Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/c66a1f-7707-4f8d-a274-4df65aba6a62/1/3lfTO3B-QjdbhzLmwJzzf6SwJl0.roa
File:                     3lfTO3B-QjdbhzLmwJzzf6SwJl0.roa (raw, json)
Hash identifier:          uNRL6olXfTLWKXIx4146u7fwKrUsf6zsyVItuj+3Hao=
Subject key identifier:   DE:57:D3:3B:70:7E:42:37:5B:87:32:E6:C0:9C:F3:7F:A4:B0:26:5D
Certificate issuer:       /CN=e55b1a4f1942e4b1d894cbc8cf09073d02890170
Certificate serial:       018570E75FC94D3984BE38F93A280C0DDFEC
Authority key identifier: E5:5B:1A:4F:19:42:E4:B1:D8:94:CB:C8:CF:09:07:3D:02:89:01:70
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5VsaTxlC5LHYlMvIzwkHPQKJAXA.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/96/c66a1f-7707-4f8d-a274-4df65aba6a62/1/3lfTO3B-QjdbhzLmwJzzf6SwJl0.roa
Signing time:             Mon 02 Jan 2023 05:14:49 +0000
ROA not before:           Mon 02 Jan 2023 05:14:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     211740
IP address blocks:        185.112.88.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 00:30:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:e7:5f:c9:4d:39:84:be:38:f9:3a:28:0c:0d:df:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e55b1a4f1942e4b1d894cbc8cf09073d02890170
        Validity
            Not Before: Jan  2 05:14:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=de57d33b707e42375b8732e6c09cf37fa4b0265d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:ae:e7:2c:e0:e7:92:fc:6c:bf:5a:22:c9:03:
                    91:81:b2:22:dd:33:3d:27:15:4c:23:4f:0d:f1:fd:
                    11:a1:5f:48:c2:4f:2b:ec:38:75:2e:cc:99:cf:5e:
                    83:5d:a6:15:39:db:81:7e:80:7e:6f:cb:1f:71:fc:
                    b1:35:59:27:ae:e0:91:8c:12:c7:0f:ea:0b:0a:9c:
                    ae:cd:2e:b8:08:90:bc:0d:2d:92:3a:7c:c3:a1:1e:
                    08:70:51:bf:e7:64:7a:72:b2:c7:81:0a:8a:01:2e:
                    19:54:fa:7b:5a:75:3d:3a:91:dc:dd:2f:33:06:e4:
                    b6:97:39:d9:fc:e1:c4:6a:ff:52:89:9f:14:68:34:
                    6e:d4:5e:ba:48:41:14:fb:b9:50:ca:11:bf:60:dc:
                    dd:34:74:a7:81:41:e4:c0:2e:f6:55:2d:6e:f0:ea:
                    c7:0e:95:c1:8a:d8:bb:43:09:03:a3:f4:81:9a:2a:
                    8b:cf:e7:50:a7:2e:4d:e8:eb:aa:c9:24:cf:6e:5c:
                    28:01:94:95:a2:14:69:2d:9e:b5:86:d3:9b:46:f5:
                    1c:8c:12:88:b7:ff:9b:6a:55:a4:2f:bf:07:be:a0:
                    c0:20:32:7e:72:22:eb:1f:89:64:1d:8b:82:2b:8a:
                    7f:25:76:6f:9c:06:c3:03:59:a4:ee:c9:0f:6c:1d:
                    dc:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:57:D3:3B:70:7E:42:37:5B:87:32:E6:C0:9C:F3:7F:A4:B0:26:5D
            X509v3 Authority Key Identifier:
                keyid:E5:5B:1A:4F:19:42:E4:B1:D8:94:CB:C8:CF:09:07:3D:02:89:01:70

