Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/9918aa-347d-4878-a16b-8ac7be46cc4b/1/Vk0SxGhg0vt5_m6oXWbDHer4shw.roa
File:                     Vk0SxGhg0vt5_m6oXWbDHer4shw.roa (raw, json)
Hash identifier:          uVJuWemWP3kKvKA/lkoTtf5pgh+PvboOsFNo5+ysvjQ=
Subject key identifier:   56:4D:12:C4:68:60:D2:FB:79:FE:6E:A8:5D:66:C3:1D:EA:F8:B2:1C
Certificate issuer:       /CN=0c44f3e24bbfc6048e5ffa50c3dce364ffc012b0
Certificate serial:       01856F30048137C8F97A1509F622DE4F3D65
Authority key identifier: 0C:44:F3:E2:4B:BF:C6:04:8E:5F:FA:50:C3:DC:E3:64:FF:C0:12:B0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/DETz4ku_xgSOX_pQw9zjZP_AErA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f5/9918aa-347d-4878-a16b-8ac7be46cc4b/1/Vk0SxGhg0vt5_m6oXWbDHer4shw.roa
Signing time:             Sun 01 Jan 2023 21:14:55 +0000
ROA not before:           Sun 01 Jan 2023 21:14:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     29030
IP address blocks:        185.217.38.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:33:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:30:04:81:37:c8:f9:7a:15:09:f6:22:de:4f:3d:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0c44f3e24bbfc6048e5ffa50c3dce364ffc012b0
        Validity
            Not Before: Jan  1 21:14:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=564d12c46860d2fb79fe6ea85d66c31deaf8b21c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:63:5a:b8:40:4b:f6:bd:80:40:4b:b6:7f:a5:
                    76:54:2a:a2:a5:af:d3:36:a4:ab:f4:04:63:23:64:
                    c7:9b:2e:37:ef:fd:f7:3f:0a:a0:cb:ee:9b:73:c3:
                    ad:8a:82:cb:64:45:68:88:a5:a4:81:55:96:03:49:
                    d7:dc:77:4b:f9:5b:63:2e:7c:e4:06:78:47:0c:02:
                    0b:ac:a9:9a:ce:37:ee:7f:71:54:5b:82:53:10:4a:
                    5e:07:03:8a:c8:2a:7d:ff:19:a7:c4:00:c0:40:1b:
                    ab:3e:c5:d8:92:51:dd:da:ed:3b:f0:d1:2a:f3:c2:
                    ef:14:05:b1:8a:fd:6b:37:2f:c4:ca:d0:4e:a3:4b:
                    df:53:31:2b:7f:63:1a:0d:e2:da:0b:32:1c:9a:0f:
                    f3:11:0b:5c:3e:38:af:d9:aa:5a:e8:46:3a:98:44:
                    64:b6:1f:d9:02:c4:70:22:a2:79:0d:85:77:b7:b6:
                    e4:0f:d1:5f:07:11:7e:3a:a2:64:30:27:30:18:a7:
                    87:a2:43:af:47:0f:a0:8a:1d:76:3e:aa:c2:e0:79:
                    f0:f0:fc:ba:87:c0:27:9b:8c:f6:88:68:be:d3:31:
                    fe:4b:84:75:96:ae:21:63:79:33:26:d0:53:79:8e:
                    9a:2e:ff:35:73:c2:31:fd:86:ee:28:e8:24:fa:3e:
                    0b:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:4D:12:C4:68:60:D2:FB:79:FE:6E:A8:5D:66:C3:1D:EA:F8:B2:1C
            X509v3 Authority Key Identifier:
