Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/3bfd0a-017f-481f-b676-bc36feeb90b3/1/tPXr2Y63I8IlhpVIxfPqoHitpAw.roa
File:                     tPXr2Y63I8IlhpVIxfPqoHitpAw.roa (raw, json)
Hash identifier:          Lt100PdueE/6pz94tkXsG1ws3zgpGUbFj9YkAadLriA=
Subject key identifier:   B4:F5:EB:D9:8E:B7:23:C2:25:86:95:48:C5:F3:EA:A0:78:AD:A4:0C
Certificate issuer:       /CN=3d2188ad597b58aaa597003f8f0843496c6c7c93
Certificate serial:       01856C4146D16EDA45B3403FE6E3EF8132A7
Authority key identifier: 3D:21:88:AD:59:7B:58:AA:A5:97:00:3F:8F:08:43:49:6C:6C:7C:93
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PSGIrVl7WKqllwA_jwhDSWxsfJM.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/4e/3bfd0a-017f-481f-b676-bc36feeb90b3/1/tPXr2Y63I8IlhpVIxfPqoHitpAw.roa
Signing time:             Sun 01 Jan 2023 07:34:55 +0000
ROA not before:           Sun 01 Jan 2023 07:34:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     33850
IP address blocks:        194.6.237.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 14:34:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:41:46:d1:6e:da:45:b3:40:3f:e6:e3:ef:81:32:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3d2188ad597b58aaa597003f8f0843496c6c7c93
        Validity
            Not Before: Jan  1 07:34:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=b4f5ebd98eb723c225869548c5f3eaa078ada40c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:34:09:59:c0:4b:fd:ed:21:7c:12:e9:54:4b:
                    cb:74:52:0e:59:c4:f6:8a:9c:30:21:96:f5:45:69:
                    c5:a2:65:14:75:d4:48:f5:5d:b4:73:f1:0c:8e:cb:
                    70:13:6c:c3:cf:fd:c7:01:9f:dc:74:6a:e9:66:1e:
                    d6:fb:72:aa:a1:2e:cf:f9:df:da:b6:14:e4:88:d5:
                    c0:6a:01:00:fc:f5:10:b2:db:ff:52:4c:b9:63:1c:
                    c1:3c:8c:40:51:68:c6:e6:c0:35:f9:42:ce:22:fc:
                    c6:62:7f:d0:9d:c2:6e:88:47:5e:4c:66:e3:a2:59:
                    99:eb:8a:8e:20:ae:75:31:dd:ce:12:cf:ac:04:ee:
                    50:be:25:33:e4:e5:cb:a3:d0:40:6b:7b:3c:63:03:
                    ad:c1:73:2a:4d:dc:d2:8a:0e:68:cf:cb:0e:dd:9a:
                    3f:d2:99:3a:a4:76:c1:56:d6:18:11:f9:75:24:0b:
                    3e:38:b7:27:a3:7d:46:5d:f4:7c:d4:91:b9:28:c6:
                    49:b7:c3:0c:d9:2e:d6:d1:82:b6:75:a9:0b:a3:0c:
                    23:6b:bb:68:40:7c:11:60:06:ed:ef:b7:37:61:e5:
                    ef:95:fb:8c:2e:77:b8:3b:b5:f3:15:9c:ea:e1:97:
                    fa:9e:99:05:0a:05:b4:61:80:b6:ec:7a:ae:cb:e6:
                    aa:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:F5:EB:D9:8E:B7:23:C2:25:86:95:48:C5:F3:EA:A0:78:AD:A4:0C
            X509v3 Authority Key Identifier:
                keyid:3D:21:88:AD:59:7B:58:AA:A5:97:00:3F:8F:08:43:49:6C:6C:7C:93

