Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/eb25b5-71ea-469d-9484-4ea6dfb2e5d3/1/N5iNclmC5Lm3W0WISlwPvfi7fQM.roa
File:                     N5iNclmC5Lm3W0WISlwPvfi7fQM.roa (raw, json)
Hash identifier:          g2SDKsoAKKx8ykPLqTWuuAIvKcEa+AVJ7lHq19+lCqY=
Subject key identifier:   37:98:8D:72:59:82:E4:B9:B7:5B:45:88:4A:5C:0F:BD:F8:BB:7D:03
Certificate issuer:       /CN=49af2153f02409a464e4d7461c802d4b8dd10dff
Certificate serial:       01856DC1AE6C6429DE5761C28B0A2C119594
Authority key identifier: 49:AF:21:53:F0:24:09:A4:64:E4:D7:46:1C:80:2D:4B:8D:D1:0D:FF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Sa8hU_AkCaRk5NdGHIAtS43RDf8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ee/eb25b5-71ea-469d-9484-4ea6dfb2e5d3/1/N5iNclmC5Lm3W0WISlwPvfi7fQM.roa
Signing time:             Sun 01 Jan 2023 14:34:47 +0000
ROA not before:           Sun 01 Jan 2023 14:34:47 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     15440
IP address blocks:        185.140.228.0/24 maxlen: 24
                          185.140.229.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 14:30:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:c1:ae:6c:64:29:de:57:61:c2:8b:0a:2c:11:95:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49af2153f02409a464e4d7461c802d4b8dd10dff
        Validity
            Not Before: Jan  1 14:34:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=37988d725982e4b9b75b45884a5c0fbdf8bb7d03
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:bb:7f:25:31:60:02:7c:05:20:92:ac:db:cd:
                    af:23:35:30:ab:06:de:0e:27:a4:da:10:17:cf:b4:
                    07:a5:3e:5d:ac:d7:21:9a:71:96:a0:08:3c:a9:49:
                    63:c9:80:f7:d4:a4:b2:a0:f0:74:60:5b:db:0d:24:
                    d3:6a:6f:78:b5:d2:e0:d7:86:43:b8:16:3d:3f:92:
                    63:9e:38:b4:28:c0:3e:a3:79:bc:a3:25:61:75:5a:
                    52:f9:54:d6:fa:e1:7d:f7:25:3a:aa:dc:94:dd:65:
                    ba:bf:c5:62:f1:51:72:62:08:d6:44:cb:24:f0:f7:
                    dd:05:ec:b4:98:c5:8a:2b:24:19:d7:6d:ce:6d:b9:
                    eb:a5:c9:a7:cb:93:1a:e0:df:84:39:78:07:05:f6:
                    23:cc:7d:f3:23:2d:82:e6:59:e9:30:1a:d9:e1:5b:
                    e3:b4:06:58:dd:09:ba:7d:56:cb:2e:4e:6b:5b:a3:
                    0b:3e:fd:ef:cc:df:20:ab:da:65:80:1f:04:af:2b:
                    2f:d8:bf:f0:58:67:cc:91:2e:eb:2a:37:d9:bf:5f:
                    f0:ed:ad:54:bc:f5:73:05:66:f3:6d:a8:a4:ba:5c:
                    7f:dd:d5:9b:14:28:03:89:38:5f:ea:db:b5:6d:a9:
                    98:c6:a4:8b:4a:f8:98:df:9e:eb:ac:b0:39:a8:79:
                    7e:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:98:8D:72:59:82:E4:B9:B7:5B:45:88:4A:5C:0F:BD:F8:BB:7D:03
            X509v3 Authority Key Identifier:
