Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/e7fbe8-d98e-45d2-b19c-11627d7469ab/1/GrSjomSsqyvQx0tDAHQsYeOqziw.roa
File:                     GrSjomSsqyvQx0tDAHQsYeOqziw.roa (raw, json)
Hash identifier:          v+WdTIZ8BMBCfd9wPulkTOosLfDu4qcHop6Fnouqbdg=
Subject key identifier:   1A:B4:A3:A2:64:AC:AB:2B:D0:C7:4B:43:00:74:2C:61:E3:AA:CE:2C
Certificate issuer:       /CN=282434a9a038b0fe73caf776bccd542fd3e2f6a5
Certificate serial:       018570D50C1DF160054B51B956583C228EFD
Authority key identifier: 28:24:34:A9:A0:38:B0:FE:73:CA:F7:76:BC:CD:54:2F:D3:E2:F6:A5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/KCQ0qaA4sP5zyvd2vM1UL9Pi9qU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/2e/e7fbe8-d98e-45d2-b19c-11627d7469ab/1/GrSjomSsqyvQx0tDAHQsYeOqziw.roa
Signing time:             Mon 02 Jan 2023 04:54:48 +0000
ROA not before:           Mon 02 Jan 2023 04:54:48 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     39419
IP address blocks:        185.237.24.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Wed 21 Jun 2023 07:08:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:d5:0c:1d:f1:60:05:4b:51:b9:56:58:3c:22:8e:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=282434a9a038b0fe73caf776bccd542fd3e2f6a5
        Validity
            Not Before: Jan  2 04:54:48 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1ab4a3a264acab2bd0c74b4300742c61e3aace2c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:fd:20:d1:ff:8e:a5:e7:0f:91:49:6d:f2:20:
                    2b:c4:9a:46:c1:09:85:c4:80:06:01:6d:42:d9:dc:
                    3b:a6:65:fe:98:39:af:75:61:4b:4e:1c:65:bd:60:
                    ed:26:cd:c5:5d:e6:a1:69:82:ae:b1:df:86:37:8e:
                    b1:ca:7f:06:39:69:5f:3b:82:43:bc:53:1d:12:1f:
                    27:95:93:4c:38:79:4a:69:bb:11:51:58:e5:4f:d1:
                    4f:c8:cf:26:8e:37:5d:f0:9a:bf:5a:8f:42:20:94:
                    55:fd:db:08:e0:fc:01:4d:b2:33:07:0f:45:89:b4:
                    9a:7c:14:c4:0d:d6:f9:49:19:d5:22:4a:41:65:f8:
                    80:ee:a1:e5:b2:64:c4:8a:29:fc:7b:39:44:b0:08:
                    fd:36:98:b7:cb:eb:9a:ea:26:72:ba:41:7d:46:a0:
                    ef:b2:f1:97:f6:fd:6a:09:8d:45:22:80:8b:29:4b:
                    39:c4:7c:ed:ab:37:61:82:36:34:59:9a:23:34:34:
                    53:22:a4:fd:83:79:72:f1:ba:2f:82:a7:65:14:e4:
                    8f:aa:d3:db:39:91:ec:36:b9:36:5b:08:34:38:7a:
                    87:39:c3:24:e2:c9:c3:18:f2:34:0a:a1:9b:fa:ec:
                    c1:a6:3f:b0:45:71:c3:aa:e0:39:f6:80:c9:cb:2c:
                    4a:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:B4:A3:A2:64:AC:AB:2B:D0:C7:4B:43:00:74:2C:61:E3:AA:CE:2C
            X509v3 Authority Key Identifier:
                keyid:28:24:34:A9:A0:38:B0:FE:73:CA:F7:76:BC:CD:54:2F:D3:E2:F6:A5

