Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/1-Oz3Ko2qrFwnuE8W102_vTpZFl4.roa
File:                     1-Oz3Ko2qrFwnuE8W102_vTpZFl4.roa (raw, json)
Hash identifier:          blnzRsSJR9NU1ovkk+QgY3Cy/dwBVTq+0FQzpkuhla0=
Subject key identifier:   F8:EC:F7:2A:8D:AA:AC:5C:27:B8:4F:16:D7:4D:BF:BD:3A:59:16:5E
Certificate issuer:       /CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Certificate serial:       01856ED4A504FD815FBFFE07E609B86C7518
Authority key identifier: E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/1-Oz3Ko2qrFwnuE8W102_vTpZFl4.roa
Signing time:             Sun 01 Jan 2023 19:35:07 +0000
ROA not before:           Sun 01 Jan 2023 19:35:07 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     14576
IP address blocks:        194.110.150.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 21 Mar 2023 20:37:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6e:d4:a5:04:fd:81:5f:bf:fe:07:e6:09:b8:6c:75:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
        Validity
            Not Before: Jan  1 19:35:07 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=f8ecf72a8daaac5c27b84f16d74dbfbd3a59165e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:5b:12:2f:ac:3c:80:3d:38:c1:4e:1e:aa:77:
                    0f:c2:a0:00:2c:2e:a2:1e:95:c9:3c:11:36:86:d4:
                    0e:e5:2a:5a:86:e8:86:fc:11:db:fe:bd:26:a0:b7:
                    cc:1d:90:ad:1c:a5:f3:c5:d4:9c:dc:27:89:a2:36:
                    b4:ca:3d:cd:33:d7:17:77:7c:ca:db:61:8b:48:ee:
                    86:3a:9c:d0:77:7c:3e:14:83:68:c4:70:23:73:b3:
                    fe:cc:17:2b:fa:d5:6f:18:81:f2:dd:6e:f8:62:ef:
                    64:ae:ec:c5:e1:7b:69:09:bc:88:b3:2f:f0:d1:3d:
                    3b:f9:57:a6:71:df:b9:d3:7e:40:98:c3:4a:0e:4a:
                    4b:a0:75:bd:ea:c6:6f:d8:54:86:67:67:36:7c:1d:
                    ea:11:d2:6d:3c:c9:e1:bd:9d:52:2f:81:f9:0e:6f:
                    2f:0f:c0:2b:ab:25:57:8a:1c:1d:6d:c4:68:fe:df:
                    47:1c:69:6e:bd:1a:16:bc:bc:17:04:22:24:87:12:
                    19:1b:e5:5c:02:a2:cc:08:b0:b6:4a:c9:ac:ca:05:
                    7b:cb:53:70:a2:4b:1a:20:1f:74:28:61:b2:01:f1:
                    34:50:ca:bd:d5:02:1c:25:b6:af:5f:e6:44:d4:a0:
                    81:49:7e:4d:49:1c:f8:b1:d7:2e:d6:01:b8:f6:4f:
                    10:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:EC:F7:2A:8D:AA:AC:5C:27:B8:4F:16:D7:4D:BF:BD:3A:59:16:5E
            X509v3 Authority Key Identifier:
