:
         fd:e5:29:bd:7b:4c:e5:e0:26:7f:55:35:1c:51:4c:04:5f:89:
         ee:2f:ca:3a:af:97:a6:5d:ff:fd:3f:9c:5e:df:5b:4f:35:5c:
         be:f0:b0:a6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVzXwSCiu2io/7A8bN7rxlRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkYjE0Mzk5NmRmZWZmNWY0OWNkMmIwOWI5NDFkMGQ1ZTU3
OGIzZmYwHhcNMjMwMTAyMTY0NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzZiNDJiMWFlM2NmNTY5MmIxNjUyMzcxZDc3YTUyZjIzZDZiMDk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArcauqc58Q2+RN4nYbuOkaerdTQ3g
PDcVcl9HkhGNMfZyzbzR3KPwAMetrn0OnGNKFE5wcGIwwuLZb7+NO2fCar7dQlRl
Ca7nFtxCGC5obCRulVc/EzEFlminKvPuF4lrPyc0fwHtRqvwr+fUba1pG2czbe/T
SwgV4+lyC0kdSVFsqB5IRvk0KjgFoj+XZPakjYz/AT9R4zvBapr0JP1vbt7mSvLS
25/mBMonMaWDTKlbA2BjSmoTAX5TstQwOvTNvaWJdizvyvI/1ABvwQgsx/EK0+NB
AOSlrrm8GfBIIslF/i3lJ1qeg33qHLvGQnfchAWBCI0IXJm9axa39w/iCQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBNrQrGuPPVpKxZSNx13pS8j1rCVMB8GA1UdIwQY
MBaAFL2xQ5lt/v9fSc0rCblB0NXleLP/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmJGRG1XMy1fMTlKelNzSnVVSFExZVY0c184LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC9mYmQ5MTEtOGQzNy00ZTNlLTk1OTkt
ZmMyOWNhYTVkYjdhLzEvRTJ0Q3NhNDg5V2tyRmxJM0hYZWxMeVBXc0pVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC9mYmQ5MTEtOGQzNy00ZTNlLTk1OTktZmMyOWNhYTVkYjdh
LzEvdmJGRG1XMy1fMTlKelNzSnVVSFExZVY0c184LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuYeAAwQA
w7+lMA0GCSqGSIb3DQEBCwUAA4IBAQBfTRNhjPVl/ZtIBs+JApMB+9S/obc45IKS
YcpjAy4d1JiAp1Aojj09UzwzepBy9hXzZUSs4SqQy8vlHFbFw6CTUVcrrZmbyCnC
t762b7LB8mmGm20V9eZer9uVQbmnCyMYXtosdvOgGCleIjEOwFmNWktSb09tF3cQ
UaLuKuJ4sV15KO87WwBB8iclioOwTS4OTeUuKHMSh7xS4W30HW9yFjQFc1ZlkJ0K
IFf+g4OCI/co7OmjtS+u1VPrPXWBHS3vvO4CftaR7vFUV8ZdDjqSv0CuW1iMUUT9
5Sm9e0zl4CZ/VTUcUUwEX4nuL8o6r5emXf/9P5xe31tPNVy+8LCm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:03 2024 by rpki-client on console-fra.rpki-client.org