Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/56f412-0b4b-4b75-88d0-96c4dc137b27/1/LQzxaUTCRlCm9z1jEt9Zy1XkgjI.roa
File:                     LQzxaUTCRlCm9z1jEt9Zy1XkgjI.roa (raw, json)
Hash identifier:          p3E0t8ClSFdCyq5pA2ko7+lMqtAOwiHmzHIg7j0qTqY=
Subject key identifier:   2D:0C:F1:69:44:C2:46:50:A6:F7:3D:63:12:DF:59:CB:55:E4:82:32
Certificate issuer:       /CN=4a755a6de5c167809f819c85f8c8e5a6e4ce127d
Certificate serial:       018A2C72FCBFC5378B761DA6D6EE93EBA678
Authority key identifier: 4A:75:5A:6D:E5:C1:67:80:9F:81:9C:85:F8:C8:E5:A6:E4:CE:12:7D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/SnVabeXBZ4CfgZyF-MjlpuTOEn0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ea/56f412-0b4b-4b75-88d0-96c4dc137b27/1/LQzxaUTCRlCm9z1jEt9Zy1XkgjI.roa
Signing time:             Fri 25 Aug 2023 11:27:27 +0000
ROA not before:           Fri 25 Aug 2023 11:27:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     199452
IP address blocks:        185.2.192.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:30:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:2c:72:fc:bf:c5:37:8b:76:1d:a6:d6:ee:93:eb:a6:78
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4a755a6de5c167809f819c85f8c8e5a6e4ce127d
        Validity
            Not Before: Aug 25 11:27:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2d0cf16944c24650a6f73d6312df59cb55e48232
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:f4:3f:b2:16:bd:82:e9:6f:83:ba:4f:d3:55:
                    46:2c:7c:9f:04:c2:fd:21:56:85:78:be:02:a5:f5:
                    d7:a9:92:62:e0:d8:02:01:70:5e:ba:d2:89:fb:4e:
                    39:ed:06:cf:49:25:cf:5a:95:c2:2a:7d:48:71:72:
                    56:b7:65:21:c3:10:c5:38:c6:3c:2d:64:c7:49:ca:
                    3f:91:d8:b1:56:fb:67:ae:f3:92:9c:65:1a:af:87:
                    f2:b5:48:c7:05:f4:de:e7:22:b2:de:b1:d0:2c:6e:
                    bd:da:3d:08:20:a7:fc:9e:20:b1:dc:36:2e:e1:4d:
                    c8:b0:3a:7f:ae:a4:8c:41:68:0d:43:c6:e6:a0:5b:
                    aa:5c:9c:65:44:46:11:c8:cb:d4:f4:f2:c3:93:e8:
                    6a:d2:2c:6b:cd:d8:bb:41:39:3b:c3:69:fb:3a:c1:
                    8b:18:fe:70:5a:44:37:0c:79:c3:c5:c6:32:93:07:
                    6e:89:1f:78:de:78:b1:73:c5:78:cd:cc:28:32:ce:
                    d5:fc:b0:d2:84:67:b9:27:f5:75:45:b8:d7:83:c5:
                    41:85:89:99:2a:9f:4e:8c:ae:cd:48:f2:9e:49:e6:
                    1a:8a:f5:3b:75:73:6c:69:4e:22:87:54:d9:14:4c:
                    b6:6f:e8:f1:d6:54:93:9c:97:b1:b1:11:0d:be:0c:
                    97:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:0C:F1:69:44:C2:46:50:A6:F7:3D:63:12:DF:59:CB:55:E4:82:32
            X509v3 Authority Key Identifier:
