Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/8d85d7-4049-4b5a-9bf7-91c70f61a067/1/4QEOdoOObVM8x-ZBUXZLppbPAYY.roa
File:                     4QEOdoOObVM8x-ZBUXZLppbPAYY.roa (raw, json)
Hash identifier:          ecv6Aio8cWna1genbLc/UAwG/HUFVDp3BD/l8aG9Ku0=
Subject key identifier:   E1:01:0E:76:83:8E:6D:53:3C:C7:E6:41:51:76:4B:A6:96:CF:01:86
Certificate issuer:       /CN=7c4b917dc9046a065678ae0df4d3e30369c59c69
Certificate serial:       01856BD3384C8A823BE6D3AE791D0945B17F
Authority key identifier: 7C:4B:91:7D:C9:04:6A:06:56:78:AE:0D:F4:D3:E3:03:69:C5:9C:69
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/fEuRfckEagZWeK4N9NPjA2nFnGk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5b/8d85d7-4049-4b5a-9bf7-91c70f61a067/1/4QEOdoOObVM8x-ZBUXZLppbPAYY.roa
Signing time:             Sun 01 Jan 2023 05:34:42 +0000
ROA not before:           Sun 01 Jan 2023 05:34:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     15623
IP address blocks:        185.117.15.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:30:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:d3:38:4c:8a:82:3b:e6:d3:ae:79:1d:09:45:b1:7f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7c4b917dc9046a065678ae0df4d3e30369c59c69
        Validity
            Not Before: Jan  1 05:34:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e1010e76838e6d533cc7e64151764ba696cf0186
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:e8:37:b5:ff:32:fd:49:52:5a:a9:3f:f7:38:
                    9e:0b:84:7d:4d:2a:73:98:32:13:46:1a:d4:74:93:
                    51:fb:28:7e:db:42:e7:a8:b5:95:59:8c:39:43:fa:
                    e8:5f:07:70:70:63:26:e2:4e:8c:a2:20:0b:40:d4:
                    b0:d8:23:40:6c:43:d1:e2:9b:d3:5a:a9:0f:5a:71:
                    9d:d6:a0:54:a4:9f:56:a5:fd:1b:6a:1d:dc:4c:78:
                    b3:79:8f:f5:51:0e:12:13:dc:ab:7f:f5:1a:3a:f5:
                    04:ae:68:36:6d:f2:08:93:8b:fe:ff:dc:a9:2f:fb:
                    5b:70:35:42:0b:49:45:77:88:39:77:d8:b3:2f:b8:
                    a2:45:c3:f1:d6:39:be:38:56:52:12:69:9d:69:c3:
                    ff:11:b0:6b:8a:c4:af:14:59:c1:0c:14:25:b3:28:
                    ff:c7:5a:92:48:32:11:e4:b4:ab:cb:28:ea:c2:65:
                    64:73:48:b0:14:bd:bd:9e:5c:21:b2:31:ac:4f:b9:
                    96:fe:f2:39:0a:d4:02:c3:d4:25:cf:3d:b1:fc:23:
                    f1:1f:77:e5:88:a2:46:8e:7f:1b:6c:5a:05:a6:de:
                    d1:84:81:d6:08:84:3f:6a:10:53:22:09:75:54:03:
                    8e:f2:31:12:9b:1b:20:7d:26:c3:c8:d4:fe:00:42:
                    1a:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:01:0E:76:83:8E:6D:53:3C:C7:E6:41:51:76:4B:A6:96:CF:01:86
            X509v3 Authority Key Identifier:
                keyid:7C:4B:91:7D:C9:04:6A:06:56:78:AE:0D:F4:D3:E3:03:69:C5:9C:69

