Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/4f2367-73f3-4816-bea8-a045ff8e2ac0/1/rrf8iqHrBTDmLTyp2KgkwdJeuWg.roa
File:                     rrf8iqHrBTDmLTyp2KgkwdJeuWg.roa (raw, json)
Hash identifier:          mPYOsnz9UEd3ykq/SdUhV7TWZhTSMyrxFC3E6XC86bE=
Subject key identifier:   AE:B7:FC:8A:A1:EB:05:30:E6:2D:3C:A9:D8:A8:24:C1:D2:5E:B9:68
Certificate issuer:       /CN=9cce3b1197d0cf9511540572a58fd372dcc07489
Certificate serial:       01856CAEFA41511EE5CA98EB30000824155C
Authority key identifier: 9C:CE:3B:11:97:D0:CF:95:11:54:05:72:A5:8F:D3:72:DC:C0:74:89
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nM47EZfQz5URVAVypY_TctzAdIk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/74/4f2367-73f3-4816-bea8-a045ff8e2ac0/1/rrf8iqHrBTDmLTyp2KgkwdJeuWg.roa
Signing time:             Sun 01 Jan 2023 09:34:44 +0000
ROA not before:           Sun 01 Jan 2023 09:34:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     212017
IP address blocks:        185.159.40.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 04:29:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:ae:fa:41:51:1e:e5:ca:98:eb:30:00:08:24:15:5c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9cce3b1197d0cf9511540572a58fd372dcc07489
        Validity
            Not Before: Jan  1 09:34:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=aeb7fc8aa1eb0530e62d3ca9d8a824c1d25eb968
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:bb:76:9c:9c:06:40:80:65:ad:3b:19:5b:e9:
                    e1:58:69:7f:73:2b:44:de:2b:99:40:10:6b:45:20:
                    3b:41:09:f5:2c:c1:fe:68:34:eb:bf:f3:5b:42:60:
                    b9:88:a9:da:dd:70:0b:9c:c6:d1:3f:44:70:10:35:
                    85:bb:1a:0a:b6:2d:a5:23:56:78:10:24:2a:4e:96:
                    ab:50:df:b5:01:ae:f8:bd:4b:8d:db:52:00:14:e0:
                    98:78:19:8a:5b:a2:d7:5b:67:87:7b:f7:46:ed:32:
                    b5:8b:65:ff:9c:2c:14:f4:37:00:c7:a7:fe:87:69:
                    f3:84:9d:53:ee:13:84:b1:c2:98:d4:6b:b8:d3:a7:
                    09:6e:2f:6a:01:99:27:cb:5a:09:5e:02:92:4e:67:
                    78:69:a2:b0:ce:75:c0:05:e5:fd:07:15:22:0b:43:
                    b9:13:82:a9:84:4a:42:47:b7:55:d4:14:18:b0:48:
                    1d:71:82:bb:34:61:e3:df:91:91:6b:1f:a8:cc:71:
                    7f:e4:0b:26:83:6c:57:81:00:4f:24:5f:73:39:c2:
                    99:ef:6e:46:e7:b9:20:4c:96:be:9e:fe:5e:a6:23:
                    27:7b:cb:8e:f1:fe:29:b2:40:95:e0:ea:bd:61:89:
                    32:30:a7:a9:d9:36:45:f7:b0:84:70:1d:af:08:81:
                    2f:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:B7:FC:8A:A1:EB:05:30:E6:2D:3C:A9:D8:A8:24:C1:D2:5E:B9:68
            X509v3 Authority Key Identifier:
                keyid:9C:CE:3B:11:97:D0:CF:95:11:54:05:72:A5:8F:D3:72:DC:C0:74:89

