Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/13a735-3b1c-4d9c-8cfa-a8ca8e4c7e77/1/v5u2t4mbZJx25-NkJOv9eBqdOM4.roa
File:                     v5u2t4mbZJx25-NkJOv9eBqdOM4.roa (raw, json)
Hash identifier:          3z5fTDBxT/XB04/gTNfNffgYomkZMcDFnVhqgJitobk=
Subject key identifier:   BF:9B:B6:B7:89:9B:64:9C:76:E7:E3:64:24:EB:FD:78:1A:9D:38:CE
Certificate issuer:       /CN=86ee201c65d655ee9cfe251f951ea91bba154567
Certificate serial:       018854BBF78A4C733A51D8FB7C9C7935B8A2
Authority key identifier: 86:EE:20:1C:65:D6:55:EE:9C:FE:25:1F:95:1E:A9:1B:BA:15:45:67
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hu4gHGXWVe6c_iUflR6pG7oVRWc.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/f9/13a735-3b1c-4d9c-8cfa-a8ca8e4c7e77/1/v5u2t4mbZJx25-NkJOv9eBqdOM4.roa
Signing time:             Thu 25 May 2023 21:06:24 +0000
ROA not before:           Thu 25 May 2023 21:06:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     174
IP address blocks:        185.201.17.0/24 maxlen: 24
                          185.201.19.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 02 Jun 2023 15:02:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:54:bb:f7:8a:4c:73:3a:51:d8:fb:7c:9c:79:35:b8:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=86ee201c65d655ee9cfe251f951ea91bba154567
        Validity
            Not Before: May 25 21:06:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=bf9bb6b7899b649c76e7e36424ebfd781a9d38ce
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:e3:44:10:7a:65:05:81:e5:14:7c:56:37:74:
                    8b:f6:af:ed:ff:79:e6:e0:8f:fa:83:bc:c8:7c:4e:
                    43:37:28:a6:6e:ec:d6:5a:8c:a8:56:0d:df:21:95:
                    5f:ff:ed:6a:73:d0:b8:e9:59:0e:1b:a1:23:02:87:
                    89:90:cb:b9:a7:a2:8f:ae:63:8c:ff:12:ac:ac:8e:
                    c7:7e:a6:fb:6e:cb:c3:c7:99:99:40:89:85:7b:c0:
                    3e:de:81:11:f0:46:9e:e0:16:cf:bf:ed:50:c5:64:
                    b0:71:b3:07:76:29:a2:be:f6:35:69:11:44:07:98:
                    70:02:dd:50:31:02:ba:3a:84:78:a9:33:ff:8f:2b:
                    5b:10:1b:98:79:79:2b:58:49:b1:6f:11:df:ae:02:
                    33:66:74:c4:8c:3f:09:44:fc:1b:b0:bf:06:00:1a:
                    cd:cd:8c:3e:f5:75:9f:08:28:89:b3:5c:6b:45:e1:
                    9c:dd:ae:41:95:97:05:fd:2d:4b:e5:37:39:ce:42:
                    d7:ad:95:e9:72:9b:3c:08:5b:af:47:41:c5:d6:96:
                    34:4d:dd:22:02:c4:3e:3f:f6:17:4b:a4:d9:52:95:
                    26:78:fa:2b:d5:34:fb:fb:c2:3e:97:d6:c1:21:5a:
                    68:d1:37:b3:c5:70:ba:a3:fd:ce:e7:fa:d2:d8:25:
                    48:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:9B:B6:B7:89:9B:64:9C:76:E7:E3:64:24:EB:FD:78:1A:9D:38:CE
            X509v3 Authority Key Identifier:
                keyid:86:EE:20:1C:65:D6:55:EE:9C:FE:25:1F:95:1E:A9:1B:BA:15:45:67

