Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/f7d070-3281-47b7-85c8-8fb624394e7a/1/HxLTA2V8AT5NaD-NdXn2x08ET_g.roa
File:                     HxLTA2V8AT5NaD-NdXn2x08ET_g.roa (raw, json)
Hash identifier:          6oSrbZIYbGBLvNVYdwgvX4VJDUDNvlO+ZI7sBUnyZcA=
Subject key identifier:   1F:12:D3:03:65:7C:01:3E:4D:68:3F:8D:75:79:F6:C7:4F:04:4F:F8
Certificate issuer:       /CN=f9587c5b0d415516d72f5914f5f5fb528a32a12c
Certificate serial:       01856F94CDA883F47B198D736D499DBAD823
Authority key identifier: F9:58:7C:5B:0D:41:55:16:D7:2F:59:14:F5:F5:FB:52:8A:32:A1:2C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1-Vh8Ww1BVRbXL1kU9fX7UooyoSw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5c/f7d070-3281-47b7-85c8-8fb624394e7a/1/HxLTA2V8AT5NaD-NdXn2x08ET_g.roa
Signing time:             Sun 01 Jan 2023 23:05:01 +0000
ROA not before:           Sun 01 Jan 2023 23:05:01 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     36351
IP address blocks:        185.228.36.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:33:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:94:cd:a8:83:f4:7b:19:8d:73:6d:49:9d:ba:d8:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f9587c5b0d415516d72f5914f5f5fb528a32a12c
        Validity
            Not Before: Jan  1 23:05:01 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=1f12d303657c013e4d683f8d7579f6c74f044ff8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:e9:c9:65:42:45:c5:cd:14:34:73:36:1d:c2:
                    38:78:47:fe:94:82:c5:94:6b:ca:98:0a:9d:84:77:
                    8b:2b:35:b7:8b:99:f8:d8:c2:50:92:45:9b:42:5e:
                    1a:e5:83:46:bb:42:d2:1b:d3:65:f4:79:97:1b:39:
                    0d:4a:c8:3e:5b:77:99:78:1f:89:b1:31:d0:25:13:
                    71:ca:1c:f4:c1:0c:ad:cb:f6:5a:76:f3:d2:fb:61:
                    3f:b6:c8:78:8a:42:fb:c2:37:6b:c8:2d:cb:c6:14:
                    1b:a0:a8:a4:5e:41:10:47:dd:8c:52:14:7d:b3:95:
                    75:6b:95:e5:52:24:0d:5c:fe:0a:98:3c:44:11:46:
                    f7:57:16:3e:6f:79:c2:1a:d0:df:86:58:d8:4a:e2:
                    5d:d2:00:4a:ad:1d:ed:24:fe:53:62:b7:c4:46:73:
                    90:f8:1a:02:2e:f0:6b:f3:c6:44:68:d9:30:db:89:
                    e9:ad:5c:3f:63:66:e5:83:22:26:5e:33:f6:ed:f8:
                    6d:31:69:2d:72:84:0a:72:d6:eb:56:62:62:85:aa:
                    13:8b:8a:df:1f:a7:56:11:78:98:d3:33:a9:4e:0c:
                    4f:36:80:ba:72:bb:63:1a:ae:71:67:b3:9d:61:5e:
                    cf:0d:4f:5b:40:95:10:9e:ea:90:82:13:d4:6f:df:
                    a9:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:12:D3:03:65:7C:01:3E:4D:68:3F:8D:75:79:F6:C7:4F:04:4F:F8
            X509v3 Authority Key Identifier:
                keyid:F9:58:7C:5B:0D:41:55:16:D7:2F:59:14:F5:F5:FB:52:8A:32:A1:2C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-Vh8Ww1BVRbXL1kU9fX7UooyoSw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f7d070-3281-47b7-85c8-8fb624394e7a/1/HxLTA2V8AT5NaD-NdXn2x08ET_g.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f7d070-3281-47b7-85c8-8fb624394e7a/1/1-Vh8Ww1BVRbXL1kU9fX7UooyoSw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.228.36.0/22

