Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/077f64-b843-469f-8547-dd20bb208bba/1/4VnLxdHzdKILJaFdX5lW6WcSZLE.roa
File:                     4VnLxdHzdKILJaFdX5lW6WcSZLE.roa (raw, json)
Hash identifier:          S2rB7jp+fZfvRSJ5XtaZL6BLQ6Rv4m/6B2uncQjfBNc=
Subject key identifier:   E1:59:CB:C5:D1:F3:74:A2:0B:25:A1:5D:5F:99:56:E9:67:12:64:B1
Certificate issuer:       /CN=5f1a427072b31d44784c375dfae42278e71fa836
Certificate serial:       018571308B114E36777DD883FAF4EECE8092
Authority key identifier: 5F:1A:42:70:72:B3:1D:44:78:4C:37:5D:FA:E4:22:78:E7:1F:A8:36
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/XxpCcHKzHUR4TDdd-uQieOcfqDY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/9e/077f64-b843-469f-8547-dd20bb208bba/1/4VnLxdHzdKILJaFdX5lW6WcSZLE.roa
Signing time:             Mon 02 Jan 2023 06:34:44 +0000
ROA not before:           Mon 02 Jan 2023 06:34:44 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     272713
IP address blocks:        185.236.183.0/24 maxlen: 24

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 12:32:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:30:8b:11:4e:36:77:7d:d8:83:fa:f4:ee:ce:80:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5f1a427072b31d44784c375dfae42278e71fa836
        Validity
            Not Before: Jan  2 06:34:44 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=e159cbc5d1f374a20b25a15d5f9956e9671264b1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:87:a9:27:f3:28:e5:7a:e8:1d:f4:09:dc:29:
                    7f:3e:21:84:72:01:54:c0:35:9a:48:b8:d2:b7:92:
                    06:a7:55:d3:cf:b9:16:83:68:bb:f5:90:1a:93:64:
                    7e:dc:66:ce:b1:6c:e1:a8:6f:ba:89:e2:89:b0:30:
                    3a:92:8b:38:8c:20:0f:c2:f4:f0:84:f1:16:a9:b8:
                    cc:12:94:a0:72:7f:b5:d3:1c:ba:df:bc:03:e4:6f:
                    57:d6:5c:54:e3:c7:08:73:5b:e1:e3:84:d6:35:19:
                    78:b2:28:2c:6d:e8:40:b2:5e:ea:e5:71:ed:c2:02:
                    77:2f:c5:0e:f9:5c:b0:a2:b0:97:ac:20:24:f4:c4:
                    65:9d:18:a0:04:b9:be:b4:f0:02:20:75:2b:ca:a3:
                    a2:ff:0e:44:a0:f7:ec:49:98:61:85:df:6e:90:75:
                    f1:d7:7b:da:8e:e8:5e:b4:a7:7d:bc:a7:4d:30:a7:
                    b8:1d:5b:26:4c:fb:0c:42:bb:ed:4e:d9:a4:94:88:
                    62:7a:25:ab:fd:97:92:16:e1:5d:18:78:e4:c9:9c:
                    05:99:b3:7c:79:8e:45:3d:8e:39:98:79:8b:17:c5:
                    62:89:e4:1c:66:b4:10:cf:28:45:cc:cf:0f:44:22:
                    11:71:57:0c:24:f7:4d:d9:e4:70:52:2f:d7:99:42:
                    e9:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:59:CB:C5:D1:F3:74:A2:0B:25:A1:5D:5F:99:56:E9:67:12:64:B1
            X509v3 Authority Key Identifier:
                keyid:5F:1A:42:70:72:B3:1D:44:78:4C:37:5D:FA:E4:22:78:E7:1F:A8:36

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XxpCcHKzHUR4TDdd-uQieOcfqDY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/077f64-b843-469f-8547-dd20bb208bba/1/4VnLxdHzdKILJaFdX5lW6WcSZLE.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/077f64-b843-469f-8547-dd20bb208bba/1/XxpCcHKzHUR4TDdd-uQieOcfqDY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.236.183.0/24

