Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/aa3805-c8a4-4f65-87cb-13ea56d1f63a/1/WSuqtiMzeS8QIwC7I5Uva0b_aDw.roa
File:                     WSuqtiMzeS8QIwC7I5Uva0b_aDw.roa (raw, json)
Hash identifier:          JS9/SE9Vffi81R9iJbY6+Zpfb8sDxPMri1cauu++T0g=
Subject key identifier:   59:2B:AA:B6:23:33:79:2F:10:23:00:BB:23:95:2F:6B:46:FF:68:3C
Certificate issuer:       /CN=340551ace81314829351a27e399aeddb33246155
Certificate serial:       0185714C223D42C39400D10B0E231B52CD08
Authority key identifier: 34:05:51:AC:E8:13:14:82:93:51:A2:7E:39:9A:ED:DB:33:24:61:55
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NAVRrOgTFIKTUaJ-OZrt2zMkYVU.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ab/aa3805-c8a4-4f65-87cb-13ea56d1f63a/1/WSuqtiMzeS8QIwC7I5Uva0b_aDw.roa
Signing time:             Mon 02 Jan 2023 07:04:52 +0000
ROA not before:           Mon 02 Jan 2023 07:04:52 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     43341
IP address blocks:        194.113.144.0/22 maxlen: 22
                          2a07:e300::/29 maxlen: 29

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 16:29:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:71:4c:22:3d:42:c3:94:00:d1:0b:0e:23:1b:52:cd:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=340551ace81314829351a27e399aeddb33246155
        Validity
            Not Before: Jan  2 07:04:52 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=592baab62333792f102300bb23952f6b46ff683c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:82:b3:fa:fc:b8:e4:10:22:14:b8:06:d7:46:
                    45:c7:ba:ab:3f:d5:70:eb:8b:b0:50:da:73:dc:d7:
                    64:63:33:75:e6:c4:80:87:53:cd:f8:bb:d0:c2:2d:
                    67:11:d7:29:c5:1a:64:20:8a:a0:a8:ff:9f:db:f2:
                    af:e8:06:d9:8f:8d:32:cb:96:23:75:78:df:d2:89:
                    c2:2a:e4:c4:95:af:93:1b:25:2b:c9:e1:b2:92:18:
                    c5:68:a0:2d:65:f7:5e:79:c7:bc:6a:be:70:3e:8c:
                    ac:f8:f5:04:bb:fb:7d:01:13:21:de:21:1c:b1:6f:
                    9c:3f:84:d8:9a:66:fb:cf:a7:f3:63:d1:94:0f:a2:
                    f4:b5:61:69:65:61:99:a5:00:e8:85:85:58:04:34:
                    a1:af:b9:13:71:3e:f2:5a:fd:46:ad:e2:63:91:6d:
                    66:47:b4:16:55:e2:7c:20:b6:41:48:d9:ac:17:3c:
                    ab:11:0b:ba:a5:71:12:ca:6a:b9:2d:7b:5e:64:43:
                    7f:93:6f:4a:2c:dc:13:6c:28:35:61:f6:81:e5:b6:
                    c3:f6:58:5d:e3:e1:30:31:f8:5d:e8:6a:23:f8:4b:
                    ef:0e:7b:87:ff:74:7f:60:cc:58:23:b2:32:e8:96:
                    c5:98:5f:b9:d4:a9:cf:78:46:d0:ad:9c:b3:9d:fb:
                    27:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:2B:AA:B6:23:33:79:2F:10:23:00:BB:23:95:2F:6B:46:FF:68:3C
            X509v3 Authority Key Identifier:
                keyid:34:05:51:AC:E8:13:14:82:93:51:A2:7E:39:9A:ED:DB:33:24:61:55

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NAVRrOgTFIKTUaJ-OZrt2zMkYVU.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/aa3805-c8a4-4f65-87cb-13ea56d1f63a/1/WSuqtiMzeS8QIwC7I5Uva0b_aDw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/aa3805-c8a4-4f65-87cb-13ea56d1f63a/1/NAVRrOgTFIKTUaJ-OZrt2zMkYVU.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.113.144.0/22
                IPv6:
                  2a07:e300::/29

