Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/229182-4bdc-4234-a989-90d58c603256/1/cPRd5Nz4Qt3HEdk1gI7jhVtDFW4.roa
File:                     cPRd5Nz4Qt3HEdk1gI7jhVtDFW4.roa (raw, json)
Hash identifier:          qFY2bz1Q5Ins1LGXpuAoWvoqcztDNv1nls+6tgZdsC0=
Subject key identifier:   70:F4:5D:E4:DC:F8:42:DD:C7:11:D9:35:80:8E:E3:85:5B:43:15:6E
Certificate issuer:       /CN=9cbb77bab438a93d34d9d5c0a8e0b9ef32ae5da0
Certificate serial:       018AB7912486AF9EDA9A3EA2429F1DFBACC1
Authority key identifier: 9C:BB:77:BA:B4:38:A9:3D:34:D9:D5:C0:A8:E0:B9:EF:32:AE:5D:A0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nLt3urQ4qT002dXAqOC57zKuXaA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3e/229182-4bdc-4234-a989-90d58c603256/1/cPRd5Nz4Qt3HEdk1gI7jhVtDFW4.roa
Signing time:             Thu 21 Sep 2023 11:47:37 +0000
ROA not before:           Thu 21 Sep 2023 11:47:37 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     62462
IP address blocks:        185.35.40.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Fri 20 Oct 2023 21:56:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:b7:91:24:86:af:9e:da:9a:3e:a2:42:9f:1d:fb:ac:c1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9cbb77bab438a93d34d9d5c0a8e0b9ef32ae5da0
        Validity
            Not Before: Sep 21 11:47:37 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=70f45de4dcf842ddc711d935808ee3855b43156e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:36:a9:8b:6a:0d:ea:b5:99:68:01:8b:70:9c:
                    01:5c:29:34:24:bc:1e:d2:4f:cd:da:ab:ad:1a:1e:
                    07:33:a3:2f:44:cd:d2:bb:6a:e5:31:aa:ba:0e:02:
                    e5:86:84:cb:a5:38:22:83:19:0a:38:4c:7c:a5:f2:
                    18:6a:be:c6:29:83:bc:91:b0:38:9a:81:10:ee:db:
                    52:73:85:52:25:10:50:57:d6:d2:2b:69:f4:71:e0:
                    92:0c:46:29:a1:8b:79:37:f0:a4:66:45:7c:56:7a:
                    02:bd:32:6d:59:55:c4:b5:75:9f:cc:23:34:a6:06:
                    f6:f0:c2:0e:a7:17:5a:2d:ed:c0:ca:ae:77:e2:79:
                    f2:0a:a7:e3:d7:df:4f:e3:6d:54:83:0a:c4:8b:d2:
                    7c:83:0f:19:8c:88:56:94:6e:98:cb:b4:53:59:ae:
                    7a:6f:b2:07:55:07:dd:d4:7c:a4:88:4f:ed:87:c4:
                    8e:8c:69:38:76:a9:db:51:b6:40:0b:a9:5e:bb:38:
                    cc:ac:ec:9a:6f:e0:34:14:f3:49:7c:db:8e:54:c7:
                    57:11:3e:93:df:f0:57:29:d3:a2:c5:61:d9:eb:04:
                    8c:94:d8:c3:2d:a5:8a:d0:82:df:75:b1:76:2d:49:
                    c1:58:8a:8b:91:9b:55:6e:c9:f9:ab:2a:38:91:b2:
                    0d:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:F4:5D:E4:DC:F8:42:DD:C7:11:D9:35:80:8E:E3:85:5B:43:15:6E
            X509v3 Authority Key Identifier:
