Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/b3ae33-6d62-4093-92ec-5638526ff641/1/fE3JufDmsk4KrSN80fWgoTAr2vY.roa
File:                     fE3JufDmsk4KrSN80fWgoTAr2vY.roa (raw, json)
Hash identifier:          Qy5r8Hjh3aSDhAZOW7dfOASDY8F/SwkIrUau8X1HeKA=
Subject key identifier:   7C:4D:C9:B9:F0:E6:B2:4E:0A:AD:23:7C:D1:F5:A0:A1:30:2B:DA:F6
Certificate issuer:       /CN=1e234242957bb1be129681721f9c2cd08df07baa
Certificate serial:       0185C20D26B141DA71A4B36613ABB85DC635
Authority key identifier: 1E:23:42:42:95:7B:B1:BE:12:96:81:72:1F:9C:2C:D0:8D:F0:7B:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/HiNCQpV7sb4SloFyH5ws0I3we6o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/05/b3ae33-6d62-4093-92ec-5638526ff641/1/fE3JufDmsk4KrSN80fWgoTAr2vY.roa
Signing time:             Tue 17 Jan 2023 23:25:19 +0000
ROA not before:           Tue 17 Jan 2023 23:25:19 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     60232
IP address blocks:        185.40.72.0/22 maxlen: 24
                          195.142.194.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:31:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:c2:0d:26:b1:41:da:71:a4:b3:66:13:ab:b8:5d:c6:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1e234242957bb1be129681721f9c2cd08df07baa
        Validity
            Not Before: Jan 17 23:25:19 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7c4dc9b9f0e6b24e0aad237cd1f5a0a1302bdaf6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:d8:3b:9a:82:91:68:2c:9f:35:54:d1:5b:f5:
                    7a:c8:36:a9:02:9a:59:83:40:67:09:fe:d1:86:18:
                    06:cd:85:a0:a9:e0:c6:e2:c0:fd:05:1e:ba:a1:f2:
                    22:51:de:30:ec:3f:46:c3:aa:73:3a:e0:77:19:cd:
                    e3:35:74:ec:fb:60:0a:7b:89:2b:ac:af:89:56:eb:
                    d4:33:28:8d:3f:fd:f2:69:f8:2f:29:f0:61:59:73:
                    60:7f:62:e7:7a:c0:93:e0:24:de:ef:e8:3c:0c:7a:
                    dd:26:09:9f:5c:a1:be:0e:35:b0:f8:ac:0e:3b:26:
                    b9:1e:32:4d:86:9a:25:59:da:e1:c2:41:72:fa:e6:
                    13:81:cb:88:50:30:a4:3e:d1:e8:30:2e:96:f2:e8:
                    7b:54:f0:89:34:75:4e:c9:51:02:80:2c:e6:fb:3a:
                    83:ff:1a:ed:f5:98:10:f0:69:c4:8f:7f:47:e0:8d:
                    ed:12:cc:e4:c6:87:0c:9f:e7:b3:d5:2e:8a:f2:a7:
                    a3:8e:70:b6:26:69:1f:da:df:a8:29:ef:34:1e:f1:
                    d3:4e:1d:a6:46:b7:f1:be:6c:ab:1a:c6:02:0f:61:
                    ac:54:5a:dc:10:31:32:fb:a6:4b:0b:8b:10:90:b9:
                    da:a0:54:b8:90:8c:c4:81:d4:58:a6:5e:d5:c4:59:
                    f7:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:4D:C9:B9:F0:E6:B2:4E:0A:AD:23:7C:D1:F5:A0:A1:30:2B:DA:F6
            X509v3 Authority Key Identifier:
                keyid:1E:23:42:42:95:7B:B1:BE:12:96:81:72:1F:9C:2C:D0:8D:F0:7B:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HiNCQpV7sb4SloFyH5ws0I3we6o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/b3ae33-6d62-4093-92ec-5638526ff641/1/fE3JufDmsk4KrSN80fWgoTAr2vY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/05/b3ae33-6d62-4093-92ec-5638526ff641/1/HiNCQpV7sb4SloFyH5ws0I3we6o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.40.72.0/22
                  195.142.194.0/24

    Signature Algorithm: sha256WithRSAEncryption
         09:de:39:e4:4c:52:72:ff:74:3f:82:81:ae:93:7c:11:c7:43:
         86:12:14:e4:02:a3:c1:ea:3b:2d:92:13:41:85:4e:c3:95:66:
         e6:a1:54:2d:4f:7a:12:ed:de:75:d9:8c:b4:bd:94:db:6a:8c:
         a7:2b:6c:59:1d:02:94:8a:5d:35:27:26:76:8c:36:57:1b:bb:
         2a:ab:ee:b5:5a:4b:ed:e6:b0:4f:17:f9:ef:25:b4:f1:37:d0:
         a8:9f:af:4a:69:bf:22:ba:39:6a:28:74:b3:8b:13:27:49:d4:
         8d:47:aa:94:9b:02:0e:86:19:fa:66:6e:18:5e:de:80:26:3c:
         50:47:f6:67:74:92:8c:02:1c:66:95:ac:4a:27:c9:4b:b9:50:
         34:ce:bb:3d:68:2e:32:94:08:b3:45:4c:cb:1b:36:c5:f8:01:
         cb:14:f4:19:0d:be:17:aa:08:a9:6e:e2:52:c9:2c:f1:78:7d:
         7a:6e:7b:4a:ea:b1:9e:8a:40:ab:50:63:1c:78:fd:43:80:7b:
         bc:08:ae:6e:71:fd:05:d2:08:98:4d:21:96:22:1c:e2:08:0c:
         84:1d:21:08:25:dd:4e:54:ca:6a:e5:e6:8f:d3:88:42:25:f8:
         06:82:72:94:66:8e:ca:01:ef:1f:d3:ef:8c:1a:c4:19:ed:05:
         85:19:48:a3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYXCDSaxQdpxpLNmE6u4XcY1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMjM0MjQyOTU3YmIxYmUxMjk2ODE3MjFmOWMyY2QwOGRm
MDdiYWEwHhcNMjMwMTE3MjMyNTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzRkYzliOWYwZTZiMjRlMGFhZDIzN2NkMWY1YTBhMTMwMmJkYWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj9g7moKRaCyfNVTRW/V6yDapAppZ
g0BnCf7RhhgGzYWgqeDG4sD9BR66ofIiUd4w7D9Gw6pzOuB3Gc3jNXTs+2AKe4kr
rK+JVuvUMyiNP/3yafgvKfBhWXNgf2LnesCT4CTe7+g8DHrdJgmfXKG+DjWw+KwO
Oya5HjJNhpolWdrhwkFy+uYTgcuIUDCkPtHoMC6W8uh7VPCJNHVOyVECgCzm+zqD
/xrt9ZgQ8GnEj39H4I3tEszkxocMn+ez1S6K8qejjnC2Jmkf2t+oKe80HvHTTh2m
RrfxvmyrGsYCD2GsVFrcEDEy+6ZLC4sQkLnaoFS4kIzEgdRYpl7VxFn3IQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHxNybnw5rJOCq0jfNH1oKEwK9r2MB8GA1UdIwQY
MBaAFB4jQkKVe7G+EpaBch+cLNCN8HuqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGlOQ1FwVjdzYjRTbG9GeUg1d3MwSTN3ZTZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9iM2FlMzMtNmQ2Mi00MDkzLTkyZWMt
NTYzODUyNmZmNjQxLzEvZkUzSnVmRG1zazRLclNOODBmV2dvVEFyMnZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9iM2FlMzMtNmQ2Mi00MDkzLTkyZWMtNTYzODUyNmZmNjQx
LzEvSGlOQ1FwVjdzYjRTbG9GeUg1d3MwSTN3ZTZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuShIAwQA
w47CMA0GCSqGSIb3DQEBCwUAA4IBAQAJ3jnkTFJy/3Q/goGuk3wRx0OGEhTkAqPB
6jstkhNBhU7DlWbmoVQtT3oS7d512Yy0vZTbaoynK2xZHQKUil01JyZ2jDZXG7sq
q+61Wkvt5rBPF/nvJbTxN9Con69Kab8iujlqKHSzixMnSdSNR6qUmwIOhhn6Zm4Y
Xt6AJjxQR/ZndJKMAhxmlaxKJ8lLuVA0zrs9aC4ylAizRUzLGzbF+AHLFPQZDb4X
qgipbuJSySzxeH16bntK6rGeikCrUGMceP1DgHu8CK5ucf0F0giYTSGWIhziCAyE
HSEIJd1OVMpq5eaP04hCJfgGgnKUZo7KAe8f0++MGsQZ7QWFGUij
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:13 2024 by rpki-client on console-ams.rpki-client.org