    Signature Algorithm: sha256WithRSAEncryption
         e5:2a:b0:e5:1e:45:5c:c6:99:87:40:48:e2:89:10:db:3a:2b:
         14:c9:02:98:b3:cb:34:c6:3d:5b:40:c3:58:75:68:8c:1b:d0:
         5f:8e:ac:a7:c6:e2:44:0e:65:a1:9b:2f:df:39:f1:45:7b:3f:
         20:b2:0a:d5:65:a6:8f:c6:e3:28:0f:09:6e:35:3c:67:9a:3d:
         f3:14:76:3b:ea:40:4f:59:ac:86:fe:a0:22:31:4b:a9:6a:58:
         6c:bb:73:e6:49:44:34:e3:b6:07:f1:03:a5:e7:c9:88:a8:73:
         91:fa:ae:66:18:32:aa:89:83:d5:21:15:e7:f2:cd:42:67:20:
         66:fc:17:aa:98:df:46:35:b3:0c:40:6f:ee:59:94:eb:04:db:
         97:8c:ce:3d:5b:cc:22:18:d4:e8:0b:5b:d3:99:77:32:c0:4c:
         8d:60:5b:2b:22:ab:fd:f5:b9:65:ca:5d:95:82:19:25:b8:87:
         44:4e:67:87:f6:ad:75:ed:4f:7c:94:b6:8c:1b:61:e4:73:83:
         d3:91:1c:2a:3f:26:09:37:49:05:85:98:ef:5d:7b:aa:17:f1:
         15:61:5b:53:05:23:8e:7e:6c:3f:a1:22:62:d0:8d:e6:f0:48:
         73:42:aa:37:89:79:6c:b1:2b:90:8e:28:ae:de:25:26:05:7e:
         f0:1c:c9:5b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxMIsRTjZ3fdiD+vTuzoCSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmMWE0MjcwNzJiMzFkNDQ3ODRjMzc1ZGZhZTQyMjc4ZTcx
ZmE4MzYwHhcNMjMwMTAyMDYzNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTU5Y2JjNWQxZjM3NGEyMGIyNWExNWQ1Zjk5NTZlOTY3MTI2NGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArIepJ/Mo5XroHfQJ3Cl/PiGEcgFU
wDWaSLjSt5IGp1XTz7kWg2i79ZAak2R+3GbOsWzhqG+6ieKJsDA6kos4jCAPwvTw
hPEWqbjMEpSgcn+10xy637wD5G9X1lxU48cIc1vh44TWNRl4sigsbehAsl7q5XHt
wgJ3L8UO+VyworCXrCAk9MRlnRigBLm+tPACIHUryqOi/w5EoPfsSZhhhd9ukHXx
13vajuhetKd9vKdNMKe4HVsmTPsMQrvtTtmklIhieiWr/ZeSFuFdGHjkyZwFmbN8
eY5FPY45mHmLF8ViieQcZrQQzyhFzM8PRCIRcVcMJPdN2eRwUi/XmULpyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOFZy8XR83SiCyWhXV+ZVulnEmSxMB8GA1UdIwQY
MBaAFF8aQnBysx1EeEw3XfrkInjnH6g2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHhwQ2NIS3pIVVI0VERkZC11UWllT2NmcURZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS8wNzdmNjQtYjg0My00NjlmLTg1NDct
ZGQyMGJiMjA4YmJhLzEvNFZuTHhkSHpkS0lMSmFGZFg1bFc2V2NTWkxFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS8wNzdmNjQtYjg0My00NjlmLTg1NDctZGQyMGJiMjA4YmJh
LzEvWHhwQ2NIS3pIVVI0VERkZC11UWllT2NmcURZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuey3MA0G
CSqGSIb3DQEBCwUAA4IBAQDlKrDlHkVcxpmHQEjiiRDbOisUyQKYs8s0xj1bQMNY
dWiMG9BfjqynxuJEDmWhmy/fOfFFez8gsgrVZaaPxuMoDwluNTxnmj3zFHY76kBP
WayG/qAiMUupalhsu3PmSUQ047YH8QOl58mIqHOR+q5mGDKqiYPVIRXn8s1CZyBm
/BeqmN9GNbMMQG/uWZTrBNuXjM49W8wiGNToC1vTmXcywEyNYFsrIqv99bllyl2V
ghkluIdETmeH9q117U98lLaMG2Hkc4PTkRwqPyYJN0kFhZjvXXuqF/EVYVtTBSOO
fmw/oSJi0I3m8EhzQqo3iXlssSuQjiiu3iUmBX7wHMlb
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:19 2024 by rpki-client on console-ams.rpki-client.org