                keyid:9C:BB:77:BA:B4:38:A9:3D:34:D9:D5:C0:A8:E0:B9:EF:32:AE:5D:A0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nLt3urQ4qT002dXAqOC57zKuXaA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/229182-4bdc-4234-a989-90d58c603256/1/cPRd5Nz4Qt3HEdk1gI7jhVtDFW4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/229182-4bdc-4234-a989-90d58c603256/1/nLt3urQ4qT002dXAqOC57zKuXaA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.35.40.0/22

    Signature Algorithm: sha256WithRSAEncryption
         4e:c2:ae:1e:04:49:c3:12:9b:86:eb:f6:e3:62:df:ea:dc:70:
         23:6f:e0:1b:3e:90:c0:aa:34:c5:da:17:68:9a:d2:48:ab:5d:
         0d:65:ee:de:f7:83:a6:db:53:da:0d:28:66:5d:d2:9f:28:99:
         bd:11:ff:24:c9:39:16:f8:b7:65:e8:4b:c4:11:99:69:65:54:
         bb:3c:c4:34:4a:50:c0:d2:71:b5:e5:d8:d3:c7:b8:d5:82:17:
         07:df:c4:7f:43:c3:34:e9:a9:1e:79:b7:a8:ec:0f:c4:e4:d1:
         0c:3e:a0:aa:4e:6b:e2:32:ac:fe:e5:45:0b:82:01:10:5e:4b:
         32:18:b7:7a:17:44:e3:dc:ab:16:3a:ec:e0:8b:fe:83:ef:de:
         64:a7:fd:e6:96:10:94:17:37:6b:c6:3a:c9:b6:b0:71:15:f9:
         77:91:c0:ee:02:38:dd:9e:02:7c:60:3a:51:28:17:99:1c:2d:
         2e:bf:85:53:59:42:6d:c6:28:50:63:2a:85:ab:8f:fb:7b:e2:
         4d:dd:2a:cc:c3:e0:85:c0:bc:72:33:f0:04:a4:ca:a1:ee:4b:
         bf:7b:9b:1e:5d:55:43:d7:db:f1:6e:59:12:dd:88:b6:4e:07:
         1a:fa:24:b9:80:15:77:aa:9a:ec:d3:35:70:6a:3c:ae:f5:56:
         19:e1:f4:57
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYq3kSSGr57amj6iQp8d+6zBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljYmI3N2JhYjQzOGE5M2QzNGQ5ZDVjMGE4ZTBiOWVmMzJh
ZTVkYTAwHhcNMjMwOTIxMTE0NzM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGY0NWRlNGRjZjg0MmRkYzcxMWQ5MzU4MDhlZTM4NTViNDMxNTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmTapi2oN6rWZaAGLcJwBXCk0JLwe
0k/N2qutGh4HM6MvRM3Su2rlMaq6DgLlhoTLpTgigxkKOEx8pfIYar7GKYO8kbA4
moEQ7ttSc4VSJRBQV9bSK2n0ceCSDEYpoYt5N/CkZkV8VnoCvTJtWVXEtXWfzCM0
pgb28MIOpxdaLe3Ayq534nnyCqfj199P421UgwrEi9J8gw8ZjIhWlG6Yy7RTWa56
b7IHVQfd1HykiE/th8SOjGk4dqnbUbZAC6leuzjMrOyab+A0FPNJfNuOVMdXET6T
3/BXKdOixWHZ6wSMlNjDLaWK0ILfdbF2LUnBWIqLkZtVbsn5qyo4kbINpQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHD0XeTc+ELdxxHZNYCO44VbQxVuMB8GA1UdIwQY
MBaAFJy7d7q0OKk9NNnVwKjgue8yrl2gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkx0M3VyUTRxVDAwMmRYQXFPQzU3ekt1WGFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS8yMjkxODItNGJkYy00MjM0LWE5ODkt
OTBkNThjNjAzMjU2LzEvY1BSZDVOejRRdDNIRWRrMWdJN2poVnRERlc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS8yMjkxODItNGJkYy00MjM0LWE5ODktOTBkNThjNjAzMjU2
LzEvbkx0M3VyUTRxVDAwMmRYQXFPQzU3ekt1WGFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuSMoMA0G
CSqGSIb3DQEBCwUAA4IBAQBOwq4eBEnDEpuG6/bjYt/q3HAjb+AbPpDAqjTF2hdo
mtJIq10NZe7e94Om21PaDShmXdKfKJm9Ef8kyTkW+Ldl6EvEEZlpZVS7PMQ0SlDA
0nG15djTx7jVghcH38R/Q8M06akeebeo7A/E5NEMPqCqTmviMqz+5UULggEQXksy
GLd6F0Tj3KsWOuzgi/6D795kp/3mlhCUFzdrxjrJtrBxFfl3kcDuAjjdngJ8YDpR
KBeZHC0uv4VTWUJtxihQYyqFq4/7e+JN3SrMw+CFwLxyM/AEpMqh7ku/e5seXVVD
19vxblkS3Yi2Tgca+iS5gBV3qprs0zVwajyu9VYZ4fRX
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:28 2024 by rpki-client on console-ams.rpki-client.org