Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/6c48f1-2037-40a0-b2e1-3cd33ff32743/1/L1O6ZbNAHJPLB4V0aynQYpEPviI.roa
File:                     L1O6ZbNAHJPLB4V0aynQYpEPviI.roa (raw, json)
Hash identifier:          PdOugME5r3mguwvNhFefAqP//fgF0mDMXAgqVcw8sv4=
Subject key identifier:   2F:53:BA:65:B3:40:1C:93:CB:07:85:74:6B:29:D0:62:91:0F:BE:22
Certificate issuer:       /CN=e3f9306bc615c320ae41a4e72663ebba98ef357c
Certificate serial:       018B38B9DB713B43C70AEA5EADBDB9750E36
Authority key identifier: E3:F9:30:6B:C6:15:C3:20:AE:41:A4:E7:26:63:EB:BA:98:EF:35:7C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4_kwa8YVwyCuQaTnJmPrupjvNXw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/54/6c48f1-2037-40a0-b2e1-3cd33ff32743/1/L1O6ZbNAHJPLB4V0aynQYpEPviI.roa
Signing time:             Mon 16 Oct 2023 13:43:06 +0000
ROA not before:           Mon 16 Oct 2023 13:43:06 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     39405
IP address blocks:        185.40.100.0/23 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 00:29:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:38:b9:db:71:3b:43:c7:0a:ea:5e:ad:bd:b9:75:0e:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e3f9306bc615c320ae41a4e72663ebba98ef357c
        Validity
            Not Before: Oct 16 13:43:06 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=2f53ba65b3401c93cb0785746b29d062910fbe22
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:23:aa:ad:16:db:70:c7:5e:15:8f:fa:3e:b0:
                    2a:e3:5f:6a:0b:47:1f:aa:80:47:39:a4:8b:79:b7:
                    04:70:8e:e2:2b:2e:74:c1:d1:f7:05:a9:e1:06:6b:
                    5a:54:59:ec:48:f3:64:34:3e:84:1b:d4:a3:35:58:
                    15:08:7b:01:c3:33:69:de:56:f2:64:86:c0:d6:7a:
                    58:d5:40:d0:ad:14:9a:9e:a9:80:3e:a9:17:5e:fc:
                    76:d7:ab:d8:b9:1f:78:0b:5a:52:ad:c5:e3:81:58:
                    b4:25:b4:07:dc:bf:1e:0a:25:52:d3:1b:07:01:32:
                    18:cb:eb:64:f4:84:75:e3:53:40:f6:4f:7c:87:7f:
                    f1:90:ce:cb:60:85:64:31:d9:64:be:94:82:90:b9:
                    9e:54:0e:90:7a:ea:56:80:67:e3:a2:35:73:83:2b:
                    a4:17:8f:48:79:28:d4:b2:1c:02:ae:7e:db:1d:4b:
                    c7:9a:90:09:a2:e3:47:09:86:95:a3:6b:7a:0f:b2:
                    76:97:17:ff:8d:46:1e:1c:d8:79:72:2d:5b:86:7b:
                    56:f5:79:bd:ba:cc:fb:f6:32:72:7a:64:82:97:6b:
                    e2:56:fb:41:16:31:69:38:a5:33:8e:dd:80:b5:b7:
                    2c:ac:29:30:ed:d6:a7:c8:87:18:12:4a:a3:4c:08:
                    8c:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:53:BA:65:B3:40:1C:93:CB:07:85:74:6B:29:D0:62:91:0F:BE:22
            X509v3 Authority Key Identifier:
                keyid:E3:F9:30:6B:C6:15:C3:20:AE:41:A4:E7:26:63:EB:BA:98:EF:35:7C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4_kwa8YVwyCuQaTnJmPrupjvNXw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/6c48f1-2037-40a0-b2e1-3cd33ff32743/1/L1O6ZbNAHJPLB4V0aynQYpEPviI.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/54/6c48f1-2037-40a0-b2e1-3cd33ff32743/1/4_kwa8YVwyCuQaTnJmPrupjvNXw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.40.100.0/23

    Signature Algorithm: sha256WithRSAEncryption
         55:62:e4:ee:4c:a0:ff:58:d0:c6:77:5a:48:51:4e:43:bb:23:
         dd:80:44:70:4e:aa:19:21:58:95:cf:a3:58:12:7b:f2:9d:99:
         99:15:c7:99:ba:33:be:a1:a3:d7:ee:5c:90:72:aa:6c:1b:37:
         63:62:cf:8a:3f:9d:37:75:c9:73:80:c5:d8:f5:74:c3:93:35:
         21:86:f5:27:1c:7e:88:b6:91:d7:76:bd:8c:eb:b6:9f:d2:1f:
         1b:c4:b7:b7:b7:e4:fd:97:e6:71:ba:6f:6c:64:04:b6:6f:28:
         3e:aa:2b:61:e9:ee:20:1d:6f:20:e0:93:f0:6d:4b:df:70:34:
         b7:4c:20:43:e9:71:8d:21:04:32:44:ef:d5:46:26:41:2f:d9:
         3d:f4:6c:34:7b:12:15:cd:b4:73:36:6c:ee:ae:01:a1:ac:01:
         2b:56:95:75:fd:8a:d9:b2:b2:e9:ba:75:a6:65:23:21:b0:17:
         72:54:ac:10:a9:81:2f:70:ba:97:08:1c:e5:43:a6:89:bd:95:
         bb:95:ab:86:8a:3e:ca:64:ee:2f:f2:e3:21:62:79:4c:0b:a7:
         6e:4f:77:dc:a7:30:b3:db:9a:25:a0:a4:00:ac:53:73:b7:d8:
         f7:9d:e6:4c:7d:75:1e:fb:f4:5f:c4:2a:55:20:b9:a1:f6:53:
         5a:e1:9e:cd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYs4udtxO0PHCuperb25dQ42MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzZjkzMDZiYzYxNWMzMjBhZTQxYTRlNzI2NjNlYmJhOThl
ZjM1N2MwHhcNMjMxMDE2MTM0MzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjUzYmE2NWIzNDAxYzkzY2IwNzg1NzQ2YjI5ZDA2MjkxMGZiZTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjSOqrRbbcMdeFY/6PrAq419qC0cf
qoBHOaSLebcEcI7iKy50wdH3BanhBmtaVFnsSPNkND6EG9SjNVgVCHsBwzNp3lby
ZIbA1npY1UDQrRSanqmAPqkXXvx216vYuR94C1pSrcXjgVi0JbQH3L8eCiVS0xsH
ATIYy+tk9IR141NA9k98h3/xkM7LYIVkMdlkvpSCkLmeVA6QeupWgGfjojVzgyuk
F49IeSjUshwCrn7bHUvHmpAJouNHCYaVo2t6D7J2lxf/jUYeHNh5ci1bhntW9Xm9
usz79jJyemSCl2viVvtBFjFpOKUzjt2AtbcsrCkw7danyIcYEkqjTAiMCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC9TumWzQByTyweFdGsp0GKRD74iMB8GA1UdIwQY
MBaAFOP5MGvGFcMgrkGk5yZj67qY7zV8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNF9rd2E4WVZ3eUN1UWFUbkptUHJ1cGp2Tlh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC82YzQ4ZjEtMjAzNy00MGEwLWIyZTEt
M2NkMzNmZjMyNzQzLzEvTDFPNlpiTkFISlBMQjRWMGF5blFZcEVQdmlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC82YzQ4ZjEtMjAzNy00MGEwLWIyZTEtM2NkMzNmZjMyNzQz
LzEvNF9rd2E4WVZ3eUN1UWFUbkptUHJ1cGp2Tlh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuShkMA0G
CSqGSIb3DQEBCwUAA4IBAQBVYuTuTKD/WNDGd1pIUU5DuyPdgERwTqoZIViVz6NY
EnvynZmZFceZujO+oaPX7lyQcqpsGzdjYs+KP503dclzgMXY9XTDkzUhhvUnHH6I
tpHXdr2M67af0h8bxLe3t+T9l+Zxum9sZAS2byg+qith6e4gHW8g4JPwbUvfcDS3
TCBD6XGNIQQyRO/VRiZBL9k99Gw0exIVzbRzNmzurgGhrAErVpV1/YrZsrLpunWm
ZSMhsBdyVKwQqYEvcLqXCBzlQ6aJvZW7lauGij7KZO4v8uMhYnlMC6duT3fcpzCz
25oloKQArFNzt9j3neZMfXUe+/RfxCpVILmh9lNa4Z7N
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:02 2024 by rpki-client on console-fra.rpki-client.org