    Signature Algorithm: sha256WithRSAEncryption
         15:bf:33:99:31:43:75:e0:51:75:77:98:b7:01:3c:e3:2d:33:
         61:68:8a:b8:f2:bf:a9:4c:6e:a3:3a:1f:a3:31:08:b8:b3:9a:
         cf:32:48:b7:42:cb:7d:a2:4a:fb:3e:82:f7:95:86:7a:6a:05:
         eb:83:06:70:6b:f3:65:31:fb:3f:31:ba:b5:87:8f:24:fa:af:
         35:9c:5f:2f:79:c2:d6:fd:4b:1e:af:2f:37:7f:0d:cd:61:f1:
         30:1a:bf:c4:95:50:8a:dc:7d:e1:11:64:35:e6:95:a3:2b:9f:
         0b:ab:e8:23:1b:ab:1d:59:bb:d9:8b:87:6e:c4:9c:a6:e2:87:
         28:74:9a:6e:44:8a:2e:e0:bf:d8:fc:57:7b:f9:28:04:7d:59:
         ab:99:14:c0:0f:b1:19:03:62:da:6d:2c:59:6f:47:a5:2c:97:
         21:b3:bc:2e:65:90:f8:7c:92:e5:b2:f5:5d:3b:f6:05:f9:49:
         a6:be:53:31:a6:96:30:32:d5:27:47:65:61:ed:15:b8:d0:fe:
         f2:f2:92:1c:51:c2:02:20:01:c0:2e:bc:fc:74:d6:c4:b7:50:
         ea:78:c6:39:fe:b5:dd:06:24:82:15:ec:c6:05:11:6f:c5:4d:
         2d:8c:b0:65:73:90:6f:b8:64:e3:2b:e4:6e:24:03:2c:1b:bb:
         0a:33:3d:98
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVvlM2og/R7GY1zbUmdutgjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5NTg3YzViMGQ0MTU1MTZkNzJmNTkxNGY1ZjVmYjUyOGEz
MmExMmMwHhcNMjMwMTAxMjMwNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjEyZDMwMzY1N2MwMTNlNGQ2ODNmOGQ3NTc5ZjZjNzRmMDQ0ZmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmunJZUJFxc0UNHM2HcI4eEf+lILF
lGvKmAqdhHeLKzW3i5n42MJQkkWbQl4a5YNGu0LSG9Nl9HmXGzkNSsg+W3eZeB+J
sTHQJRNxyhz0wQyty/ZadvPS+2E/tsh4ikL7wjdryC3LxhQboKikXkEQR92MUhR9
s5V1a5XlUiQNXP4KmDxEEUb3VxY+b3nCGtDfhljYSuJd0gBKrR3tJP5TYrfERnOQ
+BoCLvBr88ZEaNkw24nprVw/Y2blgyImXjP27fhtMWktcoQKctbrVmJihaoTi4rf
H6dWEXiY0zOpTgxPNoC6crtjGq5xZ7OdYV7PDU9bQJUQnuqQghPUb9+pVwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFB8S0wNlfAE+TWg/jXV59sdPBE/4MB8GA1UdIwQY
MBaAFPlYfFsNQVUW1y9ZFPX1+1KKMqEsMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1WaDhXdzFCVlJiWEwxa1U5Zlg3VW9veW9Tdy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWMvZjdkMDcwLTMyODEtNDdiNy04NWM4
LThmYjYyNDM5NGU3YS8xL0h4TFRBMlY4QVQ1TmFELU5kWG4yeDA4RVRfZy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNWMvZjdkMDcwLTMyODEtNDdiNy04NWM4LThmYjYyNDM5NGU3
YS8xLzEtVmg4V3cxQlZSYlhMMWtVOWZYN1Vvb3lvU3cuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAK55CQw
DQYJKoZIhvcNAQELBQADggEBABW/M5kxQ3XgUXV3mLcBPOMtM2Foirjyv6lMbqM6
H6MxCLizms8ySLdCy32iSvs+gveVhnpqBeuDBnBr82Ux+z8xurWHjyT6rzWcXy95
wtb9Sx6vLzd/Dc1h8TAav8SVUIrcfeERZDXmlaMrnwur6CMbqx1Zu9mLh27EnKbi
hyh0mm5Eii7gv9j8V3v5KAR9WauZFMAPsRkDYtptLFlvR6UslyGzvC5lkPh8kuWy
9V079gX5Saa+UzGmljAy1SdHZWHtFbjQ/vLykhxRwgIgAcAuvPx01sS3UOp4xjn+
td0GJIIV7MYFEW/FTS2MsGVzkG+4ZOMr5G4kAywbuwozPZg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:19 2024 by rpki-client on console-fra.rpki-client.org