Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/5e3895-ae95-43e2-b7a1-75863f43476a/1/vqC7IJQXADfBxAPYpTPBgTLSiT4.roa
File:                     vqC7IJQXADfBxAPYpTPBgTLSiT4.roa (raw, json)
Hash identifier:          21t0U82GvDTEPAvonRd2pqQwgUmR0AYeIsv2tlb0wLo=
Subject key identifier:   BE:A0:BB:20:94:17:00:37:C1:C4:03:D8:A5:33:C1:81:32:D2:89:3E
Certificate issuer:       /CN=554adb72b82ecfafc5705e25febcab5c82d76ee6
Certificate serial:       01856BC11EECE9C051B2CDA8C70A6ECC2D0A
Authority key identifier: 55:4A:DB:72:B8:2E:CF:AF:C5:70:5E:25:FE:BC:AB:5C:82:D7:6E:E6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/VUrbcrguz6_FcF4l_ryrXILXbuY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3f/5e3895-ae95-43e2-b7a1-75863f43476a/1/vqC7IJQXADfBxAPYpTPBgTLSiT4.roa
Signing time:             Sun 01 Jan 2023 05:14:56 +0000
ROA not before:           Sun 01 Jan 2023 05:14:56 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     200542
IP address blocks:        185.100.236.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 08:29:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:c1:1e:ec:e9:c0:51:b2:cd:a8:c7:0a:6e:cc:2d:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=554adb72b82ecfafc5705e25febcab5c82d76ee6
        Validity
            Not Before: Jan  1 05:14:56 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=bea0bb2094170037c1c403d8a533c18132d2893e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:95:cd:ec:93:35:01:57:65:43:c6:46:00:f0:
                    84:41:db:0b:cb:94:1a:ca:08:df:c1:b5:af:18:b5:
                    ca:81:bf:8a:2c:36:cc:9e:f6:6c:6e:59:63:74:b3:
                    91:8a:a4:8b:77:4b:48:eb:8a:cb:d0:71:11:80:8a:
                    f5:ab:bf:cf:9d:4f:2a:79:d0:79:f3:7b:f3:ec:0d:
                    79:04:1c:9f:02:53:77:be:26:6f:64:b6:28:f2:df:
                    59:57:6c:ad:63:10:0d:1f:e0:f5:7c:11:cc:e0:d1:
                    cb:b2:07:40:7c:fc:73:6b:39:44:bf:76:c7:f4:14:
                    f2:b3:40:22:a2:54:54:3f:67:6e:71:06:f2:d6:93:
                    cb:78:f8:a2:33:32:5a:38:98:83:0c:a1:56:d2:e5:
                    5d:f7:de:2f:3b:fb:99:0d:0b:1f:81:b4:0d:4b:ac:
                    b1:02:5f:f5:8f:3c:4a:7f:79:5a:59:47:41:ec:04:
                    5c:0f:63:e0:65:82:19:af:4e:dd:c0:73:b7:79:c2:
                    aa:5d:73:9f:1e:73:9d:07:da:7d:51:8c:e9:3e:ce:
                    02:cc:32:9c:af:28:2f:13:15:19:57:bc:26:8d:db:
                    72:a0:6d:4e:c9:83:f7:3d:07:e9:0a:8d:d0:ad:83:
                    61:51:d9:ac:a6:15:6a:eb:a4:cf:7d:fa:0b:01:56:
                    c6:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:A0:BB:20:94:17:00:37:C1:C4:03:D8:A5:33:C1:81:32:D2:89:3E
            X509v3 Authority Key Identifier:
