Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/3f7e56-0916-47ac-8586-a9388f31b47e/1/_wDwZEzxSZnGgJ3oYscNDNI0OWo.roa
File:                     _wDwZEzxSZnGgJ3oYscNDNI0OWo.roa (raw, json)
Hash identifier:          29k49UzkGAkLYYlPwNzfS6ppIEZRDcZX1hOt7o69wzg=
Subject key identifier:   FF:00:F0:64:4C:F1:49:99:C6:80:9D:E8:62:C7:0D:0C:D2:34:39:6A
Certificate issuer:       /CN=3cd37ec23719b2f142f46e6f3317664034adf598
Certificate serial:       01856D6F6DAE581E3E6ECD6716C5967147F3
Authority key identifier: 3C:D3:7E:C2:37:19:B2:F1:42:F4:6E:6F:33:17:66:40:34:AD:F5:98
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PNN-wjcZsvFC9G5vMxdmQDSt9Zg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/3f7e56-0916-47ac-8586-a9388f31b47e/1/_wDwZEzxSZnGgJ3oYscNDNI0OWo.roa
Signing time:             Sun 01 Jan 2023 13:04:57 +0000
ROA not before:           Sun 01 Jan 2023 13:04:57 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     206065
IP address blocks:        185.83.182.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 05 Feb 2023 11:46:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:6f:6d:ae:58:1e:3e:6e:cd:67:16:c5:96:71:47:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3cd37ec23719b2f142f46e6f3317664034adf598
        Validity
            Not Before: Jan  1 13:04:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ff00f0644cf14999c6809de862c70d0cd234396a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:d6:49:08:ff:e5:1f:0c:19:47:41:50:c5:41:
                    9c:46:f7:5d:6b:98:d9:9c:e5:7a:19:6b:10:43:4e:
                    01:44:5b:12:67:08:b1:df:b6:2f:82:8d:2e:0f:ca:
                    5a:c6:52:26:32:48:d2:6c:80:8e:b0:95:32:b8:c8:
                    0f:1b:81:bb:0c:11:97:63:eb:0c:68:9b:58:11:90:
                    ad:f8:45:57:75:9f:92:e1:68:00:12:c8:06:5f:e3:
                    00:3d:f0:5f:a0:cf:0a:0a:b5:17:bd:b7:3b:41:cf:
                    91:7e:8d:34:47:f2:20:23:18:2e:6a:5e:6d:27:6e:
                    61:fa:2d:7d:65:1b:95:7e:3b:23:95:c9:b3:7e:84:
                    75:38:66:f0:62:76:86:f5:70:27:34:d9:0d:95:ba:
                    c4:d7:55:26:9f:20:c8:08:42:0a:17:03:86:b5:59:
                    c1:31:3c:ad:d6:b7:99:44:34:9b:bf:25:16:63:4c:
                    23:6c:5a:a7:08:7a:35:92:42:bf:90:e9:a7:be:6a:
                    50:fb:38:0e:6e:f4:94:cf:5f:56:ff:bf:02:2e:f5:
                    90:62:de:cf:39:e0:52:4a:cb:3d:24:20:e4:05:f6:
                    1e:1b:0f:e2:9b:ca:83:d5:ae:7e:e1:49:26:9f:d8:
                    be:55:26:97:37:aa:44:6e:34:58:26:c7:51:d1:16:
                    d8:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:00:F0:64:4C:F1:49:99:C6:80:9D:E8:62:C7:0D:0C:D2:34:39:6A
            X509v3 Authority Key Identifier:
                keyid:3C:D3:7E:C2:37:19:B2:F1:42:F4:6E:6F:33:17:66:40:34:AD:F5:98