                keyid:0C:44:F3:E2:4B:BF:C6:04:8E:5F:FA:50:C3:DC:E3:64:FF:C0:12:B0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DETz4ku_xgSOX_pQw9zjZP_AErA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/9918aa-347d-4878-a16b-8ac7be46cc4b/1/Vk0SxGhg0vt5_m6oXWbDHer4shw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/9918aa-347d-4878-a16b-8ac7be46cc4b/1/DETz4ku_xgSOX_pQw9zjZP_AErA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.217.38.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5c:2d:a0:ea:6a:8a:ce:a2:31:b2:f7:a3:43:41:68:93:67:26:
         61:a9:df:ac:9d:54:6e:08:26:aa:be:d8:c9:0e:f3:a4:86:3c:
         78:80:21:65:43:64:ff:41:21:03:8f:cd:a7:50:a5:af:a5:f3:
         d2:95:be:e5:d3:ad:3d:84:1c:cf:7c:fc:4a:1b:86:e4:c9:79:
         e4:b9:85:03:4b:ab:a7:a7:3f:90:f4:a3:32:24:03:dc:9a:c7:
         a1:6c:4f:a8:b6:61:32:ad:3a:4d:fb:06:6b:54:2e:a1:f5:4a:
         ff:5a:ba:c4:02:93:b6:a3:b8:f7:bd:44:a0:d4:4f:f6:fc:18:
         8d:66:70:26:12:da:0e:99:a5:2b:fb:d4:44:b7:f7:12:0f:fa:
         68:f5:9f:c6:1d:4e:79:d9:cf:af:95:49:d6:99:92:93:14:11:
         e3:53:9b:f7:c6:ea:b3:20:8e:2b:8b:da:63:c8:a2:d8:a3:0e:
         b8:ed:83:0e:0c:e0:79:59:20:a2:f1:cf:57:78:1c:fa:5d:41:
         83:ed:bb:91:3c:7b:1c:37:fa:a8:33:b4:cd:a8:f2:0a:eb:80:
         70:57:5c:73:f9:e8:3b:94:e4:a7:80:ea:1a:2a:aa:bc:49:6e:
         09:91:66:01:73:70:63:5b:16:cb:1d:65:ff:c0:bf:fa:dd:fd:
         19:6c:60:41
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvMASBN8j5ehUJ9iLeTz1lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjNDRmM2UyNGJiZmM2MDQ4ZTVmZmE1MGMzZGNlMzY0ZmZj
MDEyYjAwHhcNMjMwMTAxMjExNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjRkMTJjNDY4NjBkMmZiNzlmZTZlYTg1ZDY2YzMxZGVhZjhiMjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArmNauEBL9r2AQEu2f6V2VCqipa/T
NqSr9ARjI2THmy437/33Pwqgy+6bc8OtioLLZEVoiKWkgVWWA0nX3HdL+VtjLnzk
BnhHDAILrKmazjfuf3FUW4JTEEpeBwOKyCp9/xmnxADAQBurPsXYklHd2u078NEq
88LvFAWxiv1rNy/EytBOo0vfUzErf2MaDeLaCzIcmg/zEQtcPjiv2apa6EY6mERk
th/ZAsRwIqJ5DYV3t7bkD9FfBxF+OqJkMCcwGKeHokOvRw+gih12PqrC4Hnw8Py6
h8Anm4z2iGi+0zH+S4R1lq4hY3kzJtBTeY6aLv81c8Ix/YbuKOgk+j4LQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFZNEsRoYNL7ef5uqF1mwx3q+LIcMB8GA1UdIwQY
MBaAFAxE8+JLv8YEjl/6UMPc42T/wBKwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREVUejRrdV94Z1NPWF9wUXc5empaUF9BRXJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS85OTE4YWEtMzQ3ZC00ODc4LWExNmIt
OGFjN2JlNDZjYzRiLzEvVmswU3hHaGcwdnQ1X202b1hXYkRIZXI0c2h3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS85OTE4YWEtMzQ3ZC00ODc4LWExNmItOGFjN2JlNDZjYzRi
LzEvREVUejRrdV94Z1NPWF9wUXc5empaUF9BRXJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudkmMA0G
CSqGSIb3DQEBCwUAA4IBAQBcLaDqaorOojGy96NDQWiTZyZhqd+snVRuCCaqvtjJ
DvOkhjx4gCFlQ2T/QSEDj82nUKWvpfPSlb7l0609hBzPfPxKG4bkyXnkuYUDS6un
pz+Q9KMyJAPcmsehbE+otmEyrTpN+wZrVC6h9Ur/WrrEApO2o7j3vUSg1E/2/BiN
ZnAmEtoOmaUr+9REt/cSD/po9Z/GHU552c+vlUnWmZKTFBHjU5v3xuqzII4ri9pj
yKLYow647YMODOB5WSCi8c9XeBz6XUGD7buRPHscN/qoM7TNqPIK64BwV1xz+eg7
lOSngOoaKqq8SW4JkWYBc3BjWxbLHWX/wL/63f0ZbGBB
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:49 2024 by rpki-client on console-ams.rpki-client.org