                keyid:55:4A:DB:72:B8:2E:CF:AF:C5:70:5E:25:FE:BC:AB:5C:82:D7:6E:E6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VUrbcrguz6_FcF4l_ryrXILXbuY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/5e3895-ae95-43e2-b7a1-75863f43476a/1/vqC7IJQXADfBxAPYpTPBgTLSiT4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/5e3895-ae95-43e2-b7a1-75863f43476a/1/VUrbcrguz6_FcF4l_ryrXILXbuY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.100.236.0/22

    Signature Algorithm: sha256WithRSAEncryption
         94:9b:f4:70:b2:be:5f:f9:43:11:00:25:2f:07:7e:46:d0:79:
         99:a1:1e:2c:44:a1:63:bc:ef:9a:27:38:f2:07:8a:42:c8:dd:
         93:ab:35:bf:55:8e:e8:ac:73:a5:39:4f:79:18:5d:fb:55:4b:
         97:ff:04:36:fa:1e:c2:aa:2c:76:ac:23:ee:c5:50:0c:c2:dc:
         e2:f1:27:44:f3:73:9f:69:a5:9a:c5:c8:1f:0f:70:80:12:d4:
         e9:b1:7a:d5:9c:26:ae:e0:7d:bf:fb:94:94:08:5c:ee:69:72:
         f5:21:09:fb:af:75:40:f4:e4:bb:e9:5d:08:4f:6d:16:b3:d1:
         8e:82:38:48:e4:b0:96:31:30:8c:19:21:a4:20:22:66:b7:92:
         93:36:90:0b:bc:b6:a7:3d:11:ba:9d:62:03:dd:77:f1:d7:bf:
         8d:bb:07:63:7f:aa:5f:3e:1c:21:dc:c1:e2:95:fe:5a:5d:e5:
         cf:d4:37:13:20:fb:47:35:93:5c:40:28:e4:a4:ee:39:5f:e6:
         a4:35:33:bb:94:47:8e:3c:e1:ad:f7:07:a0:1c:9f:d9:fc:0e:
         fe:e9:e2:26:6e:a6:32:4d:da:a4:97:05:38:2f:65:23:68:9d:
         6a:ac:47:ce:b9:4b:2c:3a:54:68:d0:94:73:c1:54:8d:b3:73:
         43:6f:cf:42
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrwR7s6cBRss2oxwpuzC0KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1NGFkYjcyYjgyZWNmYWZjNTcwNWUyNWZlYmNhYjVjODJk
NzZlZTYwHhcNMjMwMTAxMDUxNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWEwYmIyMDk0MTcwMDM3YzFjNDAzZDhhNTMzYzE4MTMyZDI4OTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4ZXN7JM1AVdlQ8ZGAPCEQdsLy5Qa
ygjfwbWvGLXKgb+KLDbMnvZsblljdLORiqSLd0tI64rL0HERgIr1q7/PnU8qedB5
83vz7A15BByfAlN3viZvZLYo8t9ZV2ytYxANH+D1fBHM4NHLsgdAfPxzazlEv3bH
9BTys0AiolRUP2ducQby1pPLePiiMzJaOJiDDKFW0uVd994vO/uZDQsfgbQNS6yx
Al/1jzxKf3laWUdB7ARcD2PgZYIZr07dwHO3ecKqXXOfHnOdB9p9UYzpPs4CzDKc
rygvExUZV7wmjdtyoG1OyYP3PQfpCo3QrYNhUdmsphVq66TPffoLAVbGzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL6guyCUFwA3wcQD2KUzwYEy0ok+MB8GA1UdIwQY
MBaAFFVK23K4Ls+vxXBeJf68q1yC127mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVlVyYmNyZ3V6Nl9GY0Y0bF9yeXJYSUxYYnVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi81ZTM4OTUtYWU5NS00M2UyLWI3YTEt
NzU4NjNmNDM0NzZhLzEvdnFDN0lKUVhBRGZCeEFQWXBUUEJnVExTaVQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi81ZTM4OTUtYWU5NS00M2UyLWI3YTEtNzU4NjNmNDM0NzZh
LzEvVlVyYmNyZ3V6Nl9GY0Y0bF9yeXJYSUxYYnVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuWTsMA0G
CSqGSIb3DQEBCwUAA4IBAQCUm/Rwsr5f+UMRACUvB35G0HmZoR4sRKFjvO+aJzjy
B4pCyN2TqzW/VY7orHOlOU95GF37VUuX/wQ2+h7Cqix2rCPuxVAMwtzi8SdE83Of
aaWaxcgfD3CAEtTpsXrVnCau4H2/+5SUCFzuaXL1IQn7r3VA9OS76V0IT20Ws9GO
gjhI5LCWMTCMGSGkICJmt5KTNpALvLanPRG6nWID3Xfx17+Nuwdjf6pfPhwh3MHi
lf5aXeXP1DcTIPtHNZNcQCjkpO45X+akNTO7lEeOPOGt9wegHJ/Z/A7+6eImbqYy
TdqklwU4L2UjaJ1qrEfOuUssOlRo0JRzwVSNs3NDb89C
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:39 2024 by rpki-client on console-ams.rpki-client.org