Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/13a735-3b1c-4d9c-8cfa-a8ca8e4c7e77/1/_ocQxzHF4ei0JSgNXUl11w72Cds.roa
File:                     _ocQxzHF4ei0JSgNXUl11w72Cds.roa (raw, json)
Hash identifier:          g4iChvevYH8oN3cb97Wqzo817D3TH+xTI1czwR+at6s=
Subject key identifier:   FE:87:10:C7:31:C5:E1:E8:B4:25:28:0D:5D:49:75:D7:0E:F6:09:DB
Certificate issuer:       /CN=86ee201c65d655ee9cfe251f951ea91bba154567
Certificate serial:       0185711E349C5028776D60149F5003F7CE02
Authority key identifier: 86:EE:20:1C:65:D6:55:EE:9C:FE:25:1F:95:1E:A9:1B:BA:15:45:67
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hu4gHGXWVe6c_iUflR6pG7oVRWc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f9/13a735-3b1c-4d9c-8cfa-a8ca8e4c7e77/1/_ocQxzHF4ei0JSgNXUl11w72Cds.roa
Signing time:             Mon 02 Jan 2023 06:14:43 +0000
ROA not before:           Mon 02 Jan 2023 06:14:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     174
IP address blocks:        185.201.19.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 25 May 2023 17:50:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:1e:34:9c:50:28:77:6d:60:14:9f:50:03:f7:ce:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86ee201c65d655ee9cfe251f951ea91bba154567
        Validity
            Not Before: Jan  2 06:14:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=fe8710c731c5e1e8b425280d5d4975d70ef609db
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:96:75:8b:81:c1:55:c7:e3:18:bf:fc:21:64:
                    b4:ae:77:39:3e:45:71:ca:44:d4:29:16:9b:aa:b5:
                    87:f5:4c:d0:2c:66:20:0e:2c:e3:fb:44:e8:ff:2c:
                    57:03:0f:9d:42:6e:68:5c:08:a5:c2:e6:8c:a2:f2:
                    56:d6:6e:c4:71:01:ed:5c:b5:40:a3:14:3c:46:08:
                    97:c7:b7:67:e9:00:af:4a:3e:ad:e6:22:a7:25:6a:
                    b4:16:23:14:0a:a1:82:a6:0c:e1:dd:68:ba:2b:41:
                    af:20:e1:54:95:9c:27:8e:4b:fd:c6:fd:25:01:a0:
                    51:0d:d6:46:70:a2:92:67:e9:2c:54:a3:f0:44:02:
                    18:6d:64:a4:1c:63:94:24:bb:10:8b:19:1f:f5:35:
                    59:06:f2:4a:f9:82:38:d0:50:9c:0e:ad:c7:dc:fa:
                    89:da:5a:7c:73:0f:7a:ad:68:97:b6:bb:52:91:3a:
                    3e:10:16:9a:c9:a3:c4:67:aa:fd:a3:9b:ff:c2:0d:
                    dd:75:e7:2a:28:91:64:60:43:d5:14:4d:be:a5:ed:
                    c5:ca:3e:ac:ac:39:42:a2:8a:7b:ba:ff:81:11:d9:
                    44:9e:5a:f8:5e:16:0b:03:af:a8:e4:ab:c3:d7:59:
                    8a:e3:df:c2:41:88:c2:38:92:34:1e:1b:e9:c4:c9:
                    c1:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:87:10:C7:31:C5:E1:E8:B4:25:28:0D:5D:49:75:D7:0E:F6:09:DB
            X509v3 Authority Key Identifier:
                keyid:86:EE:20:1C:65:D6:55:EE:9C:FE:25:1F:95:1E:A9:1B:BA:15:45:67

