Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/ecda3d-a2db-4908-862f-111056369a23/1/3fQvfe3v2lqeCEpqeDxeEesa2Mw.roa
File:                     3fQvfe3v2lqeCEpqeDxeEesa2Mw.roa (raw, json)
Hash identifier:          YFbKJqBP15CPghMAwvwWRuXMaLG6aqaR0KHOm5pDi6A=
Subject key identifier:   DD:F4:2F:7D:ED:EF:DA:5A:9E:08:4A:6A:78:3C:5E:11:EB:1A:D8:CC
Certificate issuer:       /CN=340bea3fcc3cbcedc82919cf57c74108baea369e
Certificate serial:       01856F94C545D6AA2D12AA541CCFC9758AB5
Authority key identifier: 34:0B:EA:3F:CC:3C:BC:ED:C8:29:19:CF:57:C7:41:08:BA:EA:36:9E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NAvqP8w8vO3IKRnPV8dBCLrqNp4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/33/ecda3d-a2db-4908-862f-111056369a23/1/3fQvfe3v2lqeCEpqeDxeEesa2Mw.roa
Signing time:             Sun 01 Jan 2023 23:04:58 +0000
ROA not before:           Sun 01 Jan 2023 23:04:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     64266
IP address blocks:        176.115.188.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:29:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:94:c5:45:d6:aa:2d:12:aa:54:1c:cf:c9:75:8a:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=340bea3fcc3cbcedc82919cf57c74108baea369e
        Validity
            Not Before: Jan  1 23:04:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ddf42f7dedefda5a9e084a6a783c5e11eb1ad8cc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:26:97:87:41:aa:0f:71:00:cb:ae:cf:5f:e7:
                    be:2e:ca:f6:7a:aa:6b:c7:5a:68:fd:79:d5:b8:d0:
                    6b:c3:9d:90:46:76:f5:9c:bf:a4:86:d1:a8:df:1f:
                    53:9c:10:07:9c:cd:c7:a4:63:ed:de:e9:86:6e:7e:
                    62:ed:ac:29:0a:6a:d4:ff:c3:df:28:ba:5f:af:47:
                    b1:d3:db:b3:c1:c6:25:c8:83:12:9c:4b:f8:e1:4a:
                    44:fe:91:73:03:89:c1:fa:dc:65:6b:ca:8a:76:da:
                    0e:14:9c:e8:d7:8f:2f:8f:18:0d:24:aa:a3:8c:1d:
                    d0:c1:b2:2e:cc:75:5c:7f:12:46:8d:42:04:a0:ab:
                    cf:a5:f1:17:43:de:26:f3:07:c5:6e:06:80:26:d1:
                    bd:2b:59:ea:59:0e:19:df:88:0f:8b:ab:21:14:54:
                    48:d6:ec:cd:d1:17:75:cd:19:c9:a4:f9:36:2e:e8:
                    83:13:b6:f7:f3:70:b9:15:8a:51:31:94:81:50:04:
                    46:8c:4a:8c:5f:06:2b:cb:af:13:e5:42:33:91:f0:
                    2f:ac:29:1a:d8:6b:df:57:8b:21:22:29:c1:78:40:
                    f0:36:f9:76:9e:8f:5a:0c:ce:80:08:46:69:f6:68:
                    e5:90:93:9e:00:35:43:16:35:f2:ba:0c:12:4f:64:
                    ca:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:F4:2F:7D:ED:EF:DA:5A:9E:08:4A:6A:78:3C:5E:11:EB:1A:D8:CC
            X509v3 Authority Key Identifier:
                keyid:34:0B:EA:3F:CC:3C:BC:ED:C8:29:19:CF:57:C7:41:08:BA:EA:36:9E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NAvqP8w8vO3IKRnPV8dBCLrqNp4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/ecda3d-a2db-4908-862f-111056369a23/1/3fQvfe3v2lqeCEpqeDxeEesa2Mw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/33/ecda3d-a2db-4908-862f-111056369a23/1/NAvqP8w8vO3IKRnPV8dBCLrqNp4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  176.115.188.0/22

    Signature Algorithm: sha256WithRSAEncryption
         18:cb:b4:6a:36:2c:1d:0f:05:5c:a3:11:de:78:ae:c4:4d:54:
         5e:a4:76:96:22:b1:87:4b:e2:6a:04:b1:0d:39:4d:ad:6b:65:
         d7:02:08:61:9c:77:a2:83:53:86:cb:64:eb:16:c9:64:50:fb:
         c1:9a:0f:f8:90:cc:53:ca:f9:94:b5:30:09:0b:8d:8d:25:27:
         9e:5e:cb:51:61:f1:99:02:4a:40:0a:6e:e8:50:4d:a6:0e:39:
         4d:41:bb:1d:42:66:12:d8:20:f6:12:a6:b9:de:74:d9:6a:07:
         20:81:e8:ad:c4:84:a0:15:04:90:2b:dc:d3:85:69:b9:a4:4c:
         0d:91:20:1e:b3:6a:bd:ca:15:2b:0c:e2:b3:cd:fd:4c:89:e7:
         27:ce:c8:95:68:6c:f7:24:ee:e3:d9:90:b0:79:81:9b:a6:6a:
         99:1f:34:bf:3c:17:b8:68:48:4c:00:66:9a:18:9d:e8:17:c7:
         2a:cd:7c:d7:ed:b0:62:68:5b:93:c7:5e:5b:85:00:ba:5b:51:
         e3:d2:67:2b:57:bb:6b:db:f5:e6:ca:84:4d:88:1a:fa:7a:ff:
         5a:30:a2:00:35:b3:07:66:fa:49:f0:19:59:a4:ca:97:92:45:
         02:c0:e7:c2:cb:c9:30:3c:71:c0:c4:b9:59:81:1c:85:b1:40:
         26:5c:2e:7f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvlMVF1qotEqpUHM/JdYq1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MGJlYTNmY2MzY2JjZWRjODI5MTljZjU3Yzc0MTA4YmFl
YTM2OWUwHhcNMjMwMTAxMjMwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGY0MmY3ZGVkZWZkYTVhOWUwODRhNmE3ODNjNWUxMWViMWFkOGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnyaXh0GqD3EAy67PX+e+Lsr2eqpr
x1po/XnVuNBrw52QRnb1nL+khtGo3x9TnBAHnM3HpGPt3umGbn5i7awpCmrU/8Pf
KLpfr0ex09uzwcYlyIMSnEv44UpE/pFzA4nB+txla8qKdtoOFJzo148vjxgNJKqj
jB3QwbIuzHVcfxJGjUIEoKvPpfEXQ94m8wfFbgaAJtG9K1nqWQ4Z34gPi6shFFRI
1uzN0Rd1zRnJpPk2LuiDE7b383C5FYpRMZSBUARGjEqMXwYry68T5UIzkfAvrCka
2GvfV4shIinBeEDwNvl2no9aDM6ACEZp9mjlkJOeADVDFjXyugwST2TKUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN30L33t79panghKang8XhHrGtjMMB8GA1UdIwQY
MBaAFDQL6j/MPLztyCkZz1fHQQi66jaeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkF2cVA4dzh2TzNJS1JuUFY4ZEJDTHJxTnA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9lY2RhM2QtYTJkYi00OTA4LTg2MmYt
MTExMDU2MzY5YTIzLzEvM2ZRdmZlM3YybHFlQ0VwcWVEeGVFZXNhMk13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy9lY2RhM2QtYTJkYi00OTA4LTg2MmYtMTExMDU2MzY5YTIz
LzEvTkF2cVA4dzh2TzNJS1JuUFY4ZEJDTHJxTnA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCsHO8MA0G
CSqGSIb3DQEBCwUAA4IBAQAYy7RqNiwdDwVcoxHeeK7ETVRepHaWIrGHS+JqBLEN
OU2ta2XXAghhnHeig1OGy2TrFslkUPvBmg/4kMxTyvmUtTAJC42NJSeeXstRYfGZ
AkpACm7oUE2mDjlNQbsdQmYS2CD2Eqa53nTZagcggeitxISgFQSQK9zThWm5pEwN
kSAes2q9yhUrDOKzzf1MiecnzsiVaGz3JO7j2ZCweYGbpmqZHzS/PBe4aEhMAGaa
GJ3oF8cqzXzX7bBiaFuTx15bhQC6W1Hj0mcrV7tr2/XmyoRNiBr6ev9aMKIANbMH
ZvpJ8BlZpMqXkkUCwOfCy8kwPHHAxLlZgRyFsUAmXC5/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:53 2024 by rpki-client on console-fra.rpki-client.org