Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/142664-4c33-442a-b432-fafb12a16c31/1/pbMPOUy4prNjO6Gx0K-fF7XDHOM.roa
File:                     pbMPOUy4prNjO6Gx0K-fF7XDHOM.roa (raw, json)
Hash identifier:          wYOSE4WWqxY3tl7K/GyoinjWbNkfi9Pv70zArWXuArg=
Subject key identifier:   A5:B3:0F:39:4C:B8:A6:B3:63:3B:A1:B1:D0:AF:9F:17:B5:C3:1C:E3
Certificate issuer:       /CN=785840e3a0f0474a4acce45ed5fc9cff77858d93
Certificate serial:       01856CA5CF1C1DFB9556F7D9BF8D730B8525
Authority key identifier: 78:58:40:E3:A0:F0:47:4A:4A:CC:E4:5E:D5:FC:9C:FF:77:85:8D:93
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eFhA46DwR0pKzORe1fyc_3eFjZM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f1/142664-4c33-442a-b432-fafb12a16c31/1/pbMPOUy4prNjO6Gx0K-fF7XDHOM.roa
Signing time:             Sun 01 Jan 2023 09:24:43 +0000
ROA not before:           Sun 01 Jan 2023 09:24:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     59437
IP address blocks:        185.241.110.0/24 maxlen: 24
                          2a10:9640::/29 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:30:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:a5:cf:1c:1d:fb:95:56:f7:d9:bf:8d:73:0b:85:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=785840e3a0f0474a4acce45ed5fc9cff77858d93
        Validity
            Not Before: Jan  1 09:24:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=a5b30f394cb8a6b3633ba1b1d0af9f17b5c31ce3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:7c:97:e4:cf:b7:99:52:a3:b3:e1:36:da:4e:
                    ce:54:79:9a:88:e4:93:d7:e0:f7:5f:16:ad:69:30:
                    b3:b7:b3:0d:00:f0:53:8d:16:ed:47:dd:20:3f:af:
                    01:6b:96:25:fe:94:16:b2:72:4d:fe:d8:57:15:a5:
                    2a:bd:e1:fc:57:90:b5:83:e6:4e:4a:81:33:ce:13:
                    af:05:35:e4:b3:f7:97:b8:ab:58:39:19:45:7e:9b:
                    4d:cb:a3:3d:f0:60:55:e0:ca:9b:43:d1:9b:e3:e0:
                    9d:ca:6d:e0:c1:93:1e:d4:8e:8e:cf:88:15:b2:d8:
                    3d:c1:1e:e9:74:26:01:75:db:4c:14:a7:91:69:32:
                    f2:25:43:37:35:71:14:c4:0b:85:4c:0d:f7:41:d7:
                    57:d7:41:9f:78:c0:43:17:1b:59:08:cd:58:48:dd:
                    9c:5c:2c:02:b0:70:29:74:31:04:24:81:2f:75:3a:
                    47:dd:0a:b9:68:b8:0b:38:d2:32:3f:ac:25:c0:60:
                    7e:e5:42:72:f0:38:68:f2:15:54:35:a4:22:e9:a9:
                    31:99:4e:14:f7:8d:5f:bd:04:96:a7:9a:c0:4f:78:
                    7b:34:a4:6f:2b:35:01:1f:5f:90:82:7f:5f:89:83:
                    e0:51:8f:1a:db:83:8e:17:21:ad:b7:fc:2e:5b:c9:
                    50:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:B3:0F:39:4C:B8:A6:B3:63:3B:A1:B1:D0:AF:9F:17:B5:C3:1C:E3
            X509v3 Authority Key Identifier:
                keyid:78:58:40:E3:A0:F0:47:4A:4A:CC:E4:5E:D5:FC:9C:FF:77:85:8D:93

