Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/Pz34pEsc5noCBLAEk5Yuag2lVDE.roa
File:                     Pz34pEsc5noCBLAEk5Yuag2lVDE.roa (raw, json)
Hash identifier:          ch2qqdjM8RGdz0W0B1ftIAMSq2IqCuM9XryhQ3MkkiY=
Subject key identifier:   3F:3D:F8:A4:4B:1C:E6:7A:02:04:B0:04:93:96:2E:6A:0D:A5:54:31
Certificate issuer:       /CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Certificate serial:       018571C32C0DDC8F83FB0F758EC9D4F0A33C
Authority key identifier: B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/Pz34pEsc5noCBLAEk5Yuag2lVDE.roa
Signing time:             Mon 02 Jan 2023 09:14:54 +0000
ROA not before:           Mon 02 Jan 2023 09:14:54 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     213151
IP address blocks:        185.197.135.0/24 maxlen: 24
                          2a06:e881:7300::/40 maxlen: 48

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:33:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:c3:2c:0d:dc:8f:83:fb:0f:75:8e:c9:d4:f0:a3:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
        Validity
            Not Before: Jan  2 09:14:54 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=3f3df8a44b1ce67a0204b00493962e6a0da55431
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:9f:4e:b0:50:84:21:f3:59:c2:6d:8b:52:7a:
                    60:7b:73:25:01:45:c4:87:b7:a0:5d:a1:f9:ca:1c:
                    96:54:18:1f:ef:35:ff:9c:14:4b:a2:11:b9:29:c1:
                    30:26:30:32:d6:fb:b5:55:63:f5:6c:9e:c6:15:55:
                    9a:82:82:81:90:0c:a7:85:f4:32:58:fc:0b:37:91:
                    27:43:15:74:e4:87:31:65:16:d4:67:84:78:de:d0:
                    16:6b:66:a4:ff:7d:d7:15:a5:de:4e:d4:70:e2:0e:
                    53:fa:8a:0a:ab:b0:d6:a8:11:05:16:c7:2b:95:d9:
                    53:ba:8e:7b:26:4d:8f:8a:9e:18:3d:58:ee:6d:bc:
                    cb:1a:a4:49:86:45:76:d9:79:62:a3:69:99:d9:6d:
                    58:9a:e9:05:fe:6c:67:62:46:6d:de:08:c3:0e:d3:
                    9d:ab:a5:f2:9f:ab:e9:78:6a:2f:36:fd:8c:9c:3e:
                    4c:a8:3e:ec:c4:5a:b3:38:98:d6:43:c0:7a:7d:27:
                    3a:02:ee:85:86:bb:bb:28:44:d0:9e:e9:86:7e:dd:
                    57:38:fb:25:43:0b:77:77:c1:62:2c:e5:cb:73:4f:
                    da:15:3a:de:59:08:73:40:4d:65:c6:fc:32:55:fa:
                    5d:f1:34:c5:85:4d:f3:8b:21:0f:f4:b1:a1:e0:22:
                    23:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:3D:F8:A4:4B:1C:E6:7A:02:04:B0:04:93:96:2E:6A:0D:A5:54:31
            X509v3 Authority Key Identifier:
                keyid:B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/Pz34pEsc5noCBLAEk5Yuag2lVDE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.197.135.0/24