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nM47EZfQz5URVAVypY_TctzAdIk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/4f2367-73f3-4816-bea8-a045ff8e2ac0/1/rrf8iqHrBTDmLTyp2KgkwdJeuWg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/74/4f2367-73f3-4816-bea8-a045ff8e2ac0/1/nM47EZfQz5URVAVypY_TctzAdIk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.159.40.0/22

    Signature Algorithm: sha256WithRSAEncryption
         78:9e:83:73:d1:c8:ab:7a:91:ae:6b:37:13:b2:ca:ec:ad:3f:
         c3:1a:5c:85:ef:6d:41:d2:31:fd:94:c5:f5:50:53:49:e6:cd:
         3e:e1:53:bb:af:96:fd:04:4d:cc:b3:85:81:fb:54:b9:45:06:
         e2:ee:eb:16:f9:b9:e8:e2:56:e7:37:dc:8e:e4:2f:a2:5e:16:
         76:41:18:30:04:f6:ca:ae:00:84:5b:68:6a:a7:b5:0a:04:06:
         43:43:fb:ef:a6:ac:01:d2:5f:5b:0b:e7:d7:99:ab:01:94:7b:
         89:10:65:8b:c2:11:d2:72:fa:ab:56:74:1e:59:7d:cc:3a:3b:
         8f:4a:20:a7:35:b0:1a:80:95:8f:79:79:93:41:31:e7:61:e1:
         5a:7d:92:ec:5d:89:4a:eb:b9:0d:70:81:98:cc:c6:0a:66:24:
         84:ec:28:20:3f:9c:84:fc:86:ff:e0:34:f9:b3:fd:e5:98:38:
         e2:10:be:be:9e:99:63:a7:08:d7:ef:06:ce:2f:12:4b:f7:ce:
         9a:b5:23:99:ef:d1:8f:32:bd:36:1f:98:6b:ba:8b:98:94:91:
         0a:6f:7b:5e:07:22:29:eb:9e:45:7b:9e:5e:d5:91:9a:b9:ef:
         2a:d7:bb:d1:12:04:23:de:52:ed:e0:25:77:60:4f:e7:e8:06:
         4c:74:92:42
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsrvpBUR7lypjrMAAIJBVcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljY2UzYjExOTdkMGNmOTUxMTU0MDU3MmE1OGZkMzcyZGNj
MDc0ODkwHhcNMjMwMTAxMDkzNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWI3ZmM4YWExZWIwNTMwZTYyZDNjYTlkOGE4MjRjMWQyNWViOTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn7t2nJwGQIBlrTsZW+nhWGl/cytE
3iuZQBBrRSA7QQn1LMH+aDTrv/NbQmC5iKna3XALnMbRP0RwEDWFuxoKti2lI1Z4
ECQqTparUN+1Aa74vUuN21IAFOCYeBmKW6LXW2eHe/dG7TK1i2X/nCwU9DcAx6f+
h2nzhJ1T7hOEscKY1Gu406cJbi9qAZkny1oJXgKSTmd4aaKwznXABeX9BxUiC0O5
E4KphEpCR7dV1BQYsEgdcYK7NGHj35GRax+ozHF/5Asmg2xXgQBPJF9zOcKZ725G
57kgTJa+nv5epiMne8uO8f4pskCV4Oq9YYkyMKep2TZF97CEcB2vCIEvywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK63/Iqh6wUw5i08qdioJMHSXrloMB8GA1UdIwQY
MBaAFJzOOxGX0M+VEVQFcqWP03LcwHSJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbk00N0VaZlF6NVVSVkFWeXBZX1RjdHpBZElrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC80ZjIzNjctNzNmMy00ODE2LWJlYTgt
YTA0NWZmOGUyYWMwLzEvcnJmOGlxSHJCVERtTFR5cDJLZ2t3ZEpldVdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC80ZjIzNjctNzNmMy00ODE2LWJlYTgtYTA0NWZmOGUyYWMw
LzEvbk00N0VaZlF6NVVSVkFWeXBZX1RjdHpBZElrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZ8oMA0G
CSqGSIb3DQEBCwUAA4IBAQB4noNz0cirepGuazcTssrsrT/DGlyF721B0jH9lMX1
UFNJ5s0+4VO7r5b9BE3Ms4WB+1S5RQbi7usW+bno4lbnN9yO5C+iXhZ2QRgwBPbK
rgCEW2hqp7UKBAZDQ/vvpqwB0l9bC+fXmasBlHuJEGWLwhHScvqrVnQeWX3MOjuP
SiCnNbAagJWPeXmTQTHnYeFafZLsXYlK67kNcIGYzMYKZiSE7CggP5yE/Ib/4DT5
s/3lmDjiEL6+npljpwjX7wbOLxJL986atSOZ79GPMr02H5hruouYlJEKb3teByIp
655Fe55e1ZGaue8q17vREgQj3lLt4CV3YE/n6AZMdJJC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:05 2024 by rpki-client on console-fra.rpki-client.org