Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/3f7e56-0916-47ac-8586-a9388f31b47e/1/bAGB50Wcm5qRaFNBcOGTwDsdFwg.roa
File:                     bAGB50Wcm5qRaFNBcOGTwDsdFwg.roa (raw, json)
Hash identifier:          yXwFYcjrIoGd592nPfv740wDJwuVvVrKrPrlKKWOoQQ=
Subject key identifier:   6C:01:81:E7:45:9C:9B:9A:91:68:53:41:70:E1:93:C0:3B:1D:17:08
Certificate issuer:       /CN=3cd37ec23719b2f142f46e6f3317664034adf598
Certificate serial:       018AFA44BF00B7AABD551FF8106B69947258
Authority key identifier: 3C:D3:7E:C2:37:19:B2:F1:42:F4:6E:6F:33:17:66:40:34:AD:F5:98
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PNN-wjcZsvFC9G5vMxdmQDSt9Zg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1a/3f7e56-0916-47ac-8586-a9388f31b47e/1/bAGB50Wcm5qRaFNBcOGTwDsdFwg.roa
Signing time:             Wed 04 Oct 2023 10:38:43 +0000
ROA not before:           Wed 04 Oct 2023 10:38:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     202391
IP address blocks:        185.83.180.0/24 maxlen: 24
                          185.170.236.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 20:31:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:fa:44:bf:00:b7:aa:bd:55:1f:f8:10:6b:69:94:72:58
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3cd37ec23719b2f142f46e6f3317664034adf598
        Validity
            Not Before: Oct  4 10:38:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6c0181e7459c9b9a9168534170e193c03b1d1708
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:a5:72:ed:48:46:39:ac:27:a0:82:d9:f2:67:
                    cd:34:df:4e:2c:49:67:31:c0:53:9a:af:45:e5:b5:
                    36:df:19:09:03:f6:4f:6d:1b:93:0d:f3:83:d1:de:
                    96:2b:6c:99:53:2d:98:0a:eb:55:52:b2:86:15:14:
                    30:da:2a:a4:c7:60:25:93:65:8b:28:01:49:8d:2c:
                    1d:ea:17:a5:64:e0:89:fb:c2:04:8f:dc:be:d8:64:
                    b1:cd:13:21:62:0e:4b:84:a1:57:69:f0:b1:dc:88:
                    e0:4d:af:ed:45:70:a8:64:2b:23:ec:69:7f:24:8f:
                    d7:46:a1:af:fb:79:62:ab:03:5b:57:8d:4e:79:26:
                    31:3c:bb:5e:81:d5:94:57:a1:aa:e4:2c:0a:f5:1c:
                    d0:5f:37:c2:a6:10:92:30:d9:01:ec:f4:62:63:76:
                    98:4e:50:69:6c:98:43:a7:06:7d:3c:f9:5a:50:be:
                    86:9f:4b:45:c0:b2:01:5c:e7:0b:d0:08:11:ad:dd:
                    76:13:f0:1b:67:de:ae:8f:3e:13:ea:23:0f:52:4f:
                    a6:da:6c:d9:80:35:93:3e:34:d7:58:97:e9:d9:f8:
                    c4:55:4b:01:ec:0b:f9:c7:22:38:41:26:09:b9:a3:
                    45:e4:c0:5a:dc:81:d1:b6:4e:31:80:30:a9:8e:90:
                    48:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:01:81:E7:45:9C:9B:9A:91:68:53:41:70:E1:93:C0:3B:1D:17:08
            X509v3 Authority Key Identifier:
                keyid:3C:D3:7E:C2:37:19:B2:F1:42:F4:6E:6F:33:17:66:40:34:AD:F5:98

