Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/d1f390-4ec5-4c42-8e54-01fb46a433e1/1/ufnN7iU6OVd1CChzcF3cQHQXO6w.roa
File:                     ufnN7iU6OVd1CChzcF3cQHQXO6w.roa (raw, json)
Hash identifier:          NS/QHKmsKiOdbU/4YDyjbiQzwAC2HqrEcpRdeQmkCdk=
Subject key identifier:   B9:F9:CD:EE:25:3A:39:57:75:08:28:73:70:5D:DC:40:74:17:3B:AC
Certificate issuer:       /CN=1230cd8e13c86d8ef835c1aac7d5f953455c035c
Certificate serial:       01856F8B936F0C536A00EAD519AA007AC933
Authority key identifier: 12:30:CD:8E:13:C8:6D:8E:F8:35:C1:AA:C7:D5:F9:53:45:5C:03:5C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/EjDNjhPIbY74NcGqx9X5U0VcA1w.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/d1f390-4ec5-4c42-8e54-01fb46a433e1/1/ufnN7iU6OVd1CChzcF3cQHQXO6w.roa
Signing time:             Sun 01 Jan 2023 22:54:56 +0000
ROA not before:           Sun 01 Jan 2023 22:54:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     396982
IP address blocks:        185.88.148.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:8b:93:6f:0c:53:6a:00:ea:d5:19:aa:00:7a:c9:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1230cd8e13c86d8ef835c1aac7d5f953455c035c
        Validity
            Not Before: Jan  1 22:54:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b9f9cdee253a395775082873705ddc4074173bac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:94:f9:27:20:fd:32:7d:6b:2c:c0:49:e0:38:
                    58:36:4a:ab:00:e9:ac:ca:b7:a8:7c:1e:f0:3f:5c:
                    19:11:2a:75:8a:01:ca:e6:85:8a:8f:56:df:35:35:
                    dc:38:90:d0:f7:df:4f:bb:ac:31:db:2f:4c:82:ce:
                    1e:b8:a7:f3:d4:40:a0:7e:ff:c8:2d:26:9d:37:e8:
                    cf:ca:e8:98:64:f6:ce:52:80:89:a6:54:d5:fb:b8:
                    de:05:52:39:41:22:a5:db:dc:a3:fc:98:31:18:dc:
                    59:bb:8c:fc:8f:48:88:71:56:90:2f:c7:1d:4e:1c:
                    13:31:6b:88:40:a3:21:12:11:c9:dd:2d:60:53:a6:
                    58:c6:59:4b:c7:d3:dc:61:05:76:8b:e7:95:9d:39:
                    cf:8b:9a:17:02:a0:a8:14:14:a5:33:91:2e:0a:a2:
                    02:07:72:99:ef:b2:ef:84:87:c7:a7:8c:6e:02:f6:
                    be:ea:f7:79:d9:46:1e:8a:03:1c:66:22:68:0f:0d:
                    a5:61:e0:df:29:66:c0:67:f8:bd:82:9d:87:17:d8:
                    d6:89:ff:17:1c:04:88:79:a3:8b:41:cd:ba:8a:bd:
                    11:4c:ab:74:01:41:0c:ef:89:4d:cb:d3:c7:7b:06:
                    24:28:3a:dd:e5:42:11:94:86:2f:f9:96:7d:2a:08:
                    5e:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:F9:CD:EE:25:3A:39:57:75:08:28:73:70:5D:DC:40:74:17:3B:AC
            X509v3 Authority Key Identifier:
                keyid:12:30:CD:8E:13:C8:6D:8E:F8:35:C1:AA:C7:D5:F9:53:45:5C:03:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EjDNjhPIbY74NcGqx9X5U0VcA1w.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/d1f390-4ec5-4c42-8e54-01fb46a433e1/1/ufnN7iU6OVd1CChzcF3cQHQXO6w.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/d1f390-4ec5-4c42-8e54-01fb46a433e1/1/EjDNjhPIbY74NcGqx9X5U0VcA1w.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.88.148.0/22

