Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/OgeCjBDTOgukkobVreFaQdAvQns.roa
File:                     OgeCjBDTOgukkobVreFaQdAvQns.roa (raw, json)
Hash identifier:          +/Udr+JXLVvIsE4P5CGr9BgdX0hEAUgDJbZ8/M8ZC1E=
Subject key identifier:   3A:07:82:8C:10:D3:3A:0B:A4:92:86:D5:AD:E1:5A:41:D0:2F:42:7B
Certificate issuer:       /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial:       018ADFEFF63CDC80330862BCA6C6F03C43AB
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/OgeCjBDTOgukkobVreFaQdAvQns.roa
Signing time:             Fri 29 Sep 2023 07:55:59 +0000
ROA not before:           Fri 29 Sep 2023 07:55:59 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     31549
IP address blocks:        85.133.151.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:30:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:df:ef:f6:3c:dc:80:33:08:62:bc:a6:c6:f0:3c:43:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
        Validity
            Not Before: Sep 29 07:55:59 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3a07828c10d33a0ba49286d5ade15a41d02f427b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:83:f2:89:8d:c6:76:4e:53:71:7c:07:44:54:
                    bb:e7:8f:e9:52:dd:a5:4f:f4:d0:c1:a6:09:1f:98:
                    22:01:9a:fd:59:4a:27:37:98:67:ff:2d:89:ca:e4:
                    c7:37:24:81:11:07:d9:82:c1:26:23:ff:ba:41:92:
                    3f:d8:19:6e:eb:98:e1:8c:db:68:af:9b:ca:00:48:
                    b8:39:44:2a:80:16:91:a8:a5:ac:2d:29:0a:f5:50:
                    43:83:2d:4c:0f:12:e5:01:93:d1:a4:41:41:09:f9:
                    49:3a:19:91:b9:e2:c0:92:99:cd:aa:69:a9:51:51:
                    23:bb:8c:a2:79:fc:e4:64:1a:42:ca:1f:ca:fa:04:
                    b1:23:4d:56:c9:82:95:4a:60:d0:9d:a0:bc:b7:38:
                    71:7a:6d:8e:5c:c2:6a:bd:03:96:8e:7c:a4:fa:79:
                    a1:1d:06:4b:1f:8c:af:76:9a:87:4b:ab:de:46:56:
                    e1:ce:dc:3a:00:e6:cf:5b:a7:09:ef:27:a5:67:fe:
                    c5:8c:2e:92:04:88:3e:9f:c8:f2:d5:09:63:17:1a:
                    e5:9d:9c:85:ea:b8:b7:66:22:fa:bf:e6:18:bb:cd:
                    d0:fb:25:44:f2:9e:e0:eb:5e:ae:bb:25:4b:e8:6c:
                    3d:68:d8:24:45:94:f7:bf:bf:1f:2b:50:10:00:fc:
                    b3:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:07:82:8C:10:D3:3A:0B:A4:92:86:D5:AD:E1:5A:41:D0:2F:42:7B
            X509v3 Authority Key Identifier:
                keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/OgeCjBDTOgukkobVreFaQdAvQns.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.133.151.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6e:6b:76:7a:c7:5e:9b:a4:ff:fc:64:b2:ec:ac:7f:41:6e:14:
         6c:95:e2:34:a9:1c:a1:2a:bb:3c:41:78:26:f8:7d:7a:1a:ca:
         86:0d:92:fa:85:3f:6f:33:a6:e0:d4:84:51:2c:53:a7:b8:d2:
         e9:08:8a:ce:fb:43:ff:5f:27:7b:17:6c:d5:7a:fa:24:00:99:
         57:6c:97:fc:b5:94:c9:3f:41:fc:dc:e7:95:6c:43:13:fa:ad:
         94:c6:7d:3a:15:5c:fc:04:5e:da:c7:aa:13:3b:b6:13:b3:7a:
         5f:80:31:8a:c9:ff:ad:a2:99:ba:05:f9:70:2f:1a:87:0d:6f:
         f0:b4:58:4c:7b:d4:9f:1f:47:9f:bc:3d:77:eb:83:cc:c6:98:
         84:8c:17:05:be:ca:e9:6a:71:a2:91:fe:b9:6b:69:88:00:70:
         b6:6e:9f:7b:61:07:97:b1:a1:f3:0a:66:00:df:ae:23:19:5b:
         b5:87:d7:15:e1:da:84:c8:66:0e:16:f5:8a:32:76:61:8c:99:
         50:cb:fa:79:78:b7:eb:f8:b2:dd:7f:d4:f4:b2:01:56:47:57:
         ed:14:e7:90:85:52:a4:85:8d:39:64:d6:05:e1:3e:86:a5:3a:
         a7:e4:28:49:1f:e6:b4:17:f7:17:0e:c6:fa:cc:6e:37:53:cb:
         cc:98:97:9a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYrf7/Y83IAzCGK8psbwPEOrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMwOTI5MDc1NTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTA3ODI4YzEwZDMzYTBiYTQ5Mjg2ZDVhZGUxNWE0MWQwMmY0MjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhYPyiY3Gdk5TcXwHRFS754/pUt2l
T/TQwaYJH5giAZr9WUonN5hn/y2JyuTHNySBEQfZgsEmI/+6QZI/2Blu65jhjNto
r5vKAEi4OUQqgBaRqKWsLSkK9VBDgy1MDxLlAZPRpEFBCflJOhmRueLAkpnNqmmp
UVEju4yiefzkZBpCyh/K+gSxI01WyYKVSmDQnaC8tzhxem2OXMJqvQOWjnyk+nmh
HQZLH4yvdpqHS6veRlbhztw6AObPW6cJ7yelZ/7FjC6SBIg+n8jy1QljFxrlnZyF
6ri3ZiL6v+YYu83Q+yVE8p7g616uuyVL6Gw9aNgkRZT3v78fK1AQAPyzSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDoHgowQ0zoLpJKG1a3hWkHQL0J7MB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvT2dlQ2pCRFRPZ3Vra29iVnJlRmFRZEF2UW5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVYWXMA0G
CSqGSIb3DQEBCwUAA4IBAQBua3Z6x16bpP/8ZLLsrH9BbhRsleI0qRyhKrs8QXgm
+H16GsqGDZL6hT9vM6bg1IRRLFOnuNLpCIrO+0P/Xyd7F2zVevokAJlXbJf8tZTJ
P0H83OeVbEMT+q2Uxn06FVz8BF7ax6oTO7YTs3pfgDGKyf+topm6BflwLxqHDW/w
tFhMe9SfH0efvD1364PMxpiEjBcFvsrpanGikf65a2mIAHC2bp97YQeXsaHzCmYA
364jGVu1h9cV4dqEyGYOFvWKMnZhjJlQy/p5eLfr+LLdf9T0sgFWR1ftFOeQhVKk
hY05ZNYF4T6GpTqn5ChJH+a0F/cXDsb6zG43U8vMmJea
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:13 2024 by rpki-client on console-fra.rpki-client.org