Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/6iQA7zmYPWYUPpHqDVS9ce4W8ts.roa
File:                     6iQA7zmYPWYUPpHqDVS9ce4W8ts.roa (raw, json)
Hash identifier:          7gc3DHM7bJEQh2G8VwYY+DzHtKrNVb5r6GgeYXeVUd8=
Subject key identifier:   EA:24:00:EF:39:98:3D:66:14:3E:91:EA:0D:54:BD:71:EE:16:F2:DB
Certificate issuer:       /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial:       018573900FC307B84A549FA88AB757D10587
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/6iQA7zmYPWYUPpHqDVS9ce4W8ts.roa
Signing time:             Mon 02 Jan 2023 17:38:19 +0000
ROA not before:           Mon 02 Jan 2023 17:38:19 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212238
IP address blocks:        185.185.43.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Wed 08 Mar 2023 11:24:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:73:90:0f:c3:07:b8:4a:54:9f:a8:8a:b7:57:d1:05:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
        Validity
            Not Before: Jan  2 17:38:19 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ea2400ef39983d66143e91ea0d54bd71ee16f2db
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:31:9e:67:b8:cf:2d:0e:28:13:90:36:a4:5f:
                    ea:82:6b:cb:a3:77:3d:05:05:ca:5e:0b:f1:e7:0a:
                    c3:20:77:5e:ab:bc:b4:03:c6:5a:c9:31:58:6c:1f:
                    11:72:1f:df:f0:bd:b0:a8:a0:8e:3a:e0:b6:c5:09:
                    17:8a:ad:ef:3f:a8:40:e4:fe:c3:d3:d8:80:4e:f3:
                    26:2b:71:95:26:34:b9:7c:de:65:8d:ef:fa:32:7b:
                    b5:0e:60:43:65:d0:25:87:e4:14:32:c1:07:25:7f:
                    3b:78:83:3c:81:da:83:83:2f:27:49:2a:10:c0:86:
                    e4:66:7e:98:8e:37:af:cd:93:f7:ea:dc:ac:57:c1:
                    25:0f:25:a9:bc:13:8d:f0:d7:2f:29:dc:ef:d4:69:
                    3a:49:27:7c:23:9f:6c:17:d4:3a:fb:14:fa:c1:f2:
                    91:f6:29:e9:77:06:eb:8c:c7:ab:48:47:7c:7b:80:
                    3b:b9:87:76:33:e8:aa:c5:81:8c:cf:61:56:7a:65:
                    7d:af:59:b1:79:4a:0c:d9:92:0d:fc:dd:0e:36:e0:
                    a2:6f:6f:34:43:ed:7c:0e:68:7a:58:64:bb:aa:c2:
                    11:8f:16:5f:58:fe:32:cb:88:cf:6a:71:04:b4:24:
                    c1:37:b1:3c:56:44:fb:cf:86:8a:c6:24:f0:f4:02:
                    79:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:24:00:EF:39:98:3D:66:14:3E:91:EA:0D:54:BD:71:EE:16:F2:DB
            X509v3 Authority Key Identifier:
                keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/6iQA7zmYPWYUPpHqDVS9ce4W8ts.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.185.43.0/24

    Signature Algorithm: sha256WithRSAEncryption
         49:49:ff:4b:2a:7c:47:b5:3a:42:d5:09:8c:23:4c:2b:3c:da:
         6f:3e:d8:9a:be:cb:82:f2:c7:ab:bf:89:64:b6:44:46:fe:a4:
         48:a8:11:26:df:0a:bc:8c:86:62:ab:de:8c:be:22:49:73:75:
         94:8a:e6:86:8d:5b:a3:a5:2e:02:56:96:55:db:55:1e:9b:ab:
         35:ca:6d:0d:32:66:2a:72:bf:12:90:01:2e:fa:ee:75:a0:d1:
         a6:f9:9a:f3:48:6f:1d:35:17:f8:aa:17:d1:56:d7:cc:09:fb:
         79:23:34:e7:e6:0c:b5:d0:90:b6:87:9f:08:ee:16:0e:14:b1:
         59:6f:84:50:ad:be:e5:99:d9:23:87:be:7b:25:fe:00:41:66:
         ed:16:8b:2b:4c:d9:09:44:4f:6e:2c:48:18:54:81:0d:f5:fc:
         ca:5e:c2:68:34:5f:b0:e3:ee:44:dc:54:cc:4c:d8:0c:39:12:
         f8:b0:3d:fe:dd:7b:c8:09:98:60:b5:71:a0:d6:34:cd:30:97:
         d0:71:7e:17:80:a6:68:29:db:fe:96:f0:8f:f2:19:e3:12:8a:
         17:6d:76:8b:04:57:f1:03:b7:54:68:3e:bd:40:cd:3d:c2:2e:
         12:53:31:19:05:f9:f6:66:df:cf:53:10:bf:0e:f2:95:df:a5:
         90:79:09:ca
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzkA/DB7hKVJ+oirdX0QWHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwMTAyMTczODE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTI0MDBlZjM5OTgzZDY2MTQzZTkxZWEwZDU0YmQ3MWVlMTZmMmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzGeZ7jPLQ4oE5A2pF/qgmvLo3c9
BQXKXgvx5wrDIHdeq7y0A8ZayTFYbB8Rch/f8L2wqKCOOuC2xQkXiq3vP6hA5P7D
09iATvMmK3GVJjS5fN5lje/6Mnu1DmBDZdAlh+QUMsEHJX87eIM8gdqDgy8nSSoQ
wIbkZn6YjjevzZP36tysV8ElDyWpvBON8NcvKdzv1Gk6SSd8I59sF9Q6+xT6wfKR
9inpdwbrjMerSEd8e4A7uYd2M+iqxYGMz2FWemV9r1mxeUoM2ZIN/N0ONuCib280
Q+18Dmh6WGS7qsIRjxZfWP4yy4jPanEEtCTBN7E8VkT7z4aKxiTw9AJ5dwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOokAO85mD1mFD6R6g1UvXHuFvLbMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvNmlRQTd6bVlQV1lVUHBIcURWUzljZTRXOHRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAubkrMA0G
CSqGSIb3DQEBCwUAA4IBAQBJSf9LKnxHtTpC1QmMI0wrPNpvPtiavsuC8serv4lk
tkRG/qRIqBEm3wq8jIZiq96MviJJc3WUiuaGjVujpS4CVpZV21Uem6s1ym0NMmYq
cr8SkAEu+u51oNGm+ZrzSG8dNRf4qhfRVtfMCft5IzTn5gy10JC2h58I7hYOFLFZ
b4RQrb7lmdkjh757Jf4AQWbtFosrTNkJRE9uLEgYVIEN9fzKXsJoNF+w4+5E3FTM
TNgMORL4sD3+3XvICZhgtXGg1jTNMJfQcX4XgKZoKdv+lvCP8hnjEooXbXaLBFfx
A7dUaD69QM09wi4SUzEZBfn2Zt/PUxC/DvKV36WQeQnK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:48 2024 by rpki-client on console-fra.rpki-client.org