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PNN-wjcZsvFC9G5vMxdmQDSt9Zg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/3f7e56-0916-47ac-8586-a9388f31b47e/1/_wDwZEzxSZnGgJ3oYscNDNI0OWo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/3f7e56-0916-47ac-8586-a9388f31b47e/1/PNN-wjcZsvFC9G5vMxdmQDSt9Zg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.83.182.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9a:2c:11:00:65:a7:4c:46:69:a0:09:55:61:34:9a:b2:f5:49:
         b4:9c:b4:4c:1c:fc:cd:42:b2:b2:b3:29:71:a4:be:e0:cc:a5:
         60:cf:c7:fa:f9:57:6b:79:8c:b9:22:1a:7e:8e:25:cd:31:ca:
         ad:dc:42:b1:68:1d:51:59:b2:cb:9f:ab:fa:96:62:58:dd:07:
         47:dc:c3:be:ea:da:5b:7b:b2:3f:96:5f:99:40:89:15:bb:22:
         32:01:88:d6:e3:fc:c3:4c:a5:09:89:e9:42:f3:78:0e:88:77:
         bf:8d:01:ab:16:5d:91:e4:a8:a2:62:a4:9a:8f:f5:ec:03:90:
         d4:e9:48:cc:0b:48:de:18:ae:be:95:3d:0d:e3:2e:18:5e:fc:
         90:fe:c7:02:fd:cd:b1:c3:89:6d:48:21:bd:31:0c:59:dc:38:
         fa:fc:46:66:93:43:7d:46:15:87:25:6d:bc:d6:9b:02:8f:ef:
         41:b5:a0:8e:63:21:1d:e7:77:ce:2d:2c:65:46:af:13:64:2b:
         3f:35:cc:13:4d:17:8c:6b:e5:75:71:94:ac:e1:e3:0d:cf:0e:
         a7:eb:3b:ee:16:21:d7:e3:6e:64:2d:e9:03:d5:38:9d:f9:8e:
         a6:01:84:3d:2e:9d:fe:0d:cf:27:a5:d4:c9:3b:3c:bb:83:b2:
         c7:e2:f7:04
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtb22uWB4+bs1nFsWWcUfzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjZDM3ZWMyMzcxOWIyZjE0MmY0NmU2ZjMzMTc2NjQwMzRh
ZGY1OTgwHhcNMjMwMTAxMTMwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjAwZjA2NDRjZjE0OTk5YzY4MDlkZTg2MmM3MGQwY2QyMzQzOTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAltZJCP/lHwwZR0FQxUGcRvdda5jZ
nOV6GWsQQ04BRFsSZwix37Yvgo0uD8paxlImMkjSbICOsJUyuMgPG4G7DBGXY+sM
aJtYEZCt+EVXdZ+S4WgAEsgGX+MAPfBfoM8KCrUXvbc7Qc+Rfo00R/IgIxgual5t
J25h+i19ZRuVfjsjlcmzfoR1OGbwYnaG9XAnNNkNlbrE11UmnyDICEIKFwOGtVnB
MTyt1reZRDSbvyUWY0wjbFqnCHo1kkK/kOmnvmpQ+zgObvSUz19W/78CLvWQYt7P
OeBSSss9JCDkBfYeGw/im8qD1a5+4Ukmn9i+VSaXN6pEbjRYJsdR0RbYJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP8A8GRM8UmZxoCd6GLHDQzSNDlqMB8GA1UdIwQY
MBaAFDzTfsI3GbLxQvRubzMXZkA0rfWYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUE5OLXdqY1pzdkZDOUc1dk14ZG1RRFN0OVpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8zZjdlNTYtMDkxNi00N2FjLTg1ODYt
YTkzODhmMzFiNDdlLzEvX3dEd1pFenhTWm5HZ0ozb1lzY05ETkkwT1dvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8zZjdlNTYtMDkxNi00N2FjLTg1ODYtYTkzODhmMzFiNDdl
LzEvUE5OLXdqY1pzdkZDOUc1dk14ZG1RRFN0OVpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuVO2MA0G
CSqGSIb3DQEBCwUAA4IBAQCaLBEAZadMRmmgCVVhNJqy9Um0nLRMHPzNQrKysylx
pL7gzKVgz8f6+VdreYy5Ihp+jiXNMcqt3EKxaB1RWbLLn6v6lmJY3QdH3MO+6tpb
e7I/ll+ZQIkVuyIyAYjW4/zDTKUJielC83gOiHe/jQGrFl2R5KiiYqSaj/XsA5DU
6UjMC0jeGK6+lT0N4y4YXvyQ/scC/c2xw4ltSCG9MQxZ3Dj6/EZmk0N9RhWHJW28
1psCj+9BtaCOYyEd53fOLSxlRq8TZCs/NcwTTReMa+V1cZSs4eMNzw6n6zvuFiHX
425kLekD1Tid+Y6mAYQ9Lp3+Dc8npdTJOzy7g7LH4vcE
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:15 2024 by rpki-client on console-fra.rpki-client.org