Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/4c68e4-4d71-4696-9557-6c6658bd952e/1/VhQAh5Ju7SxtKM7F1XL0ZhOWHKg.roa
File:                     VhQAh5Ju7SxtKM7F1XL0ZhOWHKg.roa (raw, json)
Hash identifier:          EMkI3vfrmS6aCocYfBLhT9GLo/gyVrG1mSTfP6V+BBY=
Subject key identifier:   56:14:00:87:92:6E:ED:2C:6D:28:CE:C5:D5:72:F4:66:13:96:1C:A8
Certificate issuer:       /CN=33622344f29e6b6420bfebc38bb67a30f4453f71
Certificate serial:       01857295DDE93327D6D8203B6AA4CCF425A9
Authority key identifier: 33:62:23:44:F2:9E:6B:64:20:BF:EB:C3:8B:B6:7A:30:F4:45:3F:71
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/M2IjRPKea2Qgv-vDi7Z6MPRFP3E.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a2/4c68e4-4d71-4696-9557-6c6658bd952e/1/VhQAh5Ju7SxtKM7F1XL0ZhOWHKg.roa
Signing time:             Mon 02 Jan 2023 13:05:02 +0000
ROA not before:           Mon 02 Jan 2023 13:05:02 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     7155
IP address blocks:        185.136.44.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Tue 14 Feb 2023 08:54:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:72:95:dd:e9:33:27:d6:d8:20:3b:6a:a4:cc:f4:25:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=33622344f29e6b6420bfebc38bb67a30f4453f71
        Validity
            Not Before: Jan  2 13:05:02 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=56140087926eed2c6d28cec5d572f46613961ca8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:ad:db:c5:8d:13:01:f2:2a:f6:7c:5b:d7:d8:
                    4b:bc:22:86:a6:a8:71:d1:30:d5:80:11:f0:14:f0:
                    5c:ee:fa:c6:15:61:2f:51:b9:93:2e:7b:05:8b:92:
                    ec:fd:6c:2a:e1:91:ad:69:9f:d3:17:2b:24:91:f0:
                    c9:d2:d2:c5:8c:56:0e:22:67:51:68:87:f8:5e:d4:
                    8a:47:08:18:2c:eb:2e:bf:17:72:ab:0a:41:28:37:
                    02:d2:61:61:8a:29:1b:3c:c0:18:c7:42:53:a2:59:
                    63:e3:5d:3b:1e:be:50:d2:ff:a7:1a:d2:04:e0:62:
                    39:ad:be:4b:5d:2a:ce:06:ee:9b:c8:83:44:cb:3b:
                    d4:9a:ce:38:15:82:d7:19:ce:bf:75:eb:c2:8a:ae:
                    37:43:15:dc:71:5d:91:d3:60:b6:76:72:85:ff:7b:
                    22:fe:5c:a8:ae:84:8b:1f:1e:0c:ee:8a:61:e3:3d:
                    06:ba:43:47:54:e4:a2:72:35:c3:39:53:64:05:ce:
                    e5:07:a5:3a:fc:38:b9:45:1c:a1:1e:aa:76:dd:1e:
                    21:e3:0b:80:b2:ea:00:da:99:12:6f:2c:36:e0:9d:
                    52:99:17:5c:7c:68:ed:0c:48:c5:d5:5c:df:68:aa:
                    3d:65:56:1c:66:cb:a9:1f:ad:18:54:08:60:1f:ec:
                    62:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:14:00:87:92:6E:ED:2C:6D:28:CE:C5:D5:72:F4:66:13:96:1C:A8
            X509v3 Authority Key Identifier:
                keyid:33:62:23:44:F2:9E:6B:64:20:BF:EB:C3:8B:B6:7A:30:F4:45:3F:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M2IjRPKea2Qgv-vDi7Z6MPRFP3E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/4c68e4-4d71-4696-9557-6c6658bd952e/1/VhQAh5Ju7SxtKM7F1XL0ZhOWHKg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/4c68e4-4d71-4696-9557-6c6658bd952e/1/M2IjRPKea2Qgv-vDi7Z6MPRFP3E.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.136.44.0/22

    Signature Algorithm: sha256WithRSAEncryption
         03:b0:a0:41:6a:f3:e5:de:2b:f3:66:22:a3:34:a8:bc:28:96:
         fa:e2:af:0e:27:1d:af:31:0c:a9:b2:a1:7d:a8:f6:e5:20:68:
         ff:83:be:7d:d8:0b:b2:80:30:d5:06:04:c9:7d:05:9c:de:a5:
         13:aa:92:55:9d:af:e6:4f:50:19:a0:50:da:f8:4f:3d:1e:82:
         76:30:d9:1e:7f:95:62:1b:a1:47:39:64:19:63:99:80:17:76:
         d1:a6:c9:97:df:4f:7d:6c:dd:5c:30:74:fe:c0:f1:9c:e0:64:
         2e:c6:0e:71:6b:2a:72:8d:51:b9:a4:e9:c0:52:d6:de:ec:a6:
         7d:8e:69:ca:c6:38:c8:32:9c:8a:1f:98:56:52:32:9c:17:7a:
         18:26:e0:81:97:55:ce:8c:89:68:a9:30:3a:71:6c:0c:3d:5c:
         77:a2:29:36:45:94:ac:1f:90:2b:a2:7d:a4:a6:4a:e7:29:bb:
         71:de:8f:01:b5:a7:d4:1e:60:2e:62:de:a4:7c:90:0f:05:77:
         49:0e:a4:dd:5d:6f:fd:3d:d0:1e:da:32:a7:6b:6c:b3:2f:a7:
         66:d2:c7:70:81:c9:9b:72:ec:a5:31:6e:7d:6a:66:ef:9c:8f:
         10:77:8d:d6:a3:e0:5b:c7:f2:f7:b6:aa:a1:90:ed:30:b2:1e:
         9a:6c:df:75
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyld3pMyfW2CA7aqTM9CWpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzNjIyMzQ0ZjI5ZTZiNjQyMGJmZWJjMzhiYjY3YTMwZjQ0
NTNmNzEwHhcNMjMwMTAyMTMwNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjE0MDA4NzkyNmVlZDJjNmQyOGNlYzVkNTcyZjQ2NjEzOTYxY2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg63bxY0TAfIq9nxb19hLvCKGpqhx
0TDVgBHwFPBc7vrGFWEvUbmTLnsFi5Ls/Wwq4ZGtaZ/TFyskkfDJ0tLFjFYOImdR
aIf4XtSKRwgYLOsuvxdyqwpBKDcC0mFhiikbPMAYx0JTollj4107Hr5Q0v+nGtIE
4GI5rb5LXSrOBu6byINEyzvUms44FYLXGc6/devCiq43QxXccV2R02C2dnKF/3si
/lyoroSLHx4M7oph4z0GukNHVOSicjXDOVNkBc7lB6U6/Di5RRyhHqp23R4h4wuA
suoA2pkSbyw24J1SmRdcfGjtDEjF1VzfaKo9ZVYcZsupH60YVAhgH+xi0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFYUAIeSbu0sbSjOxdVy9GYTlhyoMB8GA1UdIwQY
MBaAFDNiI0TynmtkIL/rw4u2ejD0RT9xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTJJalJQS2VhMlFndi12RGk3WjZNUFJGUDNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi80YzY4ZTQtNGQ3MS00Njk2LTk1NTct
NmM2NjU4YmQ5NTJlLzEvVmhRQWg1SnU3U3h0S003RjFYTDBaaE9XSEtnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi80YzY4ZTQtNGQ3MS00Njk2LTk1NTctNmM2NjU4YmQ5NTJl
LzEvTTJJalJQS2VhMlFndi12RGk3WjZNUFJGUDNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYgsMA0G
CSqGSIb3DQEBCwUAA4IBAQADsKBBavPl3ivzZiKjNKi8KJb64q8OJx2vMQypsqF9
qPblIGj/g7592AuygDDVBgTJfQWc3qUTqpJVna/mT1AZoFDa+E89HoJ2MNkef5Vi
G6FHOWQZY5mAF3bRpsmX3099bN1cMHT+wPGc4GQuxg5xaypyjVG5pOnAUtbe7KZ9
jmnKxjjIMpyKH5hWUjKcF3oYJuCBl1XOjIloqTA6cWwMPVx3oik2RZSsH5Aron2k
pkrnKbtx3o8BtafUHmAuYt6kfJAPBXdJDqTdXW/9PdAe2jKna2yzL6dm0sdwgcmb
cuylMW59ambvnI8Qd43Wo+Bbx/L3tqqhkO0wsh6abN91
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:03 2024 by rpki-client on console-fra.rpki-client.org