    Signature Algorithm: sha256WithRSAEncryption
         7d:42:ef:03:03:c4:2d:f3:03:f4:3f:e4:82:7c:60:5b:a1:4b:
         e6:90:0f:8b:f2:0b:e5:7d:b7:81:e2:92:a1:9b:32:ee:f1:40:
         4b:8d:73:8d:52:4f:79:2e:ae:9d:d2:30:9c:98:46:3e:ea:6e:
         19:e6:7c:57:1e:cd:1d:ce:96:dd:20:69:56:28:1d:39:f0:a7:
         3d:0a:d5:c5:68:c8:ba:00:1a:36:cd:2f:88:fc:66:75:e9:85:
         69:1c:7c:08:df:d1:f2:0f:0d:9c:7e:5c:3f:ac:66:1b:91:7d:
         54:31:ac:cc:21:1e:8b:76:17:70:ab:f9:d5:15:d9:86:8f:90:
         8c:78:56:54:cf:64:43:5a:b7:db:0e:af:dc:be:f1:9f:c9:1a:
         c4:1d:11:9f:6f:0f:f4:b3:3c:ff:db:79:9a:40:59:d3:dc:91:
         c0:87:43:ab:23:c8:fa:7f:0a:86:f6:66:2b:3b:60:42:3f:31:
         de:5b:70:9a:fe:a7:14:a6:58:6f:99:46:98:30:8e:14:77:47:
         d5:5f:1b:cc:45:6a:38:eb:2e:a1:46:d2:46:db:f2:11:0d:a7:
         e6:4b:07:63:d7:15:0d:d5:2f:2d:8e:c7:d9:f2:a3:e2:77:ce:
         ea:69:5f:a4:38:ce:5e:2a:48:32:bf:54:d7:98:97:05:71:c1:
         20:fd:3e:6a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxTCI9QsOUANELDiMbUs0IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MDU1MWFjZTgxMzE0ODI5MzUxYTI3ZTM5OWFlZGRiMzMy
NDYxNTUwHhcNMjMwMTAyMDcwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTJiYWFiNjIzMzM3OTJmMTAyMzAwYmIyMzk1MmY2YjQ2ZmY2ODNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArIKz+vy45BAiFLgG10ZFx7qrP9Vw
64uwUNpz3NdkYzN15sSAh1PN+LvQwi1nEdcpxRpkIIqgqP+f2/Kv6AbZj40yy5Yj
dXjf0onCKuTEla+TGyUryeGykhjFaKAtZfdeece8ar5wPoys+PUEu/t9ARMh3iEc
sW+cP4TYmmb7z6fzY9GUD6L0tWFpZWGZpQDohYVYBDShr7kTcT7yWv1GreJjkW1m
R7QWVeJ8ILZBSNmsFzyrEQu6pXESymq5LXteZEN/k29KLNwTbCg1YfaB5bbD9lhd
4+EwMfhd6Goj+EvvDnuH/3R/YMxYI7Iy6JbFmF+51KnPeEbQrZyznfsniwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFkrqrYjM3kvECMAuyOVL2tG/2g8MB8GA1UdIwQY
MBaAFDQFUazoExSCk1Gifjma7dszJGFVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkFWUnJPZ1RGSUtUVWFKLU9acnQyek1rWVZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi9hYTM4MDUtYzhhNC00ZjY1LTg3Y2It
MTNlYTU2ZDFmNjNhLzEvV1N1cXRpTXplUzhRSXdDN0k1VXZhMGJfYUR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi9hYTM4MDUtYzhhNC00ZjY1LTg3Y2ItMTNlYTU2ZDFmNjNh
LzEvTkFWUnJPZ1RGSUtUVWFKLU9acnQyek1rWVZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwnGQMA0E
AgACMAcDBQMqB+MAMA0GCSqGSIb3DQEBCwUAA4IBAQB9Qu8DA8Qt8wP0P+SCfGBb
oUvmkA+L8gvlfbeB4pKhmzLu8UBLjXONUk95Lq6d0jCcmEY+6m4Z5nxXHs0dzpbd
IGlWKB058Kc9CtXFaMi6ABo2zS+I/GZ16YVpHHwI39HyDw2cflw/rGYbkX1UMazM
IR6Ldhdwq/nVFdmGj5CMeFZUz2RDWrfbDq/cvvGfyRrEHRGfbw/0szz/23maQFnT
3JHAh0OrI8j6fwqG9mYrO2BCPzHeW3Ca/qcUplhvmUaYMI4Ud0fVXxvMRWo46y6h
RtJG2/IRDafmSwdj1xUN1S8tjsfZ8qPid87qaV+kOM5eKkgyv1TXmJcFccEg/T5q
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:21 2024 by rpki-client on console-fra.rpki-client.org