Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/5fd4bf-74d9-4072-b557-084cca1c8623/1/1c3BU1F2XauDH6anwy54obZ0axg.roa
File:                     1c3BU1F2XauDH6anwy54obZ0axg.roa (raw, json)
Hash identifier:          Gdoau1o81SgusTLhFY+ZqVdZmYRrBIwDeRUsnVtRFRs=
Subject key identifier:   D5:CD:C1:53:51:76:5D:AB:83:1F:A6:A7:C3:2E:78:A1:B6:74:6B:18
Certificate issuer:       /CN=78703e7a62309bf027c1f10536926a19b7f14b1e
Certificate serial:       01856BEEC8FC776F2FBD929EFEB39CDDF45B
Authority key identifier: 78:70:3E:7A:62:30:9B:F0:27:C1:F1:05:36:92:6A:19:B7:F1:4B:1E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eHA-emIwm_AnwfEFNpJqGbfxSx4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ac/5fd4bf-74d9-4072-b557-084cca1c8623/1/1c3BU1F2XauDH6anwy54obZ0axg.roa
Signing time:             Sun 01 Jan 2023 06:04:49 +0000
ROA not before:           Sun 01 Jan 2023 06:04:49 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     3624
IP address blocks:        185.117.213.0/24 maxlen: 24
                          2a06:8782::/32 maxlen: 32

Validation:               Failed, certificate revoked on Tue 02 Jan 2024 06:31:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:ee:c8:fc:77:6f:2f:bd:92:9e:fe:b3:9c:dd:f4:5b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=78703e7a62309bf027c1f10536926a19b7f14b1e
        Validity
            Not Before: Jan  1 06:04:49 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=d5cdc15351765dab831fa6a7c32e78a1b6746b18
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:b8:1a:87:1c:5c:62:85:5f:6c:f2:fe:5d:8e:
                    1b:ac:cc:f2:51:0c:46:1d:20:46:b5:9f:ca:49:a8:
                    06:02:09:57:4c:14:17:c1:1d:41:ef:e3:07:8c:3d:
                    86:a3:b3:0f:bc:23:a4:c4:2f:8a:7a:da:80:1a:b6:
                    0d:49:ac:d6:89:35:db:db:1f:0a:bc:7e:ac:21:d8:
                    3c:16:f7:0d:dc:bd:86:c1:84:2c:e8:a6:51:bd:31:
                    33:60:9d:a9:fe:a1:d3:06:97:f6:99:ef:a8:99:f3:
                    d3:b8:86:04:aa:9a:9b:d3:1d:78:85:bb:1b:6e:f7:
                    d7:22:29:42:25:c4:7d:74:fd:1b:02:20:55:13:7c:
                    85:e1:c5:bd:a1:42:e7:20:6a:5c:2d:54:fd:51:8c:
                    99:d6:54:8a:3e:2d:3f:b6:fe:57:f5:ca:cb:b5:26:
                    67:7d:61:6b:93:9f:66:0e:30:c5:24:05:49:49:4a:
                    3c:3b:c0:f3:69:1c:fd:38:10:a8:27:38:93:a6:4d:
                    83:ed:11:e5:8f:b0:13:10:a8:97:6c:e0:ed:2d:09:
                    66:c2:b7:47:1f:ba:e1:6e:76:05:43:fd:92:da:a1:
                    f8:e0:d6:48:a9:59:e1:a9:9d:69:a0:f1:59:38:7a:
                    9e:9e:cf:ad:6e:38:ce:e0:68:61:df:6f:4d:6e:f1:
                    1d:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:CD:C1:53:51:76:5D:AB:83:1F:A6:A7:C3:2E:78:A1:B6:74:6B:18
            X509v3 Authority Key Identifier:
                keyid:78:70:3E:7A:62:30:9B:F0:27:C1:F1:05:36:92:6A:19:B7:F1:4B:1E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eHA-emIwm_AnwfEFNpJqGbfxSx4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/5fd4bf-74d9-4072-b557-084cca1c8623/1/1c3BU1F2XauDH6anwy54obZ0axg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/5fd4bf-74d9-4072-b557-084cca1c8623/1/eHA-emIwm_AnwfEFNpJqGbfxSx4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.117.213.0/24
                IPv6:
                  2a06:8782::/32

    Signature Algorithm: sha256WithRSAEncryption
         4e:11:84:8c:43:4e:fb:36:a1:7a:0c:ba:bc:2a:96:f2:8d:6d:
         a0:56:9d:40:62:08:67:23:9b:e1:b1:1b:39:31:d7:58:1f:f9:
         fd:39:16:74:ba:c9:68:15:d6:95:49:f9:9e:56:59:73:c2:a5:
         9b:8b:44:67:68:12:a7:45:36:e6:e2:63:02:f3:83:7d:77:ce:
         ad:ed:8e:77:58:72:01:0b:5c:78:10:aa:4a:f9:8b:1f:f6:80:
         e9:77:8b:57:40:4c:37:51:3d:41:b9:e6:d7:9a:f8:71:cf:23:
         ff:10:bd:1d:cb:d8:62:a1:af:51:3d:49:2e:bc:67:46:c5:6b:
         47:11:da:f0:32:63:cf:cb:41:4d:72:6f:da:c0:84:a6:87:13:
         d1:b9:da:c8:c3:f9:bb:97:ff:1d:28:f7:07:b7:8a:91:f4:af:
         04:58:dd:2d:3c:e2:35:bc:dd:a2:08:67:48:d9:22:9a:34:be:
         ab:17:e0:b7:3f:bc:47:20:11:32:b7:ed:6e:aa:4e:10:2b:77:
         37:7e:16:1b:b1:e1:9e:2d:ad:18:90:36:9d:dd:84:93:d2:7f:
         c8:b1:d0:18:d0:a1:26:31:ab:42:45:54:8a:73:d4:cf:74:d2:
         33:be:f5:12:e1:73:48:c8:e9:46:4a:21:29:c7:bb:3b:d2:b9:
         f9:2e:df:70
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVr7sj8d28vvZKe/rOc3fRbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4NzAzZTdhNjIzMDliZjAyN2MxZjEwNTM2OTI2YTE5Yjdm
MTRiMWUwHhcNMjMwMTAxMDYwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWNkYzE1MzUxNzY1ZGFiODMxZmE2YTdjMzJlNzhhMWI2NzQ2YjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp7gahxxcYoVfbPL+XY4brMzyUQxG
HSBGtZ/KSagGAglXTBQXwR1B7+MHjD2Go7MPvCOkxC+KetqAGrYNSazWiTXb2x8K
vH6sIdg8FvcN3L2GwYQs6KZRvTEzYJ2p/qHTBpf2me+omfPTuIYEqpqb0x14hbsb
bvfXIilCJcR9dP0bAiBVE3yF4cW9oULnIGpcLVT9UYyZ1lSKPi0/tv5X9crLtSZn
fWFrk59mDjDFJAVJSUo8O8DzaRz9OBCoJziTpk2D7RHlj7ATEKiXbODtLQlmwrdH
H7rhbnYFQ/2S2qH44NZIqVnhqZ1poPFZOHqens+tbjjO4Ghh329NbvEdzwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNXNwVNRdl2rgx+mp8MueKG2dGsYMB8GA1UdIwQY
MBaAFHhwPnpiMJvwJ8HxBTaSahm38UseMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUhBLWVtSXdtX0Fud2ZFRk5wSnFHYmZ4U3g0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy81ZmQ0YmYtNzRkOS00MDcyLWI1NTct
MDg0Y2NhMWM4NjIzLzEvMWMzQlUxRjJYYXVESDZhbnd5NTRvYlowYXhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy81ZmQ0YmYtNzRkOS00MDcyLWI1NTctMDg0Y2NhMWM4NjIz
LzEvZUhBLWVtSXdtX0Fud2ZFRk5wSnFHYmZ4U3g0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuXXVMA0E
AgACMAcDBQAqBoeCMA0GCSqGSIb3DQEBCwUAA4IBAQBOEYSMQ077NqF6DLq8Kpby
jW2gVp1AYghnI5vhsRs5MddYH/n9ORZ0usloFdaVSfmeVllzwqWbi0RnaBKnRTbm
4mMC84N9d86t7Y53WHIBC1x4EKpK+Ysf9oDpd4tXQEw3UT1BuebXmvhxzyP/EL0d
y9hioa9RPUkuvGdGxWtHEdrwMmPPy0FNcm/awISmhxPRudrIw/m7l/8dKPcHt4qR
9K8EWN0tPOI1vN2iCGdI2SKaNL6rF+C3P7xHIBEyt+1uqk4QK3c3fhYbseGeLa0Y
kDad3YST0n/IsdAY0KEmMatCRVSKc9TPdNIzvvUS4XNIyOlGSiEpx7s70rn5Lt9w
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:28 2024 by rpki-client on console-fra.rpki-client.org