Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/b82a06-ab0d-4adf-8a85-97c9aab828f2/1/n0UqERFEp1BIQ_zBxVNODtnOeVQ.roa
File:                     n0UqERFEp1BIQ_zBxVNODtnOeVQ.roa (raw, json)
Hash identifier:          R7VSWandbrd5FEl82ISm6OSv5yf6YN2F4a99i/TPB08=
Subject key identifier:   9F:45:2A:11:11:44:A7:50:48:43:FC:C1:C5:53:4E:0E:D9:CE:79:54
Certificate issuer:       /CN=7bbd51272064b63b2c663c0296ba11db5ea238c0
Certificate serial:       01856C6F1AE809091B963CF671B7C638B328
Authority key identifier: 7B:BD:51:27:20:64:B6:3B:2C:66:3C:02:96:BA:11:DB:5E:A2:38:C0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/e71RJyBktjssZjwClroR216iOMA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/e9/b82a06-ab0d-4adf-8a85-97c9aab828f2/1/n0UqERFEp1BIQ_zBxVNODtnOeVQ.roa
Signing time:             Sun 01 Jan 2023 08:24:58 +0000
ROA not before:           Sun 01 Jan 2023 08:24:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     48359
IP address blocks:        185.129.198.0/24 maxlen: 24
                          185.129.201.0/24 maxlen: 24
                          185.129.212.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 20 Sep 2023 12:46:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:6f:1a:e8:09:09:1b:96:3c:f6:71:b7:c6:38:b3:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7bbd51272064b63b2c663c0296ba11db5ea238c0
        Validity
            Not Before: Jan  1 08:24:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=9f452a111144a7504843fcc1c5534e0ed9ce7954
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:96:a2:b1:5f:97:fe:37:55:d7:17:40:ba:c4:
                    80:0c:c8:2a:52:b6:ed:a7:41:3a:da:77:a9:6e:6a:
                    d2:38:8e:30:6d:b1:af:d8:13:ed:eb:38:38:91:d6:
                    c7:a6:b1:bb:c7:99:8d:48:5e:17:8b:49:39:90:84:
                    b6:aa:32:8f:d2:00:07:40:b1:26:e1:a8:fb:8f:9d:
                    d6:e9:23:58:76:2d:da:f3:22:86:94:24:3e:13:f6:
                    d8:63:69:8e:29:00:5b:e3:89:b4:a9:28:b6:da:0a:
                    46:75:10:45:7e:95:2e:b0:74:89:c7:b1:82:21:8e:
                    1c:81:45:34:d9:fa:ed:ab:42:ef:9e:93:b8:77:f7:
                    01:32:74:94:95:b1:0e:a3:63:9f:61:0f:1e:9d:c0:
                    b8:1a:e3:a8:8a:e9:d4:ae:bc:9e:4e:00:3d:d7:9e:
                    a9:b1:61:75:04:02:76:b2:06:96:06:ea:bc:2a:5d:
                    ee:9a:cd:5a:17:ee:4c:f6:59:31:12:f1:28:08:87:
                    6a:15:e9:fb:1e:27:62:e5:29:2d:68:6f:6b:8d:05:
                    4f:c9:2a:e6:a0:e6:bb:2e:34:76:26:b4:a0:10:a7:
                    c8:64:46:45:08:3f:1c:c9:de:ad:a9:64:9d:dd:d6:
                    1e:c6:f2:b5:91:ce:3a:3a:c4:50:5b:53:e3:97:22:
                    55:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:45:2A:11:11:44:A7:50:48:43:FC:C1:C5:53:4E:0E:D9:CE:79:54
            X509v3 Authority Key Identifier:
                keyid:7B:BD:51:27:20:64:B6:3B:2C:66:3C:02:96:BA:11:DB:5E:A2:38:C0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e71RJyBktjssZjwClroR216iOMA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/b82a06-ab0d-4adf-8a85-97c9aab828f2/1/n0UqERFEp1BIQ_zBxVNODtnOeVQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/b82a06-ab0d-4adf-8a85-97c9aab828f2/1/e71RJyBktjssZjwClroR216iOMA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.129.198.0/24
                  185.129.201.0/24
                  185.129.212.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0b:d4:45:89:dd:18:e9:dc:15:de:f4:3b:85:39:5d:24:02:88:
         29:e7:a5:7b:58:a8:9e:1c:d7:59:67:b7:80:b2:43:3d:8a:6b:
         ec:5f:eb:47:e3:b2:4a:26:14:ee:96:05:d1:de:75:a9:1f:ec:
         26:42:f2:18:cf:f0:11:42:3a:83:88:13:53:02:b5:31:77:0c:
         28:86:0e:15:6d:9d:4c:6a:cb:89:b5:c8:77:62:7d:95:f1:6a:
         30:28:38:2b:3b:7c:38:39:45:81:25:f5:08:56:fd:c9:af:fb:
         88:35:92:4c:f0:bb:bd:83:21:1a:58:88:d8:f3:fa:42:ea:c4:
         3a:e4:88:f2:d3:6c:9c:52:c1:90:70:0d:14:67:33:21:93:79:
         b4:df:bb:06:72:b5:4e:f4:56:a6:a7:6f:db:10:ec:e5:9a:71:
         1b:35:91:c0:40:81:51:eb:9c:27:66:11:7f:8d:6d:aa:46:fa:
         65:09:b2:bb:41:c4:a7:6e:b0:fe:8a:22:ae:ed:f7:f8:66:03:
         09:94:65:57:ac:ef:6b:4f:05:e0:52:e8:b2:44:17:00:3a:b1:
         52:94:3c:f7:99:25:36:41:aa:5b:21:a4:91:5d:fd:89:45:c0:
         0f:66:ca:2d:f8:a4:d7:d1:73:9d:75:07:63:3a:7a:c3:54:1d:
         d2:dd:f9:37
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVsbxroCQkbljz2cbfGOLMoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiYmQ1MTI3MjA2NGI2M2IyYzY2M2MwMjk2YmExMWRiNWVh
MjM4YzAwHhcNMjMwMTAxMDgyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjQ1MmExMTExNDRhNzUwNDg0M2ZjYzFjNTUzNGUwZWQ5Y2U3OTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu5aisV+X/jdV1xdAusSADMgqUrbt
p0E62nepbmrSOI4wbbGv2BPt6zg4kdbHprG7x5mNSF4Xi0k5kIS2qjKP0gAHQLEm
4aj7j53W6SNYdi3a8yKGlCQ+E/bYY2mOKQBb44m0qSi22gpGdRBFfpUusHSJx7GC
IY4cgUU02frtq0LvnpO4d/cBMnSUlbEOo2OfYQ8encC4GuOoiunUrryeTgA9156p
sWF1BAJ2sgaWBuq8Kl3ums1aF+5M9lkxEvEoCIdqFen7Hidi5SktaG9rjQVPySrm
oOa7LjR2JrSgEKfIZEZFCD8cyd6tqWSd3dYexvK1kc46OsRQW1PjlyJVqQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJ9FKhERRKdQSEP8wcVTTg7ZznlUMB8GA1UdIwQY
MBaAFHu9UScgZLY7LGY8Apa6EdteojjAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTcxUkp5Qmt0anNzWmp3Q2xyb1IyMTZpT01BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9iODJhMDYtYWIwZC00YWRmLThhODUt
OTdjOWFhYjgyOGYyLzEvbjBVcUVSRkVwMUJJUV96QnhWTk9EdG5PZVZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9iODJhMDYtYWIwZC00YWRmLThhODUtOTdjOWFhYjgyOGYy
LzEvZTcxUkp5Qmt0anNzWmp3Q2xyb1IyMTZpT01BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAuYHGAwQA
uYHJAwQAuYHUMA0GCSqGSIb3DQEBCwUAA4IBAQAL1EWJ3Rjp3BXe9DuFOV0kAogp
56V7WKieHNdZZ7eAskM9imvsX+tH47JKJhTulgXR3nWpH+wmQvIYz/ARQjqDiBNT
ArUxdwwohg4VbZ1MasuJtch3Yn2V8WowKDgrO3w4OUWBJfUIVv3Jr/uINZJM8Lu9
gyEaWIjY8/pC6sQ65Ijy02ycUsGQcA0UZzMhk3m037sGcrVO9Famp2/bEOzlmnEb
NZHAQIFR65wnZhF/jW2qRvplCbK7QcSnbrD+iiKu7ff4ZgMJlGVXrO9rTwXgUuiy
RBcAOrFSlDz3mSU2QapbIaSRXf2JRcAPZsot+KTX0XOddQdjOnrDVB3S3fk3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:10 2024 by rpki-client on console-fra.rpki-client.org