    Signature Algorithm: sha256WithRSAEncryption
         40:56:34:dd:69:e8:a9:87:48:b5:96:38:df:e9:5b:0f:4e:17:
         86:48:6f:b6:8f:65:27:1c:48:13:61:3d:32:39:47:db:80:a8:
         d4:94:ec:36:12:57:f8:fe:ff:96:f1:71:e7:84:18:1b:80:ce:
         a8:e4:75:27:ca:27:be:7c:8c:ba:81:f7:ce:5f:71:c2:ba:48:
         bc:ae:b4:1e:79:1c:91:9b:78:ba:b4:32:06:ed:dd:81:e6:9b:
         a7:90:99:04:da:97:a4:fb:84:ea:12:f1:e3:61:8f:79:98:e2:
         43:00:25:3f:20:49:3a:18:59:3d:5c:fc:a5:1b:39:08:de:7a:
         6c:98:d3:77:ed:b8:cb:e9:f3:36:fc:b4:c6:05:07:37:c1:55:
         f3:dc:c0:ac:26:7b:70:1a:ac:a4:94:92:17:08:87:79:1f:a7:
         91:f9:44:96:c0:28:0d:51:41:ab:89:7d:22:73:5f:cb:69:f5:
         c9:b2:3a:82:ec:ae:7b:28:58:74:69:37:07:99:a6:03:36:64:
         db:4e:9d:93:7a:33:a8:d2:b1:fb:f8:a8:82:5e:f9:b0:70:82:
         19:e5:e7:6d:10:cf:88:84:8e:4b:30:53:85:52:85:96:00:66:
         56:cb:52:61:d9:f6:40:f8:dc:c4:e4:97:99:27:41:1d:43:53:
         18:3a:a7:c4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvi5NvDFNqAOrVGaoAeskzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyMzBjZDhlMTNjODZkOGVmODM1YzFhYWM3ZDVmOTUzNDU1
YzAzNWMwHhcNMjMwMTAxMjI1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWY5Y2RlZTI1M2EzOTU3NzUwODI4NzM3MDVkZGM0MDc0MTczYmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZT5JyD9Mn1rLMBJ4DhYNkqrAOms
yreofB7wP1wZESp1igHK5oWKj1bfNTXcOJDQ999Pu6wx2y9Mgs4euKfz1ECgfv/I
LSadN+jPyuiYZPbOUoCJplTV+7jeBVI5QSKl29yj/JgxGNxZu4z8j0iIcVaQL8cd
ThwTMWuIQKMhEhHJ3S1gU6ZYxllLx9PcYQV2i+eVnTnPi5oXAqCoFBSlM5EuCqIC
B3KZ77LvhIfHp4xuAva+6vd52UYeigMcZiJoDw2lYeDfKWbAZ/i9gp2HF9jWif8X
HASIeaOLQc26ir0RTKt0AUEM74lNy9PHewYkKDrd5UIRlIYv+ZZ9KghexwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLn5ze4lOjlXdQgoc3Bd3EB0FzusMB8GA1UdIwQY
MBaAFBIwzY4TyG2O+DXBqsfV+VNFXANcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWpETmpoUEliWTc0TmNHcXg5WDVVMFZjQTF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC9kMWYzOTAtNGVjNS00YzQyLThlNTQt
MDFmYjQ2YTQzM2UxLzEvdWZuTjdpVTZPVmQxQ0NoemNGM2NRSFFYTzZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC9kMWYzOTAtNGVjNS00YzQyLThlNTQtMDFmYjQ2YTQzM2Ux
LzEvRWpETmpoUEliWTc0TmNHcXg5WDVVMFZjQTF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuViUMA0G
CSqGSIb3DQEBCwUAA4IBAQBAVjTdaeiph0i1ljjf6VsPTheGSG+2j2UnHEgTYT0y
OUfbgKjUlOw2Elf4/v+W8XHnhBgbgM6o5HUnyie+fIy6gffOX3HCuki8rrQeeRyR
m3i6tDIG7d2B5punkJkE2pek+4TqEvHjYY95mOJDACU/IEk6GFk9XPylGzkI3nps
mNN37bjL6fM2/LTGBQc3wVXz3MCsJntwGqyklJIXCId5H6eR+USWwCgNUUGriX0i
c1/LafXJsjqC7K57KFh0aTcHmaYDNmTbTp2TejOo0rH7+KiCXvmwcIIZ5edtEM+I
hI5LMFOFUoWWAGZWy1Jh2fZA+NzE5JeZJ0EdQ1MYOqfE
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:25 2024 by rpki-client on console-ams.rpki-client.org