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KCQ0qaA4sP5zyvd2vM1UL9Pi9qU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/e7fbe8-d98e-45d2-b19c-11627d7469ab/1/GrSjomSsqyvQx0tDAHQsYeOqziw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/e7fbe8-d98e-45d2-b19c-11627d7469ab/1/KCQ0qaA4sP5zyvd2vM1UL9Pi9qU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.237.24.0/22

    Signature Algorithm: sha256WithRSAEncryption
         44:39:79:59:bd:da:7f:22:72:d5:95:4c:91:e9:d9:61:18:17:
         a9:46:47:93:9d:86:2c:e6:50:a9:fd:da:38:a7:bd:6e:ce:5c:
         9b:4f:dc:36:85:c3:04:e9:86:aa:ef:cc:71:de:df:e3:2a:3c:
         07:48:78:b7:57:62:cd:9c:8c:ff:80:80:27:a6:f1:d8:40:5f:
         d6:ba:e7:bb:1f:df:ff:91:27:0e:1d:7f:1f:d8:05:ae:9b:5d:
         4e:81:4b:b2:59:d3:b1:0e:5b:d7:71:cd:ec:31:3b:89:45:b7:
         ef:fc:49:fa:ad:ee:c9:c4:34:c2:46:ef:54:c8:58:f5:e7:55:
         df:14:8d:ba:86:eb:20:13:18:11:00:97:06:9e:92:63:45:3b:
         41:75:a0:24:83:95:36:ea:9f:86:2d:28:9b:b4:3e:58:2e:0c:
         3b:c6:7b:d7:38:0e:c5:52:bf:6a:7c:40:fb:47:fa:2d:61:fa:
         47:ae:f3:69:96:09:db:a4:c1:bc:4e:7f:7d:f9:55:e8:62:72:
         4f:e8:a6:79:75:e8:fd:ee:93:3c:65:3d:bf:0f:c8:00:5e:77:
         31:ea:14:10:c8:b5:a5:15:c0:23:e0:0b:bd:ac:22:54:50:55:
         87:44:2f:b7:da:94:c8:9c:b3:23:4f:8d:d6:54:aa:5b:d0:47:
         42:9b:30:54
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw1Qwd8WAFS1G5Vlg8Io79MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MjQzNGE5YTAzOGIwZmU3M2NhZjc3NmJjY2Q1NDJmZDNl
MmY2YTUwHhcNMjMwMTAyMDQ1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWI0YTNhMjY0YWNhYjJiZDBjNzRiNDMwMDc0MmM2MWUzYWFjZTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq/0g0f+OpecPkUlt8iArxJpGwQmF
xIAGAW1C2dw7pmX+mDmvdWFLThxlvWDtJs3FXeahaYKusd+GN46xyn8GOWlfO4JD
vFMdEh8nlZNMOHlKabsRUVjlT9FPyM8mjjdd8Jq/Wo9CIJRV/dsI4PwBTbIzBw9F
ibSafBTEDdb5SRnVIkpBZfiA7qHlsmTEiin8ezlEsAj9Npi3y+ua6iZyukF9RqDv
svGX9v1qCY1FIoCLKUs5xHztqzdhgjY0WZojNDRTIqT9g3ly8bovgqdlFOSPqtPb
OZHsNrk2Wwg0OHqHOcMk4snDGPI0CqGb+uzBpj+wRXHDquA59oDJyyxKewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBq0o6JkrKsr0MdLQwB0LGHjqs4sMB8GA1UdIwQY
MBaAFCgkNKmgOLD+c8r3drzNVC/T4valMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0NRMHFhQTRzUDV6eXZkMnZNMVVMOVBpOXFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9lN2ZiZTgtZDk4ZS00NWQyLWIxOWMt
MTE2MjdkNzQ2OWFiLzEvR3JTam9tU3NxeXZReDB0REFIUXNZZU9xeml3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9lN2ZiZTgtZDk4ZS00NWQyLWIxOWMtMTE2MjdkNzQ2OWFi
LzEvS0NRMHFhQTRzUDV6eXZkMnZNMVVMOVBpOXFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCue0YMA0G
CSqGSIb3DQEBCwUAA4IBAQBEOXlZvdp/InLVlUyR6dlhGBepRkeTnYYs5lCp/do4
p71uzlybT9w2hcME6Yaq78xx3t/jKjwHSHi3V2LNnIz/gIAnpvHYQF/Wuue7H9//
kScOHX8f2AWum11OgUuyWdOxDlvXcc3sMTuJRbfv/En6re7JxDTCRu9UyFj151Xf
FI26husgExgRAJcGnpJjRTtBdaAkg5U26p+GLSibtD5YLgw7xnvXOA7FUr9qfED7
R/otYfpHrvNplgnbpMG8Tn99+VXoYnJP6KZ5dej97pM8ZT2/D8gAXncx6hQQyLWl
FcAj4Au9rCJUUFWHRC+32pTInLMjT43WVKpb0EdCmzBU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:07 2024 by rpki-client on console-fra.rpki-client.org