Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/3d4731-8cf3-4327-ae6a-51387d160ba9/1/I9rPRJmT8YJrwB3woKXa6F524-M.roa
File:                     I9rPRJmT8YJrwB3woKXa6F524-M.roa (raw, json)
Hash identifier:          nc3Zx+iyIILzJ7EqL0K+gslnDZajgWJt90N8ZLtb17c=
Subject key identifier:   23:DA:CF:44:99:93:F1:82:6B:C0:1D:F0:A0:A5:DA:E8:5E:76:E3:E3
Certificate issuer:       /CN=dc41411e93e25d5ec65099569b1b5c5fadc1ae3d
Certificate serial:       0185A430DECEFB5DE5DA7A6DB32267933DFB
Authority key identifier: DC:41:41:1E:93:E2:5D:5E:C6:50:99:56:9B:1B:5C:5F:AD:C1:AE:3D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3EFBHpPiXV7GUJlWmxtcX63Brj0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8d/3d4731-8cf3-4327-ae6a-51387d160ba9/1/I9rPRJmT8YJrwB3woKXa6F524-M.roa
Signing time:             Thu 12 Jan 2023 04:15:44 +0000
ROA not before:           Thu 12 Jan 2023 04:15:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        185.248.49.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Fri 07 Apr 2023 13:29:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:a4:30:de:ce:fb:5d:e5:da:7a:6d:b3:22:67:93:3d:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dc41411e93e25d5ec65099569b1b5c5fadc1ae3d
        Validity
            Not Before: Jan 12 04:15:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=23dacf449993f1826bc01df0a0a5dae85e76e3e3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:8c:94:6c:be:c5:7d:3f:d3:a1:53:60:7a:6e:
                    18:d0:1e:ad:0e:37:c5:89:d7:44:7a:a6:4b:92:2f:
                    08:bf:75:81:71:1e:c5:e6:d1:5d:d7:8d:67:99:61:
                    bf:a5:03:44:4d:fc:ed:6c:99:a4:61:f4:5f:b1:d8:
                    5d:b6:48:a4:5d:17:8b:c7:3d:e8:7e:2b:d8:1e:6f:
                    1f:24:1a:de:d6:ec:76:aa:a0:ad:a4:4d:e1:88:fc:
                    8e:7b:9e:d7:a3:ce:c6:d2:2b:e5:ef:b1:1d:a4:e5:
                    e4:33:4c:50:ef:9c:41:93:c0:c1:30:67:c6:e4:11:
                    a3:6a:fd:9b:dc:cd:d0:42:b2:6d:13:42:a8:4c:3a:
                    fe:a8:11:81:d8:1e:aa:3e:61:d3:0f:c5:da:ac:c8:
                    8d:aa:6f:0f:d1:e4:55:ef:ae:08:0e:9e:c2:0c:9d:
                    96:b3:26:b7:c6:c6:2b:a2:46:33:de:ba:ce:b9:23:
                    ff:69:29:4d:b7:08:53:54:2c:81:68:cb:30:cd:1f:
                    87:06:4f:2f:93:f1:d1:61:f7:58:3c:bc:1c:ad:d2:
                    7f:8c:a8:70:22:66:27:bc:ff:3f:81:b0:43:6d:57:
                    87:dc:63:fa:60:8e:fd:b5:5e:e6:3d:c9:5f:87:0c:
                    a8:b0:dd:f9:d3:ee:e6:f7:4d:52:cd:db:45:61:2e:
                    3b:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:DA:CF:44:99:93:F1:82:6B:C0:1D:F0:A0:A5:DA:E8:5E:76:E3:E3
            X509v3 Authority Key Identifier:
                keyid:DC:41:41:1E:93:E2:5D:5E:C6:50:99:56:9B:1B:5C:5F:AD:C1:AE:3D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3EFBHpPiXV7GUJlWmxtcX63Brj0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/3d4731-8cf3-4327-ae6a-51387d160ba9/1/I9rPRJmT8YJrwB3woKXa6F524-M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/3d4731-8cf3-4327-ae6a-51387d160ba9/1/3EFBHpPiXV7GUJlWmxtcX63Brj0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.248.49.0/24

