Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/PtHXE6E7A3yDLtAoI5HAqwACWHM.roa
File:                     PtHXE6E7A3yDLtAoI5HAqwACWHM.roa (raw, json)
Hash identifier:          MFR09Abnm+WLY3K4cNDPpuM30Nuv0tU5eHRYI1IBPNQ=
Subject key identifier:   3E:D1:D7:13:A1:3B:03:7C:83:2E:D0:28:23:91:C0:AB:00:02:58:73
Certificate issuer:       /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial:       0185A5B8B7E4282BC636557C7278C1E0DCAC
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/PtHXE6E7A3yDLtAoI5HAqwACWHM.roa
Signing time:             Thu 12 Jan 2023 11:23:44 +0000
ROA not before:           Thu 12 Jan 2023 11:23:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212238
IP address blocks:        46.151.32.0/24 maxlen: 24
                          46.151.35.0/24 maxlen: 24
                          46.151.34.0/24 maxlen: 24
                          46.151.33.0/24 maxlen: 24
                          93.120.38.0/24 maxlen: 24
                          93.120.36.0/24 maxlen: 24

Validation:               Failed, certificate revoked

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:a5:b8:b7:e4:28:2b:c6:36:55:7c:72:78:c1:e0:dc:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
        Validity
            Not Before: Jan 12 11:23:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3ed1d713a13b037c832ed0282391c0ab00025873
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:e0:ef:74:b4:f5:e9:df:9e:c7:95:88:9f:13:
                    ae:1f:24:bf:9b:7d:8d:df:5f:4c:43:75:12:b3:be:
                    61:75:08:2c:ac:64:a8:5e:b0:e8:5e:2f:be:40:d0:
                    71:eb:da:8e:c8:09:4c:03:bc:1c:b6:4e:89:0f:ec:
                    7e:08:c1:e3:99:65:7f:d9:dd:99:7a:9c:90:87:5b:
                    4c:44:84:ce:de:f5:ae:b5:04:2f:2f:e7:35:be:da:
                    2d:c4:55:d9:61:41:1c:ef:1e:c2:f3:1e:ba:8a:8f:
                    74:fb:88:82:6d:22:18:30:a7:ae:3e:ec:e6:90:8e:
                    51:38:08:ef:7f:9b:d1:53:b0:9a:99:85:8d:3c:4b:
                    a0:8b:b3:49:ef:8c:66:68:ee:5d:35:9f:6c:aa:af:
                    13:82:0a:98:44:29:ee:4b:b2:37:1a:66:2c:96:3e:
                    f6:6f:ed:b0:32:89:65:3f:3f:87:83:f1:f3:88:07:
                    5f:b4:8c:c9:98:cb:85:8f:92:30:00:ae:c0:2d:d3:
                    51:03:fe:35:3d:5e:be:4b:82:4f:8d:2d:c1:22:0d:
                    e3:17:39:2c:48:de:d3:d2:22:37:81:9c:83:b8:37:
                    2a:bd:60:ef:9a:30:8f:b3:9c:95:16:70:69:89:02:
                    d0:32:67:ee:39:55:7b:e3:70:f8:25:63:94:81:34:
                    eb:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:D1:D7:13:A1:3B:03:7C:83:2E:D0:28:23:91:C0:AB:00:02:58:73
            X509v3 Authority Key Identifier:
                keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/PtHXE6E7A3yDLtAoI5HAqwACWHM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  46.151.32.0/22
                  93.120.36.0/24
                  93.120.38.0/24

    Signature Algorithm: sha256WithRSAEncryption
         68:d2:c1:5e:87:d5:f1:58:a1:ba:8f:cc:18:d0:6d:fc:52:85:
         c1:d1:20:83:2b:46:7c:f0:6c:8c:62:61:71:5b:c7:ca:3d:c9:
         29:8b:ad:35:74:5c:e3:30:91:be:c9:90:3c:68:fa:79:62:bc:
         09:13:26:ad:99:0f:65:0c:43:fe:90:c4:ec:fb:27:fe:1e:74:
         7f:55:0e:89:fe:4a:ee:48:e8:be:25:d3:dd:57:6b:de:b9:6b:
         72:06:85:94:c3:ca:85:0e:ed:78:70:67:4b:7b:65:d0:2e:6f:
         15:35:9a:bc:01:1d:51:9b:7b:0c:ee:e1:31:1a:94:1d:9d:96:
         34:ca:57:0d:5a:2d:90:1c:5c:4c:62:fb:39:91:cb:63:f2:5f:
         b5:5c:ba:fb:37:90:b9:f1:e6:94:0a:71:09:21:fd:e4:41:48:
         be:d3:aa:2d:dd:49:a5:18:e2:23:f2:d0:30:0f:a4:1f:88:b3:
         8d:eb:ca:10:be:d2:82:5e:cf:c8:f2:5f:46:e8:38:d5:18:2b:
         44:ae:7c:fd:f8:88:53:98:05:c0:3a:9f:18:10:6a:8d:da:f1:
         21:34:10:56:50:e9:21:b9:5e:0b:2e:52:72:4b:1f:37:77:75:
         12:2a:c2:54:44:2f:f8:03:1d:50:21:db:c1:e6:55:d4:64:44:
         6d:c7:ff:13
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYWluLfkKCvGNlV8cnjB4NysMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjMwMTEyMTEyMzQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWQxZDcxM2ExM2IwMzdjODMyZWQwMjgyMzkxYzBhYjAwMDI1ODczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAquDvdLT16d+ex5WInxOuHyS/m32N
319MQ3USs75hdQgsrGSoXrDoXi++QNBx69qOyAlMA7wctk6JD+x+CMHjmWV/2d2Z
epyQh1tMRITO3vWutQQvL+c1vtotxFXZYUEc7x7C8x66io90+4iCbSIYMKeuPuzm
kI5ROAjvf5vRU7CamYWNPEugi7NJ74xmaO5dNZ9sqq8TggqYRCnuS7I3GmYslj72
b+2wMollPz+Hg/HziAdftIzJmMuFj5IwAK7ALdNRA/41PV6+S4JPjS3BIg3jFzks
SN7T0iI3gZyDuDcqvWDvmjCPs5yVFnBpiQLQMmfuOVV743D4JWOUgTTrXQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFD7R1xOhOwN8gy7QKCORwKsAAlhzMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvUHRIWEU2RTdBM3lETHRBb0k1SEFxd0FDV0hNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLpcgAwQA
XXgkAwQAXXgmMA0GCSqGSIb3DQEBCwUAA4IBAQBo0sFeh9XxWKG6j8wY0G38UoXB
0SCDK0Z88GyMYmFxW8fKPckpi601dFzjMJG+yZA8aPp5YrwJEyatmQ9lDEP+kMTs
+yf+HnR/VQ6J/kruSOi+JdPdV2veuWtyBoWUw8qFDu14cGdLe2XQLm8VNZq8AR1R
m3sM7uExGpQdnZY0ylcNWi2QHFxMYvs5kctj8l+1XLr7N5C58eaUCnEJIf3kQUi+
06ot3UmlGOIj8tAwD6QfiLON68oQvtKCXs/I8l9G6DjVGCtErnz9+IhTmAXAOp8Y
EGqN2vEhNBBWUOkhuV4LLlJySx83d3USKsJURC/4Ax1QIdvB5lXUZERtx/8T
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:42 2023 by rpki-client on console-ams.rpki-client.org