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5VsaTxlC5LHYlMvIzwkHPQKJAXA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/c66a1f-7707-4f8d-a274-4df65aba6a62/1/3lfTO3B-QjdbhzLmwJzzf6SwJl0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/96/c66a1f-7707-4f8d-a274-4df65aba6a62/1/5VsaTxlC5LHYlMvIzwkHPQKJAXA.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.112.88.0/22

    Signature Algorithm: sha256WithRSAEncryption
         b1:2f:ac:0f:ad:48:6e:26:e4:b1:c0:c7:ff:36:78:5e:d7:b9:
         c9:62:23:f8:ed:f0:07:d1:d5:d9:e0:1a:ac:1f:a2:aa:e0:43:
         90:67:35:c6:a8:d0:58:ad:31:35:d0:66:25:f5:8f:3b:99:83:
         3a:d4:3e:b5:cb:37:b7:71:0c:41:b9:89:06:fa:8d:07:ae:e0:
         d7:d4:93:26:ea:d6:ed:1d:a3:6a:33:79:17:56:a6:e6:b2:72:
         7b:b2:12:96:50:16:40:c9:fd:a3:93:a9:55:68:1a:89:40:8c:
         28:1c:0b:84:5f:35:04:5a:17:83:93:b6:f8:70:68:60:0a:62:
         a9:b8:af:25:5b:83:12:2c:b4:a0:31:dd:e0:1b:c6:46:a9:f0:
         c7:8b:b9:4f:29:d3:ee:ae:e2:5b:ff:34:bf:49:3d:5c:8c:8f:
         a8:63:93:aa:da:8d:b5:71:36:57:97:e0:45:44:cd:a5:4a:82:
         c4:a1:53:99:66:3b:31:ed:73:d1:d9:f1:d6:aa:65:7d:a3:57:
         79:85:92:fd:a9:90:99:5b:f8:ae:ba:51:c5:5b:d8:3a:50:9d:
         0e:8e:58:01:6e:65:d0:de:03:77:d3:94:94:05:90:54:ce:1f:
         2b:13:aa:3c:a6:e5:dc:9c:3e:7a:db:52:cd:73:09:38:72:d5:
         ab:51:ca:52
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw51/JTTmEvjj5OigMDd/sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1NWIxYTRmMTk0MmU0YjFkODk0Y2JjOGNmMDkwNzNkMDI4
OTAxNzAwHhcNMjMwMTAyMDUxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTU3ZDMzYjcwN2U0MjM3NWI4NzMyZTZjMDljZjM3ZmE0YjAyNjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkK7nLODnkvxsv1oiyQORgbIi3TM9
JxVMI08N8f0RoV9Iwk8r7Dh1LsyZz16DXaYVOduBfoB+b8sfcfyxNVknruCRjBLH
D+oLCpyuzS64CJC8DS2SOnzDoR4IcFG/52R6crLHgQqKAS4ZVPp7WnU9OpHc3S8z
BuS2lznZ/OHEav9SiZ8UaDRu1F66SEEU+7lQyhG/YNzdNHSngUHkwC72VS1u8OrH
DpXBiti7QwkDo/SBmiqLz+dQpy5N6OuqySTPblwoAZSVohRpLZ61htObRvUcjBKI
t/+balWkL78HvqDAIDJ+ciLrH4lkHYuCK4p/JXZvnAbDA1mk7skPbB3clwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN5X0ztwfkI3W4cy5sCc83+ksCZdMB8GA1UdIwQY
MBaAFOVbGk8ZQuSx2JTLyM8JBz0CiQFwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVZzYVR4bEM1TEhZbE12SXp3a0hQUUtKQVhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni9jNjZhMWYtNzcwNy00ZjhkLWEyNzQt
NGRmNjVhYmE2YTYyLzEvM2xmVE8zQi1RamRiaHpMbXdKenpmNlN3SmwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni9jNjZhMWYtNzcwNy00ZjhkLWEyNzQtNGRmNjVhYmE2YTYy
LzEvNVZzYVR4bEM1TEhZbE12SXp3a0hQUUtKQVhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXBYMA0G
CSqGSIb3DQEBCwUAA4IBAQCxL6wPrUhuJuSxwMf/Nnhe17nJYiP47fAH0dXZ4Bqs
H6Kq4EOQZzXGqNBYrTE10GYl9Y87mYM61D61yze3cQxBuYkG+o0HruDX1JMm6tbt
HaNqM3kXVqbmsnJ7shKWUBZAyf2jk6lVaBqJQIwoHAuEXzUEWheDk7b4cGhgCmKp
uK8lW4MSLLSgMd3gG8ZGqfDHi7lPKdPuruJb/zS/ST1cjI+oY5Oq2o21cTZXl+BF
RM2lSoLEoVOZZjsx7XPR2fHWqmV9o1d5hZL9qZCZW/iuulHFW9g6UJ0OjlgBbmXQ
3gN305SUBZBUzh8rE6o8puXcnD5621LNcwk4ctWrUcpS
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:46 2024 by rpki-client on console-ams.rpki-client.org