Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/1j-wVoPuQjipOpzhAtSsTj632dQ.roa
File:                     1j-wVoPuQjipOpzhAtSsTj632dQ.roa (raw, json)
Hash identifier:          foW0zzhjBo9nCdElWXUXNuXFtnPPPxzniFvdsUAOtcs=
Subject key identifier:   D6:3F:B0:56:83:EE:42:38:A9:3A:9C:E1:02:D4:AC:4E:3E:B7:D9:D4
Certificate issuer:       /CN=37949ac84d0b86910f4fd3cf5962927d83450aeb
Certificate serial:       018571830570E6EB054F75DFBDE97690E9B2
Authority key identifier: 37:94:9A:C8:4D:0B:86:91:0F:4F:D3:CF:59:62:92:7D:83:45:0A:EB
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/N5SayE0LhpEPT9PPWWKSfYNFCus.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/1j-wVoPuQjipOpzhAtSsTj632dQ.roa
Signing time:             Mon 02 Jan 2023 08:04:50 +0000
ROA not before:           Mon 02 Jan 2023 08:04:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     56403
IP address blocks:        185.232.192.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 12:29:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:83:05:70:e6:eb:05:4f:75:df:bd:e9:76:90:e9:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=37949ac84d0b86910f4fd3cf5962927d83450aeb
        Validity
            Not Before: Jan  2 08:04:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d63fb05683ee4238a93a9ce102d4ac4e3eb7d9d4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:8d:20:3c:3e:8c:02:d4:3f:c2:43:a2:ea:c4:
                    9a:6f:e6:df:27:7d:9e:5a:89:bb:6e:81:03:95:b2:
                    c9:53:3c:7a:8f:33:e0:44:a8:ba:ea:5a:37:6a:ef:
                    0b:2d:d4:d7:f3:3c:63:12:26:22:0a:cf:08:1d:66:
                    12:7f:cf:01:e2:b2:10:70:8b:b0:f9:7e:43:6d:27:
                    8d:1f:02:f7:65:b6:ed:dd:fa:b6:02:ab:fb:3e:4b:
                    27:d1:8c:83:35:40:92:4f:e5:f6:50:31:0e:a1:f4:
                    ac:b9:cc:d3:9b:70:0f:8e:32:54:35:14:c9:55:f9:
                    e8:d8:ad:e5:5a:30:aa:84:4b:1e:f3:88:ca:e5:e5:
                    2b:17:9c:39:80:15:c2:e3:32:9f:8e:93:13:f2:51:
                    a9:09:0b:41:fa:40:e8:da:a3:06:89:8d:e5:2d:3d:
                    f5:83:66:6a:ec:a7:48:f0:d0:df:87:61:05:59:26:
                    e7:30:2d:96:da:09:bc:e2:a0:fa:5e:c4:48:f7:be:
                    60:96:2d:13:cd:03:52:37:be:94:31:4d:aa:88:26:
                    dc:69:92:a5:b8:3b:47:56:2f:83:6b:f0:1a:a7:f0:
                    e4:d3:c3:9c:f2:b1:1a:0e:86:c0:38:ac:80:88:05:
                    81:a5:18:2b:64:f5:db:e0:7d:37:84:c4:d3:87:63:
                    e5:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:3F:B0:56:83:EE:42:38:A9:3A:9C:E1:02:D4:AC:4E:3E:B7:D9:D4
            X509v3 Authority Key Identifier:
                keyid:37:94:9A:C8:4D:0B:86:91:0F:4F:D3:CF:59:62:92:7D:83:45:0A:EB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N5SayE0LhpEPT9PPWWKSfYNFCus.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/1j-wVoPuQjipOpzhAtSsTj632dQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/N5SayE0LhpEPT9PPWWKSfYNFCus.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.232.192.0/22

