Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/dk2BhYqBUZWRhOkR0HHgqMy3ruA.roa
File:                     dk2BhYqBUZWRhOkR0HHgqMy3ruA.roa (raw, json)
Hash identifier:          YypNC44q6DPTPGWQ5TgaBqhHs8Q5PdLY5Xd+Olm5YlQ=
Subject key identifier:   76:4D:81:85:8A:81:51:95:91:84:E9:11:D0:71:E0:A8:CC:B7:AE:E0
Certificate issuer:       /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial:       0186374621047DCA59604A6DEFDDDD8E4E06
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/dk2BhYqBUZWRhOkR0HHgqMy3ruA.roa
Signing time:             Thu 09 Feb 2023 17:43:08 +0000
ROA not before:           Thu 09 Feb 2023 17:43:08 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211432
IP address blocks:        213.209.146.0/24 maxlen: 24
                          185.230.15.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 18 Jun 2023 12:31:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:37:46:21:04:7d:ca:59:60:4a:6d:ef:dd:dd:8e:4e:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
        Validity
            Not Before: Feb  9 17:43:08 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=764d81858a8151959184e911d071e0a8ccb7aee0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:8d:9f:50:3c:7d:61:a5:f6:fd:93:23:6b:22:
                    99:70:31:6d:db:c8:20:3c:01:1f:93:7a:8d:3d:65:
                    3e:61:92:9d:95:f9:55:33:cf:00:31:bd:4a:f2:b7:
                    64:bf:d3:c5:aa:3d:d4:4c:31:2b:e8:53:dd:27:7c:
                    65:24:62:a3:c6:53:47:77:a4:a7:ef:b4:24:0f:8f:
                    6d:09:78:8f:b3:7b:9d:75:4e:df:c8:76:54:35:21:
                    5e:57:84:8b:bb:3c:ea:81:f2:60:bb:d6:1e:1f:d6:
                    fb:53:a2:94:22:33:c3:bd:eb:a9:bb:b2:55:0a:b1:
                    2f:c8:b8:dc:41:3c:41:ea:17:bc:6a:53:f4:e5:ea:
                    71:12:41:f9:73:1c:fc:fc:67:6c:f5:ba:43:31:79:
                    60:f5:9a:3a:8d:e7:52:aa:b9:62:98:cf:e8:dd:97:
                    26:ad:f4:c9:58:e0:0d:6a:a2:3c:70:3a:6d:17:a7:
                    38:82:7f:d2:ef:99:4d:d9:48:d7:50:f0:26:4e:6b:
                    af:04:fc:6d:6a:d0:e4:77:30:27:cb:12:8d:e8:ed:
                    70:61:3f:2b:40:95:8f:a8:0e:3c:e0:6c:f1:2c:99:
                    65:e2:b9:ee:be:64:17:09:c2:be:1a:b1:68:d7:c7:
                    73:60:36:01:81:b6:6a:e6:de:06:1a:be:e5:80:b5:
                    13:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:4D:81:85:8A:81:51:95:91:84:E9:11:D0:71:E0:A8:CC:B7:AE:E0
            X509v3 Authority Key Identifier:
                keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/dk2BhYqBUZWRhOkR0HHgqMy3ruA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.230.15.0/24
                  213.209.146.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0e:ca:10:32:4b:d3:99:52:4d:6d:1b:fd:7c:eb:88:e6:ac:8b:
         22:0a:ab:8c:b1:8d:7d:43:ab:b6:25:76:f3:f4:6b:bf:6c:7a:
         aa:15:19:d5:33:62:d9:f1:1a:37:e4:e5:52:f1:d1:17:ea:8a:
         aa:af:38:3f:62:28:21:ac:88:79:5d:3d:42:8b:bc:4e:6f:65:
         85:c3:6f:59:d6:37:85:e5:fc:b0:a3:92:25:01:d3:33:79:f7:
         18:33:12:b0:ef:65:25:71:fb:d4:81:85:43:31:6b:94:82:00:
         a4:b7:ad:d2:7e:d4:5e:6d:9e:00:10:e4:13:02:86:05:e9:22:
         b9:9c:bd:df:d0:11:48:7f:c4:73:21:28:ed:97:5f:1a:91:30:
         07:c9:8e:c8:84:ff:d8:b6:e1:cd:8e:6d:1c:df:fc:ef:85:d6:
         29:f8:61:a3:01:05:bf:8c:a7:73:60:15:12:f2:9d:7a:64:2b:
         6a:a3:d2:c3:2f:42:5c:8c:8f:cf:d9:38:58:a7:94:84:f2:5b:
         1e:fc:05:89:1f:de:d1:84:88:b9:52:34:0f:20:4c:c4:01:92:
         d0:ef:5c:c5:f1:40:42:bc:2e:e3:a2:00:2a:a8:31:84:71:a4:
         e0:0b:90:c5:9f:95:4f:49:0a:72:23:2c:13:b6:27:08:74:02:
         41:84:38:b0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYY3RiEEfcpZYEpt793djk4GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMwMjA5MTc0MzA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjRkODE4NThhODE1MTk1OTE4NGU5MTFkMDcxZTBhOGNjYjdhZWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkI2fUDx9YaX2/ZMjayKZcDFt28gg
PAEfk3qNPWU+YZKdlflVM88AMb1K8rdkv9PFqj3UTDEr6FPdJ3xlJGKjxlNHd6Sn
77QkD49tCXiPs3uddU7fyHZUNSFeV4SLuzzqgfJgu9YeH9b7U6KUIjPDveupu7JV
CrEvyLjcQTxB6he8alP05epxEkH5cxz8/Gds9bpDMXlg9Zo6jedSqrlimM/o3Zcm
rfTJWOANaqI8cDptF6c4gn/S75lN2UjXUPAmTmuvBPxtatDkdzAnyxKN6O1wYT8r
QJWPqA484GzxLJll4rnuvmQXCcK+GrFo18dzYDYBgbZq5t4GGr7lgLUTowIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHZNgYWKgVGVkYTpEdBx4KjMt67gMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvZGsyQmhZcUJVWldSaE9rUjBISGdxTXkzcnVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAueYPAwQA
1dGSMA0GCSqGSIb3DQEBCwUAA4IBAQAOyhAyS9OZUk1tG/1864jmrIsiCquMsY19
Q6u2JXbz9Gu/bHqqFRnVM2LZ8Ro35OVS8dEX6oqqrzg/YighrIh5XT1Ci7xOb2WF
w29Z1jeF5fywo5IlAdMzefcYMxKw72UlcfvUgYVDMWuUggCkt63SftRebZ4AEOQT
AoYF6SK5nL3f0BFIf8RzISjtl18akTAHyY7IhP/YtuHNjm0c3/zvhdYp+GGjAQW/
jKdzYBUS8p16ZCtqo9LDL0JcjI/P2ThYp5SE8lse/AWJH97RhIi5UjQPIEzEAZLQ
71zF8UBCvC7jogAqqDGEcaTgC5DFn5VPSQpyIywTticIdAJBhDiw
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:25 2024 by rpki-client on console-ams.rpki-client.org