Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/e485e1-a65f-43d4-b572-d3326c59bcd2/1/5D1FbFN84MihSLD4fu_yNzC5wCs.roa
File:                     5D1FbFN84MihSLD4fu_yNzC5wCs.roa (raw, json)
Hash identifier:          S3cn3yi28Ht3+xpwiCoNe3G3ZN4h1RYberXiWIKuu7s=
Subject key identifier:   E4:3D:45:6C:53:7C:E0:C8:A1:48:B0:F8:7E:EF:F2:37:30:B9:C0:2B
Certificate issuer:       /CN=fc282a794b3f7ab4cd6feb6c5fd6b3d256afc461
Certificate serial:       01856F14DBB9C200F24455227917D938235B
Authority key identifier: FC:28:2A:79:4B:3F:7A:B4:CD:6F:EB:6C:5F:D6:B3:D2:56:AF:C4:61
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/_CgqeUs_erTNb-tsX9az0lavxGE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/93/e485e1-a65f-43d4-b572-d3326c59bcd2/1/5D1FbFN84MihSLD4fu_yNzC5wCs.roa
Signing time:             Sun 01 Jan 2023 20:45:16 +0000
ROA not before:           Sun 01 Jan 2023 20:45:16 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     14618
IP address blocks:        185.144.236.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Wed 08 Mar 2023 03:18:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6f:14:db:b9:c2:00:f2:44:55:22:79:17:d9:38:23:5b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=fc282a794b3f7ab4cd6feb6c5fd6b3d256afc461
        Validity
            Not Before: Jan  1 20:45:16 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e43d456c537ce0c8a148b0f87eeff23730b9c02b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:08:a6:5f:d6:a0:85:ed:92:71:8b:24:b6:f5:
                    b0:76:18:60:28:df:77:09:26:22:c6:7e:5c:f5:3c:
                    01:8e:30:42:4d:e3:42:ad:f4:8d:3d:0e:17:4f:aa:
                    e4:f8:e7:ba:68:e7:65:ed:02:71:42:db:43:12:dd:
                    66:81:19:40:cd:16:e8:10:9c:fb:c3:28:6a:5b:d2:
                    0f:a6:dd:5e:ef:ad:71:dc:35:32:a2:2b:e7:de:32:
                    9d:4b:20:4e:23:5f:12:97:a1:5d:2b:6a:c6:ba:e0:
                    4f:e6:44:23:01:7d:66:ad:8c:03:4e:5a:3d:d4:6b:
                    bb:9b:aa:54:8e:37:3e:12:01:27:d5:d6:1d:de:6f:
                    13:fd:25:03:06:e8:46:5b:95:70:e7:8c:fd:28:ee:
                    bd:53:e3:f3:04:f5:be:78:5c:35:38:82:7c:dc:be:
                    03:8b:e7:75:a0:bf:39:19:ba:2b:0f:22:5d:e0:46:
                    02:6f:7f:88:5e:5d:41:d4:e8:a5:f2:90:5c:3a:b6:
                    a8:90:aa:17:54:e2:49:73:5e:c8:6c:47:22:77:19:
                    e6:84:18:68:a6:be:29:74:4c:af:30:19:cc:56:16:
                    ed:8e:68:de:eb:f9:0d:34:0f:fe:32:17:49:cd:5b:
                    17:04:63:33:9c:9b:d1:b8:28:c9:9a:3e:d7:6c:12:
                    e1:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:3D:45:6C:53:7C:E0:C8:A1:48:B0:F8:7E:EF:F2:37:30:B9:C0:2B
            X509v3 Authority Key Identifier:
                keyid:FC:28:2A:79:4B:3F:7A:B4:CD:6F:EB:6C:5F:D6:B3:D2:56:AF:C4:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_CgqeUs_erTNb-tsX9az0lavxGE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/e485e1-a65f-43d4-b572-d3326c59bcd2/1/5D1FbFN84MihSLD4fu_yNzC5wCs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/93/e485e1-a65f-43d4-b572-d3326c59bcd2/1/_CgqeUs_erTNb-tsX9az0lavxGE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.144.236.0/22

    Signature Algorithm: sha256WithRSAEncryption
         74:86:39:1c:f7:9c:52:ea:aa:22:39:7d:0f:15:e9:0f:e6:ac:
         26:67:dd:e9:1f:82:75:54:9a:4b:34:ad:7e:4a:8f:49:0b:e9:
         f4:a3:db:69:2f:47:a9:9f:44:22:9f:19:67:71:01:e2:c2:de:
         55:e1:44:4d:a4:4e:46:ed:14:2b:fa:90:7d:f7:c6:c1:17:8d:
         24:e4:d8:3a:dd:d1:4e:96:50:9c:21:3d:ae:9a:ef:31:a2:d3:
         10:ef:fe:16:18:f2:cc:59:0f:41:19:7f:fd:48:ee:f8:51:a2:
         06:56:62:c5:dd:c0:06:ec:f4:e6:07:f8:37:e2:b0:57:b0:95:
         bc:30:d6:3f:2a:5c:46:97:a2:eb:dc:3c:01:de:7f:ee:37:78:
         25:e2:9d:06:fa:32:39:6d:e0:d4:9e:31:58:d7:01:9d:2f:a8:
         47:da:61:58:62:8a:9e:0e:11:5c:f4:dc:1e:79:6e:a1:24:9f:
         70:0c:02:89:6b:60:e8:81:fd:af:45:05:9e:25:6c:00:5b:9b:
         06:51:d7:4d:db:a1:4b:4f:2d:86:e2:87:40:92:fc:3f:c3:fd:
         36:fd:1f:04:29:6e:79:54:6a:83:2b:09:60:20:40:2f:b4:8c:
         c8:dc:68:56:a4:be:46:0d:76:05:78:ce:3d:34:94:d1:cd:7a:
         3c:71:87:da
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvFNu5wgDyRFUieRfZOCNbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjMjgyYTc5NGIzZjdhYjRjZDZmZWI2YzVmZDZiM2QyNTZh
ZmM0NjEwHhcNMjMwMTAxMjA0NTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDNkNDU2YzUzN2NlMGM4YTE0OGIwZjg3ZWVmZjIzNzMwYjljMDJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoQimX9aghe2ScYsktvWwdhhgKN93
CSYixn5c9TwBjjBCTeNCrfSNPQ4XT6rk+Oe6aOdl7QJxQttDEt1mgRlAzRboEJz7
wyhqW9IPpt1e761x3DUyoivn3jKdSyBOI18Sl6FdK2rGuuBP5kQjAX1mrYwDTlo9
1Gu7m6pUjjc+EgEn1dYd3m8T/SUDBuhGW5Vw54z9KO69U+PzBPW+eFw1OIJ83L4D
i+d1oL85GborDyJd4EYCb3+IXl1B1Oil8pBcOraokKoXVOJJc17IbEcidxnmhBho
pr4pdEyvMBnMVhbtjmje6/kNNA/+MhdJzVsXBGMznJvRuCjJmj7XbBLh/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOQ9RWxTfODIoUiw+H7v8jcwucArMB8GA1UdIwQY
MBaAFPwoKnlLP3q0zW/rbF/Ws9JWr8RhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0NncWVVc19lclROYi10c1g5YXowbGF2eEdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My9lNDg1ZTEtYTY1Zi00M2Q0LWI1NzIt
ZDMzMjZjNTliY2QyLzEvNUQxRmJGTjg0TWloU0xENGZ1X3lOekM1d0NzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My9lNDg1ZTEtYTY1Zi00M2Q0LWI1NzItZDMzMjZjNTliY2Qy
LzEvX0NncWVVc19lclROYi10c1g5YXowbGF2eEdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZDsMA0G
CSqGSIb3DQEBCwUAA4IBAQB0hjkc95xS6qoiOX0PFekP5qwmZ93pH4J1VJpLNK1+
So9JC+n0o9tpL0epn0QinxlncQHiwt5V4URNpE5G7RQr+pB998bBF40k5Ng63dFO
llCcIT2umu8xotMQ7/4WGPLMWQ9BGX/9SO74UaIGVmLF3cAG7PTmB/g34rBXsJW8
MNY/KlxGl6Lr3DwB3n/uN3gl4p0G+jI5beDUnjFY1wGdL6hH2mFYYoqeDhFc9Nwe
eW6hJJ9wDAKJa2Dogf2vRQWeJWwAW5sGUddN26FLTy2G4odAkvw/w/02/R8EKW55
VGqDKwlgIEAvtIzI3GhWpL5GDXYFeM49NJTRzXo8cYfa
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:20 2024 by rpki-client on console-ams.rpki-client.org