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eFhA46DwR0pKzORe1fyc_3eFjZM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/142664-4c33-442a-b432-fafb12a16c31/1/pbMPOUy4prNjO6Gx0K-fF7XDHOM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/142664-4c33-442a-b432-fafb12a16c31/1/eFhA46DwR0pKzORe1fyc_3eFjZM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.241.110.0/24
                IPv6:
                  2a10:9640::/29

    Signature Algorithm: sha256WithRSAEncryption
         1d:fe:3f:6f:02:d5:2b:bc:d9:2a:0a:d6:d4:bf:ca:c2:ab:4c:
         c2:d0:37:20:3b:d9:02:10:09:35:b0:75:13:b6:2a:e2:2c:f4:
         b6:cc:25:9f:95:cd:14:38:ba:83:5e:ff:8d:97:91:59:a2:b5:
         18:f2:06:71:03:c0:62:52:04:0d:b5:4b:5e:45:66:46:6d:b6:
         1d:bc:2e:8b:f8:90:42:d9:8e:9d:91:db:5d:11:8b:4b:ef:0a:
         9d:c8:6d:c3:11:cd:63:f6:cc:97:25:15:26:9c:b5:89:85:5f:
         91:9e:57:6d:d1:2e:5d:a3:07:3e:0a:6d:da:77:16:52:f4:8d:
         3e:8f:a0:a9:02:3d:cd:24:8a:30:5e:04:05:d0:bd:15:12:f1:
         d3:b4:7b:b2:e5:cc:e9:89:f7:29:dd:04:e6:d6:fa:ea:86:85:
         e6:9c:db:1e:72:35:88:e7:e5:e4:5f:7c:a9:6c:94:d9:31:f2:
         29:2c:5a:9d:ce:aa:2b:e5:54:2d:14:f5:70:ab:56:08:bc:cf:
         6c:0d:ed:c1:5a:3e:35:d1:23:70:96:51:41:3c:ea:b5:d1:d7:
         52:89:12:b2:77:16:5b:80:c8:24:db:0b:d5:35:c4:61:a4:5c:
         cb:ea:64:05:88:59:76:c0:13:26:7a:1b:68:54:67:6c:97:45:
         b3:a8:d5:c4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVspc8cHfuVVvfZv41zC4UlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4NTg0MGUzYTBmMDQ3NGE0YWNjZTQ1ZWQ1ZmM5Y2ZmNzc4
NThkOTMwHhcNMjMwMTAxMDkyNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWIzMGYzOTRjYjhhNmIzNjMzYmExYjFkMGFmOWYxN2I1YzMxY2UzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAknyX5M+3mVKjs+E22k7OVHmaiOST
1+D3XxataTCzt7MNAPBTjRbtR90gP68Ba5Yl/pQWsnJN/thXFaUqveH8V5C1g+ZO
SoEzzhOvBTXks/eXuKtYORlFfptNy6M98GBV4MqbQ9Gb4+Cdym3gwZMe1I6Oz4gV
stg9wR7pdCYBddtMFKeRaTLyJUM3NXEUxAuFTA33QddX10GfeMBDFxtZCM1YSN2c
XCwCsHApdDEEJIEvdTpH3Qq5aLgLONIyP6wlwGB+5UJy8Dho8hVUNaQi6akxmU4U
941fvQSWp5rAT3h7NKRvKzUBH1+Qgn9fiYPgUY8a24OOFyGtt/wuW8lQiwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKWzDzlMuKazYzuhsdCvnxe1wxzjMB8GA1UdIwQY
MBaAFHhYQOOg8EdKSszkXtX8nP93hY2TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUZoQTQ2RHdSMHBLek9SZTFmeWNfM2VGalpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8xNDI2NjQtNGMzMy00NDJhLWI0MzIt
ZmFmYjEyYTE2YzMxLzEvcGJNUE9VeTRwck5qTzZHeDBLLWZGN1hESE9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS8xNDI2NjQtNGMzMy00NDJhLWI0MzItZmFmYjEyYTE2YzMx
LzEvZUZoQTQ2RHdSMHBLek9SZTFmeWNfM2VGalpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAufFuMA0E
AgACMAcDBQMqEJZAMA0GCSqGSIb3DQEBCwUAA4IBAQAd/j9vAtUrvNkqCtbUv8rC
q0zC0DcgO9kCEAk1sHUTtiriLPS2zCWflc0UOLqDXv+Nl5FZorUY8gZxA8BiUgQN
tUteRWZGbbYdvC6L+JBC2Y6dkdtdEYtL7wqdyG3DEc1j9syXJRUmnLWJhV+Rnldt
0S5dowc+Cm3adxZS9I0+j6CpAj3NJIowXgQF0L0VEvHTtHuy5czpifcp3QTm1vrq
hoXmnNsecjWI5+XkX3ypbJTZMfIpLFqdzqor5VQtFPVwq1YIvM9sDe3BWj410SNw
llFBPOq10ddSiRKydxZbgMgk2wvVNcRhpFzL6mQFiFl2wBMmehtoVGdsl0WzqNXE
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:04 2024 by rpki-client on console-ams.rpki-client.org