Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/e44dea-8d51-440a-bc02-bab576e20393/1/dZFjDqrUX4j8EWjxBxTiZcP3hXw.roa
File:                     dZFjDqrUX4j8EWjxBxTiZcP3hXw.roa (raw, json)
Hash identifier:          TDyX6Ccmtdirmq8V99AdTKF+tYqJDw5Ph2wtPGCcuTE=
Subject key identifier:   75:91:63:0E:AA:D4:5F:88:FC:11:68:F1:07:14:E2:65:C3:F7:85:7C
Certificate issuer:       /CN=31d4ee4afff55e67444d47d49b512a8368bf9ef6
Certificate serial:       01856D13D8B42E6C4BFDD687C06B16537A1A
Authority key identifier: 31:D4:EE:4A:FF:F5:5E:67:44:4D:47:D4:9B:51:2A:83:68:BF:9E:F6
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MdTuSv_1XmdETUfUm1Eqg2i_nvY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a1/e44dea-8d51-440a-bc02-bab576e20393/1/dZFjDqrUX4j8EWjxBxTiZcP3hXw.roa
Signing time:             Sun 01 Jan 2023 11:24:55 +0000
ROA not before:           Sun 01 Jan 2023 11:24:55 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     199786
IP address blocks:        185.50.140.0/22 maxlen: 22
                          2a01:abe0::/32 maxlen: 32

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 02:29:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6d:13:d8:b4:2e:6c:4b:fd:d6:87:c0:6b:16:53:7a:1a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=31d4ee4afff55e67444d47d49b512a8368bf9ef6
        Validity
            Not Before: Jan  1 11:24:55 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=7591630eaad45f88fc1168f10714e265c3f7857c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:2c:00:9b:b1:c6:42:1b:31:eb:80:7f:e9:f3:
                    21:ba:fd:ce:3e:06:5d:f2:bf:ab:a3:1e:2f:7d:70:
                    74:5a:5a:15:fe:f5:d9:2e:a5:20:f3:c0:9f:09:23:
                    fb:73:fa:b4:76:90:42:96:20:0e:f6:b5:b8:5e:4e:
                    81:bf:c8:61:db:08:de:86:ed:1c:c1:9f:7d:3a:6a:
                    14:84:c2:23:96:1b:25:4b:29:97:31:3e:81:c1:ab:
                    86:bd:f9:aa:61:42:99:5b:db:07:de:48:05:a4:48:
                    b5:e0:c4:f0:ee:af:2f:63:0a:45:86:3e:70:de:6d:
                    7f:ea:d1:be:68:dc:91:8d:54:7e:fc:72:46:37:4d:
                    38:8e:30:a1:da:ca:a6:b6:79:54:a2:fd:d6:99:42:
                    ec:54:3e:15:6c:db:88:5e:76:6c:43:af:88:20:61:
                    c2:47:77:7f:48:19:d2:86:f7:80:c4:b5:c6:48:b5:
                    49:0a:88:15:74:c6:04:f9:d2:b6:08:04:93:50:a9:
                    fe:c4:b6:39:ac:8d:61:73:da:63:4a:62:86:ec:17:
                    9e:4d:d2:89:3f:8b:92:1c:c4:60:25:49:40:e8:b8:
                    9a:d7:8a:91:be:c2:59:c3:41:f3:d5:14:0b:6f:12:
                    74:00:bb:e9:4b:de:04:90:e6:97:10:5c:2b:2f:20:
                    7c:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:91:63:0E:AA:D4:5F:88:FC:11:68:F1:07:14:E2:65:C3:F7:85:7C
            X509v3 Authority Key Identifier:
                keyid:31:D4:EE:4A:FF:F5:5E:67:44:4D:47:D4:9B:51:2A:83:68:BF:9E:F6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MdTuSv_1XmdETUfUm1Eqg2i_nvY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/e44dea-8d51-440a-bc02-bab576e20393/1/dZFjDqrUX4j8EWjxBxTiZcP3hXw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/e44dea-8d51-440a-bc02-bab576e20393/1/MdTuSv_1XmdETUfUm1Eqg2i_nvY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.50.140.0/22
                IPv6:
                  2a01:abe0::/32

    Signature Algorithm: sha256WithRSAEncryption
         a8:15:91:30:9d:6e:d3:a8:40:9e:3c:1b:e6:ba:31:ee:cf:eb:
         45:93:67:c5:b5:a8:fa:09:4b:8b:30:d5:81:74:43:d9:a9:63:
         dc:98:a9:3e:fb:67:8a:2e:b2:24:0e:21:4c:ac:c9:e4:20:42:
         94:f7:66:91:a0:25:d2:3b:b4:91:55:86:0c:c4:74:73:65:88:
         22:86:96:d1:d7:ec:6e:7b:0e:10:91:6d:61:cb:61:63:72:e8:
         81:68:ff:76:29:73:9e:b3:9b:12:ce:97:99:8b:5a:79:49:e3:
         2d:7f:4a:3b:00:34:0a:98:8f:21:b1:cb:b6:7b:9d:9f:11:b1:
         7b:7b:f3:1d:7d:3b:15:6f:88:cf:ff:3b:b6:76:40:28:fc:86:
         61:f9:2e:43:39:88:31:ae:b4:a3:fb:64:e4:6a:70:aa:c7:85:
         ff:36:b9:58:4e:96:e4:6e:5d:1b:5a:2f:78:86:52:36:b7:ac:
         6e:67:bd:c2:d7:e0:f2:11:93:bc:0a:3d:2c:85:3f:8e:31:a5:
         94:1a:cf:84:8e:62:b0:b2:ac:ec:9c:c6:5c:8d:ee:13:cd:e2:
         51:1e:ad:df:a6:34:3e:f8:bb:02:1c:78:e4:c5:50:f6:e8:38:
         d4:a0:44:c4:cd:33:57:1a:5b:ae:1a:92:ff:3a:1a:e0:88:aa:
         ce:72:ea:fe
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtE9i0LmxL/daHwGsWU3oaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxZDRlZTRhZmZmNTVlNjc0NDRkNDdkNDliNTEyYTgzNjhi
ZjllZjYwHhcNMjMwMTAxMTEyNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTkxNjMwZWFhZDQ1Zjg4ZmMxMTY4ZjEwNzE0ZTI2NWMzZjc4NTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmCwAm7HGQhsx64B/6fMhuv3OPgZd
8r+rox4vfXB0WloV/vXZLqUg88CfCSP7c/q0dpBCliAO9rW4Xk6Bv8hh2wjehu0c
wZ99OmoUhMIjlhslSymXMT6BwauGvfmqYUKZW9sH3kgFpEi14MTw7q8vYwpFhj5w
3m1/6tG+aNyRjVR+/HJGN004jjCh2sqmtnlUov3WmULsVD4VbNuIXnZsQ6+IIGHC
R3d/SBnShveAxLXGSLVJCogVdMYE+dK2CASTUKn+xLY5rI1hc9pjSmKG7BeeTdKJ
P4uSHMRgJUlA6Lia14qRvsJZw0Hz1RQLbxJ0ALvpS94EkOaXEFwrLyB86QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHWRYw6q1F+I/BFo8QcU4mXD94V8MB8GA1UdIwQY
MBaAFDHU7kr/9V5nRE1H1JtRKoNov572MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWRUdVN2XzFYbWRFVFVmVW0xRXFnMmlfbnZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9lNDRkZWEtOGQ1MS00NDBhLWJjMDIt
YmFiNTc2ZTIwMzkzLzEvZFpGakRxclVYNGo4RVdqeEJ4VGlaY1AzaFh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9lNDRkZWEtOGQ1MS00NDBhLWJjMDItYmFiNTc2ZTIwMzkz
LzEvTWRUdVN2XzFYbWRFVFVmVW0xRXFnMmlfbnZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTKMMA0E
AgACMAcDBQAqAavgMA0GCSqGSIb3DQEBCwUAA4IBAQCoFZEwnW7TqECePBvmujHu
z+tFk2fFtaj6CUuLMNWBdEPZqWPcmKk++2eKLrIkDiFMrMnkIEKU92aRoCXSO7SR
VYYMxHRzZYgihpbR1+xuew4QkW1hy2FjcuiBaP92KXOes5sSzpeZi1p5SeMtf0o7
ADQKmI8hscu2e52fEbF7e/MdfTsVb4jP/zu2dkAo/IZh+S5DOYgxrrSj+2TkanCq
x4X/NrlYTpbkbl0bWi94hlI2t6xuZ73C1+DyEZO8Cj0shT+OMaWUGs+EjmKwsqzs
nMZcje4TzeJRHq3fpjQ++LsCHHjkxVD26DjUoETEzTNXGluuGpL/OhrgiKrOcur+
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:01 2024 by rpki-client on console-ams.rpki-client.org