                IPv6:
                  2a06:e881:7300::/40

    Signature Algorithm: sha256WithRSAEncryption
         99:23:4a:6e:1d:7e:fd:0e:77:79:7f:3a:76:3b:dc:5c:66:be:
         a5:9e:84:e3:7a:7c:34:8f:94:44:3f:14:d2:2e:6c:c8:63:75:
         f8:d4:07:10:67:40:5c:f7:0e:69:7e:5c:a4:52:4c:c1:1d:52:
         90:5a:f9:89:de:84:ec:9b:cc:3b:6e:47:7f:9a:2d:c2:6c:7a:
         3e:ea:e6:4d:c2:33:bb:a2:38:e3:d9:b1:98:4e:c1:fa:9d:ed:
         38:96:71:5f:ff:25:96:84:54:ea:71:82:14:35:2d:4b:85:6d:
         7d:2a:69:56:38:59:21:93:0c:fa:18:3d:b8:d4:0c:86:fe:f8:
         df:a0:fb:79:58:7c:17:66:e4:d7:87:86:36:d4:27:3e:c4:93:
         ba:e4:13:b0:e7:cf:71:06:7f:c6:21:57:c0:3e:4d:66:7b:01:
         ae:8a:72:b5:c6:83:96:91:87:d0:34:4b:57:dd:24:8c:75:8f:
         fd:b9:b3:61:28:f7:b3:c2:b2:14:b2:9d:0e:f6:b6:58:a5:cf:
         a7:25:6a:3f:6b:29:a9:1e:f5:93:db:34:46:11:7a:ea:63:a4:
         4a:14:60:93:6e:4b:de:6f:c3:fc:46:01:f3:c6:51:d7:86:17:
         ba:5d:b7:7b:59:67:b1:69:e1:1a:04:45:a4:5e:ad:8e:86:55:
         89:c7:03:49
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYVxwywN3I+D+w91jsnU8KM8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MDc0YjQxOWVhZDRjZWZlYTJmMmFkMmMyNTlkOTc4YzVl
ZDc5NTQwHhcNMjMwMTAyMDkxNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjNkZjhhNDRiMWNlNjdhMDIwNGIwMDQ5Mzk2MmU2YTBkYTU1NDMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgp9OsFCEIfNZwm2LUnpge3MlAUXE
h7egXaH5yhyWVBgf7zX/nBRLohG5KcEwJjAy1vu1VWP1bJ7GFVWagoKBkAynhfQy
WPwLN5EnQxV05IcxZRbUZ4R43tAWa2ak/33XFaXeTtRw4g5T+ooKq7DWqBEFFscr
ldlTuo57Jk2Pip4YPVjubbzLGqRJhkV22Xlio2mZ2W1YmukF/mxnYkZt3gjDDtOd
q6Xyn6vpeGovNv2MnD5MqD7sxFqzOJjWQ8B6fSc6Au6Fhru7KETQnumGft1XOPsl
Qwt3d8FiLOXLc0/aFTreWQhzQE1lxvwyVfpd8TTFhU3ziyEP9LGh4CIj9QIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFD89+KRLHOZ6AgSwBJOWLmoNpVQxMB8GA1UdIwQY
MBaAFLgHS0GerUzv6i8q0sJZ2XjF7XlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYt
M2Q5MWVkZTViMmIxLzEvUHozNHBFc2M1bm9DQkxBRWs1WXVhZzJsVkRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYtM2Q5MWVkZTViMmIx
LzEvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQAucWHMA4E
AgACMAgDBgAqBuiBczANBgkqhkiG9w0BAQsFAAOCAQEAmSNKbh1+/Q53eX86djvc
XGa+pZ6E43p8NI+URD8U0i5syGN1+NQHEGdAXPcOaX5cpFJMwR1SkFr5id6E7JvM
O25Hf5otwmx6PurmTcIzu6I449mxmE7B+p3tOJZxX/8lloRU6nGCFDUtS4VtfSpp
VjhZIZMM+hg9uNQMhv7436D7eVh8F2bk14eGNtQnPsSTuuQTsOfPcQZ/xiFXwD5N
ZnsBropytcaDlpGH0DRLV90kjHWP/bmzYSj3s8KyFLKdDva2WKXPpyVqP2spqR71
k9s0RhF66mOkShRgk25L3m/D/EYB88ZR14YXul23e1lnsWnhGgRFpF6tjoZViccD
SQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:40 2024 by rpki-client on console-ams.rpki-client.org