    Signature Algorithm: sha256WithRSAEncryption
         aa:42:22:8b:5c:54:da:df:ee:91:be:6d:94:15:ed:e5:a6:6b:
         83:9d:13:00:c8:77:79:70:5a:cf:5d:de:dc:33:3b:6e:ff:b7:
         16:96:32:0f:e4:b9:e0:87:cd:9d:0d:87:0e:4d:c8:b6:3f:e5:
         b6:c0:32:1d:ba:16:f0:7c:3c:39:db:d0:c5:d6:06:7c:dc:c9:
         d5:38:d6:39:8e:44:cd:cd:c0:67:4d:57:9d:60:a9:47:b5:9f:
         b3:64:8d:37:c3:c5:7a:da:48:73:6a:d9:91:a6:16:5d:9e:a4:
         c4:a9:12:25:4d:5b:6b:fc:f6:63:59:e4:61:dc:e8:69:23:d4:
         b1:43:f7:dd:ea:87:54:89:d7:a0:77:bc:5e:a3:2c:7d:e4:cb:
         93:41:19:49:e6:d9:92:bd:3e:fc:56:4d:72:6c:ce:77:48:64:
         81:77:0b:7e:e3:fa:5b:98:9a:90:e5:e3:ad:24:c3:1c:80:60:
         86:18:0c:e6:67:4b:fb:be:80:4c:d5:0c:94:ac:b2:a9:9e:6d:
         a7:e2:bc:97:0c:6e:56:25:29:b6:1c:7f:4a:e4:27:26:10:6e:
         f0:23:eb:1b:cd:ed:11:ec:0a:12:04:57:1d:0c:57:f7:54:6f:
         9b:98:c5:02:33:ee:9c:bb:dd:f3:60:20:e7:41:94:00:76:b7:
         d4:bd:c0:f0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYWkMN7O+13l2nptsyJnkz37MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNDE0MTFlOTNlMjVkNWVjNjUwOTk1NjliMWI1YzVmYWRj
MWFlM2QwHhcNMjMwMTEyMDQxNTQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2RhY2Y0NDk5OTNmMTgyNmJjMDFkZjBhMGE1ZGFlODVlNzZlM2UzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtoyUbL7FfT/ToVNgem4Y0B6tDjfF
iddEeqZLki8Iv3WBcR7F5tFd141nmWG/pQNETfztbJmkYfRfsdhdtkikXReLxz3o
fivYHm8fJBre1ux2qqCtpE3hiPyOe57Xo87G0ivl77EdpOXkM0xQ75xBk8DBMGfG
5BGjav2b3M3QQrJtE0KoTDr+qBGB2B6qPmHTD8XarMiNqm8P0eRV764IDp7CDJ2W
sya3xsYrokYz3rrOuSP/aSlNtwhTVCyBaMswzR+HBk8vk/HRYfdYPLwcrdJ/jKhw
ImYnvP8/gbBDbVeH3GP6YI79tV7mPclfhwyosN350+7m901SzdtFYS47VwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCPaz0SZk/GCa8Ad8KCl2uheduPjMB8GA1UdIwQY
MBaAFNxBQR6T4l1exlCZVpsbXF+twa49MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0VGQkhwUGlYVjdHVUpsV214dGNYNjNCcmowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC8zZDQ3MzEtOGNmMy00MzI3LWFlNmEt
NTEzODdkMTYwYmE5LzEvSTlyUFJKbVQ4WUpyd0Izd29LWGE2RjUyNC1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC8zZDQ3MzEtOGNmMy00MzI3LWFlNmEtNTEzODdkMTYwYmE5
LzEvM0VGQkhwUGlYVjdHVUpsV214dGNYNjNCcmowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufgxMA0G
CSqGSIb3DQEBCwUAA4IBAQCqQiKLXFTa3+6Rvm2UFe3lpmuDnRMAyHd5cFrPXd7c
Mztu/7cWljIP5Lngh82dDYcOTci2P+W2wDIduhbwfDw529DF1gZ83MnVONY5jkTN
zcBnTVedYKlHtZ+zZI03w8V62khzatmRphZdnqTEqRIlTVtr/PZjWeRh3OhpI9Sx
Q/fd6odUidegd7xeoyx95MuTQRlJ5tmSvT78Vk1ybM53SGSBdwt+4/pbmJqQ5eOt
JMMcgGCGGAzmZ0v7voBM1QyUrLKpnm2n4ryXDG5WJSm2HH9K5CcmEG7wI+sbze0R
7AoSBFcdDFf3VG+bmMUCM+6cu93zYCDnQZQAdrfUvcDw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:43 2024 by rpki-client on console-fra.rpki-client.org