Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/a4d09f-29df-44ea-a7b1-0a0aaeaee4f1/1/wDvHZqYdxv-OcqBe7sguUDI-y2c.roa
File:                     wDvHZqYdxv-OcqBe7sguUDI-y2c.roa (raw, json)
Hash identifier:          Didcw1VpY7B0eYDKA6l3LjnGKzOj8f52sy9KgTSZaWA=
Subject key identifier:   C0:3B:C7:66:A6:1D:C6:FF:8E:72:A0:5E:EE:C8:2E:50:32:3E:CB:67
Certificate issuer:       /CN=2e0a9333f93cca544fdabe2ea7a6738a54af759e
Certificate serial:       018BD4B472414780559D037E7C45CD35E93A
Authority key identifier: 2E:0A:93:33:F9:3C:CA:54:4F:DA:BE:2E:A7:A6:73:8A:54:AF:75:9E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LgqTM_k8ylRP2r4up6ZzilSvdZ4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/a4d09f-29df-44ea-a7b1-0a0aaeaee4f1/1/wDvHZqYdxv-OcqBe7sguUDI-y2c.roa
Signing time:             Wed 15 Nov 2023 20:37:57 +0000
ROA not before:           Wed 15 Nov 2023 20:37:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     56582
IP address blocks:        185.23.73.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:30:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:d4:b4:72:41:47:80:55:9d:03:7e:7c:45:cd:35:e9:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2e0a9333f93cca544fdabe2ea7a6738a54af759e
        Validity
            Not Before: Nov 15 20:37:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c03bc766a61dc6ff8e72a05eeec82e50323ecb67
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:4f:a7:6c:22:eb:ed:df:85:55:3e:fe:93:a5:
                    ad:5a:de:19:ee:49:95:f5:97:02:cd:c1:8f:83:91:
                    dc:a9:29:35:b1:3f:98:0f:61:5e:ee:ae:c3:5a:09:
                    78:95:00:5c:a7:e4:0b:f7:5f:6d:7a:d8:29:ac:db:
                    53:ec:7c:84:6f:d4:17:e6:e0:5e:76:2a:ec:d1:17:
                    cf:73:e5:61:34:ca:0f:3b:53:66:39:d2:1f:0e:88:
                    3f:36:ae:1e:45:82:dd:ec:f3:0e:7b:3c:8d:c4:dc:
                    e2:3e:76:1c:87:56:ff:05:54:9d:12:65:5f:28:b2:
                    41:af:83:79:62:26:01:4a:e1:28:8f:99:04:44:eb:
                    ca:8e:40:70:ba:d7:d8:13:81:51:01:44:56:06:94:
                    af:0a:52:ad:d4:45:55:f5:9f:79:e4:18:b7:a2:b1:
                    b8:ac:12:e9:ec:45:d9:b9:60:b6:bf:d0:76:40:0a:
                    0d:7d:d2:9f:2a:fd:a1:8a:89:f4:fb:05:08:b1:23:
                    db:fc:db:2d:06:c9:f0:2d:c6:ab:09:fb:1d:21:f3:
                    0a:21:26:16:6b:0d:51:1e:29:0e:70:8e:5c:67:3d:
                    f1:4a:3e:d0:97:0c:de:15:79:72:d7:d0:a8:17:77:
                    6c:27:ea:fa:12:cf:f6:30:2c:f1:db:1c:20:15:34:
                    38:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:3B:C7:66:A6:1D:C6:FF:8E:72:A0:5E:EE:C8:2E:50:32:3E:CB:67
            X509v3 Authority Key Identifier:
                keyid:2E:0A:93:33:F9:3C:CA:54:4F:DA:BE:2E:A7:A6:73:8A:54:AF:75:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LgqTM_k8ylRP2r4up6ZzilSvdZ4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/a4d09f-29df-44ea-a7b1-0a0aaeaee4f1/1/wDvHZqYdxv-OcqBe7sguUDI-y2c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/a4d09f-29df-44ea-a7b1-0a0aaeaee4f1/1/LgqTM_k8ylRP2r4up6ZzilSvdZ4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.23.73.0/24

    Signature Algorithm: sha256WithRSAEncryption
         17:f3:ef:3d:d6:48:7d:14:98:bf:8e:87:1a:a8:63:c2:95:b9:
         5a:07:07:5b:48:36:f9:33:95:38:9f:4a:6f:fc:88:0d:81:ef:
         b4:29:ce:bb:bb:79:31:72:d4:29:b1:ea:9e:92:26:66:72:50:
         c7:f0:58:1d:ab:c7:e0:3b:b2:9d:69:ee:9e:08:ae:7c:07:0e:
         48:f0:8a:bc:a3:0f:9f:34:8f:16:71:76:e7:a6:d9:0f:ff:d6:
         26:48:59:10:b6:ad:72:6b:0a:ba:01:84:89:b6:f6:44:ca:21:
         c4:55:32:6f:ae:cb:2e:96:25:a0:c4:67:83:a0:ca:cb:7f:8e:
         ab:29:23:53:d9:3c:18:72:0d:6d:3a:9b:d1:95:77:45:a8:44:
         3b:ed:82:69:fb:91:8f:64:6b:1e:64:16:e1:72:a5:e6:75:85:
         b5:fe:fc:c6:03:a7:29:14:2e:fe:b9:b7:88:94:86:c3:cb:89:
         f2:ff:0b:37:25:91:2e:55:45:ae:30:b2:5e:d0:ef:06:44:10:
         e2:9c:db:1b:79:4f:c5:64:23:09:63:96:51:1a:dd:7a:94:08:
         f4:37:ae:51:eb:29:ff:9c:40:e1:d4:57:27:70:3e:69:1c:eb:
         eb:33:85:21:8f:16:7d:bd:a4:08:f3:be:b7:b4:70:b8:b7:bb:
         00:67:57:98
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYvUtHJBR4BVnQN+fEXNNek6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlMGE5MzMzZjkzY2NhNTQ0ZmRhYmUyZWE3YTY3MzhhNTRh
Zjc1OWUwHhcNMjMxMTE1MjAzNzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDNiYzc2NmE2MWRjNmZmOGU3MmEwNWVlZWM4MmU1MDMyM2VjYjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA10+nbCLr7d+FVT7+k6WtWt4Z7kmV
9ZcCzcGPg5HcqSk1sT+YD2Fe7q7DWgl4lQBcp+QL919tetgprNtT7HyEb9QX5uBe
dirs0RfPc+VhNMoPO1NmOdIfDog/Nq4eRYLd7PMOezyNxNziPnYch1b/BVSdEmVf
KLJBr4N5YiYBSuEoj5kEROvKjkBwutfYE4FRAURWBpSvClKt1EVV9Z955Bi3orG4
rBLp7EXZuWC2v9B2QAoNfdKfKv2hion0+wUIsSPb/NstBsnwLcarCfsdIfMKISYW
aw1RHikOcI5cZz3xSj7QlwzeFXly19CoF3dsJ+r6Es/2MCzx2xwgFTQ4jQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMA7x2amHcb/jnKgXu7ILlAyPstnMB8GA1UdIwQY
MBaAFC4KkzP5PMpUT9q+Lqemc4pUr3WeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGdxVE1fazh5bFJQMnI0dXA2WnppbFN2ZFo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9hNGQwOWYtMjlkZi00NGVhLWE3YjEt
MGEwYWFlYWVlNGYxLzEvd0R2SFpxWWR4di1PY3FCZTdzZ3VVREkteTJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9hNGQwOWYtMjlkZi00NGVhLWE3YjEtMGEwYWFlYWVlNGYx
LzEvTGdxVE1fazh5bFJQMnI0dXA2WnppbFN2ZFo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuRdJMA0G
CSqGSIb3DQEBCwUAA4IBAQAX8+891kh9FJi/jocaqGPClblaBwdbSDb5M5U4n0pv
/IgNge+0Kc67u3kxctQpseqekiZmclDH8Fgdq8fgO7Kdae6eCK58Bw5I8Iq8ow+f
NI8WcXbnptkP/9YmSFkQtq1yawq6AYSJtvZEyiHEVTJvrssuliWgxGeDoMrLf46r
KSNT2TwYcg1tOpvRlXdFqEQ77YJp+5GPZGseZBbhcqXmdYW1/vzGA6cpFC7+ubeI
lIbDy4ny/ws3JZEuVUWuMLJe0O8GRBDinNsbeU/FZCMJY5ZRGt16lAj0N65R6yn/
nEDh1FcncD5pHOvrM4UhjxZ9vaQI8763tHC4t7sAZ1eY
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:43 2024 by rpki-client on console-fra.rpki-client.org