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fEuRfckEagZWeK4N9NPjA2nFnGk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/8d85d7-4049-4b5a-9bf7-91c70f61a067/1/4QEOdoOObVM8x-ZBUXZLppbPAYY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/8d85d7-4049-4b5a-9bf7-91c70f61a067/1/fEuRfckEagZWeK4N9NPjA2nFnGk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.117.15.0/24

    Signature Algorithm: sha256WithRSAEncryption
         86:e3:08:ac:c5:15:4b:4e:aa:f9:65:d9:44:7f:b6:43:cc:1c:
         1d:6c:b7:38:b3:14:c0:8c:c6:a7:ba:0d:52:5d:bd:d7:e0:53:
         f2:f6:0f:c8:51:b1:ef:25:41:b9:87:a5:80:5a:54:26:20:d6:
         ba:48:a9:c0:07:96:5b:5f:a7:0e:00:68:ed:4d:e9:5e:4d:ee:
         4f:94:f0:03:76:33:14:cc:03:79:a2:00:ab:fb:52:6b:22:53:
         74:05:f3:c8:7f:9c:f4:f6:24:fe:b7:39:09:24:ae:8c:7d:79:
         b4:f2:ff:9c:97:cf:b6:c4:dc:ef:cf:3e:76:7c:a4:36:23:89:
         2f:10:90:a0:73:e4:15:9a:66:11:8b:39:ca:21:19:63:e1:61:
         fd:8a:fa:fd:f7:1c:c4:c8:c2:61:a6:77:57:4d:6f:9f:c1:80:
         17:b6:33:8e:51:d2:0e:8d:4c:fd:b3:a9:e3:b7:3b:f3:f2:56:
         7a:3c:6f:ba:60:1e:0a:9a:2a:4d:9a:8b:d7:30:e7:07:ce:ce:
         4d:0c:c2:a1:8b:fb:f3:fb:28:0e:f6:98:ad:20:30:74:b2:14:
         91:5f:a4:ea:ad:84:b3:fb:8b:b0:71:a9:d8:c9:83:82:02:fd:
         b7:e6:7e:30:f0:e6:55:5e:8f:f7:b7:fe:0e:95:0e:64:5d:06:
         e2:5c:13:57
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVr0zhMioI75tOueR0JRbF/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjNGI5MTdkYzkwNDZhMDY1Njc4YWUwZGY0ZDNlMzAzNjlj
NTljNjkwHhcNMjMwMTAxMDUzNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTAxMGU3NjgzOGU2ZDUzM2NjN2U2NDE1MTc2NGJhNjk2Y2YwMTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk+g3tf8y/UlSWqk/9zieC4R9TSpz
mDITRhrUdJNR+yh+20LnqLWVWYw5Q/roXwdwcGMm4k6MoiALQNSw2CNAbEPR4pvT
WqkPWnGd1qBUpJ9Wpf0bah3cTHizeY/1UQ4SE9yrf/UaOvUErmg2bfIIk4v+/9yp
L/tbcDVCC0lFd4g5d9izL7iiRcPx1jm+OFZSEmmdacP/EbBrisSvFFnBDBQlsyj/
x1qSSDIR5LSryyjqwmVkc0iwFL29nlwhsjGsT7mW/vI5CtQCw9Qlzz2x/CPxH3fl
iKJGjn8bbFoFpt7RhIHWCIQ/ahBTIgl1VAOO8jESmxsgfSbDyNT+AEIaLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOEBDnaDjm1TPMfmQVF2S6aWzwGGMB8GA1UdIwQY
MBaAFHxLkX3JBGoGVniuDfTT4wNpxZxpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkV1UmZja0VhZ1pXZUs0TjlOUGpBMm5GbkdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi84ZDg1ZDctNDA0OS00YjVhLTliZjct
OTFjNzBmNjFhMDY3LzEvNFFFT2RvT09iVk04eC1aQlVYWkxwcGJQQVlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi84ZDg1ZDctNDA0OS00YjVhLTliZjctOTFjNzBmNjFhMDY3
LzEvZkV1UmZja0VhZ1pXZUs0TjlOUGpBMm5GbkdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuXUPMA0G
CSqGSIb3DQEBCwUAA4IBAQCG4wisxRVLTqr5ZdlEf7ZDzBwdbLc4sxTAjManug1S
Xb3X4FPy9g/IUbHvJUG5h6WAWlQmINa6SKnAB5ZbX6cOAGjtTeleTe5PlPADdjMU
zAN5ogCr+1JrIlN0BfPIf5z09iT+tzkJJK6MfXm08v+cl8+2xNzvzz52fKQ2I4kv
EJCgc+QVmmYRiznKIRlj4WH9ivr99xzEyMJhpndXTW+fwYAXtjOOUdIOjUz9s6nj
tzvz8lZ6PG+6YB4KmipNmovXMOcHzs5NDMKhi/vz+ygO9pitIDB0shSRX6TqrYSz
+4uwcanYyYOCAv235n4w8OZVXo/3t/4OlQ5kXQbiXBNX
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:53 2024 by rpki-client on console-ams.rpki-client.org