Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/bf3db5-a33f-4311-acd9-2fcc0b749b32/1/4mvSGD4MPC3Km7843-z2AYX-PLE.roa
File:                     4mvSGD4MPC3Km7843-z2AYX-PLE.roa (raw, json)
Hash identifier:          zmdk/nTdyiNM88mbRKSQxcsYlOrlKtpQDABWjrHnbKI=
Subject key identifier:   E2:6B:D2:18:3E:0C:3C:2D:CA:9B:BF:38:DF:EC:F6:01:85:FE:3C:B1
Certificate issuer:       /CN=2dc81d24c45ddaa345f9064de29fbca7b129a52c
Certificate serial:       018B6100ACBA375F678D4ACD46A825BAB727
Authority key identifier: 2D:C8:1D:24:C4:5D:DA:A3:45:F9:06:4D:E2:9F:BC:A7:B1:29:A5:2C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/LcgdJMRd2qNF-QZN4p-8p7EppSw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/89/bf3db5-a33f-4311-acd9-2fcc0b749b32/1/4mvSGD4MPC3Km7843-z2AYX-PLE.roa
Signing time:             Tue 24 Oct 2023 09:25:15 +0000
ROA not before:           Tue 24 Oct 2023 09:25:15 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     61317
IP address blocks:        185.14.236.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Thu 02 Nov 2023 19:19:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8b:61:00:ac:ba:37:5f:67:8d:4a:cd:46:a8:25:ba:b7:27
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2dc81d24c45ddaa345f9064de29fbca7b129a52c
        Validity
            Not Before: Oct 24 09:25:15 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e26bd2183e0c3c2dca9bbf38dfecf60185fe3cb1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:66:fc:7a:75:d6:77:ee:62:1d:f3:1f:ff:95:
                    b3:2a:75:dc:b4:bf:a0:0f:4a:b8:11:fb:f0:b7:eb:
                    59:c6:5c:10:35:5c:77:26:f5:b7:97:d1:57:00:87:
                    d4:82:a1:68:f3:62:e2:a7:89:85:28:93:80:43:66:
                    f4:67:e9:66:f0:34:c8:a6:f9:de:24:f2:d9:c5:a5:
                    5d:71:f4:7c:53:55:b4:a5:7f:70:e4:fb:7b:d2:a2:
                    34:ad:95:07:5c:26:12:a6:64:08:95:89:d9:6e:e4:
                    fb:17:d5:39:7a:81:59:53:99:63:bd:a1:49:bb:cc:
                    10:ca:bb:6c:b4:f3:fa:7d:1c:65:3f:a1:1e:04:23:
                    68:23:e7:22:86:80:3f:bf:9b:e9:33:65:b1:74:9e:
                    c9:23:c4:46:6b:99:2d:87:cd:a5:ef:ae:25:bf:9e:
                    bd:a6:06:6a:1b:61:c9:9e:12:36:4b:a0:ab:b4:00:
                    2e:48:83:7e:0d:86:ee:42:2b:88:cc:98:5e:15:93:
                    3a:2a:02:49:8b:88:9a:47:99:24:20:fa:04:2c:df:
                    12:45:d5:52:83:a1:e4:69:eb:73:60:37:cd:6b:41:
                    52:cd:4e:62:b7:b3:02:b7:c3:86:b1:56:2e:ec:9c:
                    4e:56:ce:f0:ca:2f:c5:60:80:6a:08:2a:8c:03:b1:
                    34:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:6B:D2:18:3E:0C:3C:2D:CA:9B:BF:38:DF:EC:F6:01:85:FE:3C:B1
            X509v3 Authority Key Identifier:
                keyid:2D:C8:1D:24:C4:5D:DA:A3:45:F9:06:4D:E2:9F:BC:A7:B1:29:A5:2C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LcgdJMRd2qNF-QZN4p-8p7EppSw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/bf3db5-a33f-4311-acd9-2fcc0b749b32/1/4mvSGD4MPC3Km7843-z2AYX-PLE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/89/bf3db5-a33f-4311-acd9-2fcc0b749b32/1/LcgdJMRd2qNF-QZN4p-8p7EppSw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.14.236.0/24

    Signature Algorithm: sha256WithRSAEncryption
         20:cf:4f:bc:79:07:a0:d8:28:38:92:5f:1c:cf:e4:5a:ba:58:
         e8:ba:03:fd:d8:78:32:ed:ab:98:24:06:08:a7:44:d4:f8:f9:
         19:43:46:79:25:f9:d1:82:bc:a4:20:f6:0f:4a:cf:1f:05:9b:
         c3:db:77:98:c8:65:6e:4e:d8:86:45:ee:bf:ff:68:64:d0:3d:
         5e:12:a6:1e:80:38:50:01:20:0a:9d:7a:10:98:3d:8f:0f:6b:
         8d:1e:30:8a:80:5d:d1:9b:d0:4c:a5:55:1d:af:75:c0:16:cf:
         20:ee:c4:df:9b:eb:7b:0f:a8:ac:6b:65:38:f3:43:11:e2:ae:
         61:a2:25:d8:22:b1:20:ba:1a:43:de:32:c3:32:84:9d:61:3a:
         ae:ca:05:19:89:a2:b2:a7:0b:87:ee:d9:3e:74:ac:74:0c:fd:
         a1:47:8a:c3:b9:6f:cd:02:30:80:a0:02:00:22:f4:86:7a:a7:
         a2:c1:53:78:73:95:e4:6a:4a:27:97:f4:38:d6:6c:ba:2e:97:
         62:73:39:9e:79:b5:5a:eb:3c:74:55:b7:b0:99:22:59:bc:3b:
         71:fb:27:56:30:cb:a1:ed:4e:f1:8c:e7:12:43:f9:6a:b6:16:
         44:98:03:3b:b2:29:2e:ce:3b:44:a8:90:4b:1c:aa:57:7b:f1:
         9d:a1:e3:ae
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYthAKy6N19njUrNRqglurcnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkYzgxZDI0YzQ1ZGRhYTM0NWY5MDY0ZGUyOWZiY2E3YjEy
OWE1MmMwHhcNMjMxMDI0MDkyNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjZiZDIxODNlMGMzYzJkY2E5YmJmMzhkZmVjZjYwMTg1ZmUzY2IxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhWb8enXWd+5iHfMf/5WzKnXctL+g
D0q4Efvwt+tZxlwQNVx3JvW3l9FXAIfUgqFo82Lip4mFKJOAQ2b0Z+lm8DTIpvne
JPLZxaVdcfR8U1W0pX9w5Pt70qI0rZUHXCYSpmQIlYnZbuT7F9U5eoFZU5ljvaFJ
u8wQyrtstPP6fRxlP6EeBCNoI+cihoA/v5vpM2WxdJ7JI8RGa5kth82l764lv569
pgZqG2HJnhI2S6CrtAAuSIN+DYbuQiuIzJheFZM6KgJJi4iaR5kkIPoELN8SRdVS
g6HkaetzYDfNa0FSzU5it7MCt8OGsVYu7JxOVs7wyi/FYIBqCCqMA7E0WwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOJr0hg+DDwtypu/ON/s9gGF/jyxMB8GA1UdIwQY
MBaAFC3IHSTEXdqjRfkGTeKfvKexKaUsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGNnZEpNUmQycU5GLVFaTjRwLThwN0VwcFN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9iZjNkYjUtYTMzZi00MzExLWFjZDkt
MmZjYzBiNzQ5YjMyLzEvNG12U0dENE1QQzNLbTc4NDMtejJBWVgtUExFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9iZjNkYjUtYTMzZi00MzExLWFjZDktMmZjYzBiNzQ5YjMy
LzEvTGNnZEpNUmQycU5GLVFaTjRwLThwN0VwcFN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuQ7sMA0G
CSqGSIb3DQEBCwUAA4IBAQAgz0+8eQeg2Cg4kl8cz+RauljougP92Hgy7auYJAYI
p0TU+PkZQ0Z5JfnRgrykIPYPSs8fBZvD23eYyGVuTtiGRe6//2hk0D1eEqYegDhQ
ASAKnXoQmD2PD2uNHjCKgF3Rm9BMpVUdr3XAFs8g7sTfm+t7D6isa2U480MR4q5h
oiXYIrEguhpD3jLDMoSdYTquygUZiaKypwuH7tk+dKx0DP2hR4rDuW/NAjCAoAIA
IvSGeqeiwVN4c5Xkakonl/Q41my6LpdiczmeebVa6zx0VbewmSJZvDtx+ydWMMuh
7U7xjOcSQ/lqthZEmAM7sikuzjtEqJBLHKpXe/GdoeOu
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:05 2024 by rpki-client on console-ams.rpki-client.org