                keyid:E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/1-Oz3Ko2qrFwnuE8W102_vTpZFl4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.110.150.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5c:49:9a:a8:3d:77:15:be:e3:f9:98:1b:34:05:7e:c8:a0:ca:
         bf:44:ee:21:48:e2:c3:52:9b:c1:19:bd:af:ad:71:e0:e7:8a:
         c8:92:f7:4c:ae:7e:57:f2:fc:e3:6c:b8:73:8f:93:94:fb:02:
         ed:c5:ca:89:48:47:1c:8d:af:f3:8d:95:8e:92:3e:50:12:64:
         4e:32:fc:9c:a7:d4:11:40:76:a7:68:60:6f:73:c2:9b:a0:56:
         e3:e0:c9:a9:41:a8:22:53:88:d3:29:1f:bf:0a:0d:3e:85:43:
         30:e3:8c:00:5b:10:bb:32:63:47:4f:00:88:8c:d8:e1:b8:3f:
         98:46:80:02:b0:cc:55:16:76:79:2e:a7:42:d9:b2:ef:b8:c1:
         9b:2d:84:72:af:05:5f:8a:29:b0:67:00:97:3a:df:f0:d5:04:
         c4:e1:77:dd:24:b3:81:4f:c4:96:5c:42:4f:d7:07:1c:16:a8:
         9a:33:3e:fc:31:23:9b:f7:7c:73:6b:d7:04:34:b0:41:7e:1d:
         59:61:dd:a3:70:45:a1:b7:9e:36:a0:a4:53:65:f0:8f:9a:40:
         8c:1c:97:aa:67:78:90:c3:02:c6:33:63:3a:30:30:e0:78:ee:
         70:5a:55:08:b1:ca:9a:5e:c9:0d:26:76:8e:da:fa:db:a8:74:
         29:a2:9f:2c
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVu1KUE/YFfv/4H5gm4bHUYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzJiODM0ZmJjOTFhZjBlYzZiMWQzNGZkNjQwNTRkMjI2
OWExZmQwHhcNMjMwMTAxMTkzNTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGVjZjcyYThkYWFhYzVjMjdiODRmMTZkNzRkYmZiZDNhNTkxNjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3FsSL6w8gD04wU4eqncPwqAALC6i
HpXJPBE2htQO5SpahuiG/BHb/r0moLfMHZCtHKXzxdSc3CeJoja0yj3NM9cXd3zK
22GLSO6GOpzQd3w+FINoxHAjc7P+zBcr+tVvGIHy3W74Yu9kruzF4XtpCbyIsy/w
0T07+Vemcd+5035AmMNKDkpLoHW96sZv2FSGZ2c2fB3qEdJtPMnhvZ1SL4H5Dm8v
D8ArqyVXihwdbcRo/t9HHGluvRoWvLwXBCIkhxIZG+VcAqLMCLC2SsmsygV7y1Nw
oksaIB90KGGyAfE0UMq91QIcJbavX+ZE1KCBSX5NSRz4sdcu1gG49k8QJwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPjs9yqNqqxcJ7hPFtdNv706WRZeMB8GA1UdIwQY
MBaAFOLCuDT7yRrw7GsdNP1kBU0iaaH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2Et
OTk0ODA2ZjA4MWYwLzEvMS1PejNLbzJxckZ3bnVFOFcxMDJfdlRwWkZsNC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMzgvM2YyNDliLWU4MzYtNDFiNC05YTNhLTk5NDgwNmYwODFm
MC8xLzRzSzROUHZKR3ZEc2F4MDBfV1FGVFNKcG9mMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMJuljAN
BgkqhkiG9w0BAQsFAAOCAQEAXEmaqD13Fb7j+ZgbNAV+yKDKv0TuIUjiw1KbwRm9
r61x4OeKyJL3TK5+V/L842y4c4+TlPsC7cXKiUhHHI2v842VjpI+UBJkTjL8nKfU
EUB2p2hgb3PCm6BW4+DJqUGoIlOI0ykfvwoNPoVDMOOMAFsQuzJjR08AiIzY4bg/
mEaAArDMVRZ2eS6nQtmy77jBmy2Ecq8FX4opsGcAlzrf8NUExOF33SSzgU/EllxC
T9cHHBaomjM+/DEjm/d8c2vXBDSwQX4dWWHdo3BFobeeNqCkU2Xwj5pAjByXqmd4
kMMCxjNjOjAw4HjucFpVCLHKml7JDSZ2jtr626h0KaKfLA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:20 2024 by rpki-client on console-ams.rpki-client.org