Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/oql784D5YztRS463IFJo06YE-AI.roa
File:                     oql784D5YztRS463IFJo06YE-AI.roa (raw, json)
Hash identifier:          buOvjQUIQSkXZIGFZxaRapXPHVksq/zAqS6R0fSfkCE=
Subject key identifier:   A2:A9:7B:F3:80:F9:63:3B:51:4B:8E:B7:20:52:68:D3:A6:04:F8:02
Certificate issuer:       /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial:       0188AB1B97D2859EAAC0BBA0C24748594920
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/oql784D5YztRS463IFJo06YE-AI.roa
Signing time:             Sun 11 Jun 2023 15:38:12 +0000
ROA not before:           Sun 11 Jun 2023 15:38:12 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211056
IP address blocks:        85.133.143.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 25 Jun 2023 06:27:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:ab:1b:97:d2:85:9e:aa:c0:bb:a0:c2:47:48:59:49:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
        Validity
            Not Before: Jun 11 15:38:12 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a2a97bf380f9633b514b8eb7205268d3a604f802
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:5d:77:dd:35:26:8d:88:41:6d:c3:77:13:58:
                    5e:e4:b9:d4:97:af:1a:bb:e7:df:2a:0c:59:5c:ef:
                    ee:1b:bf:01:76:7d:e4:e0:bd:89:bc:f3:a3:77:9b:
                    99:0b:0e:43:fc:c3:8e:3a:11:bc:f5:7f:dd:e8:c2:
                    7f:b7:60:42:c9:91:d2:f0:60:18:ab:df:f3:77:10:
                    74:e7:84:94:b7:da:fe:da:33:e4:55:12:18:81:ec:
                    f2:bd:6a:13:e6:05:6b:e8:67:d3:e4:da:64:34:6d:
                    9b:d5:97:6a:a8:81:52:27:3e:14:30:60:cc:99:7d:
                    7f:85:7e:d7:a2:f2:76:e3:f2:7d:b0:85:00:ec:34:
                    e5:4c:bc:e1:30:cc:f7:84:91:36:3b:e8:f1:95:05:
                    65:3a:5e:16:bf:35:12:81:b3:a1:33:25:a7:02:e3:
                    f4:1a:16:d0:0b:fb:d6:69:97:a9:3c:cf:81:13:0a:
                    f0:2c:ea:bb:4b:b2:56:d5:94:29:a6:6f:f4:43:f8:
                    15:33:a7:7b:f7:33:4f:20:56:63:2c:a5:9b:0c:7e:
                    eb:4b:e1:0f:00:cd:65:5c:d4:42:52:8f:1f:81:4f:
                    3d:4f:07:0d:19:7a:61:01:fd:e8:91:b5:0b:49:a1:
                    8a:9f:5d:e8:b7:17:67:d3:04:8d:cc:70:67:c7:d9:
                    52:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:A9:7B:F3:80:F9:63:3B:51:4B:8E:B7:20:52:68:D3:A6:04:F8:02
            X509v3 Authority Key Identifier:
                keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/oql784D5YztRS463IFJo06YE-AI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  85.133.143.0/24

    Signature Algorithm: sha256WithRSAEncryption
         45:44:53:b9:09:7e:1c:82:f6:86:2c:38:2b:ab:6b:13:bc:ef:
         65:e9:bb:9d:43:db:6e:2c:83:e6:4d:e6:d8:73:c8:19:31:55:
         84:73:72:7f:96:60:af:fc:67:2f:09:a1:3c:74:ff:7a:aa:1d:
         52:9e:ac:00:d4:0a:99:25:7f:ed:8a:e7:82:32:ed:1a:84:90:
         d3:b6:fe:e8:04:97:04:1c:2d:3d:cd:9d:24:87:3f:dd:20:15:
         81:16:8f:ee:29:b2:2f:00:b9:aa:9c:d0:94:5d:44:19:3f:a8:
         35:92:1a:1b:87:ba:99:3a:f4:da:23:f7:9c:db:5d:d4:3f:6c:
         ab:42:dc:f2:b4:e0:e3:8f:f6:b3:03:cd:ee:b6:70:c7:9f:e1:
         42:e6:42:6d:24:95:a6:18:b2:e0:35:50:63:09:a2:64:8b:4b:
         f3:96:e9:59:d5:90:4e:ec:7a:04:18:45:3e:f7:d8:4c:2b:58:
         22:6e:e7:cc:55:d0:be:07:16:e3:50:d4:a9:38:f9:7b:07:c1:
         49:3a:83:9d:17:00:6f:fe:96:f6:21:23:48:f2:4a:7d:2f:2f:
         40:78:fa:1f:9d:28:b6:08:fa:ef:44:50:3e:91:b3:b7:64:a4:
         49:12:1a:97:7f:8a:bc:be:cd:63:55:2c:aa:de:85:08:86:0e:
         86:42:b3:14
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYirG5fShZ6qwLugwkdIWUkgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMwNjExMTUzODEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmE5N2JmMzgwZjk2MzNiNTE0YjhlYjcyMDUyNjhkM2E2MDRmODAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7V133TUmjYhBbcN3E1he5LnUl68a
u+ffKgxZXO/uG78Bdn3k4L2JvPOjd5uZCw5D/MOOOhG89X/d6MJ/t2BCyZHS8GAY
q9/zdxB054SUt9r+2jPkVRIYgezyvWoT5gVr6GfT5NpkNG2b1ZdqqIFSJz4UMGDM
mX1/hX7XovJ24/J9sIUA7DTlTLzhMMz3hJE2O+jxlQVlOl4WvzUSgbOhMyWnAuP0
GhbQC/vWaZepPM+BEwrwLOq7S7JW1ZQppm/0Q/gVM6d79zNPIFZjLKWbDH7rS+EP
AM1lXNRCUo8fgU89TwcNGXphAf3okbULSaGKn13otxdn0wSNzHBnx9lSUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKKpe/OA+WM7UUuOtyBSaNOmBPgCMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvb3FsNzg0RDVZenRSUzQ2M0lGSm8wNllFLUFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVYWPMA0G
CSqGSIb3DQEBCwUAA4IBAQBFRFO5CX4cgvaGLDgrq2sTvO9l6budQ9tuLIPmTebY
c8gZMVWEc3J/lmCv/GcvCaE8dP96qh1SnqwA1AqZJX/tiueCMu0ahJDTtv7oBJcE
HC09zZ0khz/dIBWBFo/uKbIvALmqnNCUXUQZP6g1khobh7qZOvTaI/ec213UP2yr
QtzytODjj/azA83utnDHn+FC5kJtJJWmGLLgNVBjCaJki0vzlulZ1ZBO7HoEGEU+
99hMK1gibufMVdC+BxbjUNSpOPl7B8FJOoOdFwBv/pb2ISNI8kp9Ly9AePofnSi2
CPrvRFA+kbO3ZKRJEhqXf4q8vs1jVSyq3oUIhg6GQrMU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:13 2024 by rpki-client on console-fra.rpki-client.org