Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/5c65af-b3f9-4bb3-a702-2bc90794d38d/1/wfXjHLghfkekE50cmwZCTftqk5k.roa
File:                     wfXjHLghfkekE50cmwZCTftqk5k.roa (raw, json)
Hash identifier:          P3K9eyZUcKfI6OlVeeNyG4FVQgGiLOxEXWw1VgkvX/g=
Subject key identifier:   C1:F5:E3:1C:B8:21:7E:47:A4:13:9D:1C:9B:06:42:4D:FB:6A:93:99
Certificate issuer:       /CN=46ebddae6a7acee83a322a0e743a6759d85365f2
Certificate serial:       0185724C5537CBB876E8F56F37BF7BED8346
Authority key identifier: 46:EB:DD:AE:6A:7A:CE:E8:3A:32:2A:0E:74:3A:67:59:D8:53:65:F2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Ruvdrmp6zug6MioOdDpnWdhTZfI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2d/5c65af-b3f9-4bb3-a702-2bc90794d38d/1/wfXjHLghfkekE50cmwZCTftqk5k.roa
Signing time:             Mon 02 Jan 2023 11:44:43 +0000
ROA not before:           Mon 02 Jan 2023 11:44:43 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     25540
IP address blocks:        185.171.22.0/24 maxlen: 24
                          185.171.23.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 00:29:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:4c:55:37:cb:b8:76:e8:f5:6f:37:bf:7b:ed:83:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=46ebddae6a7acee83a322a0e743a6759d85365f2
        Validity
            Not Before: Jan  2 11:44:43 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c1f5e31cb8217e47a4139d1c9b06424dfb6a9399
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:d3:38:9b:02:90:ad:43:3e:40:8f:f8:38:8a:
                    93:57:9b:1e:42:42:ea:3e:13:02:91:e4:14:de:e9:
                    de:ad:37:f6:d7:b9:07:60:cb:97:f3:e0:c1:aa:ac:
                    d0:52:24:21:df:64:de:de:9c:47:3d:07:8c:ba:6a:
                    be:70:ba:0f:0f:36:ec:b0:ab:40:3a:9c:26:1b:7a:
                    d0:4b:13:6e:5a:fe:13:b5:3b:41:e4:48:26:3d:13:
                    72:fe:5e:ff:86:79:db:ad:aa:ce:dd:94:47:c3:cb:
                    b6:80:eb:75:d9:f0:ca:ee:c7:ed:8c:f5:ea:2a:cc:
                    1a:93:c1:3f:c8:95:24:81:85:20:23:1a:4f:4b:dc:
                    86:9e:09:18:3d:5c:d5:55:5d:ba:14:53:df:f4:b1:
                    03:3b:c4:59:83:16:b5:fb:dd:57:2e:22:e6:af:25:
                    37:d7:50:47:00:c2:57:5a:0a:c3:1c:e5:44:1b:c9:
                    8f:e5:4a:08:c8:65:42:6d:52:cb:7a:38:fb:3a:b4:
                    85:cd:17:e3:ec:d9:b6:e7:7f:fd:55:e2:4e:f4:84:
                    b4:0b:4e:eb:8a:0f:f6:ea:3c:81:8c:a0:8a:52:00:
                    e1:4d:57:b4:a2:32:ce:01:3c:12:b4:91:ae:12:aa:
                    92:0d:df:59:aa:74:3b:04:04:0a:a4:bb:01:ac:92:
                    d2:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:F5:E3:1C:B8:21:7E:47:A4:13:9D:1C:9B:06:42:4D:FB:6A:93:99
            X509v3 Authority Key Identifier:
                keyid:46:EB:DD:AE:6A:7A:CE:E8:3A:32:2A:0E:74:3A:67:59:D8:53:65:F2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ruvdrmp6zug6MioOdDpnWdhTZfI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/5c65af-b3f9-4bb3-a702-2bc90794d38d/1/wfXjHLghfkekE50cmwZCTftqk5k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/5c65af-b3f9-4bb3-a702-2bc90794d38d/1/Ruvdrmp6zug6MioOdDpnWdhTZfI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.171.22.0/23

    Signature Algorithm: sha256WithRSAEncryption
         10:48:ca:ba:74:81:f4:f1:09:e6:68:8c:94:98:7d:38:91:e4:
         b9:58:69:24:ba:29:8a:9f:99:9e:0b:a9:f1:62:fa:4d:26:1e:
         0a:5f:8d:1f:5a:87:9f:d6:4e:64:34:46:33:00:9d:a0:95:8e:
         7d:72:0d:c4:bb:ae:57:13:67:90:16:b6:91:ec:05:c1:57:24:
         21:de:0b:e7:a5:5d:ba:4e:aa:6d:41:ef:3b:3f:d3:03:9a:eb:
         7b:ce:57:bc:fa:e1:cc:23:f3:62:ea:bd:d9:4a:51:28:23:e3:
         db:da:f8:e1:e5:3d:95:44:66:ef:5e:f1:9e:b7:39:da:e5:ef:
         1a:9c:26:71:24:ef:44:fb:9f:a2:4f:c4:8b:16:96:85:24:f2:
         90:15:70:c7:e6:55:76:28:74:7f:62:99:9f:25:b0:fb:24:d6:
         a5:b7:9b:73:ba:a6:80:53:5b:54:74:c8:be:66:6b:aa:51:fa:
         68:e5:18:3d:a7:ed:15:e0:12:90:63:31:43:66:ac:1a:23:e9:
         c2:97:35:80:7b:b7:dc:63:68:22:7e:34:09:ba:f3:32:3c:53:
         da:f5:7b:d8:d9:2a:e6:12:04:c1:36:66:03:63:bf:a5:f6:83:
         a4:e5:01:45:73:ed:5b:8c:f5:12:66:31:3f:67:57:ad:85:3c:
         1e:31:40:bd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyTFU3y7h26PVvN7977YNGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2ZWJkZGFlNmE3YWNlZTgzYTMyMmEwZTc0M2E2NzU5ZDg1
MzY1ZjIwHhcNMjMwMTAyMTE0NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWY1ZTMxY2I4MjE3ZTQ3YTQxMzlkMWM5YjA2NDI0ZGZiNmE5Mzk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgNM4mwKQrUM+QI/4OIqTV5seQkLq
PhMCkeQU3unerTf217kHYMuX8+DBqqzQUiQh32Te3pxHPQeMumq+cLoPDzbssKtA
OpwmG3rQSxNuWv4TtTtB5EgmPRNy/l7/hnnbrarO3ZRHw8u2gOt12fDK7sftjPXq
Kswak8E/yJUkgYUgIxpPS9yGngkYPVzVVV26FFPf9LEDO8RZgxa1+91XLiLmryU3
11BHAMJXWgrDHOVEG8mP5UoIyGVCbVLLejj7OrSFzRfj7Nm253/9VeJO9IS0C07r
ig/26jyBjKCKUgDhTVe0ojLOATwStJGuEqqSDd9ZqnQ7BAQKpLsBrJLSKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMH14xy4IX5HpBOdHJsGQk37apOZMB8GA1UdIwQY
MBaAFEbr3a5qes7oOjIqDnQ6Z1nYU2XyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnV2ZHJtcDZ6dWc2TWlvT2REcG5XZGhUWmZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC81YzY1YWYtYjNmOS00YmIzLWE3MDIt
MmJjOTA3OTRkMzhkLzEvd2ZYakhMZ2hma2VrRTUwY213WkNUZnRxazVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC81YzY1YWYtYjNmOS00YmIzLWE3MDItMmJjOTA3OTRkMzhk
LzEvUnV2ZHJtcDZ6dWc2TWlvT2REcG5XZGhUWmZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuasWMA0G
CSqGSIb3DQEBCwUAA4IBAQAQSMq6dIH08QnmaIyUmH04keS5WGkkuimKn5meC6nx
YvpNJh4KX40fWoef1k5kNEYzAJ2glY59cg3Eu65XE2eQFraR7AXBVyQh3gvnpV26
TqptQe87P9MDmut7zle8+uHMI/Ni6r3ZSlEoI+Pb2vjh5T2VRGbvXvGetzna5e8a
nCZxJO9E+5+iT8SLFpaFJPKQFXDH5lV2KHR/YpmfJbD7JNalt5tzuqaAU1tUdMi+
ZmuqUfpo5Rg9p+0V4BKQYzFDZqwaI+nClzWAe7fcY2gifjQJuvMyPFPa9XvY2Srm
EgTBNmYDY7+l9oOk5QFFc+1bjPUSZjE/Z1ethTweMUC9
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:43 2024 by rpki-client on console-ams.rpki-client.org