                keyid:49:AF:21:53:F0:24:09:A4:64:E4:D7:46:1C:80:2D:4B:8D:D1:0D:FF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sa8hU_AkCaRk5NdGHIAtS43RDf8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/eb25b5-71ea-469d-9484-4ea6dfb2e5d3/1/N5iNclmC5Lm3W0WISlwPvfi7fQM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/eb25b5-71ea-469d-9484-4ea6dfb2e5d3/1/Sa8hU_AkCaRk5NdGHIAtS43RDf8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.140.228.0/23

    Signature Algorithm: sha256WithRSAEncryption
         74:e9:f9:ad:5f:a3:34:40:c6:65:77:ab:5b:ce:7c:e1:6f:df:
         3c:67:2f:bb:24:94:eb:d6:da:37:c4:e1:11:e8:09:49:20:29:
         5e:dc:cc:43:9a:a7:f5:7d:98:89:35:e9:7a:94:73:b0:a1:a0:
         dc:3b:58:ae:82:81:5d:a1:d9:5d:10:82:79:55:7e:f2:fa:63:
         e4:4f:b7:16:f0:89:e9:7c:df:7e:ac:8b:c5:eb:94:bc:e3:ef:
         a4:b5:e3:40:3e:8a:3f:e7:4b:6b:39:22:9c:02:35:de:76:28:
         b1:9f:5f:38:45:d2:cd:d2:6e:ca:a6:8f:cb:94:4a:46:3a:a5:
         ec:6f:44:1e:0a:d0:8d:3a:54:a1:20:5e:a1:ab:a4:34:4e:fa:
         3c:bd:bd:fd:d2:94:b1:a2:d4:db:54:3e:e1:d9:21:41:d0:6d:
         85:51:b1:e3:cb:d9:7c:76:78:c0:03:56:b9:37:6a:01:94:54:
         25:0d:97:95:68:b4:e7:27:94:61:fa:4b:35:0e:96:a8:13:8f:
         5c:fd:ef:8b:57:1d:d2:bd:61:fa:43:43:78:b9:28:4d:8e:ab:
         c4:6a:74:49:cf:9b:89:bc:81:a4:ed:cd:08:63:bf:6e:87:c1:
         74:43:cc:2e:f6:de:d3:6a:f7:b6:75:7f:75:95:32:ab:03:8d:
         29:14:4b:35
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtwa5sZCneV2HCiwosEZWUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5YWYyMTUzZjAyNDA5YTQ2NGU0ZDc0NjFjODAyZDRiOGRk
MTBkZmYwHhcNMjMwMTAxMTQzNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzk4OGQ3MjU5ODJlNGI5Yjc1YjQ1ODg0YTVjMGZiZGY4YmI3ZDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsrt/JTFgAnwFIJKs282vIzUwqwbe
Diek2hAXz7QHpT5drNchmnGWoAg8qUljyYD31KSyoPB0YFvbDSTTam94tdLg14ZD
uBY9P5Jjnji0KMA+o3m8oyVhdVpS+VTW+uF99yU6qtyU3WW6v8Vi8VFyYgjWRMsk
8PfdBey0mMWKKyQZ123Obbnrpcmny5Ma4N+EOXgHBfYjzH3zIy2C5lnpMBrZ4Vvj
tAZY3Qm6fVbLLk5rW6MLPv3vzN8gq9plgB8Erysv2L/wWGfMkS7rKjfZv1/w7a1U
vPVzBWbzbaikulx/3dWbFCgDiThf6tu1bamYxqSLSviY357rrLA5qHl+pwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDeYjXJZguS5t1tFiEpcD734u30DMB8GA1UdIwQY
MBaAFEmvIVPwJAmkZOTXRhyALUuN0Q3/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2E4aFVfQWtDYVJrNU5kR0hJQXRTNDNSRGY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9lYjI1YjUtNzFlYS00NjlkLTk0ODQt
NGVhNmRmYjJlNWQzLzEvTjVpTmNsbUM1TG0zVzBXSVNsd1B2Zmk3ZlFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9lYjI1YjUtNzFlYS00NjlkLTk0ODQtNGVhNmRmYjJlNWQz
LzEvU2E4aFVfQWtDYVJrNU5kR0hJQXRTNDNSRGY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuYzkMA0G
CSqGSIb3DQEBCwUAA4IBAQB06fmtX6M0QMZld6tbznzhb988Zy+7JJTr1to3xOER
6AlJICle3MxDmqf1fZiJNel6lHOwoaDcO1iugoFdodldEIJ5VX7y+mPkT7cW8Inp
fN9+rIvF65S84++kteNAPoo/50trOSKcAjXediixn184RdLN0m7Kpo/LlEpGOqXs
b0QeCtCNOlShIF6hq6Q0Tvo8vb390pSxotTbVD7h2SFB0G2FUbHjy9l8dnjAA1a5
N2oBlFQlDZeVaLTnJ5Rh+ks1DpaoE49c/e+LVx3SvWH6Q0N4uShNjqvEanRJz5uJ
vIGk7c0IY79uh8F0Q8wu9t7Tave2dX91lTKrA40pFEs1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:54 2024 by rpki-client on console-fra.rpki-client.org