    Signature Algorithm: sha256WithRSAEncryption
         03:7c:18:b0:cd:bd:4d:37:5c:43:c1:fc:1d:33:50:ff:df:29:
         44:9b:e5:9a:93:e6:c8:b5:b2:e6:6b:02:5e:ad:b9:09:29:cf:
         17:66:b9:22:3a:54:f1:78:a4:38:b0:8e:87:4b:6e:27:cf:82:
         e7:f1:a9:e9:32:c8:11:fc:4b:51:5f:c9:6f:a1:fa:c9:64:d3:
         c3:0f:35:fb:18:ee:92:1d:73:0e:f4:61:3d:a3:95:4c:3e:bb:
         bd:b6:53:55:48:c3:fa:cb:66:f8:7e:7b:88:cf:d2:71:25:e1:
         02:55:fa:46:90:4d:94:d1:8f:5a:66:18:1d:74:2d:35:44:87:
         0a:0f:ae:78:13:bf:8a:fc:86:c4:57:91:07:61:8d:98:6d:74:
         f8:da:ec:c3:66:c7:33:b7:1c:bc:38:5e:d1:0e:21:6e:4e:2d:
         22:4c:1f:43:34:96:03:84:51:f7:a1:b9:e3:6e:7c:30:e9:73:
         cb:4d:9f:b2:9e:7e:f5:ac:9c:57:ce:d0:d0:40:84:40:0a:85:
         d9:0d:d3:d5:54:e4:be:f7:92:31:36:31:73:ac:66:0a:3c:d9:
         28:12:c6:22:00:08:80:1d:1c:c6:6f:74:df:25:31:9a:ec:38:
         4f:40:c6:8b:b7:7a:51:0d:47:04:a0:68:c3:a6:93:a2:77:80:
         9d:e6:7c:5c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxgwVw5usFT3Xfvel2kOmyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3OTQ5YWM4NGQwYjg2OTEwZjRmZDNjZjU5NjI5MjdkODM0
NTBhZWIwHhcNMjMwMTAyMDgwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjNmYjA1NjgzZWU0MjM4YTkzYTljZTEwMmQ0YWM0ZTNlYjdkOWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Y0gPD6MAtQ/wkOi6sSab+bfJ32e
Wom7boEDlbLJUzx6jzPgRKi66lo3au8LLdTX8zxjEiYiCs8IHWYSf88B4rIQcIuw
+X5DbSeNHwL3Zbbt3fq2Aqv7Pksn0YyDNUCST+X2UDEOofSsuczTm3APjjJUNRTJ
Vfno2K3lWjCqhEse84jK5eUrF5w5gBXC4zKfjpMT8lGpCQtB+kDo2qMGiY3lLT31
g2Zq7KdI8NDfh2EFWSbnMC2W2gm84qD6XsRI975gli0TzQNSN76UMU2qiCbcaZKl
uDtHVi+Da/Aap/Dk08Oc8rEaDobAOKyAiAWBpRgrZPXb4H03hMTTh2PlQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNY/sFaD7kI4qTqc4QLUrE4+t9nUMB8GA1UdIwQY
MBaAFDeUmshNC4aRD0/Tz1likn2DRQrrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjVTYXlFMExocEVQVDlQUFdXS1NmWU5GQ3VzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9jMjhlYTQtMDU5Yy00OWRkLTkyNzgt
YTRkYjM5NmM4OTg3LzEvMWotd1ZvUHVRamlwT3B6aEF0U3NUajYzMmRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9jMjhlYTQtMDU5Yy00OWRkLTkyNzgtYTRkYjM5NmM4OTg3
LzEvTjVTYXlFMExocEVQVDlQUFdXS1NmWU5GQ3VzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuejAMA0G
CSqGSIb3DQEBCwUAA4IBAQADfBiwzb1NN1xDwfwdM1D/3ylEm+Wak+bItbLmawJe
rbkJKc8XZrkiOlTxeKQ4sI6HS24nz4Ln8anpMsgR/EtRX8lvofrJZNPDDzX7GO6S
HXMO9GE9o5VMPru9tlNVSMP6y2b4fnuIz9JxJeECVfpGkE2U0Y9aZhgddC01RIcK
D654E7+K/IbEV5EHYY2YbXT42uzDZscztxy8OF7RDiFuTi0iTB9DNJYDhFH3obnj
bnww6XPLTZ+ynn71rJxXztDQQIRACoXZDdPVVOS+95IxNjFzrGYKPNkoEsYiAAiA
HRzGb3TfJTGa7DhPQMaLt3pRDUcEoGjDppOid4Cd5nxc
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:51 2024 by rpki-client on console-fra.rpki-client.org