Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/7bddda-0c6c-4a5e-b1c5-3ba5f30caabf/1/gqIq5B-mwcWnxQyuvfxjJTTRKC0.roa
File:                     gqIq5B-mwcWnxQyuvfxjJTTRKC0.roa (raw, json)
Hash identifier:          UNtpDbEECrcTL2fHFXDPf9J1Z39FGM+YbjD69VBZ7ek=
Subject key identifier:   82:A2:2A:E4:1F:A6:C1:C5:A7:C5:0C:AE:BD:FC:63:25:34:D1:28:2D
Certificate issuer:       /CN=1a4dd11554247bd2bd301cea43ff5180372c38e4
Certificate serial:       0185715E481CD512BE11E9853A9D6515A3F6
Authority key identifier: 1A:4D:D1:15:54:24:7B:D2:BD:30:1C:EA:43:FF:51:80:37:2C:38:E4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Gk3RFVQke9K9MBzqQ_9RgDcsOOQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a5/7bddda-0c6c-4a5e-b1c5-3ba5f30caabf/1/gqIq5B-mwcWnxQyuvfxjJTTRKC0.roa
Signing time:             Mon 02 Jan 2023 07:24:42 +0000
ROA not before:           Mon 02 Jan 2023 07:24:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     31898
IP address blocks:        185.192.56.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 08:30:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:5e:48:1c:d5:12:be:11:e9:85:3a:9d:65:15:a3:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1a4dd11554247bd2bd301cea43ff5180372c38e4
        Validity
            Not Before: Jan  2 07:24:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=82a22ae41fa6c1c5a7c50caebdfc632534d1282d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:cc:1f:75:66:ab:89:d2:fa:e0:63:c0:3e:bc:
                    f7:a4:c3:a4:bc:9c:10:34:c2:e3:08:23:a2:fc:70:
                    09:89:54:da:c9:33:d8:bc:6e:e7:7a:76:7e:6f:fe:
                    b3:0b:d5:e4:ae:15:b6:2b:96:da:73:ef:d0:f6:40:
                    cf:a1:04:51:11:9f:bf:f0:eb:42:0d:e6:79:bf:65:
                    9e:3f:ab:64:d2:dd:91:1f:0f:7a:b5:c5:bc:f9:e4:
                    e5:f2:13:c6:ba:22:7c:f1:19:58:c8:59:96:bb:8d:
                    29:99:fb:40:3e:6b:27:fc:bf:6c:1e:4d:61:d7:ed:
                    2d:95:6b:27:71:e5:e7:04:e2:ea:ac:6a:d4:31:fe:
                    4f:16:c8:f7:c7:ce:b6:64:24:36:b8:52:77:e7:94:
                    41:5a:c1:67:db:4b:fd:fd:52:1b:d8:cc:24:4d:51:
                    1a:2e:dc:3c:d8:2f:cc:8c:23:c0:35:2f:5a:61:fb:
                    ce:91:ca:fd:10:6c:69:fa:5a:85:70:5d:22:96:f5:
                    4b:ae:d9:ae:c5:ca:f1:5a:c1:7a:0f:a9:21:c1:53:
                    fa:39:f2:4e:cb:d0:a7:b7:11:06:36:97:51:13:26:
                    87:f3:7b:c0:5f:5b:6b:75:79:16:43:c3:1d:cb:0f:
                    41:63:ef:1e:de:1e:5a:a1:2a:32:e9:e2:3c:06:d4:
                    98:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:A2:2A:E4:1F:A6:C1:C5:A7:C5:0C:AE:BD:FC:63:25:34:D1:28:2D
            X509v3 Authority Key Identifier:
                keyid:1A:4D:D1:15:54:24:7B:D2:BD:30:1C:EA:43:FF:51:80:37:2C:38:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gk3RFVQke9K9MBzqQ_9RgDcsOOQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/7bddda-0c6c-4a5e-b1c5-3ba5f30caabf/1/gqIq5B-mwcWnxQyuvfxjJTTRKC0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/7bddda-0c6c-4a5e-b1c5-3ba5f30caabf/1/Gk3RFVQke9K9MBzqQ_9RgDcsOOQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.192.56.0/22

    Signature Algorithm: sha256WithRSAEncryption
         38:dc:cc:27:44:8b:97:83:71:65:9f:ce:00:45:5f:1f:57:1a:
         9d:0c:5c:7d:a0:1a:9a:88:fa:f5:13:7b:2e:ee:f1:5a:12:55:
         2a:72:ef:0d:77:b0:5a:c7:44:ac:48:7f:2a:de:40:54:33:6b:
         59:fe:0a:5d:5e:4b:b6:9f:db:02:1b:fa:7d:44:e1:84:4e:af:
         ea:70:5b:34:07:2a:ef:e4:19:cb:39:c4:53:f7:33:ef:ea:15:
         74:ac:30:22:1d:c7:f6:23:fd:13:86:fa:c2:8f:da:14:bc:85:
         9d:42:e5:8f:50:4b:6d:4b:c2:ca:0f:ee:c8:c3:90:6e:aa:95:
         ec:ac:b9:fa:a0:3d:18:f0:e2:18:e6:95:5a:b4:04:98:8a:5a:
         fd:a0:d0:1d:79:b3:78:e1:00:93:2a:2b:d7:b3:be:2f:7a:0c:
         6c:9b:c3:e9:93:d7:bc:46:ae:2d:4b:28:c8:c0:65:18:2c:ad:
         a6:57:de:52:2d:75:9f:d6:6a:ed:7b:9c:4c:26:35:ea:2a:af:
         c2:7b:87:9d:4b:b7:c5:b5:1f:f7:a5:e1:ec:7d:3c:d3:78:90:
         16:30:1f:ec:0b:3d:68:76:cd:2e:77:c1:ba:f4:5a:48:0b:20:
         70:8a:f5:55:d5:ab:93:ce:b6:eb:24:fb:71:08:a6:4e:6b:69:
         ab:0a:d5:37
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxXkgc1RK+EemFOp1lFaP2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhNGRkMTE1NTQyNDdiZDJiZDMwMWNlYTQzZmY1MTgwMzcy
YzM4ZTQwHhcNMjMwMTAyMDcyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmEyMmFlNDFmYTZjMWM1YTdjNTBjYWViZGZjNjMyNTM0ZDEyODJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtMwfdWaridL64GPAPrz3pMOkvJwQ
NMLjCCOi/HAJiVTayTPYvG7nenZ+b/6zC9XkrhW2K5bac+/Q9kDPoQRREZ+/8OtC
DeZ5v2WeP6tk0t2RHw96tcW8+eTl8hPGuiJ88RlYyFmWu40pmftAPmsn/L9sHk1h
1+0tlWsnceXnBOLqrGrUMf5PFsj3x862ZCQ2uFJ355RBWsFn20v9/VIb2MwkTVEa
Ltw82C/MjCPANS9aYfvOkcr9EGxp+lqFcF0ilvVLrtmuxcrxWsF6D6khwVP6OfJO
y9CntxEGNpdREyaH83vAX1trdXkWQ8Mdyw9BY+8e3h5aoSoy6eI8BtSY2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIKiKuQfpsHFp8UMrr38YyU00SgtMB8GA1UdIwQY
MBaAFBpN0RVUJHvSvTAc6kP/UYA3LDjkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2szUkZWUWtlOUs5TUJ6cVFfOVJnRGNzT09RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS83YmRkZGEtMGM2Yy00YTVlLWIxYzUt
M2JhNWYzMGNhYWJmLzEvZ3FJcTVCLW13Y1dueFF5dXZmeGpKVFRSS0MwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS83YmRkZGEtMGM2Yy00YTVlLWIxYzUtM2JhNWYzMGNhYWJm
LzEvR2szUkZWUWtlOUs5TUJ6cVFfOVJnRGNzT09RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucA4MA0G
CSqGSIb3DQEBCwUAA4IBAQA43MwnRIuXg3Fln84ARV8fVxqdDFx9oBqaiPr1E3su
7vFaElUqcu8Nd7Bax0SsSH8q3kBUM2tZ/gpdXku2n9sCG/p9ROGETq/qcFs0Byrv
5BnLOcRT9zPv6hV0rDAiHcf2I/0ThvrCj9oUvIWdQuWPUEttS8LKD+7Iw5BuqpXs
rLn6oD0Y8OIY5pVatASYilr9oNAdebN44QCTKivXs74vegxsm8Ppk9e8Rq4tSyjI
wGUYLK2mV95SLXWf1mrte5xMJjXqKq/Ce4edS7fFtR/3peHsfTzTeJAWMB/sCz1o
ds0ud8G69FpICyBwivVV1auTzrbrJPtxCKZOa2mrCtU3
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:38 2024 by rpki-client on console-ams.rpki-client.org