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hu4gHGXWVe6c_iUflR6pG7oVRWc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/13a735-3b1c-4d9c-8cfa-a8ca8e4c7e77/1/v5u2t4mbZJx25-NkJOv9eBqdOM4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/13a735-3b1c-4d9c-8cfa-a8ca8e4c7e77/1/hu4gHGXWVe6c_iUflR6pG7oVRWc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.201.17.0/24
                  185.201.19.0/24

    Signature Algorithm: sha256WithRSAEncryption
         14:9a:21:3a:94:a9:e0:c2:92:d2:53:d4:c8:f4:b3:80:da:59:
         8f:93:a8:b2:7f:fd:a1:08:16:c3:8d:83:e0:13:57:9f:db:24:
         03:d2:12:f4:60:0c:e1:fb:f9:b7:5d:4b:ef:2e:ed:d0:72:83:
         a7:d2:93:10:09:85:83:cf:68:e9:a1:c1:ce:f5:cd:d2:12:48:
         1e:d5:da:8a:98:62:3b:27:0b:d5:a2:0d:74:50:93:58:9d:64:
         9f:1e:42:f7:5e:81:54:b9:bb:ec:48:63:53:51:ac:04:5d:02:
         e3:0a:b5:3f:66:2e:16:f1:f0:e5:49:f5:b3:dc:48:3e:af:a5:
         90:2f:a8:77:bc:a7:a2:88:de:8a:77:f0:02:c5:a5:57:a6:45:
         6f:0d:9f:35:04:3d:ba:ae:0b:14:0a:2e:38:6e:ec:d0:0c:ce:
         06:f1:dd:e6:48:56:3a:92:12:f8:7d:3a:7d:b7:cb:24:4f:bf:
         b3:f8:16:53:2b:d6:a8:62:c7:7f:00:56:7f:70:72:d5:77:86:
         70:da:29:56:37:89:d6:75:d9:ed:48:97:a4:fb:2a:11:78:fc:
         c7:b6:9d:79:bd:87:40:07:2d:32:01:07:94:e9:4e:22:14:e8:
         ee:e7:cb:4b:32:76:d0:a9:e4:63:ad:4f:38:00:87:d8:33:f4:
         16:ec:5a:9a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYhUu/eKTHM6Udj7fJx5NbiiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZWUyMDFjNjVkNjU1ZWU5Y2ZlMjUxZjk1MWVhOTFiYmEx
NTQ1NjcwHhcNMjMwNTI1MjEwNjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjliYjZiNzg5OWI2NDljNzZlN2UzNjQyNGViZmQ3ODFhOWQzOGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhONEEHplBYHlFHxWN3SL9q/t/3nm
4I/6g7zIfE5DNyimbuzWWoyoVg3fIZVf/+1qc9C46VkOG6EjAoeJkMu5p6KPrmOM
/xKsrI7Hfqb7bsvDx5mZQImFe8A+3oER8Eae4BbPv+1QxWSwcbMHdimivvY1aRFE
B5hwAt1QMQK6OoR4qTP/jytbEBuYeXkrWEmxbxHfrgIzZnTEjD8JRPwbsL8GABrN
zYw+9XWfCCiJs1xrReGc3a5BlZcF/S1L5Tc5zkLXrZXpcps8CFuvR0HF1pY0Td0i
AsQ+P/YXS6TZUpUmePor1TT7+8I+l9bBIVpo0TezxXC6o/3O5/rS2CVIfQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFL+btreJm2ScdufjZCTr/XganTjOMB8GA1UdIwQY
MBaAFIbuIBxl1lXunP4lH5UeqRu6FUVnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHU0Z0hHWFdWZTZjX2lVZmxSNnBHN29WUldjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS8xM2E3MzUtM2IxYy00ZDljLThjZmEt
YThjYThlNGM3ZTc3LzEvdjV1MnQ0bWJaSngyNS1Oa0pPdjllQnFkT000LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS8xM2E3MzUtM2IxYy00ZDljLThjZmEtYThjYThlNGM3ZTc3
LzEvaHU0Z0hHWFdWZTZjX2lVZmxSNnBHN29WUldjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuckRAwQA
uckTMA0GCSqGSIb3DQEBCwUAA4IBAQAUmiE6lKngwpLSU9TI9LOA2lmPk6iyf/2h
CBbDjYPgE1ef2yQD0hL0YAzh+/m3XUvvLu3QcoOn0pMQCYWDz2jpocHO9c3SEkge
1dqKmGI7JwvVog10UJNYnWSfHkL3XoFUubvsSGNTUawEXQLjCrU/Zi4W8fDlSfWz
3Eg+r6WQL6h3vKeiiN6Kd/ACxaVXpkVvDZ81BD26rgsUCi44buzQDM4G8d3mSFY6
khL4fTp9t8skT7+z+BZTK9aoYsd/AFZ/cHLVd4Zw2ilWN4nWddntSJek+yoRePzH
tp15vYdABy0yAQeU6U4iFOju58tLMnbQqeRjrU84AIfYM/QW7Fqa
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:18 2024 by rpki-client on console-fra.rpki-client.org