Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/w1_r2ZQ2b5P5FOe5L51jij2XhFo.roa
File:                     w1_r2ZQ2b5P5FOe5L51jij2XhFo.roa (raw, json)
Hash identifier:          cZQqqK0fOdjwqxpHTlDQNi91qX/xMGhe5pFtpVuVo7U=
Subject key identifier:   C3:5F:EB:D9:94:36:6F:93:F9:14:E7:B9:2F:9D:63:8A:3D:97:84:5A
Certificate issuer:       /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial:       01856CE65D884928E632FF56CD83572890A2
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/w1_r2ZQ2b5P5FOe5L51jij2XhFo.roa
Signing time:             Sun 01 Jan 2023 10:35:14 +0000
ROA not before:           Sun 01 Jan 2023 10:35:14 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     51859
IP address blocks:        185.167.144.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 00:29:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6c:e6:5d:88:49:28:e6:32:ff:56:cd:83:57:28:90:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
        Validity
            Not Before: Jan  1 10:35:14 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=c35febd994366f93f914e7b92f9d638a3d97845a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:36:73:5d:02:86:93:d1:88:39:18:ab:e4:1e:
                    a1:c0:e9:73:10:e7:13:64:78:ab:2a:cd:d4:4b:77:
                    23:01:10:d8:04:03:4f:85:24:ee:5c:d1:36:a1:8d:
                    33:ff:a0:fc:49:94:6b:e7:6f:8f:91:8a:58:c2:62:
                    51:3a:cf:0f:8c:b1:e2:7f:45:be:70:8e:1f:3b:0c:
                    8f:90:5a:6f:a3:15:a8:ea:4b:1c:62:fa:51:16:1a:
                    98:1c:40:ef:84:00:22:5d:9c:ba:93:96:96:36:e9:
                    12:57:51:53:e9:f0:88:87:cb:fe:fa:c7:8a:41:fa:
                    5e:95:23:c6:9f:d5:ee:37:af:e0:20:8a:c1:73:61:
                    c2:5f:5a:79:fb:39:87:c1:33:35:aa:eb:a0:57:4a:
                    1e:57:cd:cb:44:e4:55:53:6b:fb:16:46:bb:e0:9f:
                    b0:2d:be:c5:cc:fc:45:da:5e:33:2f:cd:10:15:58:
                    d4:03:d3:f8:7b:2e:f3:0b:be:02:16:3c:3c:58:d0:
                    e6:4e:44:a4:c9:fc:cd:71:cc:f5:81:eb:10:95:83:
                    99:ab:5a:13:b9:2f:3a:c7:1b:bf:e0:5e:a4:1e:0e:
                    87:78:95:3e:d1:1f:6a:79:18:8b:b1:cd:04:6b:18:
                    a3:65:d5:be:84:92:f1:6f:a2:e5:02:3f:69:7f:ef:
                    15:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:5F:EB:D9:94:36:6F:93:F9:14:E7:B9:2F:9D:63:8A:3D:97:84:5A
            X509v3 Authority Key Identifier:
                keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/w1_r2ZQ2b5P5FOe5L51jij2XhFo.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.167.144.0/22

    Signature Algorithm: sha256WithRSAEncryption
         2a:90:f1:14:bd:fc:72:b4:5d:93:68:05:e2:1e:6c:e6:b8:fc:
         47:57:ca:9e:69:a9:ab:21:7e:80:0c:e3:2e:77:6f:66:42:97:
         a2:63:c0:b2:f7:bb:16:2d:b2:4d:7a:4e:9c:0f:c2:92:d3:12:
         e5:4b:f4:75:c7:5d:b0:47:d4:ff:b1:b6:ab:ad:e3:f5:3d:79:
         3c:e8:6f:32:1c:b7:22:9b:da:bf:82:14:e9:5f:32:c2:d6:e0:
         f0:c3:87:59:2c:d8:70:6d:5b:a6:8b:ad:7f:a4:bd:2a:47:f4:
         37:4b:d3:26:f7:16:fd:52:51:1f:5d:6b:3f:b0:25:e2:86:db:
         7b:82:eb:82:19:41:c4:35:4c:64:89:78:42:f8:be:b2:af:05:
         83:63:d6:ce:0b:be:db:37:8d:cc:53:cf:bb:a4:33:7a:2c:58:
         9c:d1:48:89:8e:99:33:6e:c7:2c:1f:85:6d:b5:6a:6e:75:92:
         b9:d6:9c:08:42:8f:30:6b:b5:e4:a1:e3:09:7e:ad:55:27:bf:
         09:10:c0:7a:c3:d9:ce:7b:2f:ac:86:a4:03:72:0e:42:96:81:
         44:f2:7c:e7:83:1a:6f:f4:47:03:a8:38:b9:dd:59:1b:36:83:
         42:7b:4a:7d:1e:13:4d:79:38:d7:85:1e:7a:ff:c1:80:09:92:
         94:8a:80:8f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVs5l2ISSjmMv9WzYNXKJCiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjMwMTAxMTAzNTE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzVmZWJkOTk0MzY2ZjkzZjkxNGU3YjkyZjlkNjM4YTNkOTc4NDVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6DZzXQKGk9GIORir5B6hwOlzEOcT
ZHirKs3US3cjARDYBANPhSTuXNE2oY0z/6D8SZRr52+PkYpYwmJROs8PjLHif0W+
cI4fOwyPkFpvoxWo6kscYvpRFhqYHEDvhAAiXZy6k5aWNukSV1FT6fCIh8v++seK
QfpelSPGn9XuN6/gIIrBc2HCX1p5+zmHwTM1quugV0oeV83LRORVU2v7Fka74J+w
Lb7FzPxF2l4zL80QFVjUA9P4ey7zC74CFjw8WNDmTkSkyfzNccz1gesQlYOZq1oT
uS86xxu/4F6kHg6HeJU+0R9qeRiLsc0EaxijZdW+hJLxb6LlAj9pf+8VjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMNf69mUNm+T+RTnuS+dY4o9l4RaMB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEvdzFfcjJaUTJiNVA1Rk9lNUw1MWppajJYaEZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuaeQMA0G
CSqGSIb3DQEBCwUAA4IBAQAqkPEUvfxytF2TaAXiHmzmuPxHV8qeaamrIX6ADOMu
d29mQpeiY8Cy97sWLbJNek6cD8KS0xLlS/R1x12wR9T/sbarreP1PXk86G8yHLci
m9q/ghTpXzLC1uDww4dZLNhwbVumi61/pL0qR/Q3S9Mm9xb9UlEfXWs/sCXihtt7
guuCGUHENUxkiXhC+L6yrwWDY9bOC77bN43MU8+7pDN6LFic0UiJjpkzbscsH4Vt
tWpudZK51pwIQo8wa7XkoeMJfq1VJ78JEMB6w9nOey+shqQDcg5CloFE8nzngxpv
9EcDqDi53VkbNoNCe0p9HhNNeTjXhR56/8GACZKUioCP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:05 2024 by rpki-client on console-fra.rpki-client.org