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PNN-wjcZsvFC9G5vMxdmQDSt9Zg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/3f7e56-0916-47ac-8586-a9388f31b47e/1/bAGB50Wcm5qRaFNBcOGTwDsdFwg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/3f7e56-0916-47ac-8586-a9388f31b47e/1/PNN-wjcZsvFC9G5vMxdmQDSt9Zg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.83.180.0/24
                  185.170.236.0/22

    Signature Algorithm: sha256WithRSAEncryption
         68:6a:4b:0a:28:89:e6:63:a1:29:fb:36:4f:ba:58:a5:7c:c2:
         43:03:f4:5e:94:39:b9:e2:9d:e2:10:48:31:f2:0c:12:93:aa:
         63:bb:9d:d9:15:02:bd:bd:ac:df:09:44:7b:c8:de:8e:79:ee:
         d4:25:ca:76:bb:ca:b3:1b:90:1b:b3:e4:52:7f:3d:18:18:06:
         3f:e9:78:5c:ee:52:1a:af:eb:3e:cf:47:11:0c:36:d7:ab:f6:
         a1:78:1a:f9:69:d4:8e:d4:05:a0:75:d1:ff:45:3d:57:b6:2e:
         19:1c:94:de:36:ba:bf:00:d6:6b:80:1c:77:e2:37:eb:d3:4d:
         ea:03:3b:d2:c7:b2:53:af:cd:ca:61:c6:38:8c:2a:0e:10:bf:
         9f:50:0a:b1:94:e7:0b:5f:5d:d3:fe:68:89:f6:e3:1e:94:87:
         60:14:5c:63:82:89:dd:e0:57:42:71:2f:da:5a:13:c2:3c:17:
         25:a2:c9:da:4e:09:da:81:46:02:71:f8:50:c5:12:79:46:8a:
         16:b2:4a:ee:b5:13:02:24:c0:d9:a3:ca:1d:4d:74:13:06:76:
         1c:aa:24:b0:c9:c9:23:ff:ad:5d:96:78:16:75:ea:5a:e5:e4:
         6a:32:b8:36:a9:3b:c4:c0:1f:c9:ec:a0:a8:2b:b5:4f:a0:c0:
         9e:02:5a:a0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYr6RL8At6q9VR/4EGtplHJYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjZDM3ZWMyMzcxOWIyZjE0MmY0NmU2ZjMzMTc2NjQwMzRh
ZGY1OTgwHhcNMjMxMDA0MTAzODQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzAxODFlNzQ1OWM5YjlhOTE2ODUzNDE3MGUxOTNjMDNiMWQxNzA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjKVy7UhGOawnoILZ8mfNNN9OLEln
McBTmq9F5bU23xkJA/ZPbRuTDfOD0d6WK2yZUy2YCutVUrKGFRQw2iqkx2Alk2WL
KAFJjSwd6helZOCJ+8IEj9y+2GSxzRMhYg5LhKFXafCx3IjgTa/tRXCoZCsj7Gl/
JI/XRqGv+3liqwNbV41OeSYxPLtegdWUV6Gq5CwK9RzQXzfCphCSMNkB7PRiY3aY
TlBpbJhDpwZ9PPlaUL6Gn0tFwLIBXOcL0AgRrd12E/AbZ96ujz4T6iMPUk+m2mzZ
gDWTPjTXWJfp2fjEVUsB7Av5xyI4QSYJuaNF5MBa3IHRtk4xgDCpjpBI8QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGwBgedFnJuakWhTQXDhk8A7HRcIMB8GA1UdIwQY
MBaAFDzTfsI3GbLxQvRubzMXZkA0rfWYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUE5OLXdqY1pzdkZDOUc1dk14ZG1RRFN0OVpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8zZjdlNTYtMDkxNi00N2FjLTg1ODYt
YTkzODhmMzFiNDdlLzEvYkFHQjUwV2NtNXFSYUZOQmNPR1R3RHNkRndnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8zZjdlNTYtMDkxNi00N2FjLTg1ODYtYTkzODhmMzFiNDdl
LzEvUE5OLXdqY1pzdkZDOUc1dk14ZG1RRFN0OVpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuVO0AwQC
uarsMA0GCSqGSIb3DQEBCwUAA4IBAQBoaksKKInmY6Ep+zZPulilfMJDA/RelDm5
4p3iEEgx8gwSk6pju53ZFQK9vazfCUR7yN6Oee7UJcp2u8qzG5Abs+RSfz0YGAY/
6Xhc7lIar+s+z0cRDDbXq/aheBr5adSO1AWgddH/RT1Xti4ZHJTeNrq/ANZrgBx3
4jfr003qAzvSx7JTr83KYcY4jCoOEL+fUAqxlOcLX13T/miJ9uMelIdgFFxjgond
4FdCcS/aWhPCPBclosnaTgnagUYCcfhQxRJ5RooWskrutRMCJMDZo8odTXQTBnYc
qiSwyckj/61dlngWdepa5eRqMrg2qTvEwB/J7KCoK7VPoMCeAlqg
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:35 2024 by rpki-client on console-ams.rpki-client.org