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hu4gHGXWVe6c_iUflR6pG7oVRWc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/13a735-3b1c-4d9c-8cfa-a8ca8e4c7e77/1/_ocQxzHF4ei0JSgNXUl11w72Cds.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/13a735-3b1c-4d9c-8cfa-a8ca8e4c7e77/1/hu4gHGXWVe6c_iUflR6pG7oVRWc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.201.19.0/24

    Signature Algorithm: sha256WithRSAEncryption
         52:3a:25:08:e3:b5:d6:d5:55:76:41:57:3e:b1:6f:43:96:51:
         22:88:61:fe:52:69:5b:18:fe:6e:12:94:e5:78:78:80:eb:29:
         75:49:6d:a0:7d:29:03:85:e0:c9:8f:21:d4:0d:06:ea:e2:77:
         60:44:6f:16:90:48:6b:58:e4:67:12:7a:4b:06:c0:f0:22:d0:
         fb:d1:31:bc:37:9b:a3:85:71:bc:0f:f9:bb:3c:39:66:0b:a0:
         ef:21:67:e9:1c:df:f4:7f:02:27:0c:b7:6e:f5:5e:12:86:cc:
         8d:87:ab:97:b7:8a:cf:78:4d:4e:61:1e:8e:6e:77:c5:35:a9:
         fb:b8:39:74:cd:59:f1:d1:f4:65:6a:56:af:45:96:b9:3b:7a:
         5a:da:49:97:b5:55:43:d3:8e:51:11:54:e8:b7:2b:90:73:7c:
         a1:dc:31:f8:9e:06:fa:f0:ef:a5:52:d2:69:fc:1f:19:c4:91:
         a1:86:0b:5b:15:73:e3:be:5e:e5:46:80:05:e4:38:fb:e7:68:
         62:99:8a:c2:c8:fc:8a:1f:6c:74:fd:f7:23:91:00:7d:23:6c:
         39:5d:80:f4:10:46:18:42:b7:32:5b:83:35:7a:cb:d0:0c:94:
         d3:42:6c:77:fe:d8:71:f0:c4:93:fa:88:94:4a:bb:b9:a4:60:
         59:c6:82:ff
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxHjScUCh3bWAUn1AD984CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZWUyMDFjNjVkNjU1ZWU5Y2ZlMjUxZjk1MWVhOTFiYmEx
NTQ1NjcwHhcNMjMwMTAyMDYxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTg3MTBjNzMxYzVlMWU4YjQyNTI4MGQ1ZDQ5NzVkNzBlZjYwOWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvJZ1i4HBVcfjGL/8IWS0rnc5PkVx
ykTUKRabqrWH9UzQLGYgDizj+0To/yxXAw+dQm5oXAilwuaMovJW1m7EcQHtXLVA
oxQ8RgiXx7dn6QCvSj6t5iKnJWq0FiMUCqGCpgzh3Wi6K0GvIOFUlZwnjkv9xv0l
AaBRDdZGcKKSZ+ksVKPwRAIYbWSkHGOUJLsQixkf9TVZBvJK+YI40FCcDq3H3PqJ
2lp8cw96rWiXtrtSkTo+EBaayaPEZ6r9o5v/wg3ddecqKJFkYEPVFE2+pe3Fyj6s
rDlCoop7uv+BEdlEnlr4XhYLA6+o5KvD11mK49/CQYjCOJI0HhvpxMnBUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP6HEMcxxeHotCUoDV1JddcO9gnbMB8GA1UdIwQY
MBaAFIbuIBxl1lXunP4lH5UeqRu6FUVnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHU0Z0hHWFdWZTZjX2lVZmxSNnBHN29WUldjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS8xM2E3MzUtM2IxYy00ZDljLThjZmEt
YThjYThlNGM3ZTc3LzEvX29jUXh6SEY0ZWkwSlNnTlhVbDExdzcyQ2RzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS8xM2E3MzUtM2IxYy00ZDljLThjZmEtYThjYThlNGM3ZTc3
LzEvaHU0Z0hHWFdWZTZjX2lVZmxSNnBHN29WUldjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuckTMA0G
CSqGSIb3DQEBCwUAA4IBAQBSOiUI47XW1VV2QVc+sW9DllEiiGH+UmlbGP5uEpTl
eHiA6yl1SW2gfSkDheDJjyHUDQbq4ndgRG8WkEhrWORnEnpLBsDwItD70TG8N5uj
hXG8D/m7PDlmC6DvIWfpHN/0fwInDLdu9V4ShsyNh6uXt4rPeE1OYR6ObnfFNan7
uDl0zVnx0fRlalavRZa5O3pa2kmXtVVD045REVTotyuQc3yh3DH4ngb68O+lUtJp
/B8ZxJGhhgtbFXPjvl7lRoAF5Dj752himYrCyPyKH2x0/fcjkQB9I2w5XYD0EEYY
QrcyW4M1esvQDJTTQmx3/thx8MST+oiUSru5pGBZxoL/
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:18 2024 by rpki-client on console-fra.rpki-client.org