                keyid:4A:75:5A:6D:E5:C1:67:80:9F:81:9C:85:F8:C8:E5:A6:E4:CE:12:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SnVabeXBZ4CfgZyF-MjlpuTOEn0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/56f412-0b4b-4b75-88d0-96c4dc137b27/1/LQzxaUTCRlCm9z1jEt9Zy1XkgjI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/56f412-0b4b-4b75-88d0-96c4dc137b27/1/SnVabeXBZ4CfgZyF-MjlpuTOEn0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.2.192.0/22

    Signature Algorithm: sha256WithRSAEncryption
         29:44:66:9d:d4:99:84:37:cb:64:93:0c:59:b4:b5:b5:fe:2e:
         71:6e:71:a7:3c:51:92:52:0b:3e:e3:0e:fe:7a:50:cf:c4:04:
         ee:b4:c2:fd:1a:3d:40:70:72:08:a7:da:80:3a:01:71:4d:4d:
         0f:ba:a7:ba:6c:23:3a:50:c1:8d:1c:fc:7a:a3:e6:fd:52:a3:
         56:20:90:1c:df:04:30:9e:10:c8:d4:2e:8f:27:9a:68:2b:06:
         7d:94:67:f0:02:6b:77:b3:7e:cb:72:95:ac:5f:4b:27:b3:55:
         2f:8b:19:b1:f6:2b:b1:ce:2b:b8:75:43:17:88:6d:13:f5:bb:
         ed:12:4f:b6:d5:6e:bb:06:ca:3c:cc:00:d2:18:87:34:23:fd:
         6c:56:bb:4d:07:13:d4:ab:2c:d8:fb:48:6d:7d:dd:8a:a1:b8:
         31:29:1a:99:f9:cc:77:81:5e:45:7f:85:07:17:42:27:4e:63:
         55:db:d6:d4:4e:23:5c:3d:a7:11:a7:f8:38:0c:a9:6e:dd:12:
         12:e0:9e:cb:17:0e:b8:50:d7:a9:d8:14:f3:d4:91:fd:e8:2b:
         1f:47:0a:83:13:bd:89:80:1a:82:e3:c2:33:fe:4f:fe:ae:d7:
         26:8d:62:79:70:4d:01:d7:5b:2f:8d:93:09:41:85:a1:f9:d8:
         4a:80:be:22
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYoscvy/xTeLdh2m1u6T66Z4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNzU1YTZkZTVjMTY3ODA5ZjgxOWM4NWY4YzhlNWE2ZTRj
ZTEyN2QwHhcNMjMwODI1MTEyNzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDBjZjE2OTQ0YzI0NjUwYTZmNzNkNjMxMmRmNTljYjU1ZTQ4MjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqvQ/sha9gulvg7pP01VGLHyfBML9
IVaFeL4CpfXXqZJi4NgCAXBeutKJ+0457QbPSSXPWpXCKn1IcXJWt2UhwxDFOMY8
LWTHSco/kdixVvtnrvOSnGUar4fytUjHBfTe5yKy3rHQLG692j0IIKf8niCx3DYu
4U3IsDp/rqSMQWgNQ8bmoFuqXJxlREYRyMvU9PLDk+hq0ixrzdi7QTk7w2n7OsGL
GP5wWkQ3DHnDxcYykwduiR943nixc8V4zcwoMs7V/LDShGe5J/V1RbjXg8VBhYmZ
Kp9OjK7NSPKeSeYaivU7dXNsaU4ih1TZFEy2b+jx1lSTnJexsRENvgyX2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC0M8WlEwkZQpvc9YxLfWctV5IIyMB8GA1UdIwQY
MBaAFEp1Wm3lwWeAn4GchfjI5abkzhJ9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU25WYWJlWEJaNENmZ1p5Ri1NamxwdVRPRW4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS81NmY0MTItMGI0Yi00Yjc1LTg4ZDAt
OTZjNGRjMTM3YjI3LzEvTFF6eGFVVENSbENtOXoxakV0OVp5MVhrZ2pJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS81NmY0MTItMGI0Yi00Yjc1LTg4ZDAtOTZjNGRjMTM3YjI3
LzEvU25WYWJlWEJaNENmZ1p5Ri1NamxwdVRPRW4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuQLAMA0G
CSqGSIb3DQEBCwUAA4IBAQApRGad1JmEN8tkkwxZtLW1/i5xbnGnPFGSUgs+4w7+
elDPxATutML9Gj1AcHIIp9qAOgFxTU0Puqe6bCM6UMGNHPx6o+b9UqNWIJAc3wQw
nhDI1C6PJ5poKwZ9lGfwAmt3s37LcpWsX0sns1Uvixmx9iuxziu4dUMXiG0T9bvt
Ek+21W67Bso8zADSGIc0I/1sVrtNBxPUqyzY+0htfd2KobgxKRqZ+cx3gV5Ff4UH
F0InTmNV29bUTiNcPacRp/g4DKlu3RIS4J7LFw64UNep2BTz1JH96CsfRwqDE72J
gBqC48Iz/k/+rtcmjWJ5cE0B11svjZMJQYWh+dhKgL4i
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:20 2024 by rpki-client on console-fra.rpki-client.org