Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/TqCtJU66Z9UC84Ck8iWInZqBGo4.roa
File:                     TqCtJU66Z9UC84Ck8iWInZqBGo4.roa (raw, json)
Hash identifier:          LWmHFNtOw6vl+hdiyAihCBT+g0ELNqtOzJwJi8+maoM=
Subject key identifier:   4E:A0:AD:25:4E:BA:67:D5:02:F3:80:A4:F2:25:88:9D:9A:81:1A:8E
Certificate issuer:       /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial:       018C4EA5D805776005495946C959CD3054B1
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/TqCtJU66Z9UC84Ck8iWInZqBGo4.roa
Signing time:             Sat 09 Dec 2023 12:55:40 +0000
ROA not before:           Sat 09 Dec 2023 12:55:40 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     205663
IP address blocks:        185.226.181.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Sun 10 Dec 2023 19:22:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:4e:a5:d8:05:77:60:05:49:59:46:c9:59:cd:30:54:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
        Validity
            Not Before: Dec  9 12:55:40 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=4ea0ad254eba67d502f380a4f225889d9a811a8e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:bb:0b:a0:82:01:cf:46:f2:80:2a:c9:bd:24:
                    34:9f:82:ca:e5:d7:74:39:17:9f:b5:41:25:91:bf:
                    b7:6c:c9:5e:c2:5f:fa:53:db:2d:55:cf:23:7e:50:
                    e5:07:5d:11:30:7b:87:e9:64:b7:d8:cd:25:52:9c:
                    eb:84:c1:64:c1:5e:ef:9e:c8:ce:28:36:13:8f:f7:
                    af:57:7f:7f:47:b6:d1:8b:7a:94:0b:08:5b:71:32:
                    34:d4:a2:7a:9f:18:8f:52:b9:cf:cf:3e:7f:a1:ec:
                    fd:96:3e:0d:20:a8:76:c2:c3:53:69:5f:b6:ad:ed:
                    e0:3c:64:c7:d6:93:ab:6b:17:d5:2f:c2:8c:15:68:
                    b2:e5:4d:70:51:d4:78:3e:31:cc:0b:fe:dd:a0:1f:
                    d4:bf:f0:ec:d6:58:c3:ea:5d:02:e1:e5:d7:cd:c2:
                    dc:ba:87:2c:09:2d:b1:0b:24:50:6a:49:8d:56:9b:
                    a4:23:54:56:ee:79:ae:22:0a:07:83:7a:b2:af:6a:
                    bb:bf:7b:30:ae:4a:82:53:97:55:b4:0c:b7:74:fa:
                    bb:42:72:c4:13:d0:59:e3:bc:83:5d:af:1a:bd:e2:
                    bd:25:d0:10:f3:a3:ae:c0:76:df:30:f9:4c:ed:53:
                    56:83:ca:12:df:14:30:c4:96:3a:31:e7:59:29:d5:
                    00:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:A0:AD:25:4E:BA:67:D5:02:F3:80:A4:F2:25:88:9D:9A:81:1A:8E
            X509v3 Authority Key Identifier:
                keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/TqCtJU66Z9UC84Ck8iWInZqBGo4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.226.181.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c9:4d:dd:f2:10:9b:a4:6c:dc:2f:c3:9d:7f:2f:2f:5e:be:3f:
         d9:00:0c:a5:ef:f9:d9:e1:f9:99:ca:97:bd:70:61:b3:ee:84:
         74:4b:27:72:14:8f:c9:44:38:38:65:db:1d:67:ff:16:06:2e:
         38:e3:4e:ff:54:f8:85:08:e3:a0:75:06:95:98:4d:67:67:10:
         cc:95:ee:fc:49:dd:cc:cd:05:2b:ea:f4:58:84:0f:74:69:e8:
         bd:ea:5a:4b:6d:0e:c8:e8:69:6a:04:19:46:aa:4f:10:f5:5d:
         76:6d:12:fc:6e:ef:d5:68:a8:f2:d0:7c:fc:b9:89:04:68:be:
         a9:43:c5:bd:ea:9e:6d:13:af:bd:00:bf:7a:48:f9:66:d9:76:
         e6:3a:90:33:f6:08:d2:40:87:75:a3:20:d1:9d:77:6e:e0:64:
         db:b4:46:7a:40:63:4d:7b:af:81:1b:d7:89:f4:60:29:8c:32:
         6e:94:49:11:88:20:37:1c:e1:f1:a5:a2:ba:11:cf:e3:95:14:
         5d:a2:81:ae:3d:78:55:97:a2:c0:fb:96:f2:23:36:55:ef:f5:
         ce:18:83:95:b1:1f:af:5f:4e:31:1a:62:32:a4:3b:68:51:72:
         c2:fa:26:ab:bb:2e:7e:81:02:74:f0:d5:f9:5b:03:be:0b:13:
         b0:0a:9b:b7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxOpdgFd2AFSVlGyVnNMFSxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjMxMjA5MTI1NTQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWEwYWQyNTRlYmE2N2Q1MDJmMzgwYTRmMjI1ODg5ZDlhODExYThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6LsLoIIBz0bygCrJvSQ0n4LK5dd0
OReftUElkb+3bMlewl/6U9stVc8jflDlB10RMHuH6WS32M0lUpzrhMFkwV7vnsjO
KDYTj/evV39/R7bRi3qUCwhbcTI01KJ6nxiPUrnPzz5/oez9lj4NIKh2wsNTaV+2
re3gPGTH1pOraxfVL8KMFWiy5U1wUdR4PjHMC/7doB/Uv/Ds1ljD6l0C4eXXzcLc
uocsCS2xCyRQakmNVpukI1RW7nmuIgoHg3qyr2q7v3swrkqCU5dVtAy3dPq7QnLE
E9BZ47yDXa8aveK9JdAQ86OuwHbfMPlM7VNWg8oS3xQwxJY6MedZKdUAHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE6grSVOumfVAvOApPIliJ2agRqOMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvVHFDdEpVNjZaOVVDODRDazhpV0luWnFCR280LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueK1MA0G
CSqGSIb3DQEBCwUAA4IBAQDJTd3yEJukbNwvw51/Ly9evj/ZAAyl7/nZ4fmZype9
cGGz7oR0SydyFI/JRDg4ZdsdZ/8WBi44407/VPiFCOOgdQaVmE1nZxDMle78Sd3M
zQUr6vRYhA90aei96lpLbQ7I6GlqBBlGqk8Q9V12bRL8bu/VaKjy0Hz8uYkEaL6p
Q8W96p5tE6+9AL96SPlm2XbmOpAz9gjSQId1oyDRnXdu4GTbtEZ6QGNNe6+BG9eJ
9GApjDJulEkRiCA3HOHxpaK6Ec/jlRRdooGuPXhVl6LA+5byIzZV7/XOGIOVsR+v
X04xGmIypDtoUXLC+iaruy5+gQJ08NX5WwO+CxOwCpu3
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:35 2024 by rpki-client on console-ams.rpki-client.org