Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/j1rwR-s32RBtRvYo5kms5ulx-Dc.roa
File:                     j1rwR-s32RBtRvYo5kms5ulx-Dc.roa (raw, json)
Hash identifier:          PuT3rNtZkMUDM1/G6od7xTaG+H5gHuGOXZIHLAV8TA8=
Subject key identifier:   8F:5A:F0:47:EB:37:D9:10:6D:46:F6:28:E6:49:AC:E6:E9:71:F8:37
Certificate issuer:       /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial:       01890EEB269C593BB1C19B4E1AFFD11CE54A
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/j1rwR-s32RBtRvYo5kms5ulx-Dc.roa
Signing time:             Sat 01 Jul 2023 00:47:18 +0000
ROA not before:           Sat 01 Jul 2023 00:47:18 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211936
IP address blocks:        185.235.71.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:29:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:0e:eb:26:9c:59:3b:b1:c1:9b:4e:1a:ff:d1:1c:e5:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
        Validity
            Not Before: Jul  1 00:47:18 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=8f5af047eb37d9106d46f628e649ace6e971f837
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:92:b5:18:d5:8d:40:9c:18:a2:c0:71:f5:31:
                    aa:07:73:31:83:f5:65:33:e4:fc:53:b6:ae:66:1c:
                    02:eb:72:a3:0b:da:e7:16:8f:11:2a:a5:a7:4f:00:
                    38:55:58:48:5c:93:b2:47:fb:a3:65:9d:24:19:69:
                    58:ad:e7:a8:f2:cf:33:62:54:05:e5:34:59:4c:4a:
                    64:4a:c8:c4:74:03:57:e5:bb:03:48:c6:3d:99:19:
                    5c:0c:16:9c:c4:1f:61:a1:df:a3:de:cb:2b:9c:dd:
                    a9:7d:08:6f:cb:66:a0:a9:ad:02:e6:0c:2d:d2:19:
                    30:02:65:e4:5f:4f:21:2e:9d:99:b7:4f:31:3a:50:
                    c5:5d:30:5a:ab:0c:27:9a:1f:bc:60:08:62:d6:e2:
                    7d:c2:62:68:a4:49:82:1b:bc:99:95:55:82:34:0b:
                    e1:bb:c0:ef:53:9a:90:f7:2b:55:19:5a:49:8c:ee:
                    d9:34:88:2a:37:ea:06:30:f8:41:20:4a:34:0d:9d:
                    44:7c:f0:ea:9a:df:72:8d:76:c7:ad:cd:a7:d0:10:
                    e3:cd:bb:5f:4b:73:82:8c:2b:7d:24:df:6e:ab:05:
                    77:a2:5a:e4:9f:5a:15:2d:93:95:1d:ab:dd:4a:96:
                    30:f0:8b:11:85:83:dc:5d:ea:93:52:aa:fe:dd:9c:
                    30:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:5A:F0:47:EB:37:D9:10:6D:46:F6:28:E6:49:AC:E6:E9:71:F8:37
            X509v3 Authority Key Identifier:
                keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/j1rwR-s32RBtRvYo5kms5ulx-Dc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.235.71.0/24

    Signature Algorithm: sha256WithRSAEncryption
         41:6e:c2:9b:ae:2f:84:03:6e:1d:15:9e:3e:97:41:37:6f:1c:
         28:fd:bd:69:2a:c9:49:89:c5:ae:d4:60:2b:05:fb:28:25:3e:
         c7:d6:f2:22:a3:5d:1b:e4:92:9f:18:a7:0a:f7:cd:1c:4b:f0:
         b0:58:e9:95:4e:b6:94:b3:ad:4a:3b:d0:04:87:87:38:80:83:
         73:8b:05:21:88:71:15:1a:64:3a:d7:d4:c1:c5:1c:2d:dc:b3:
         a9:14:42:89:60:8f:50:90:5f:18:c2:1c:f3:22:f2:c7:4b:ed:
         1a:61:1b:5f:77:67:4d:df:43:6d:bc:36:3a:18:67:1d:e9:e5:
         de:ef:6c:05:67:ac:f5:d9:8e:d5:05:dc:b3:82:12:ea:f2:5b:
         22:c7:4b:d1:d3:e6:32:5d:7d:12:2b:fe:a3:ad:7e:93:9c:2d:
         88:c3:08:65:16:49:83:2d:b4:c1:66:b3:1c:37:1b:6a:3c:5f:
         a8:6e:25:e9:fe:26:92:9e:10:76:c3:24:ce:fc:6f:b6:e7:42:
         45:76:87:08:8e:8d:f7:db:a2:5f:a2:43:e3:2d:c4:59:a6:44:
         aa:aa:63:b5:29:6d:66:87:55:f5:6d:56:31:41:fc:84:50:d6:
         cf:8b:1c:0c:4b:ca:4e:06:77:ba:e6:84:18:63:fa:02:9e:4c:
         f9:ee:e8:56
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYkO6yacWTuxwZtOGv/RHOVKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MTY2YjcwNDg0M2QzZDk3NTQwOTVjODNhOTFiNDkzODI4
MjAwYTIwHhcNMjMwNzAxMDA0NzE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjVhZjA0N2ViMzdkOTEwNmQ0NmY2MjhlNjQ5YWNlNmU5NzFmODM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiJK1GNWNQJwYosBx9TGqB3Mxg/Vl
M+T8U7auZhwC63KjC9rnFo8RKqWnTwA4VVhIXJOyR/ujZZ0kGWlYreeo8s8zYlQF
5TRZTEpkSsjEdANX5bsDSMY9mRlcDBacxB9hod+j3ssrnN2pfQhvy2agqa0C5gwt
0hkwAmXkX08hLp2Zt08xOlDFXTBaqwwnmh+8YAhi1uJ9wmJopEmCG7yZlVWCNAvh
u8DvU5qQ9ytVGVpJjO7ZNIgqN+oGMPhBIEo0DZ1EfPDqmt9yjXbHrc2n0BDjzbtf
S3OCjCt9JN9uqwV3olrkn1oVLZOVHavdSpYw8IsRhYPcXeqTUqr+3ZwwlwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI9a8EfrN9kQbUb2KOZJrObpcfg3MB8GA1UdIwQY
MBaAFJQWa3BIQ9PZdUCVyDqRtJOCggCiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYt
NGJlMThlZjEyOGI0LzEvajFyd1ItczMyUkJ0UnZZbzVrbXM1dWx4LURjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYtNGJlMThlZjEyOGI0
LzEvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuetHMA0G
CSqGSIb3DQEBCwUAA4IBAQBBbsKbri+EA24dFZ4+l0E3bxwo/b1pKslJicWu1GAr
BfsoJT7H1vIio10b5JKfGKcK980cS/CwWOmVTraUs61KO9AEh4c4gINziwUhiHEV
GmQ619TBxRwt3LOpFEKJYI9QkF8YwhzzIvLHS+0aYRtfd2dN30NtvDY6GGcd6eXe
72wFZ6z12Y7VBdyzghLq8lsix0vR0+YyXX0SK/6jrX6TnC2IwwhlFkmDLbTBZrMc
NxtqPF+obiXp/iaSnhB2wyTO/G+250JFdocIjo3326JfokPjLcRZpkSqqmO1KW1m
h1X1bVYxQfyEUNbPixwMS8pOBne65oQYY/oCnkz57uhW
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:25 2024 by rpki-client on console-ams.rpki-client.org