Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d001ff-8323-4b89-be3d-c2efeb3b32a5/1/EmWe2-kt1-W3OtPZdDVdJXVr9IM.roa
File:                     EmWe2-kt1-W3OtPZdDVdJXVr9IM.roa (raw, json)
Hash identifier:          svDFZoIgjCm13Js8kOnGkRK7GxKwnRtMG4z1jI4yM5Y=
Subject key identifier:   12:65:9E:DB:E9:2D:D7:E5:B7:3A:D3:D9:74:35:5D:25:75:6B:F4:83
Certificate issuer:       /CN=9d5138e1facf7b65dbb575fa7d47240c278b34df
Certificate serial:       01892141DA45145954E8C05C95D413421F7F
Authority key identifier: 9D:51:38:E1:FA:CF:7B:65:DB:B5:75:FA:7D:47:24:0C:27:8B:34:DF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nVE44frPe2XbtXX6fUckDCeLNN8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/13/d001ff-8323-4b89-be3d-c2efeb3b32a5/1/EmWe2-kt1-W3OtPZdDVdJXVr9IM.roa
Signing time:             Tue 04 Jul 2023 14:15:11 +0000
ROA not before:           Tue 04 Jul 2023 14:15:11 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     209275
IP address blocks:        185.174.31.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 10:30:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:21:41:da:45:14:59:54:e8:c0:5c:95:d4:13:42:1f:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d5138e1facf7b65dbb575fa7d47240c278b34df
        Validity
            Not Before: Jul  4 14:15:11 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=12659edbe92dd7e5b73ad3d974355d25756bf483
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:bf:bd:33:e0:4b:52:bc:e7:5e:bb:f3:09:dd:
                    76:06:c7:a2:a5:95:29:57:49:4e:a9:12:2e:65:24:
                    79:72:e8:4d:98:a3:bf:15:3c:00:de:0e:e9:9f:34:
                    ae:1d:5d:98:93:73:4f:4f:02:61:fa:1b:ba:4c:fb:
                    d8:ec:6c:b9:e6:e5:0d:9e:51:ef:24:93:a1:ad:d0:
                    2b:5b:84:9d:77:46:d4:dc:a3:15:e8:05:49:00:31:
                    28:03:e7:ae:a1:39:81:a2:d8:5e:42:03:53:79:24:
                    3c:36:02:2d:91:94:41:26:2b:9b:df:a2:f6:4f:fb:
                    e8:47:5f:04:19:ed:c8:67:a9:fa:df:cb:35:67:d7:
                    55:eb:8a:80:10:79:3e:1d:02:39:a3:6f:81:90:31:
                    bb:da:6e:10:01:18:1e:c9:1d:2b:01:3e:53:21:2c:
                    bd:08:4a:01:11:c8:d3:06:4f:0c:65:94:27:9c:3b:
                    63:3b:19:07:14:ce:9c:e9:c7:c6:ab:f0:d8:01:a3:
                    f2:7f:cc:53:c6:c1:ce:de:96:d3:ac:bf:ee:3a:a2:
                    75:c0:b0:db:af:52:1b:cb:56:82:69:cd:2b:17:c5:
                    fd:d4:b3:5f:c6:66:dc:7b:73:dd:58:b4:ed:b6:70:
                    a2:ea:2d:bd:b9:ab:01:47:1f:ce:f9:c6:2f:36:8f:
                    84:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:65:9E:DB:E9:2D:D7:E5:B7:3A:D3:D9:74:35:5D:25:75:6B:F4:83
            X509v3 Authority Key Identifier:
                keyid:9D:51:38:E1:FA:CF:7B:65:DB:B5:75:FA:7D:47:24:0C:27:8B:34:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nVE44frPe2XbtXX6fUckDCeLNN8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d001ff-8323-4b89-be3d-c2efeb3b32a5/1/EmWe2-kt1-W3OtPZdDVdJXVr9IM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d001ff-8323-4b89-be3d-c2efeb3b32a5/1/nVE44frPe2XbtXX6fUckDCeLNN8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.174.31.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ba:d0:df:4f:7e:82:8c:41:5c:5f:51:ff:d3:86:90:02:49:1f:
         7d:7d:bc:10:5a:41:56:44:7b:4d:41:12:bd:b8:5b:83:88:a3:
         cd:c8:69:d0:cc:b7:e7:0e:59:d8:d1:de:41:57:63:a6:74:5e:
         12:7f:f2:1e:87:0e:05:02:04:f7:04:02:87:62:10:53:2b:61:
         9f:f5:7f:a5:b2:d9:5f:c2:b3:09:ef:48:b3:b6:9c:da:08:f2:
         ef:48:71:2b:f1:59:56:5f:e7:b8:d4:46:48:60:61:ad:81:14:
         56:4a:8e:15:14:2c:b2:83:b5:1a:06:17:cf:b7:48:91:7c:14:
         22:6b:c1:5c:50:11:86:ec:b7:a5:b9:4c:d2:c3:f7:db:3b:48:
         01:a3:c4:58:e8:84:c3:4a:4e:c3:72:8b:0a:48:98:90:72:f3:
         7c:8d:85:73:86:c9:35:28:c1:bf:64:9b:97:94:99:26:59:49:
         4a:df:f4:3a:87:db:a1:32:6f:4e:4c:5c:8a:5e:9c:ca:f9:98:
         2c:45:3b:c1:52:b8:76:e9:1d:f8:6b:24:93:24:5e:fc:c4:78:
         fb:3d:16:b7:d3:06:66:19:1a:2a:3d:35:25:ab:97:88:56:8e:
         c3:08:e1:c8:a9:48:2c:a2:24:94:c9:06:1c:84:32:e6:32:8d:
         3d:73:1b:66
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYkhQdpFFFlU6MBcldQTQh9/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkNTEzOGUxZmFjZjdiNjVkYmI1NzVmYTdkNDcyNDBjMjc4
YjM0ZGYwHhcNMjMwNzA0MTQxNTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjY1OWVkYmU5MmRkN2U1YjczYWQzZDk3NDM1NWQyNTc1NmJmNDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs7+9M+BLUrznXrvzCd12BseipZUp
V0lOqRIuZSR5cuhNmKO/FTwA3g7pnzSuHV2Yk3NPTwJh+hu6TPvY7Gy55uUNnlHv
JJOhrdArW4Sdd0bU3KMV6AVJADEoA+euoTmBotheQgNTeSQ8NgItkZRBJiub36L2
T/voR18EGe3IZ6n638s1Z9dV64qAEHk+HQI5o2+BkDG72m4QARgeyR0rAT5TISy9
CEoBEcjTBk8MZZQnnDtjOxkHFM6c6cfGq/DYAaPyf8xTxsHO3pbTrL/uOqJ1wLDb
r1Iby1aCac0rF8X91LNfxmbce3PdWLTttnCi6i29uasBRx/O+cYvNo+ElQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBJlntvpLdfltzrT2XQ1XSV1a/SDMB8GA1UdIwQY
MBaAFJ1ROOH6z3tl27V1+n1HJAwnizTfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblZFNDRmclBlMlhidFhYNmZVY2tEQ2VMTk44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDAxZmYtODMyMy00Yjg5LWJlM2Qt
YzJlZmViM2IzMmE1LzEvRW1XZTIta3QxLVczT3RQWmREVmRKWFZyOUlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDAxZmYtODMyMy00Yjg5LWJlM2QtYzJlZmViM2IzMmE1
LzEvblZFNDRmclBlMlhidFhYNmZVY2tEQ2VMTk44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAua4fMA0G
CSqGSIb3DQEBCwUAA4IBAQC60N9PfoKMQVxfUf/ThpACSR99fbwQWkFWRHtNQRK9
uFuDiKPNyGnQzLfnDlnY0d5BV2OmdF4Sf/Iehw4FAgT3BAKHYhBTK2Gf9X+lstlf
wrMJ70iztpzaCPLvSHEr8VlWX+e41EZIYGGtgRRWSo4VFCyyg7UaBhfPt0iRfBQi
a8FcUBGG7LeluUzSw/fbO0gBo8RY6ITDSk7DcosKSJiQcvN8jYVzhsk1KMG/ZJuX
lJkmWUlK3/Q6h9uhMm9OTFyKXpzK+ZgsRTvBUrh26R34aySTJF78xHj7PRa30wZm
GRoqPTUlq5eIVo7DCOHIqUgsoiSUyQYchDLmMo09cxtm
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:27 2024 by rpki-client on console-ams.rpki-client.org