Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/c720b4-1acb-4703-bc24-467e009daed0/1/a2peWgub4Z4tuZJ5_u457G_zwGU.roa
File:                     a2peWgub4Z4tuZJ5_u457G_zwGU.roa (raw, json)
Hash identifier:          RR8nXXejlO7Feave1f28QREwVU7GWiTnYxQE+Jlx2kg=
Subject key identifier:   6B:6A:5E:5A:0B:9B:E1:9E:2D:B9:92:79:FE:EE:39:EC:6F:F3:C0:65
Certificate issuer:       /CN=a3a82ee9aa1106ed720d63c3844e666440e34438
Certificate serial:       018570F0A8A5A86318D848AC1FD904B6E0E7
Authority key identifier: A3:A8:2E:E9:AA:11:06:ED:72:0D:63:C3:84:4E:66:64:40:E3:44:38
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/o6gu6aoRBu1yDWPDhE5mZEDjRDg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/ad/c720b4-1acb-4703-bc24-467e009daed0/1/a2peWgub4Z4tuZJ5_u457G_zwGU.roa
Signing time:             Mon 02 Jan 2023 05:24:58 +0000
ROA not before:           Mon 02 Jan 2023 05:24:58 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     12826
IP address blocks:        185.23.132.0/23 maxlen: 23

Validation:               Failed, certificate revoked on Thu 27 Jul 2023 08:58:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:70:f0:a8:a5:a8:63:18:d8:48:ac:1f:d9:04:b6:e0:e7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a3a82ee9aa1106ed720d63c3844e666440e34438
        Validity
            Not Before: Jan  2 05:24:58 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=6b6a5e5a0b9be19e2db99279feee39ec6ff3c065
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:de:50:dc:88:1e:d6:14:8f:21:77:fa:6a:85:
                    11:d4:10:1a:44:9f:0b:6e:40:d5:1c:f2:79:be:81:
                    d8:f2:ce:8b:2a:da:d0:8e:7c:73:f0:18:85:b9:d0:
                    d0:c3:d0:d3:0f:0c:86:43:3c:bd:fa:96:84:94:2d:
                    e8:d2:30:83:c5:15:75:6f:34:bb:40:6d:cf:90:ae:
                    82:48:32:58:e9:15:05:a4:48:00:b1:02:3e:1b:d8:
                    39:74:30:bf:60:0e:7b:4f:d5:13:c0:d4:1f:ae:79:
                    4c:01:ea:d2:e3:2b:b7:fc:4e:c0:ae:ea:89:97:c5:
                    6c:7a:58:c6:b0:88:d6:8e:a3:54:cd:35:66:2d:40:
                    b5:bb:be:ad:69:53:7d:09:4c:d3:17:f9:ac:2a:7d:
                    5a:1e:8e:53:d3:e9:48:37:3c:be:57:22:33:81:93:
                    62:15:b4:b5:0f:f0:1d:88:46:4e:c2:bf:5a:fa:99:
                    2f:c2:d4:0f:74:eb:a9:7a:e4:0e:81:9f:7f:15:99:
                    c4:a8:45:cc:e0:3b:76:d7:35:ec:84:c7:da:5a:a0:
                    61:08:fb:0c:b3:5c:f2:94:f3:4d:43:2d:0a:85:ce:
                    a9:8c:ff:70:f4:cc:86:30:a1:2c:6b:02:fc:a8:fb:
                    0f:1a:41:f4:20:62:1a:18:3f:e3:14:94:8b:b0:f8:
                    e8:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:6A:5E:5A:0B:9B:E1:9E:2D:B9:92:79:FE:EE:39:EC:6F:F3:C0:65
            X509v3 Authority Key Identifier:
                keyid:A3:A8:2E:E9:AA:11:06:ED:72:0D:63:C3:84:4E:66:64:40:E3:44:38

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o6gu6aoRBu1yDWPDhE5mZEDjRDg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/c720b4-1acb-4703-bc24-467e009daed0/1/a2peWgub4Z4tuZJ5_u457G_zwGU.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/c720b4-1acb-4703-bc24-467e009daed0/1/o6gu6aoRBu1yDWPDhE5mZEDjRDg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.23.132.0/23