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PSGIrVl7WKqllwA_jwhDSWxsfJM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/3bfd0a-017f-481f-b676-bc36feeb90b3/1/tPXr2Y63I8IlhpVIxfPqoHitpAw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/3bfd0a-017f-481f-b676-bc36feeb90b3/1/PSGIrVl7WKqllwA_jwhDSWxsfJM.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.6.237.0/24

    Signature Algorithm: sha256WithRSAEncryption
         17:25:2d:dd:0e:13:7f:4f:e0:99:ab:ee:af:95:19:1d:21:4e:
         f5:d2:e0:ce:92:45:d0:11:74:0a:ab:7f:d0:1d:52:d1:d3:5a:
         45:f3:02:1b:00:c0:4e:d9:07:18:c6:2d:f0:ec:27:30:02:d8:
         03:70:07:bc:c1:60:a3:13:5e:96:f2:f4:26:8a:ed:43:46:30:
         89:56:90:40:f4:05:60:eb:75:33:cd:62:da:ce:4d:3e:99:96:
         dc:2f:5a:f7:18:da:12:76:1b:1e:b1:d0:3e:11:72:33:f1:16:
         2b:c5:73:40:2d:ec:00:bd:46:6e:96:6d:3a:92:63:e2:bf:b2:
         eb:70:0f:46:cd:4c:9c:af:cc:26:1c:50:d2:51:47:52:00:ed:
         d9:1d:af:d7:3a:bf:57:6f:b8:80:80:0f:21:9f:00:f6:b9:4d:
         65:e0:a0:6e:b3:59:74:a1:25:07:12:01:41:77:77:4d:a4:74:
         47:12:f2:36:11:a0:d3:e2:bf:5e:52:f1:6a:90:c7:5d:7c:35:
         8b:5f:41:4f:5b:5e:91:89:60:cc:89:ca:e7:06:80:fb:58:71:
         2e:25:5c:cf:54:35:85:50:1b:59:8d:f3:20:7a:3d:6e:cb:d8:
         9b:6c:51:50:b7:a9:59:b1:02:c4:c4:2c:5b:0e:89:89:6a:ff:
         32:c4:64:49
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsQUbRbtpFs0A/5uPvgTKnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkMjE4OGFkNTk3YjU4YWFhNTk3MDAzZjhmMDg0MzQ5NmM2
YzdjOTMwHhcNMjMwMTAxMDczNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGY1ZWJkOThlYjcyM2MyMjU4Njk1NDhjNWYzZWFhMDc4YWRhNDBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlzQJWcBL/e0hfBLpVEvLdFIOWcT2
ipwwIZb1RWnFomUUddRI9V20c/EMjstwE2zDz/3HAZ/cdGrpZh7W+3KqoS7P+d/a
thTkiNXAagEA/PUQstv/Uky5YxzBPIxAUWjG5sA1+ULOIvzGYn/QncJuiEdeTGbj
olmZ64qOIK51Md3OEs+sBO5QviUz5OXLo9BAa3s8YwOtwXMqTdzSig5oz8sO3Zo/
0pk6pHbBVtYYEfl1JAs+OLcno31GXfR81JG5KMZJt8MM2S7W0YK2dakLowwja7to
QHwRYAbt77c3YeXvlfuMLne4O7XzFZzq4Zf6npkFCgW0YYC27Hquy+aq1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLT169mOtyPCJYaVSMXz6qB4raQMMB8GA1UdIwQY
MBaAFD0hiK1Ze1iqpZcAP48IQ0lsbHyTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFNHSXJWbDdXS3FsbHdBX2p3aERTV3hzZkpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS8zYmZkMGEtMDE3Zi00ODFmLWI2NzYt
YmMzNmZlZWI5MGIzLzEvdFBYcjJZNjNJOElsaHBWSXhmUHFvSGl0cEF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS8zYmZkMGEtMDE3Zi00ODFmLWI2NzYtYmMzNmZlZWI5MGIz
LzEvUFNHSXJWbDdXS3FsbHdBX2p3aERTV3hzZkpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwgbtMA0G
CSqGSIb3DQEBCwUAA4IBAQAXJS3dDhN/T+CZq+6vlRkdIU710uDOkkXQEXQKq3/Q
HVLR01pF8wIbAMBO2QcYxi3w7CcwAtgDcAe8wWCjE16W8vQmiu1DRjCJVpBA9AVg
63UzzWLazk0+mZbcL1r3GNoSdhsesdA+EXIz8RYrxXNALewAvUZulm06kmPiv7Lr
cA9GzUycr8wmHFDSUUdSAO3ZHa/XOr9Xb7iAgA8hnwD2uU1l4KBus1l0oSUHEgFB
d3dNpHRHEvI2EaDT4r9eUvFqkMddfDWLX0FPW16RiWDMicrnBoD7WHEuJVzPVDWF
UBtZjfMgej1uy9ibbFFQt6lZsQLExCxbDomJav8yxGRJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:53 2024 by rpki-client on console-fra.rpki-client.org