    Signature Algorithm: sha256WithRSAEncryption
         b0:0b:b6:02:1f:1d:df:4d:70:26:46:ef:2c:44:3b:50:c1:d4:
         73:93:54:e9:e0:de:dd:d7:fe:4f:13:03:59:aa:6c:f1:2d:f0:
         19:56:94:68:20:19:78:71:5f:54:fb:4a:97:0a:1e:3b:c0:5d:
         35:13:5f:c1:1b:7b:d1:8b:b5:c2:ca:64:2b:cc:93:cb:9a:b5:
         93:17:f6:e9:ed:b9:d1:09:c9:65:93:cf:a1:53:5c:14:1d:e2:
         fc:8c:1f:ec:d4:cb:d5:c5:20:f9:b0:13:5f:2f:8c:28:fa:5b:
         9e:56:d2:26:49:fd:20:cb:5a:e8:a3:92:83:4d:88:f7:a4:e3:
         75:29:1e:09:43:e3:3f:aa:44:2f:58:8e:3a:81:14:ca:01:56:
         dd:b1:e2:14:1d:f5:e7:c8:35:98:c4:ee:ea:73:61:b1:f8:fa:
         cf:8b:e4:a7:a9:d4:d2:f1:f4:02:95:e4:00:aa:82:f0:46:30:
         17:53:47:b4:13:6c:e2:ed:26:13:0a:5d:0d:9c:60:68:32:9c:
         8b:d9:5b:13:f5:87:8e:55:41:c4:9c:87:7b:b2:94:8c:a6:b2:
         9c:3e:44:25:fc:6a:0c:bc:4a:fc:3f:f2:21:27:0f:ff:29:b6:
         cc:f6:0a:ae:c2:77:81:36:c2:c3:0d:65:42:7f:ca:07:8f:70:
         65:5d:d5:40
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw8KilqGMY2EisH9kEtuDnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzYTgyZWU5YWExMTA2ZWQ3MjBkNjNjMzg0NGU2NjY0NDBl
MzQ0MzgwHhcNMjMwMTAyMDUyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjZhNWU1YTBiOWJlMTllMmRiOTkyNzlmZWVlMzllYzZmZjNjMDY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmN5Q3Ige1hSPIXf6aoUR1BAaRJ8L
bkDVHPJ5voHY8s6LKtrQjnxz8BiFudDQw9DTDwyGQzy9+paElC3o0jCDxRV1bzS7
QG3PkK6CSDJY6RUFpEgAsQI+G9g5dDC/YA57T9UTwNQfrnlMAerS4yu3/E7AruqJ
l8VseljGsIjWjqNUzTVmLUC1u76taVN9CUzTF/msKn1aHo5T0+lINzy+VyIzgZNi
FbS1D/AdiEZOwr9a+pkvwtQPdOupeuQOgZ9/FZnEqEXM4Dt21zXshMfaWqBhCPsM
s1zylPNNQy0Khc6pjP9w9MyGMKEsawL8qPsPGkH0IGIaGD/jFJSLsPjoOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGtqXloLm+GeLbmSef7uOexv88BlMB8GA1UdIwQY
MBaAFKOoLumqEQbtcg1jw4ROZmRA40Q4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzZndTZhb1JCdTF5RFdQRGhFNW1aRURqUkRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9jNzIwYjQtMWFjYi00NzAzLWJjMjQt
NDY3ZTAwOWRhZWQwLzEvYTJwZVdndWI0WjR0dVpKNV91NDU3R196d0dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9jNzIwYjQtMWFjYi00NzAzLWJjMjQtNDY3ZTAwOWRhZWQw
LzEvbzZndTZhb1JCdTF5RFdQRGhFNW1aRURqUkRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuReEMA0G
CSqGSIb3DQEBCwUAA4IBAQCwC7YCHx3fTXAmRu8sRDtQwdRzk1Tp4N7d1/5PEwNZ
qmzxLfAZVpRoIBl4cV9U+0qXCh47wF01E1/BG3vRi7XCymQrzJPLmrWTF/bp7bnR
Ccllk8+hU1wUHeL8jB/s1MvVxSD5sBNfL4wo+lueVtImSf0gy1roo5KDTYj3pON1
KR4JQ+M/qkQvWI46gRTKAVbdseIUHfXnyDWYxO7qc2Gx+PrPi+SnqdTS8fQCleQA
qoLwRjAXU0e0E2zi7SYTCl0NnGBoMpyL2VsT9YeOVUHEnId7spSMprKcPkQl/GoM
vEr8P/IhJw//KbbM9gquwneBNsLDDWVCf8oHj3BlXdVA
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:14 2024 by rpki-client on console-ams.rpki-client.org